Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
File: OkGxVaq20SKf00jqoD0PeQPxJno.mft (raw, json)
Hash identifier: gc11YK500IjWyOSYUTnhBRhgyn2nZUH1ZMKuHioNO/8=
Subject key identifier: 36:8F:6B:8A:AB:13:61:E1:6B:CD:19:39:F8:C9:EE:53:5E:AA:FB:F8
Authority key identifier: 3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
Certificate issuer: /CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Certificate serial: 019921E7B0EAE95C2B878E4539CDBE5DFD96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
Manifest number: 1178
Signing time: Sun 07 Sep 2025 02:00:56 +0000
Manifest this update: Sun 07 Sep 2025 02:00:56 +0000
Manifest next update: Mon 08 Sep 2025 02:00:56 +0000
Files and hashes: 1: DUYlFbh6FULGzgdthf_PMDp6hOU.roa (hash: JR7UbEi2bM6dLHHY3xrq1gui3NHbn1GkWRWkFGTRYw0=)
2: OkGxVaq20SKf00jqoD0PeQPxJno.crl (hash: Scb/1+JgC8QhDIhcmUNa0H7mnb3b9z6y9aqhhuwcxtw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:21:e7:b0:ea:e9:5c:2b:87:8e:45:39:cd:be:5d:fd:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Validity
Not Before: Sep 7 02:00:56 2025 GMT
Not After : Sep 8 02:00:56 2025 GMT
Subject: CN=368f6b8aab1361e16bcd1939f8c9ee535eaafbf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c8:03:b8:fe:09:30:bd:47:58:5c:0a:be:a0:
33:7e:12:c5:07:ae:16:ab:c4:c6:32:bf:4f:ad:1f:
8c:69:a7:66:7b:50:e2:28:91:2a:f3:e8:01:75:24:
fa:2d:6d:fd:f5:8d:27:e0:97:f7:71:96:5e:5e:43:
04:ac:1a:11:55:8e:8d:59:3b:56:11:1b:ce:7e:df:
50:d9:68:f3:e2:3d:9e:cf:a1:ef:14:9e:88:dc:90:
cf:5e:01:1e:f7:5d:cc:23:66:70:e8:31:30:2c:95:
50:f9:90:6f:e8:d2:14:16:b9:3e:d7:48:0a:cc:f0:
7f:de:3a:88:26:87:44:d2:02:51:10:2b:64:ba:62:
7a:4e:3a:13:c8:cf:7c:82:52:dc:8b:04:5c:34:12:
15:49:fb:10:ca:85:88:79:2d:17:69:bd:5f:c6:40:
ce:07:d9:3f:7a:f7:44:28:60:96:33:64:c7:9d:ec:
36:73:fb:eb:05:f3:a0:2c:63:19:c3:97:f2:fe:c9:
ca:4c:dc:2d:05:86:07:bc:45:a8:b9:05:ac:9a:8c:
c4:1b:f4:2a:70:53:7a:eb:f6:86:fa:18:fa:21:20:
42:50:c5:eb:c0:9d:37:41:39:13:63:d3:6b:f9:8e:
31:81:d5:68:11:84:77:7d:ba:90:f1:6e:84:3d:a8:
33:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:8F:6B:8A:AB:13:61:E1:6B:CD:19:39:F8:C9:EE:53:5E:AA:FB:F8
X509v3 Authority Key Identifier:
keyid:3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:21:3e:76:f8:fe:60:85:ae:cb:33:3f:65:b0:dd:65:e4:5a:
f7:20:a3:a1:7d:da:20:31:c2:f6:c4:24:ca:65:b1:fe:77:bb:
32:34:77:7f:1a:ed:4e:06:85:b7:58:22:9d:5b:0b:28:96:72:
6e:9a:7a:83:3a:b6:4b:29:b0:e8:9f:c3:23:eb:f4:d4:76:47:
7f:59:e4:00:69:ef:b0:50:27:fd:04:3d:94:83:f5:38:90:5d:
4d:c5:c3:5b:d7:c0:95:c0:24:6a:ff:88:7b:1a:a3:fa:30:c6:
f1:85:cb:5d:2e:81:d9:e7:99:57:0f:63:5a:bf:2e:b2:9a:01:
22:9a:3c:bb:2c:11:b1:ee:b2:a4:71:ad:56:52:b2:87:64:95:
64:02:9a:54:6f:c3:11:98:6f:4a:4a:bd:c1:3c:cc:63:70:76:
ad:3d:d3:27:f2:c1:8b:1b:a6:cc:22:17:4d:4d:f9:27:fd:90:
9c:00:5a:44:ff:ea:d4:f5:39:24:37:96:fc:76:dc:c2:e0:70:
48:1f:76:40:d9:1e:60:f2:ea:96:cf:1a:a8:a0:24:ad:51:c0:
97:e9:c4:26:c2:b8:a0:89:af:74:a1:ac:f4:81:38:73:23:cc:
4e:e6:45:f5:10:0e:89:35:fe:eb:b2:2a:28:e6:b6:5b:c5:de:
48:6b:8c:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkh57Dq6Vwrh45FOc2+Xf2WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDFiMTU1YWFiNmQxMjI5ZmQzNDhlYWEwM2QwZjc5MDNm
MTI2N2EwHhcNMjUwOTA3MDIwMDU2WhcNMjUwOTA4MDIwMDU2WjAzMTEwLwYDVQQD
EygzNjhmNmI4YWFiMTM2MWUxNmJjZDE5MzlmOGM5ZWU1MzVlYWFmYmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8gDuP4JML1HWFwKvqAzfhLFB64W
q8TGMr9PrR+Maadme1DiKJEq8+gBdST6LW399Y0n4Jf3cZZeXkMErBoRVY6NWTtW
ERvOft9Q2Wjz4j2ez6HvFJ6I3JDPXgEe913MI2Zw6DEwLJVQ+ZBv6NIUFrk+10gK
zPB/3jqIJodE0gJRECtkumJ6TjoTyM98glLciwRcNBIVSfsQyoWIeS0Xab1fxkDO
B9k/evdEKGCWM2THnew2c/vrBfOgLGMZw5fy/snKTNwtBYYHvEWouQWsmozEG/Qq
cFN66/aG+hj6ISBCUMXrwJ03QTkTY9Nr+Y4xgdVoEYR3fbqQ8W6EPagzswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDaPa4qrE2Hha80ZOfjJ7lNeqvv4MB8GA1UdIwQY
MBaAFDpBsVWqttEin9NI6qA9D3kD8SZ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUt
MmIzYjRjNzgwNDE5LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUtMmIzYjRjNzgwNDE5
LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEiE+dvj+
YIWuyzM/ZbDdZeRa9yCjoX3aIDHC9sQkymWx/ne7MjR3fxrtTgaFt1ginVsLKJZy
bpp6gzq2Symw6J/DI+v01HZHf1nkAGnvsFAn/QQ9lIP1OJBdTcXDW9fAlcAkav+I
exqj+jDG8YXLXS6B2eeZVw9jWr8uspoBIpo8uywRse6ypHGtVlKyh2SVZAKaVG/D
EZhvSkq9wTzMY3B2rT3TJ/LBixumzCIXTU35J/2QnABaRP/q1PU5JDeW/HbcwuBw
SB92QNkeYPLqls8aqKAkrVHAl+nEJsK4oImvdKGs9IE4cyPMTuZF9RAOiTX+67Iq
KOa2W8XeSGuM+A==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:46:05 2025 by rpki-client