Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
File: OkGxVaq20SKf00jqoD0PeQPxJno.mft (raw, json)
Hash identifier: jL1AHbf6mDuLEQ1NC4l3EefwvwhAHRD2fC/4Mt11tO8=
Subject key identifier: 43:A9:7E:E0:60:82:51:F9:6A:F5:16:AC:AF:CD:8C:31:E3:33:FC:AD
Authority key identifier: 3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
Certificate issuer: /CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Certificate serial: 019A71EE9FA77759787FA60A6B65099F7747
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
Manifest number: 1226
Signing time: Tue 11 Nov 2025 08:00:54 +0000
Manifest this update: Tue 11 Nov 2025 08:00:54 +0000
Manifest next update: Wed 12 Nov 2025 08:00:54 +0000
Files and hashes: 1: DUYlFbh6FULGzgdthf_PMDp6hOU.roa (hash: JR7UbEi2bM6dLHHY3xrq1gui3NHbn1GkWRWkFGTRYw0=)
2: OkGxVaq20SKf00jqoD0PeQPxJno.crl (hash: x6vyd2QcCwD2gm1H2BOx0haHtmFheSkx31iaZ+/LSYA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:9f:a7:77:59:78:7f:a6:0a:6b:65:09:9f:77:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Validity
Not Before: Nov 11 08:00:54 2025 GMT
Not After : Nov 12 08:00:54 2025 GMT
Subject: CN=43a97ee0608251f96af516acafcd8c31e333fcad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:47:05:c2:95:d9:bd:f6:be:f2:f6:2a:5e:05:
22:d9:e6:eb:99:7a:0e:f0:f9:ed:ee:e6:21:83:bb:
01:af:8c:42:11:9f:b9:69:be:96:4e:c1:7e:e4:88:
d2:55:89:d6:ff:19:c3:61:5a:50:77:d2:22:c6:09:
81:76:7b:51:61:27:c7:31:bf:9a:39:64:cb:f8:ac:
75:d9:63:aa:f2:3d:88:61:ef:3d:85:4d:cb:14:3f:
fd:7c:07:e6:f5:86:e6:38:f1:a7:21:f6:63:0b:27:
58:66:02:74:87:af:db:ef:b1:b7:a4:e4:a6:79:0e:
0d:b0:fd:a2:bc:b6:30:4e:74:69:5a:da:0e:bc:c9:
4e:8e:ae:40:ea:f9:84:58:9f:1e:6d:83:4f:cf:6f:
7c:45:22:8b:c1:b2:07:eb:ee:ff:e6:ff:66:68:dc:
19:69:d7:9f:da:a6:1b:63:c0:6b:e7:f0:f7:0e:00:
a4:c5:29:67:ec:e1:ed:d9:30:f7:4d:c1:c8:58:12:
30:30:fd:10:21:7e:ea:3e:ef:8c:14:20:1f:b4:74:
ed:6c:e4:77:e2:c5:94:e6:9c:4c:e4:03:a0:24:21:
7b:03:df:e5:3c:72:85:57:7a:a6:c5:5b:1b:d3:2f:
b2:9d:ca:14:2a:b6:48:0c:cb:16:d4:c1:00:3e:2a:
4a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A9:7E:E0:60:82:51:F9:6A:F5:16:AC:AF:CD:8C:31:E3:33:FC:AD
X509v3 Authority Key Identifier:
keyid:3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:41:4e:85:23:98:e7:f5:f8:41:90:2f:45:c4:13:0a:1f:72:
ac:7f:1e:fc:6c:e4:b5:b8:21:38:46:1d:33:f5:c8:cb:87:e2:
3a:38:c8:e0:72:c6:12:58:cd:02:c9:71:77:9c:ee:e2:c8:74:
cd:b0:4d:63:43:c8:6d:dc:7a:33:85:5d:12:b9:06:73:2f:5a:
e6:ac:90:aa:7e:b5:da:c9:64:b6:37:e1:48:bd:23:02:4f:2b:
42:50:1f:15:2f:43:64:01:2f:b1:fa:99:dc:ac:7b:f6:11:28:
62:29:37:a1:9c:a9:0c:9d:62:95:d1:a2:3b:ed:4c:45:37:7f:
b0:d8:5d:32:53:36:6b:cd:8b:d0:f8:f4:2c:14:04:00:83:6c:
3d:f5:4f:1a:85:79:b1:a6:78:9b:f3:48:4f:35:11:9d:df:ab:
1a:5e:6b:7a:27:bb:fa:2c:f7:5a:1f:ad:7f:f8:50:74:f0:a6:
3b:3c:41:40:f7:f0:23:d6:bb:0e:bc:44:a9:12:14:09:3e:69:
b5:ed:83:dc:99:1b:ab:bd:3f:ba:31:dd:1b:3b:66:7b:dc:80:
f6:e4:5f:9d:67:ea:ca:e3:57:b0:43:d3:a3:51:94:9d:ef:c7:
e4:64:18:e9:0c:2a:7b:71:e0:84:1b:a8:11:6c:de:17:1e:af:
6c:7c:4c:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7p+nd1l4f6YKa2UJn3dHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDFiMTU1YWFiNmQxMjI5ZmQzNDhlYWEwM2QwZjc5MDNm
MTI2N2EwHhcNMjUxMTExMDgwMDU0WhcNMjUxMTEyMDgwMDU0WjAzMTEwLwYDVQQD
Eyg0M2E5N2VlMDYwODI1MWY5NmFmNTE2YWNhZmNkOGMzMWUzMzNmY2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0cFwpXZvfa+8vYqXgUi2ebrmXoO
8Pnt7uYhg7sBr4xCEZ+5ab6WTsF+5IjSVYnW/xnDYVpQd9IixgmBdntRYSfHMb+a
OWTL+Kx12WOq8j2IYe89hU3LFD/9fAfm9YbmOPGnIfZjCydYZgJ0h6/b77G3pOSm
eQ4NsP2ivLYwTnRpWtoOvMlOjq5A6vmEWJ8ebYNPz298RSKLwbIH6+7/5v9maNwZ
adef2qYbY8Br5/D3DgCkxSln7OHt2TD3TcHIWBIwMP0QIX7qPu+MFCAftHTtbOR3
4sWU5pxM5AOgJCF7A9/lPHKFV3qmxVsb0y+yncoUKrZIDMsW1MEAPipKjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEOpfuBgglH5avUWrK/NjDHjM/ytMB8GA1UdIwQY
MBaAFDpBsVWqttEin9NI6qA9D3kD8SZ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUt
MmIzYjRjNzgwNDE5LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUtMmIzYjRjNzgwNDE5
LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIEFOhSOY
5/X4QZAvRcQTCh9yrH8e/GzktbghOEYdM/XIy4fiOjjI4HLGEljNAslxd5zu4sh0
zbBNY0PIbdx6M4VdErkGcy9a5qyQqn612slktjfhSL0jAk8rQlAfFS9DZAEvsfqZ
3Kx79hEoYik3oZypDJ1ildGiO+1MRTd/sNhdMlM2a82L0Pj0LBQEAINsPfVPGoV5
saZ4m/NITzURnd+rGl5reie7+iz3Wh+tf/hQdPCmOzxBQPfwI9a7DrxEqRIUCT5p
te2D3Jkbq70/ujHdGztme9yA9uRfnWfqyuNXsEPTo1GUne/H5GQY6Qwqe3HghBuo
EWzeFx6vbHxMwQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:41:16 2025 by rpki-client