Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
File: OkGxVaq20SKf00jqoD0PeQPxJno.mft (raw, json)
Hash identifier: 5HqYJNF24BE/bQDRaqTWYWkzifBQGo11WBlRTm/UCts=
Subject key identifier: 45:6C:ED:E6:F1:0C:29:A7:1B:BD:E0:C4:1F:B8:EB:24:3F:28:C4:A6
Authority key identifier: 3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
Certificate issuer: /CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Certificate serial: 01974E8E559A8FFBA2BBB95DB36F7A4431EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
Manifest number: 1086
Signing time: Sun 08 Jun 2025 08:00:40 +0000
Manifest this update: Sun 08 Jun 2025 08:00:40 +0000
Manifest next update: Mon 09 Jun 2025 08:00:40 +0000
Files and hashes: 1: DUYlFbh6FULGzgdthf_PMDp6hOU.roa (hash: JR7UbEi2bM6dLHHY3xrq1gui3NHbn1GkWRWkFGTRYw0=)
2: OkGxVaq20SKf00jqoD0PeQPxJno.crl (hash: ymd3oCsLMQ5vNUb0HHIv3Wo8x56QTP1psjDal+KQXA8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 08:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4e:8e:55:9a:8f:fb:a2:bb:b9:5d:b3:6f:7a:44:31:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Validity
Not Before: Jun 8 08:00:40 2025 GMT
Not After : Jun 9 08:00:40 2025 GMT
Subject: CN=456cede6f10c29a71bbde0c41fb8eb243f28c4a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9d:8a:31:1c:de:4e:e6:d2:be:34:aa:9b:b8:
a5:72:99:46:da:ff:f3:2b:82:de:e0:11:b5:f6:7a:
9f:85:30:50:18:44:b7:5c:80:04:2d:18:4f:1e:66:
09:0a:bc:a9:04:9b:6d:13:95:da:f8:2a:35:dc:7e:
b8:40:ff:35:80:e5:f8:f8:36:70:47:c8:fc:d6:1c:
63:8a:6b:41:72:9a:cb:9e:d7:eb:82:09:4a:7d:19:
87:6e:76:3a:e6:db:d0:b0:27:cc:48:4c:92:24:1f:
2b:bc:26:35:8d:f3:be:50:39:34:63:87:e4:62:d1:
c2:e9:97:25:08:3b:4b:5c:91:ab:71:50:6e:e9:fb:
d6:0f:97:76:f3:5e:22:be:84:11:b6:6b:68:15:5e:
19:f0:21:94:f7:86:68:64:86:9c:fe:48:fd:27:91:
47:1a:16:ea:3e:f6:6e:ec:7b:9b:86:f0:7a:af:69:
f3:ed:b4:e1:c1:6c:14:d3:97:3c:d5:56:32:02:ab:
33:2a:e9:c7:42:ab:8d:1b:60:d6:33:99:d0:b1:a2:
27:4b:c9:b9:91:36:83:e8:b7:f1:0c:ec:96:43:0a:
69:f8:d8:65:97:99:b6:6d:82:dc:aa:b0:30:61:98:
28:fd:2c:28:5b:66:22:76:44:3f:9b:b8:1a:13:19:
af:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:6C:ED:E6:F1:0C:29:A7:1B:BD:E0:C4:1F:B8:EB:24:3F:28:C4:A6
X509v3 Authority Key Identifier:
keyid:3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:1b:0d:8a:4c:bc:89:32:ae:67:22:26:86:b1:3d:c0:15:fc:
b2:f2:62:41:49:74:df:6f:96:8a:3a:fd:16:6f:66:8a:a4:c7:
ff:d6:e2:68:d9:da:9f:c6:32:3a:17:bf:04:80:15:18:58:4a:
74:fd:b0:18:b6:8e:ea:ed:ac:dc:75:ab:02:58:6f:21:6a:f4:
0f:26:a6:9f:ba:63:ed:7d:30:0e:18:b1:4f:2f:5a:19:63:bb:
b0:4c:cc:5e:c3:17:15:f1:f0:8c:6c:b3:0f:a0:d0:2f:13:4e:
7d:cc:dd:7d:00:a6:a0:ee:b0:48:a3:22:34:67:54:ec:06:74:
23:35:a5:b0:89:4c:c5:45:a7:4a:67:d3:31:92:7c:dd:fd:f0:
c2:87:67:bf:19:6a:9c:b6:30:6f:8f:ef:98:2c:75:d0:80:cb:
6a:ad:05:ca:1c:ec:f1:5e:8d:bb:34:b5:d6:74:64:95:4f:be:
c3:15:2c:d1:c0:1d:d9:97:2e:2f:f7:4c:fe:08:b4:c3:53:17:
1c:69:ac:5a:2c:11:7f:93:27:f9:18:ef:91:53:31:d4:ad:f7:
da:27:0b:67:01:3c:4b:13:ac:24:b0:97:17:e8:7d:10:db:65:
d3:14:20:14:cd:5c:24:05:6b:0a:b8:3c:98:49:59:11:57:e3:
ac:4f:f8:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOjlWaj/uiu7lds296RDHsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDFiMTU1YWFiNmQxMjI5ZmQzNDhlYWEwM2QwZjc5MDNm
MTI2N2EwHhcNMjUwNjA4MDgwMDQwWhcNMjUwNjA5MDgwMDQwWjAzMTEwLwYDVQQD
Eyg0NTZjZWRlNmYxMGMyOWE3MWJiZGUwYzQxZmI4ZWIyNDNmMjhjNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ2KMRzeTubSvjSqm7ilcplG2v/z
K4Le4BG19nqfhTBQGES3XIAELRhPHmYJCrypBJttE5Xa+Co13H64QP81gOX4+DZw
R8j81hxjimtBcprLntfrgglKfRmHbnY65tvQsCfMSEySJB8rvCY1jfO+UDk0Y4fk
YtHC6ZclCDtLXJGrcVBu6fvWD5d2814ivoQRtmtoFV4Z8CGU94ZoZIac/kj9J5FH
GhbqPvZu7HubhvB6r2nz7bThwWwU05c81VYyAqszKunHQquNG2DWM5nQsaInS8m5
kTaD6LfxDOyWQwpp+Nhll5m2bYLcqrAwYZgo/SwoW2YidkQ/m7gaExmvUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEVs7ebxDCmnG73gxB+46yQ/KMSmMB8GA1UdIwQY
MBaAFDpBsVWqttEin9NI6qA9D3kD8SZ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUt
MmIzYjRjNzgwNDE5LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUtMmIzYjRjNzgwNDE5
LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUhsNiky8
iTKuZyImhrE9wBX8svJiQUl032+Wijr9Fm9miqTH/9biaNnan8YyOhe/BIAVGFhK
dP2wGLaO6u2s3HWrAlhvIWr0Dyamn7pj7X0wDhixTy9aGWO7sEzMXsMXFfHwjGyz
D6DQLxNOfczdfQCmoO6wSKMiNGdU7AZ0IzWlsIlMxUWnSmfTMZJ83f3wwodnvxlq
nLYwb4/vmCx10IDLaq0Fyhzs8V6NuzS11nRklU++wxUs0cAd2ZcuL/dM/gi0w1MX
HGmsWiwRf5Mn+RjvkVMx1K332icLZwE8SxOsJLCXF+h9ENtl0xQgFM1cJAVrCrg8
mElZEVfjrE/4Zw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 17:18:12 2025 by rpki-client