Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
File: OKN8JN3KNH1xPteU0zzUqBqLSYo.mft (raw, json)
Hash identifier: Vui89RWcYzTVfoE9d58InaqiUSZxTW2tfFW5XGGPC0I=
Subject key identifier: 17:04:1B:D0:48:23:8A:3B:AE:2F:1B:C9:A5:3B:39:59:EA:7E:38:36
Authority key identifier: 38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A
Certificate issuer: /CN=38a37c24ddca347d713ed794d33cd4a81a8b498a
Certificate serial: 019A70A4E99616AED9363913220CF1E95033
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
Manifest number: 16CA
Signing time: Tue 11 Nov 2025 02:00:47 +0000
Manifest this update: Tue 11 Nov 2025 02:00:47 +0000
Manifest next update: Wed 12 Nov 2025 02:00:47 +0000
Files and hashes: 1: KBxZJWrk1-bZEdk3S7yVEPMKVtM.roa (hash: BpbYbbHeyy+1nQHRcRldIZ4LwMax+kHyBfVOH0ykZeU=)
2: OKN8JN3KNH1xPteU0zzUqBqLSYo.crl (hash: sILewx2C+rQ3wbJQ2CM7oLvCJfTREZ28bC4awYpo4+k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a4:e9:96:16:ae:d9:36:39:13:22:0c:f1:e9:50:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a37c24ddca347d713ed794d33cd4a81a8b498a
Validity
Not Before: Nov 11 02:00:47 2025 GMT
Not After : Nov 12 02:00:47 2025 GMT
Subject: CN=17041bd048238a3bae2f1bc9a53b3959ea7e3836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:30:9b:8a:d5:aa:39:1f:e8:72:66:3b:75:d3:
72:b0:d4:7d:00:f7:ae:13:2a:4e:18:fd:5b:73:2a:
48:21:c3:30:36:b0:cd:8a:d3:b3:9f:bb:eb:f6:a3:
24:c0:c2:5e:13:bd:eb:88:21:7d:4c:e1:8c:6f:fb:
f4:17:0d:93:c5:c1:22:09:8f:dc:8c:e4:0a:15:35:
07:ad:ba:c2:5d:88:9f:65:b9:0d:99:3f:2f:e6:bd:
bf:0c:34:c4:dc:92:ba:a5:03:f7:1a:1c:47:42:cb:
7a:72:d1:cb:ba:4d:80:fc:75:58:39:f7:94:22:8f:
a9:cb:c4:f5:a5:ab:2e:08:35:b1:ba:a8:92:8d:1c:
bd:5c:93:c8:89:b9:49:d7:09:cd:81:75:19:25:85:
40:97:e6:f9:33:99:16:c7:09:f5:67:6b:b7:07:fb:
33:47:3c:da:16:5a:48:e7:15:0e:6f:4a:cd:f3:1f:
53:fe:1d:b7:ff:9f:d2:d1:5f:25:f2:22:69:57:3c:
f1:1c:ae:4e:fd:1b:ae:5c:74:71:f8:cb:ac:b2:91:
35:a8:2a:91:fc:72:4d:74:5e:03:e7:38:be:07:14:
59:42:d6:1d:74:a6:25:46:f2:b0:23:53:e9:c2:f3:
89:46:fe:51:17:76:82:81:64:17:3d:87:0d:fc:5c:
0c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:04:1B:D0:48:23:8A:3B:AE:2F:1B:C9:A5:3B:39:59:EA:7E:38:36
X509v3 Authority Key Identifier:
keyid:38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:ba:d9:51:be:ff:29:2f:9b:27:14:b0:a3:f9:f6:61:0a:9f:
