Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/r2Okes26jsHNhdTXnzazW2mOX4k.mft
File: r2Okes26jsHNhdTXnzazW2mOX4k.mft (raw, json)
Hash identifier: 0Fn8ulyGcwXTYQo7DEuFSLNyONxJQEExHA+uEQfB9LA=
Subject key identifier: 65:54:CB:F2:68:40:92:04:70:4E:7D:F4:9A:3F:FE:31:7A:60:3F:49
Authority key identifier: AF:63:A4:7A:CD:BA:8E:C1:CD:85:D4:D7:9F:36:B3:5B:69:8E:5F:89
Certificate issuer: /CN=af63a47acdba8ec1cd85d4d79f36b35b698e5f89
Certificate serial: 019A7293B9E970812952CF952F4F3BB7DB82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r2Okes26jsHNhdTXnzazW2mOX4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/r2Okes26jsHNhdTXnzazW2mOX4k.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 11:01:15 +0000
Manifest this update: Tue 11 Nov 2025 11:01:15 +0000
Manifest next update: Wed 12 Nov 2025 11:01:15 +0000
Files and hashes: 1: YXk4VQ9w2ydeFfWUpTPAL38DI14.roa (hash: 63k2DxSPaDP/x2Jl3oeCNKnb4PXDg6/RYTgk7tLrZPw=)
2: r2Okes26jsHNhdTXnzazW2mOX4k.crl (hash: cgIRFxKgZoj+48eaTKpvATVAJaOoueQRDKqKyrqjCBs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/r2Okes26jsHNhdTXnzazW2mOX4k.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/r2Okes26jsHNhdTXnzazW2mOX4k.mft
rsync://rpki.ripe.net/repository/DEFAULT/r2Okes26jsHNhdTXnzazW2mOX4k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:b9:e9:70:81:29:52:cf:95:2f:4f:3b:b7:db:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af63a47acdba8ec1cd85d4d79f36b35b698e5f89
Validity
Not Before: Nov 11 11:01:15 2025 GMT
Not After : Nov 12 11:01:15 2025 GMT
Subject: CN=6554cbf268409204704e7df49a3ffe317a603f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:25:89:4c:97:ba:4c:da:db:7b:30:1b:50:37:
55:33:70:dc:e9:1b:14:d7:0b:51:f5:08:bb:bc:84:
b4:1b:04:c6:78:7b:42:30:09:82:2c:bb:b8:c3:3a:
dd:5d:fd:ed:62:db:8c:e8:8a:81:22:3a:90:02:ee:
50:a5:f1:92:8f:d0:43:47:53:3f:86:3b:f6:02:c6:
d8:dd:d0:de:8a:50:f0:76:b0:e0:50:24:4e:90:20:
ce:69:d9:8a:b0:76:30:70:70:94:e6:a8:9d:ff:64:
e8:b8:e0:e1:40:f8:e0:90:88:97:9e:8a:d2:63:9a:
06:7d:f0:29:81:d6:5e:aa:57:c5:d6:64:ac:77:ba:
6b:b1:02:30:b6:29:16:e9:7a:09:b7:d2:21:aa:f2:
f3:d0:52:aa:ee:6e:90:8b:33:d0:00:f3:e9:90:55:
cb:6d:53:f4:75:be:16:22:f6:c4:c8:eb:a0:2b:94:
b2:7d:a8:b1:7d:1b:41:34:3e:bb:f1:16:e8:49:99:
42:f3:ac:ff:6d:75:bd:d1:1b:2a:1a:bf:f8:98:db:
47:e4:4e:b3:1e:07:b1:54:8f:79:1e:3c:a4:4f:7a:
66:58:17:12:3d:2c:30:bf:bb:c1:37:cc:1e:a1:15:
f7:a1:1d:7e:14:b3:aa:61:30:44:88:c5:29:3a:9e:
4d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:54:CB:F2:68:40:92:04:70:4E:7D:F4:9A:3F:FE:31:7A:60:3F:49
X509v3 Authority Key Identifier:
