Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
File: OkjgM962SsQkPHLOiZ1Tgi32mW0.mft (raw, json)
Hash identifier: 46vPR07BiEKeZ/YS5cD1AfCOARyz/Jp8xB+RzoSTcvI=
Subject key identifier: C9:EC:09:91:2D:09:F4:4B:12:31:53:B3:76:64:6E:A6:4D:4F:BA:DB
Authority key identifier: 3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
Certificate issuer: /CN=3a48e033deb64ac4243c72ce899d53822df6996d
Certificate serial: 019A299E78A2FFDE7398E13B605FF5BB7CA5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
Manifest number: 168B
Signing time: Tue 28 Oct 2025 07:00:42 +0000
Manifest this update: Tue 28 Oct 2025 07:00:42 +0000
Manifest next update: Wed 29 Oct 2025 07:00:42 +0000
Files and hashes: 1: OkjgM962SsQkPHLOiZ1Tgi32mW0.crl (hash: 9dnxJ6oP/9NX7wGAKf/b5lUz6yVKxSTMvRQ950+TiRQ=)
2: oU-Dh2GrIk6DJo0B3ckZobCZQLg.roa (hash: 3M/n9wvPmKU+uLTP2MTaGav/2cb5GDciUi4YXKv/+G0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:29:9e:78:a2:ff:de:73:98:e1:3b:60:5f:f5:bb:7c:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48e033deb64ac4243c72ce899d53822df6996d
Validity
Not Before: Oct 28 07:00:42 2025 GMT
Not After : Oct 29 07:00:42 2025 GMT
Subject: CN=c9ec09912d09f44b123153b376646ea64d4fbadb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1c:6c:e4:c7:e2:4c:a3:8f:7a:e9:e9:53:76:
e7:88:87:7b:9c:39:59:dc:d9:47:7a:65:5f:af:27:
f2:37:bf:22:e2:fa:95:d4:c9:9e:95:7a:7d:15:e9:
e5:e4:c9:e7:4d:5c:15:95:2f:72:14:db:a7:4b:ff:
3c:5d:20:9a:3d:e6:b6:a4:51:b3:95:29:8f:fe:57:
50:30:a1:67:3e:26:37:22:f3:6e:77:81:32:0a:40:
be:40:b9:b2:51:42:f2:20:59:7f:98:6c:41:99:2b:
63:1d:fc:cb:a6:7c:f3:f9:1a:ff:4e:70:be:3e:71:
81:47:c2:e5:a2:02:f7:31:f7:81:fb:e7:65:90:54:
e6:0a:d0:8f:2d:e9:dd:73:c0:00:31:b9:f8:cc:1a:
15:69:eb:00:59:37:bb:0f:57:e3:e5:70:aa:13:f6:
38:0c:1e:3d:b8:6f:25:ab:82:42:25:90:12:31:a3:
43:cf:74:36:31:0b:be:a8:b9:5e:aa:9c:94:3f:b3:
80:75:7b:07:eb:eb:8f:04:fe:f4:50:da:94:b6:72:
5a:5a:5b:12:ff:e0:75:37:53:7e:ba:22:79:df:ad:
d4:05:e0:11:72:0c:91:09:a7:56:25:b5:93:b3:07:
f1:c5:92:3c:39:9e:41:12:88:f3:46:30:65:67:4a:
47:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:EC:09:91:2D:09:F4:4B:12:31:53:B3:76:64:6E:A6:4D:4F:BA:DB
X509v3 Authority Key Identifier:
keyid:3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:dc:4e:c1:32:14:23:01:6f:cd:3e:4e:20:42:2a:42:34:56:
7a:50:f8:f2:5e:36:e0:ba:6c:4d:a3:99:cb:8f:c5:cf:9a:08:
b8:03:0a:3a:b4:1a:25:5d:16:48:a6:e4:10:a8:bb:52:13:93:
aa:36:96:56:cc:02:66:c8:9a:98:fe:86:26:7e:3e:3a:ec:07:
80:50:90:4b:1e:e0:ea:a8:8e:4b:59:aa:7a:19:59:f3:8d:6a:
59:6e:4f:4a:e3:c9:32:19:51:0c:70:e1:f7:6f:a8:24:63:64:
63:c0:c2:87:1a:1c:9f:c3:fc:22:57:d1:07:49:42:8a:99:e2:
a5:5b:da:96:0a:0e:96:8a:62:4f:a9:61:1f:42:32:01:da:ad:
82:2a:82:14:11:7b:5c:af:a0:76:60:7a:7b:53:3b:3f:13:99:
08:d8:2b:2a:f5:68:17:66:06:19:48:57:53:7d:7b:7c:43:df:
91:a1:35:39:98:c2:89:d5:06:b8:c7:b5:03:8d:5a:90:66:d5:
eb:2d:ef:cc:8d:d4:8e:a3:17:e5:9d:29:0b:67:25:ec:05:ab:
a2:4a:61:07:36:c8:35:fd:59:ce:65:a4:93:d1:af:aa:04:ee:
57:f2:0d:c9:92:79:35:b0:45:af:1a:05:72:04:4a:3c:e2:05:
1d:2a:5f:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZopnnii/95zmOE7YF/1u3ylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhlMDMzZGViNjRhYzQyNDNjNzJjZTg5OWQ1MzgyMmRm
Njk5NmQwHhcNMjUxMDI4MDcwMDQyWhcNMjUxMDI5MDcwMDQyWjAzMTEwLwYDVQQD
EyhjOWVjMDk5MTJkMDlmNDRiMTIzMTUzYjM3NjY0NmVhNjRkNGZiYWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBxs5MfiTKOPeunpU3bniId7nDlZ
3NlHemVfryfyN78i4vqV1MmelXp9Fenl5MnnTVwVlS9yFNunS/88XSCaPea2pFGz
lSmP/ldQMKFnPiY3IvNud4EyCkC+QLmyUULyIFl/mGxBmStjHfzLpnzz+Rr/TnC+
PnGBR8LlogL3MfeB++dlkFTmCtCPLendc8AAMbn4zBoVaesAWTe7D1fj5XCqE/Y4
DB49uG8lq4JCJZASMaNDz3Q2MQu+qLleqpyUP7OAdXsH6+uPBP70UNqUtnJaWlsS
/+B1N1N+uiJ5363UBeARcgyRCadWJbWTswfxxZI8OZ5BEojzRjBlZ0pHpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMnsCZEtCfRLEjFTs3ZkbqZNT7rbMB8GA1UdIwQY
MBaAFDpI4DPetkrEJDxyzomdU4It9pltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEt
YzUzMjFkYzllNjRiLzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEtYzUzMjFkYzllNjRi
LzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGtxOwTIU
IwFvzT5OIEIqQjRWelD48l424LpsTaOZy4/Fz5oIuAMKOrQaJV0WSKbkEKi7UhOT
qjaWVswCZsiamP6GJn4+OuwHgFCQSx7g6qiOS1mqehlZ841qWW5PSuPJMhlRDHDh
92+oJGNkY8DChxocn8P8IlfRB0lCipnipVvalgoOlopiT6lhH0IyAdqtgiqCFBF7
XK+gdmB6e1M7PxOZCNgrKvVoF2YGGUhXU317fEPfkaE1OZjCidUGuMe1A41akGbV
6y3vzI3UjqMX5Z0pC2cl7AWrokphBzbINf1ZzmWkk9GvqgTuV/INyZJ5NbBFrxoF
cgRKPOIFHSpf0A==
-----END CERTIFICATE-----
Generated at Tue Oct 28 09:24:44 2025 by rpki-client