Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
File: OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft (raw, json)
Hash identifier: FTTNhmp97XIfVJCCCaIaAKFV5KXrQeyExJ3G4mkICdc=
Subject key identifier: 74:39:40:FF:4F:00:63:50:4D:81:90:23:3E:1D:A2:E8:66:0A:5E:87
Authority key identifier: 38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
Certificate issuer: /CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Certificate serial: 0199FC58D6915369C84389D00FB47D2F392D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
Manifest number: 1648
Signing time: Sun 19 Oct 2025 12:01:44 +0000
Manifest this update: Sun 19 Oct 2025 12:01:44 +0000
Manifest next update: Mon 20 Oct 2025 12:01:44 +0000
Files and hashes: 1: KBKNSo54C-UjedwUMFB9xB41sio.roa (hash: EOnhGNtgG2NlhPSt6QkJfBoHbT869foRrNlEhdeoqqA=)
2: OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl (hash: 6c2Lu+hXw8r2a9NiKJZNviC68pasVXxGRoSRumNRyxg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:58:d6:91:53:69:c8:43:89:d0:0f:b4:7d:2f:39:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Validity
Not Before: Oct 19 12:01:44 2025 GMT
Not After : Oct 20 12:01:44 2025 GMT
Subject: CN=743940ff4f0063504d8190233e1da2e8660a5e87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ef:18:d8:31:7e:85:40:60:1b:31:95:3b:3d:
f6:e3:47:92:88:0f:c9:d6:73:8f:25:57:e7:e9:45:
9d:ee:8e:16:4a:67:95:f0:da:e4:08:38:f2:d0:46:
2a:c2:af:c5:36:b6:a3:ff:cf:3d:61:83:24:d9:39:
c3:a4:80:60:32:5c:03:7a:f5:0d:d6:57:9e:95:7b:
1a:55:98:1e:e1:29:d4:a8:a7:63:f2:21:a2:41:da:
c6:67:57:f4:b0:ec:e6:08:8a:a5:f2:bb:9f:d2:ca:
00:97:98:22:b1:9f:00:2f:fe:cd:85:7e:f3:ff:18:
b1:cb:eb:a6:1f:73:c3:ea:f5:19:aa:91:f1:8a:67:
aa:f6:a2:4c:15:45:01:ca:e6:2a:8e:f4:7e:1b:e4:
27:5a:ad:31:03:e4:a7:e7:90:de:75:d9:46:e9:02:
bb:cb:82:3e:f1:dd:dd:d3:d4:31:54:fc:ef:00:cc:
d0:48:87:b0:2a:1f:6d:9d:11:05:b2:bd:53:df:1a:
c6:4d:a8:07:9a:a6:1e:21:57:c8:92:d2:40:63:1a:
fd:75:00:8f:2a:6d:47:61:da:04:a8:b7:9e:57:a7:
7d:5f:0c:f8:b0:21:72:b5:62:82:d7:dc:45:45:ee:
7e:9d:25:5d:c7:9e:21:0b:a4:6c:11:fd:02:fc:c0:
70:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:39:40:FF:4F:00:63:50:4D:81:90:23:3E:1D:A2:E8:66:0A:5E:87
X509v3 Authority Key Identifier:
keyid:38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:db:f0:e8:f1:a5:66:d7:31:c4:9f:6e:a3:3a:fa:68:8f:f6:
c9:f0:33:5d:58:e7:70:8b:52:43:17:dc:02:7c:2a:15:15:cb:
4c:59:0a:64:d9:7c:50:91:bb:54:bc:73:93:49:ee:bb:ae:19:
3e:7f:b3:a7:b3:a2:be:e5:0e:d5:e8:91:aa:6f:c8:7f:b8:a9:
30:87:9e:cb:df:8a:2f:dd:86:9c:96:df:9f:02:27:76:b8:2d:
8f:88:71:88:6b:fc:24:81:18:65:5e:c5:65:3a:c9:06:5e:5c:
1d:42:8e:6c:28:60:ed:45:dd:5b:c5:25:73:77:52:35:77:19:
aa:d8:4e:50:33:8b:d3:f2:49:8b:42:1d:4f:7e:59:a8:9c:58:
a3:fc:85:e9:48:9b:db:67:42:dc:d4:03:1c:70:29:c9:b5:a9:
bc:14:47:d6:40:c5:bc:f4:1b:28:1b:66:5c:72:bf:38:ec:4d:
ce:1e:38:d9:ab:5e:a5:e3:5b:b6:39:86:48:22:65:42:81:51:
cb:84:08:44:77:86:40:b1:86:bb:28:3b:51:cf:c3:84:31:d5:
ba:a9:b9:cf:ae:22:07:7f:86:d9:62:49:d9:52:91:a9:1a:88:
99:3f:a5:8c:d4:9d:23:12:d4:55:6d:1e:ba:4b:85:d6:86:bf:
1f:4d:db:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WNaRU2nIQ4nQD7R9LzktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTBjODgyNmMxOGJjZDUxM2FhYTdlNTIwODFmZjlmZDM3
OTE5ZmIwHhcNMjUxMDE5MTIwMTQ0WhcNMjUxMDIwMTIwMTQ0WjAzMTEwLwYDVQQD
Eyg3NDM5NDBmZjRmMDA2MzUwNGQ4MTkwMjMzZTFkYTJlODY2MGE1ZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnO8Y2DF+hUBgGzGVOz3240eSiA/J
1nOPJVfn6UWd7o4WSmeV8NrkCDjy0EYqwq/FNraj/889YYMk2TnDpIBgMlwDevUN
1leelXsaVZge4SnUqKdj8iGiQdrGZ1f0sOzmCIql8ruf0soAl5gisZ8AL/7NhX7z
/xixy+umH3PD6vUZqpHximeq9qJMFUUByuYqjvR+G+QnWq0xA+Sn55DeddlG6QK7
y4I+8d3d09QxVPzvAMzQSIewKh9tnREFsr1T3xrGTagHmqYeIVfIktJAYxr9dQCP
Km1HYdoEqLeeV6d9Xwz4sCFytWKC19xFRe5+nSVdx54hC6RsEf0C/MBw6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHQ5QP9PAGNQTYGQIz4douhmCl6HMB8GA1UdIwQY
MBaAFDigyIJsGLzVE6qn5SCB/5/TeRn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTkt
MDUwMmE2YTU0YWFiLzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTktMDUwMmE2YTU0YWFi
LzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX9vw6PGl
ZtcxxJ9uozr6aI/2yfAzXVjncItSQxfcAnwqFRXLTFkKZNl8UJG7VLxzk0nuu64Z
Pn+zp7OivuUO1eiRqm/If7ipMIeey9+KL92GnJbfnwIndrgtj4hxiGv8JIEYZV7F
ZTrJBl5cHUKObChg7UXdW8Ulc3dSNXcZqthOUDOL0/JJi0IdT35ZqJxYo/yF6Uib
22dC3NQDHHApybWpvBRH1kDFvPQbKBtmXHK/OOxNzh442atepeNbtjmGSCJlQoFR
y4QIRHeGQLGGuyg7Uc/DhDHVuqm5z64iB3+G2WJJ2VKRqRqImT+ljNSdIxLUVW0e
ukuF1oa/H03bhQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:06:06 2025 by rpki-client