Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
File: M-okCE9ribBlVZkQ4DEetRS-uxE.mft (raw, json)
Hash identifier: gu93S2SOjkNFEtcIJX7Y5/PHzhSiuVj9X/eCgcb7mLU=
Subject key identifier: C7:9A:2D:33:AD:5D:D2:4D:D9:68:44:A9:F4:B8:B3:FC:0D:FA:B5:CC
Authority key identifier: 33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
Certificate issuer: /CN=33ea24084f6b89b065559910e0311eb514bebb11
Certificate serial: 019A7112B6B530F8FDDDEE12D381101CB9D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
Manifest number: 0A56
Signing time: Tue 11 Nov 2025 04:00:43 +0000
Manifest this update: Tue 11 Nov 2025 04:00:43 +0000
Manifest next update: Wed 12 Nov 2025 04:00:43 +0000
Files and hashes: 1: M-okCE9ribBlVZkQ4DEetRS-uxE.crl (hash: 7eN82Iz+NP1tcb+4TD38iL2hiNAERTHuD9YrzNIoHVo=)
2: q5bfraBywGI6OWgME5lOUXQvdtQ.roa (hash: VPJfRwAlvqbFoPlw0asR42eLfzS3WBMbNuvc2HvQmEs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:12:b6:b5:30:f8:fd:dd:ee:12:d3:81:10:1c:b9:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ea24084f6b89b065559910e0311eb514bebb11
Validity
Not Before: Nov 11 04:00:43 2025 GMT
Not After : Nov 12 04:00:43 2025 GMT
Subject: CN=c79a2d33ad5dd24dd96844a9f4b8b3fc0dfab5cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:02:c6:69:a9:6c:09:29:93:18:ae:b4:1c:17:
91:ef:bb:00:b6:41:7d:86:13:21:11:31:6b:52:69:
af:b7:8f:5a:6e:84:4c:27:c2:8d:d7:1c:a0:0f:c5:
a5:04:63:8d:3c:62:f7:07:8a:5c:08:76:6b:e6:46:
e2:ab:f4:92:89:d1:67:52:52:c5:68:65:ff:eb:88:
53:b5:62:24:e0:94:99:b5:3d:96:5f:10:68:d7:43:
39:ff:b7:70:72:7f:80:8d:4b:a0:5e:2e:44:9f:fd:
fd:28:f1:86:16:74:86:cc:d6:87:7d:58:8a:a0:e6:
45:6b:42:e3:b3:9c:74:a0:89:bd:e9:ec:60:79:6d:
83:ac:e4:be:2f:42:54:15:64:6c:f6:33:44:ba:7a:
9d:7a:a4:91:cf:1b:c7:95:d1:23:26:59:ca:2a:dd:
20:2d:42:11:3b:42:60:b5:53:ed:c4:e4:35:d4:cb:
ce:7b:f4:04:b6:9e:78:3d:8c:ce:46:b0:ad:b3:ce:
e8:aa:ac:cc:41:0d:fe:d1:8b:34:0a:31:01:76:46:
d6:d5:a8:bf:fb:48:5b:5e:4b:a9:90:10:34:1b:b0:
85:cf:bb:f3:6b:90:c0:c7:65:96:60:58:0c:b6:8e:
77:2d:f9:15:ef:2e:db:20:b0:30:6c:bc:e0:b9:ff:
30:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:9A:2D:33:AD:5D:D2:4D:D9:68:44:A9:F4:B8:B3:FC:0D:FA:B5:CC
X509v3 Authority Key Identifier:
keyid:33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:c5:f7:62:77:be:f3:05:49:bf:40:ed:e1:86:c6:aa:6f:df:
fe:76:b9:16:c9:85:03:9c:a8:e4:b0:c3:0b:47:3d:e1:6d:7f:
dc:0e:46:eb:97:65:54:83:27:50:c0:e3:60:93:fc:2e:97:01:
f3:69:8f:03:3a:4e:93:8f:5f:0d:6a:1b:42:e8:3d:71:4c:f2:
01:b5:37:29:0d:79:dd:60:c5:e2:ca:71:d9:ae:86:68:7d:c6:
c8:7f:4b:74:77:c0:75:78:47:3d:cc:d8:ce:84:9a:49:e5:5d:
85:bf:fc:06:0c:46:d5:28:5e:33:54:d7:c3:69:60:5b:3e:75:
3e:c1:a8:8d:74:39:41:70:e1:fc:85:d6:12:1c:b7:01:b0:3a:
a5:f9:77:d0:7b:73:82:46:64:2b:a1:b1:03:7d:a9:5e:ec:1d:
04:63:4a:a1:34:18:fb:45:de:15:8a:cc:cf:4d:6c:39:b3:e9:
2d:53:ce:fb:42:65:f0:f9:3c:70:76:65:4f:99:9f:d8:1a:69:
69:82:13:bf:aa:b3:de:17:ad:68:11:c1:65:9c:dc:39:91:bd:
76:19:fa:36:6e:cc:15:67:2f:82:f9:85:c8:5a:94:ca:84:08:
0c:bb:80:db:a1:8a:49:98:77:e3:65:dc:f0:5a:f6:64:62:07:
79:07:e0:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEra1MPj93e4S04EQHLnVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWEyNDA4NGY2Yjg5YjA2NTU1OTkxMGUwMzExZWI1MTRi
ZWJiMTEwHhcNMjUxMTExMDQwMDQzWhcNMjUxMTEyMDQwMDQzWjAzMTEwLwYDVQQD
EyhjNzlhMmQzM2FkNWRkMjRkZDk2ODQ0YTlmNGI4YjNmYzBkZmFiNWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtALGaalsCSmTGK60HBeR77sAtkF9
hhMhETFrUmmvt49aboRMJ8KN1xygD8WlBGONPGL3B4pcCHZr5kbiq/SSidFnUlLF
aGX/64hTtWIk4JSZtT2WXxBo10M5/7dwcn+AjUugXi5En/39KPGGFnSGzNaHfViK
oOZFa0Ljs5x0oIm96exgeW2DrOS+L0JUFWRs9jNEunqdeqSRzxvHldEjJlnKKt0g
LUIRO0JgtVPtxOQ11MvOe/QEtp54PYzORrCts87oqqzMQQ3+0Ys0CjEBdkbW1ai/
+0hbXkupkBA0G7CFz7vza5DAx2WWYFgMto53LfkV7y7bILAwbLzguf8wbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMeaLTOtXdJN2WhEqfS4s/wN+rXMMB8GA1UdIwQY
MBaAFDPqJAhPa4mwZVWZEOAxHrUUvrsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUt
OTA1MTk2ZWJhMGJlLzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUtOTA1MTk2ZWJhMGJl
LzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdsX3Yne+
8wVJv0Dt4YbGqm/f/na5FsmFA5yo5LDDC0c94W1/3A5G65dlVIMnUMDjYJP8LpcB
82mPAzpOk49fDWobQug9cUzyAbU3KQ153WDF4spx2a6GaH3GyH9LdHfAdXhHPczY
zoSaSeVdhb/8BgxG1SheM1TXw2lgWz51PsGojXQ5QXDh/IXWEhy3AbA6pfl30Htz
gkZkK6GxA32pXuwdBGNKoTQY+0XeFYrMz01sObPpLVPO+0Jl8Pk8cHZlT5mf2Bpp
aYITv6qz3hetaBHBZZzcOZG9dhn6Nm7MFWcvgvmFyFqUyoQIDLuA26GKSZh342Xc
8Fr2ZGIHeQfggw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:16:56 2025 by rpki-client