Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
File: OkjgM962SsQkPHLOiZ1Tgi32mW0.mft (raw, json)
Hash identifier: 8XGdIfHpsik2bQ0UCNSwMLy4KHrpIugRWDgJl5gn2NA=
Subject key identifier: 52:13:41:73:91:D7:C0:81:5B:FA:4F:C7:B8:2E:EA:FA:8D:3A:68:FD
Authority key identifier: 3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
Certificate issuer: /CN=3a48e033deb64ac4243c72ce899d53822df6996d
Certificate serial: 0199345BAE213B28AB44DD98E38DE0BD73F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
Manifest number: 160C
Signing time: Wed 10 Sep 2025 16:00:47 +0000
Manifest this update: Wed 10 Sep 2025 16:00:47 +0000
Manifest next update: Thu 11 Sep 2025 16:00:47 +0000
Files and hashes: 1: OkjgM962SsQkPHLOiZ1Tgi32mW0.crl (hash: V5cQWQXjf/hHkW0O9iuH8IzaGFMsOzE+Eb1up7vRwa8=)
2: oU-Dh2GrIk6DJo0B3ckZobCZQLg.roa (hash: 3M/n9wvPmKU+uLTP2MTaGav/2cb5GDciUi4YXKv/+G0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 11:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:34:5b:ae:21:3b:28:ab:44:dd:98:e3:8d:e0:bd:73:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48e033deb64ac4243c72ce899d53822df6996d
Validity
Not Before: Sep 10 16:00:47 2025 GMT
Not After : Sep 11 16:00:47 2025 GMT
Subject: CN=5213417391d7c0815bfa4fc7b82eeafa8d3a68fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5e:0f:fb:a1:76:8f:e7:6e:13:6c:d7:b3:d5:
1f:78:14:db:93:6c:b7:28:6e:11:80:78:e8:54:03:
b5:6b:c2:9b:fa:d1:2a:ec:54:84:99:2a:42:dd:14:
18:0d:f6:29:dc:db:c8:c6:65:51:dd:f1:ab:97:e6:
5d:97:34:54:50:be:89:d9:c7:62:3b:6f:ea:e2:9a:
89:e3:cc:8c:6d:26:7d:48:cc:ef:50:03:6d:43:78:
7e:6e:28:d2:77:f2:e2:36:07:da:59:e8:76:fa:2f:
16:29:61:6e:e7:ee:cd:2f:3c:df:d2:aa:a7:ac:0c:
c4:af:d6:35:a0:df:74:13:e2:bd:db:ec:d4:28:6a:
74:67:5b:15:4f:b8:69:46:7c:ed:a6:b3:72:05:21:
21:bb:96:39:e2:13:37:42:f6:89:b3:99:f6:b0:d8:
b1:43:42:65:41:85:86:e9:a5:b5:b2:6b:23:90:06:
3b:de:55:25:4c:18:31:9c:e1:4c:4f:e6:d5:8a:ee:
5d:99:2e:f5:81:61:d4:d1:a4:82:b8:aa:1f:8c:6d:
e4:cc:ab:34:48:66:8e:ac:d2:4f:e1:0d:cb:31:88:
24:68:a6:cd:c1:18:69:0c:a0:b9:62:dd:69:6a:e3:
20:0e:d6:1e:79:1a:33:c6:84:c9:15:a6:f6:93:6d:
98:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:13:41:73:91:D7:C0:81:5B:FA:4F:C7:B8:2E:EA:FA:8D:3A:68:FD
X509v3 Authority Key Identifier:
