Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
File: OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft (raw, json)
Hash identifier: POdiVdvprk+hZRa93L1BhEHTNUti0A6TIMY8J2ElEFk=
Subject key identifier: 98:36:57:1B:8A:EA:C3:35:CE:C1:45:C7:77:06:2E:26:A0:2B:DC:64
Authority key identifier: 3A:40:FF:15:4C:45:39:43:A0:B0:2A:A6:50:21:C9:C2:64:94:7C:2B
Certificate issuer: /CN=3a40ff154c453943a0b02aa65021c9c264947c2b
Certificate serial: 019A722668439AFED9A95F876E45472FE7D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
Manifest number: 0E05
Signing time: Tue 11 Nov 2025 09:01:50 +0000
Manifest this update: Tue 11 Nov 2025 09:01:50 +0000
Manifest next update: Wed 12 Nov 2025 09:01:50 +0000
Files and hashes: 1: 0wAgKVyytNbhNR-_RR1IsIpFFy0.roa (hash: hGr01I8nbqs/LJEbN09Cfzd/lbJVo6JwWOtLmEfD1wA=)
2: OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl (hash: UHiEbozhZeJeZ7L+vqds+zjMPEfsAV/L8wU3Goguhzw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:68:43:9a:fe:d9:a9:5f:87:6e:45:47:2f:e7:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a40ff154c453943a0b02aa65021c9c264947c2b
Validity
Not Before: Nov 11 09:01:50 2025 GMT
Not After : Nov 12 09:01:50 2025 GMT
Subject: CN=9836571b8aeac335cec145c777062e26a02bdc64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:f0:b3:33:eb:a4:7e:8a:37:b5:d4:6d:15:1f:
00:c7:4a:e9:6d:cd:14:cc:c4:05:7b:c4:19:77:c1:
f2:ba:5d:36:3b:c7:d1:3b:40:a0:99:54:a3:8e:c7:
28:3f:c7:02:99:0b:04:2f:8d:5b:ca:a5:74:a8:b1:
03:52:91:45:3d:23:2f:ca:d0:ca:18:f5:84:48:ca:
ea:48:97:6e:30:b4:5d:e3:14:db:d2:64:98:f9:d5:
80:e9:dc:64:7a:eb:15:0e:af:b8:2d:3e:56:64:2b:
41:80:bd:56:bd:b7:3b:72:17:fc:59:94:93:77:2b:
43:af:c7:d3:92:16:c0:12:62:63:2e:8b:9e:a6:c8:
0b:83:58:36:a9:c1:d6:4e:06:c6:36:b1:3b:7a:e0:
2d:0a:33:ac:9c:ad:d3:9d:6c:8d:f1:55:8b:9d:cb:
ca:90:27:c8:78:d2:3c:9f:51:c4:30:59:3c:c6:17:
e7:bb:e2:c0:8f:dd:60:56:f6:4e:80:3a:a3:f3:5e:
cc:32:03:94:f1:ed:fd:6d:71:6b:e4:ae:57:cc:da:
0a:0d:91:d0:2d:5b:e1:76:76:fa:5d:d4:6f:1f:6a:
ad:bf:89:db:92:53:7b:7d:5d:1d:03:8a:5f:a7:b7:
80:0a:bd:00:b9:70:b7:ab:88:5f:37:d2:bf:7d:b7:
5c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:36:57:1B:8A:EA:C3:35:CE:C1:45:C7:77:06:2E:26:A0:2B:DC:64
X509v3 Authority Key Identifier:
keyid:3A:40:FF:15:4C:45:39:43:A0:B0:2A:A6:50:21:C9:C2:64:94:7C:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:ed:84:2b:75:2e:c9:1a:06:14:af:63:96:da:d2:2d:b5:ba:
96:e0:56:ff:8d:26:b0:48:d6:0a:01:ca:06:02:26:e6:2f:4d:
e2:48:50:b0:24:75:7c:6e:4f:b8:0f:03:fb:83:4d:ca:9f:ae:
05:b0:b4:f4:3e:b3:1d:2d:d5:4f:71:8e:bb:0a:fb:67:9e:8f:
e3:95:09:ee:43:f1:4e:2f:99:d7:6e:8b:f5:54:21:d4:28:ca:
87:71:6c:f1:02:7f:37:80:17:4f:93:62:5e:9d:6a:94:97:77:
d5:f5:f1:6a:4a:9f:75:b4:52:55:08:3d:5a:d5:8f:81:f8:43:
7b:55:e2:2e:1d:69:fa:e3:fe:7c:fd:5c:42:bd:59:04:3a:ed:
b9:c8:a1:8e:bb:28:f0:e8:d9:e9:8b:56:58:9f:64:73:85:f4:
57:28:79:94:45:c0:f0:73:51:b2:65:6a:06:05:f2:42:e2:18:
95:51:1e:5f:7b:7d:9f:14:d6:af:4e:3d:c6:be:78:97:e5:f3:
a1:97:0a:45:56:4e:d7:a5:fb:6a:c7:f3:2b:b7:9b:e2:04:45:
33:0d:c2:1b:9e:a9:4f:eb:16:ba:fb:47:ce:87:38:68:b4:8b:
e2:ca:6a:57:64:bb:83:6c:cc:b6:53:9d:9e:ab:db:00:cf:85:
5d:5d:93:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJmhDmv7ZqV+HbkVHL+fXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDBmZjE1NGM0NTM5NDNhMGIwMmFhNjUwMjFjOWMyNjQ5
NDdjMmIwHhcNMjUxMTExMDkwMTUwWhcNMjUxMTEyMDkwMTUwWjAzMTEwLwYDVQQD
Eyg5ODM2NTcxYjhhZWFjMzM1Y2VjMTQ1Yzc3NzA2MmUyNmEwMmJkYzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7fCzM+ukfoo3tdRtFR8Ax0rpbc0U
zMQFe8QZd8Hyul02O8fRO0CgmVSjjscoP8cCmQsEL41byqV0qLEDUpFFPSMvytDK
GPWESMrqSJduMLRd4xTb0mSY+dWA6dxkeusVDq+4LT5WZCtBgL1Wvbc7chf8WZST
dytDr8fTkhbAEmJjLouepsgLg1g2qcHWTgbGNrE7euAtCjOsnK3TnWyN8VWLncvK
kCfIeNI8n1HEMFk8xhfnu+LAj91gVvZOgDqj817MMgOU8e39bXFr5K5XzNoKDZHQ
LVvhdnb6XdRvH2qtv4nbklN7fV0dA4pfp7eACr0AuXC3q4hfN9K/fbdcWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJg2VxuK6sM1zsFFx3cGLiagK9xkMB8GA1UdIwQY
MBaAFDpA/xVMRTlDoLAqplAhycJklHwrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80ZWZjYWUtYWZjOS00MjJiLWFhZGQt
ODJiYjBiYjExZTNlLzEvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi80ZWZjYWUtYWZjOS00MjJiLWFhZGQtODJiYjBiYjExZTNl
LzEvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi+2EK3Uu
yRoGFK9jltrSLbW6luBW/40msEjWCgHKBgIm5i9N4khQsCR1fG5PuA8D+4NNyp+u
BbC09D6zHS3VT3GOuwr7Z56P45UJ7kPxTi+Z126L9VQh1CjKh3Fs8QJ/N4AXT5Ni
Xp1qlJd31fXxakqfdbRSVQg9WtWPgfhDe1XiLh1p+uP+fP1cQr1ZBDrtucihjrso
8OjZ6YtWWJ9kc4X0Vyh5lEXA8HNRsmVqBgXyQuIYlVEeX3t9nxTWr049xr54l+Xz
oZcKRVZO16X7asfzK7eb4gRFMw3CG56pT+sWuvtHzoc4aLSL4spqV2S7g2zMtlOd
nqvbAM+FXV2Tag==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:05:33 2025 by rpki-client