Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
File: OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft (raw, json)
Hash identifier: OSkDNc8IauSfj3obqabme4r4Z9QOiWi3yjP6j373zC0=
Subject key identifier: A3:FB:28:A6:55:D4:95:75:97:F7:44:5F:23:7B:B2:3A:D3:7E:03:75
Authority key identifier: 38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
Certificate issuer: /CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Certificate serial: 0197B8FCDC8DD3D7E17805C53CF6F19400F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
Manifest number: 151C
Signing time: Sun 29 Jun 2025 00:01:08 +0000
Manifest this update: Sun 29 Jun 2025 00:01:08 +0000
Manifest next update: Mon 30 Jun 2025 00:01:08 +0000
Files and hashes: 1: KBKNSo54C-UjedwUMFB9xB41sio.roa (hash: EOnhGNtgG2NlhPSt6QkJfBoHbT869foRrNlEhdeoqqA=)
2: OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl (hash: 5aTEFVagw8jhGnBys64aued6K0xayCOAg7ev542SCa0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:fc:dc:8d:d3:d7:e1:78:05:c5:3c:f6:f1:94:00:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Validity
Not Before: Jun 29 00:01:08 2025 GMT
Not After : Jun 30 00:01:08 2025 GMT
Subject: CN=a3fb28a655d4957597f7445f237bb23ad37e0375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7f:b8:ec:ba:2c:20:91:1d:e9:8e:1c:44:f7:
39:a2:4d:bf:05:ea:a7:40:8b:08:18:83:b0:19:b0:
05:5c:b8:8d:ed:0e:bd:04:16:7a:ed:09:b6:d4:05:
80:31:62:d9:82:92:42:9d:f6:56:b1:1a:94:02:0e:
08:d6:77:a8:4c:50:ee:eb:89:de:95:25:b2:d0:3c:
3a:5a:92:0e:f5:89:e1:a5:3b:8b:13:84:5e:7e:e9:
fd:63:6c:2a:67:50:fc:e9:30:f8:10:de:88:3f:03:
23:69:d3:7a:bd:9b:c1:19:3b:ff:6d:0e:f9:c7:8b:
80:e0:ad:51:cb:9f:c2:10:11:b6:eb:e5:28:ee:ff:
c6:cd:e8:29:11:44:b9:f7:52:ef:19:20:59:24:e9:
8f:eb:59:d8:1a:1f:f5:74:de:37:c6:19:76:a9:bb:
35:bf:b2:68:5b:09:25:e2:ea:e2:60:7f:41:f9:9f:
82:53:73:d0:c7:40:bd:90:bc:93:0b:de:27:d8:69:
39:98:cc:cb:7d:33:ca:f7:27:c4:a4:94:12:39:f2:
9b:a8:1d:26:fd:37:11:cf:db:cc:4f:48:c8:13:77:
fb:59:26:e8:ec:52:02:6d:8b:a0:73:d5:c1:32:0b:
54:84:72:06:f1:d4:16:00:99:28:d8:4a:3c:34:cb:
79:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:FB:28:A6:55:D4:95:75:97:F7:44:5F:23:7B:B2:3A:D3:7E:03:75
X509v3 Authority Key Identifier:
keyid:38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:45:5e:2e:d3:eb:c3:09:f8:29:ce:8c:af:73:ea:3c:63:76:
91:16:1e:a9:37:1b:18:b6:2c:0a:a0:45:07:eb:b7:eb:01:c7:
96:3c:d9:63:87:08:52:dd:43:dc:36:b2:05:d2:c1:c1:41:25:
b0:d8:6e:53:4a:60:a7:c7:96:97:cb:9e:a7:e4:df:ce:db:9f:
a8:e5:ed:8f:2c:f6:7a:7b:0c:80:81:f0:3b:f6:e4:4d:f6:02:
5c:2e:74:a1:68:6d:03:e7:7c:53:db:cf:70:92:17:1b:1d:b1:
81:ea:ae:e0:b0:c3:1c:01:0f:8d:ad:e2:d5:31:ca:ed:ab:5e:
00:b4:72:8e:e0:61:2d:77:cb:1a:04:4f:fe:8c:9f:cd:79:56:
ae:8a:ef:da:57:36:0d:21:67:7f:46:92:61:36:82:64:79:d5:
03:68:c8:7e:d8:5e:48:44:75:cc:11:8b:97:2d:c9:7c:72:3b:
90:58:29:92:72:4c:05:4a:f5:f9:e8:c9:c9:3f:0a:14:c1:7a:
59:67:7c:6f:d9:4e:59:28:a2:ae:a5:6b:c9:29:ca:8e:73:8a:
71:08:9d:3e:08:03:85:a3:7b:b0:d9:e6:93:f4:bd:e3:e8:45:
5c:87:01:d3:29:76:b2:b6:40:53:cb:22:a9:57:d2:79:da:1b:
1e:b2:80:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4/NyN09fheAXFPPbxlADwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTBjODgyNmMxOGJjZDUxM2FhYTdlNTIwODFmZjlmZDM3
OTE5ZmIwHhcNMjUwNjI5MDAwMTA4WhcNMjUwNjMwMDAwMTA4WjAzMTEwLwYDVQQD
EyhhM2ZiMjhhNjU1ZDQ5NTc1OTdmNzQ0NWYyMzdiYjIzYWQzN2UwMzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3+47LosIJEd6Y4cRPc5ok2/Beqn
QIsIGIOwGbAFXLiN7Q69BBZ67Qm21AWAMWLZgpJCnfZWsRqUAg4I1neoTFDu64ne
lSWy0Dw6WpIO9YnhpTuLE4Refun9Y2wqZ1D86TD4EN6IPwMjadN6vZvBGTv/bQ75
x4uA4K1Ry5/CEBG26+Uo7v/GzegpEUS591LvGSBZJOmP61nYGh/1dN43xhl2qbs1
v7JoWwkl4uriYH9B+Z+CU3PQx0C9kLyTC94n2Gk5mMzLfTPK9yfEpJQSOfKbqB0m
/TcRz9vMT0jIE3f7WSbo7FICbYugc9XBMgtUhHIG8dQWAJko2Eo8NMt5ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKP7KKZV1JV1l/dEXyN7sjrTfgN1MB8GA1UdIwQY
MBaAFDigyIJsGLzVE6qn5SCB/5/TeRn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTkt
MDUwMmE2YTU0YWFiLzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTktMDUwMmE2YTU0YWFi
LzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABEVeLtPr
wwn4Kc6Mr3PqPGN2kRYeqTcbGLYsCqBFB+u36wHHljzZY4cIUt1D3DayBdLBwUEl
sNhuU0pgp8eWl8uep+TfztufqOXtjyz2ensMgIHwO/bkTfYCXC50oWhtA+d8U9vP
cJIXGx2xgequ4LDDHAEPja3i1THK7ateALRyjuBhLXfLGgRP/oyfzXlWrorv2lc2
DSFnf0aSYTaCZHnVA2jIftheSER1zBGLly3JfHI7kFgpknJMBUr1+ejJyT8KFMF6
WWd8b9lOWSiirqVrySnKjnOKcQidPggDhaN7sNnmk/S94+hFXIcB0yl2srZAU8si
qVfSedobHrKAIQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:57:53 2025 by rpki-client