keyid:3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:f6:96:26:e7:6d:30:45:07:6e:bf:e2:3a:fe:11:b3:62:de:
4b:8c:eb:f0:48:84:9d:92:ac:53:ee:17:5b:28:f6:f9:81:f8:
af:7c:c0:4e:15:b2:b9:c4:a8:9a:26:23:a1:6e:b7:15:86:3c:
1a:51:83:ef:d4:f0:7d:0d:40:c0:1f:54:72:2c:31:39:91:6d:
2b:dd:e3:21:cb:75:51:5e:d3:fd:1b:93:bc:66:a6:0a:17:75:
78:d3:1c:2b:12:cc:47:74:48:3c:9d:99:e1:2a:b5:d0:e4:83:
99:f4:86:4d:49:60:1a:de:1a:74:1e:c0:39:fa:77:b9:b6:82:
82:25:94:34:ee:ad:54:10:95:76:b1:6b:5b:8d:fb:28:b1:32:
38:ed:c6:1d:38:66:ef:6f:e9:00:d3:fb:7f:d0:63:e4:5c:44:
34:c2:1b:51:1a:f8:b3:af:a1:c5:5a:33:fe:ae:49:7d:93:ba:
19:8c:6d:f0:44:cc:b7:70:64:d0:92:6b:40:59:fc:92:06:34:
f6:24:ef:07:69:d7:00:14:d0:3f:b4:e7:2a:6e:6b:41:7b:7f:
4e:c3:be:0e:0d:cc:04:78:d5:05:62:3b:7d:8d:f1:dd:8a:6f:
21:80:3c:dc:61:50:8b:2a:24:6e:62:90:49:6d:0e:d3:4d:25:
fd:6c:2a:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk0W64hOyirRN2Y443gvXP1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhlMDMzZGViNjRhYzQyNDNjNzJjZTg5OWQ1MzgyMmRm
Njk5NmQwHhcNMjUwOTEwMTYwMDQ3WhcNMjUwOTExMTYwMDQ3WjAzMTEwLwYDVQQD
Eyg1MjEzNDE3MzkxZDdjMDgxNWJmYTRmYzdiODJlZWFmYThkM2E2OGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuV4P+6F2j+duE2zXs9UfeBTbk2y3
KG4RgHjoVAO1a8Kb+tEq7FSEmSpC3RQYDfYp3NvIxmVR3fGrl+ZdlzRUUL6J2cdi
O2/q4pqJ48yMbSZ9SMzvUANtQ3h+bijSd/LiNgfaWeh2+i8WKWFu5+7NLzzf0qqn
rAzEr9Y1oN90E+K92+zUKGp0Z1sVT7hpRnztprNyBSEhu5Y54hM3QvaJs5n2sNix
Q0JlQYWG6aW1smsjkAY73lUlTBgxnOFMT+bViu5dmS71gWHU0aSCuKofjG3kzKs0
SGaOrNJP4Q3LMYgkaKbNwRhpDKC5Yt1pauMgDtYeeRozxoTJFab2k22YjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFITQXOR18CBW/pPx7gu6vqNOmj9MB8GA1UdIwQY
MBaAFDpI4DPetkrEJDxyzomdU4It9pltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEt
YzUzMjFkYzllNjRiLzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEtYzUzMjFkYzllNjRi
LzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAofaWJudt
MEUHbr/iOv4Rs2LeS4zr8EiEnZKsU+4XWyj2+YH4r3zAThWyucSomiYjoW63FYY8
GlGD79TwfQ1AwB9UciwxOZFtK93jIct1UV7T/RuTvGamChd1eNMcKxLMR3RIPJ2Z
4Sq10OSDmfSGTUlgGt4adB7AOfp3ubaCgiWUNO6tVBCVdrFrW437KLEyOO3GHThm
72/pANP7f9Bj5FxENMIbURr4s6+hxVoz/q5JfZO6GYxt8ETMt3Bk0JJrQFn8kgY0
9iTvB2nXABTQP7TnKm5rQXt/TsO+Dg3MBHjVBWI7fY3x3YpvIYA83GFQiyokbmKQ
SW0O000l/WwqaQ==
-----END CERTIFICATE-----
Generated at Wed Sep 10 19:39:06 2025 by rpki-client