keyid:AF:63:A4:7A:CD:BA:8E:C1:CD:85:D4:D7:9F:36:B3:5B:69:8E:5F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r2Okes26jsHNhdTXnzazW2mOX4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/r2Okes26jsHNhdTXnzazW2mOX4k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/r2Okes26jsHNhdTXnzazW2mOX4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:25:25:fb:53:da:59:fc:01:48:58:c5:5f:41:2d:42:35:ba:
61:a3:e0:7e:a4:84:d3:9e:18:4d:21:ed:66:ce:a9:f4:de:3f:
69:1c:e7:6a:92:3c:34:bb:69:2e:2e:95:73:2d:57:c0:9d:c5:
9e:3f:18:d3:b9:0a:77:64:99:f6:0f:8d:d7:10:86:8f:0a:6b:
94:69:a6:f6:8b:0c:f9:28:f0:78:44:5f:c7:fd:9e:09:24:2e:
8d:f3:64:14:a8:51:03:6a:b7:fc:89:82:57:d8:80:a4:e2:21:
5b:d3:e3:88:a5:4a:95:6b:92:0b:2a:9d:d6:15:c1:44:2f:7d:
52:6d:fe:b0:3c:b8:a7:bf:37:87:2b:e9:89:fa:57:57:42:7f:
86:7d:a6:b8:2e:48:26:2c:a2:0a:40:f1:19:e7:c7:57:4a:35:
c6:00:aa:8f:1c:bd:6a:99:8d:40:38:f5:b7:09:2b:0c:9d:c6:
45:b9:f7:66:d7:b1:ab:27:ab:a5:cb:0b:1d:a1:f0:7e:97:1b:
22:e8:24:43:da:83:f4:7c:d3:5f:f5:50:77:f2:6f:e2:c4:d1:
28:1e:5c:01:71:77:83:5f:1d:ba:cd:89:a9:80:cb:e0:f4:b9:
77:06:06:54:77:ce:6e:79:0b:4c:7b:0c:5c:84:55:b3:e5:77:
83:49:80:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk7npcIEpUs+VL087t9uCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNjNhNDdhY2RiYThlYzFjZDg1ZDRkNzlmMzZiMzViNjk4
ZTVmODkwHhcNMjUxMTExMTEwMTE1WhcNMjUxMTEyMTEwMTE1WjAzMTEwLwYDVQQD
Eyg2NTU0Y2JmMjY4NDA5MjA0NzA0ZTdkZjQ5YTNmZmUzMTdhNjAzZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SWJTJe6TNrbezAbUDdVM3Dc6RsU
1wtR9Qi7vIS0GwTGeHtCMAmCLLu4wzrdXf3tYtuM6IqBIjqQAu5QpfGSj9BDR1M/
hjv2AsbY3dDeilDwdrDgUCROkCDOadmKsHYwcHCU5qid/2TouODhQPjgkIiXnorS
Y5oGffApgdZeqlfF1mSsd7prsQIwtikW6XoJt9IhqvLz0FKq7m6QizPQAPPpkFXL
bVP0db4WIvbEyOugK5SyfaixfRtBND678RboSZlC86z/bXW90RsqGr/4mNtH5E6z
HgexVI95HjykT3pmWBcSPSwwv7vBN8weoRX3oR1+FLOqYTBEiMUpOp5NHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVUy/JoQJIEcE599Jo//jF6YD9JMB8GA1UdIwQY
MBaAFK9jpHrNuo7BzYXU1582s1tpjl+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjJPa2VzMjZqc0hOaGRUWG56YXpXMm1PWDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jNGQ3YjAtNmViZi00Y2FjLWE4YWQt
ZmUzZTMxOGNhZTljLzEvcjJPa2VzMjZqc0hOaGRUWG56YXpXMm1PWDRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jNGQ3YjAtNmViZi00Y2FjLWE4YWQtZmUzZTMxOGNhZTlj
LzEvcjJPa2VzMjZqc0hOaGRUWG56YXpXMm1PWDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANyUl+1Pa
WfwBSFjFX0EtQjW6YaPgfqSE054YTSHtZs6p9N4/aRznapI8NLtpLi6Vcy1XwJ3F
nj8Y07kKd2SZ9g+N1xCGjwprlGmm9osM+SjweERfx/2eCSQujfNkFKhRA2q3/ImC
V9iApOIhW9PjiKVKlWuSCyqd1hXBRC99Um3+sDy4p783hyvpifpXV0J/hn2muC5I
JiyiCkDxGefHV0o1xgCqjxy9apmNQDj1twkrDJ3GRbn3ZtexqyerpcsLHaHwfpcb
IugkQ9qD9HzTX/VQd/Jv4sTRKB5cAXF3g18dus2JqYDL4PS5dwYGVHfObnkLTHsM
XIRVs+V3g0mAAg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:55:50 2025 by rpki-client