84:26:a6:16:18:92:fe:ca:82:17:12:ff:96:d0:8b:7d:61:fc:
92:07:6c:b7:68:6c:6c:d4:dc:66:6e:ce:57:55:b5:30:6e:fa:
5a:24:04:21:29:54:f9:fc:c8:1c:70:59:ac:aa:33:24:58:1b:
05:4e:e6:1a:ab:01:5c:1e:3f:2e:b4:e4:29:90:17:a7:5a:16:
03:56:c7:cd:93:32:a9:b5:33:87:31:39:3a:9d:ac:d4:80:bf:
72:68:ea:87:72:95:8c:b5:6c:e2:d5:23:b1:25:37:da:d8:05:
c6:54:57:7b:6e:8e:64:2a:73:34:ce:43:17:0e:fb:c1:55:4d:
b5:05:56:db:51:c7:c6:e2:81:f6:33:d8:92:52:69:9e:fd:e7:
97:45:7e:52:ef:29:48:b9:fa:99:0c:75:2e:23:7a:df:d6:b4:
51:4b:53:88:12:d6:91:db:8a:e2:a2:de:fa:25:fe:d0:d9:71:
0d:94:08:4d:bb:bf:4f:f6:b8:8b:79:7b:36:2b:2c:75:5f:d1:
e7:ba:ca:6f:2a:6e:a6:b8:73:4b:49:fd:c5:5c:75:83:a9:28:
69:36:31:0c:5a:4f:ae:3d:3c:d9:14:aa:13:7a:5d:de:f0:1e:
5b:79:90:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpOmWFq7ZNjkTIgzx6VAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTM3YzI0ZGRjYTM0N2Q3MTNlZDc5NGQzM2NkNGE4MWE4
YjQ5OGEwHhcNMjUxMTExMDIwMDQ3WhcNMjUxMTEyMDIwMDQ3WjAzMTEwLwYDVQQD
EygxNzA0MWJkMDQ4MjM4YTNiYWUyZjFiYzlhNTNiMzk1OWVhN2UzODM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTCbitWqOR/ocmY7ddNysNR9APeu
EypOGP1bcypIIcMwNrDNitOzn7vr9qMkwMJeE73riCF9TOGMb/v0Fw2TxcEiCY/c
jOQKFTUHrbrCXYifZbkNmT8v5r2/DDTE3JK6pQP3GhxHQst6ctHLuk2A/HVYOfeU
Io+py8T1pasuCDWxuqiSjRy9XJPIiblJ1wnNgXUZJYVAl+b5M5kWxwn1Z2u3B/sz
RzzaFlpI5xUOb0rN8x9T/h23/5/S0V8l8iJpVzzxHK5O/RuuXHRx+MusspE1qCqR
/HJNdF4D5zi+BxRZQtYddKYlRvKwI1PpwvOJRv5RF3aCgWQXPYcN/FwMTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBcEG9BII4o7ri8byaU7OVnqfjg2MB8GA1UdIwQY
MBaAFDijfCTdyjR9cT7XlNM81Kgai0mKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZTMzYzMtZDE5Ny00NWYyLTgyOGUt
NDRhNDlkMjYzNzAwLzEvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZTMzYzMtZDE5Ny00NWYyLTgyOGUtNDRhNDlkMjYzNzAw
LzEvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKLrZUb7/
KS+bJxSwo/n2YQqfhCamFhiS/sqCFxL/ltCLfWH8kgdst2hsbNTcZm7OV1W1MG76
WiQEISlU+fzIHHBZrKozJFgbBU7mGqsBXB4/LrTkKZAXp1oWA1bHzZMyqbUzhzE5
Op2s1IC/cmjqh3KVjLVs4tUjsSU32tgFxlRXe26OZCpzNM5DFw77wVVNtQVW21HH
xuKB9jPYklJpnv3nl0V+Uu8pSLn6mQx1LiN639a0UUtTiBLWkduK4qLe+iX+0Nlx
DZQITbu/T/a4i3l7NissdV/R57rKbypuprhzS0n9xVx1g6koaTYxDFpPrj082RSq
E3pd3vAeW3mQnA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:40:56 2025 by rpki-client