Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
File: OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft (raw, json)
Hash identifier: qkQJEk/kweybSjETF4WVBguaYTqUHWCHbUclrJeLkO8=
Subject key identifier: D2:99:49:1F:36:91:28:64:F6:1F:CD:53:F1:D8:DC:60:E1:59:68:5B
Authority key identifier: 38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
Certificate issuer: /CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Certificate serial: 0198D6CD55F0FC31F33D7D4B15C77364AABE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
Manifest number: 15B0
Signing time: Sat 23 Aug 2025 12:00:37 +0000
Manifest this update: Sat 23 Aug 2025 12:00:37 +0000
Manifest next update: Sun 24 Aug 2025 12:00:37 +0000
Files and hashes: 1: KBKNSo54C-UjedwUMFB9xB41sio.roa (hash: EOnhGNtgG2NlhPSt6QkJfBoHbT869foRrNlEhdeoqqA=)
2: OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl (hash: CQgWbVkMni29aXIchCUABbYOMVq+nMTedUAStq+PdRE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:cd:55:f0:fc:31:f3:3d:7d:4b:15:c7:73:64:aa:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Validity
Not Before: Aug 23 12:00:37 2025 GMT
Not After : Aug 24 12:00:37 2025 GMT
Subject: CN=d299491f36912864f61fcd53f1d8dc60e159685b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:52:e4:34:05:d5:d1:fd:a3:9b:e3:28:bd:55:
aa:c4:d1:ec:f1:6e:a8:1a:5e:f3:1d:0c:df:34:84:
ad:d0:6f:6f:d2:70:0a:24:6f:bd:91:2d:b5:37:1d:
24:2c:d8:57:04:80:46:86:cb:33:2c:24:a5:62:3a:
45:62:95:44:c4:64:de:d4:17:c8:e4:d9:69:cb:6d:
c9:9c:45:e6:5c:d2:ce:de:12:c2:da:41:7c:bd:13:
ad:a5:3e:e4:fa:19:fe:b6:d5:17:a8:3a:30:6c:49:
f6:65:e4:ea:46:e2:ae:3d:97:5e:0d:50:52:c2:b7:
95:0e:bf:c1:7f:a8:65:b9:17:e4:de:34:17:fa:c2:
25:35:a0:d6:fd:d1:67:bb:b6:14:3d:63:33:c9:29:
68:90:c4:85:f2:64:82:20:3f:42:fb:04:b3:34:0d:
79:a6:9f:c5:a1:97:c5:4f:36:3b:09:a2:72:38:2c:
f2:49:57:be:f9:56:fb:e9:42:eb:87:bf:c8:21:f7:
e3:c0:49:89:e3:0c:e0:ac:bb:5d:04:8f:6a:10:eb:
a6:fe:98:0f:5d:e8:fe:60:66:ff:9c:4c:86:0c:a7:
7f:61:6e:93:88:bb:33:9d:5c:a2:9a:78:c7:a9:d0:
b5:a5:00:1b:48:83:6a:f8:67:ae:36:b2:b7:57:b4:
4a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:99:49:1F:36:91:28:64:F6:1F:CD:53:F1:D8:DC:60:E1:59:68:5B
X509v3 Authority Key Identifier:
keyid:38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:ee:80:d1:34:eb:12:a2:e2:20:1c:a2:41:94:28:2b:c7:c2:
31:68:ab:92:3b:2e:57:71:ed:19:c7:2a:37:18:cf:1a:7e:d7:
0e:24:05:5a:59:d7:2e:62:87:0c:c4:2f:35:29:94:94:ec:90:
cb:25:ba:fe:89:fd:7d:fa:17:b9:b3:a2:06:4f:ed:0b:87:08:
a5:0a:4e:ec:b4:65:f6:86:dd:87:6c:fd:0f:93:65:6a:75:1c:
11:a8:d4:f0:48:bf:b7:e4:67:ec:c0:a2:98:cb:73:a4:ab:64:
3c:b2:5c:09:5c:71:b1:fd:a2:95:05:a2:e3:ce:89:fd:2e:c7:
33:86:4a:37:70:21:76:b9:71:1d:01:9b:67:79:df:77:a3:3e:
dc:22:61:41:6d:7f:5a:bb:11:81:e1:3d:40:f8:18:3e:4c:4e:
b8:76:ab:e9:1e:d8:14:59:c5:75:41:a0:3f:a4:58:fe:85:e7:
59:9e:41:c4:cf:38:2c:e5:93:d8:49:2a:34:a6:f9:df:cf:19:
9c:3f:70:bb:f1:15:b8:ac:33:91:75:46:52:36:d0:85:c8:ba:
e2:b4:6e:d4:a0:8c:de:12:fe:52:c6:c3:f1:3a:60:e7:7a:f4:
2b:76:1b:15:e1:da:f8:09:d0:ea:11:79:45:1a:05:59:4c:77:
03:f8:91:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzVXw/DHzPX1LFcdzZKq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTBjODgyNmMxOGJjZDUxM2FhYTdlNTIwODFmZjlmZDM3
OTE5ZmIwHhcNMjUwODIzMTIwMDM3WhcNMjUwODI0MTIwMDM3WjAzMTEwLwYDVQQD
EyhkMjk5NDkxZjM2OTEyODY0ZjYxZmNkNTNmMWQ4ZGM2MGUxNTk2ODViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVLkNAXV0f2jm+MovVWqxNHs8W6o
Gl7zHQzfNISt0G9v0nAKJG+9kS21Nx0kLNhXBIBGhsszLCSlYjpFYpVExGTe1BfI
5Nlpy23JnEXmXNLO3hLC2kF8vROtpT7k+hn+ttUXqDowbEn2ZeTqRuKuPZdeDVBS
wreVDr/Bf6hluRfk3jQX+sIlNaDW/dFnu7YUPWMzySlokMSF8mSCID9C+wSzNA15
pp/FoZfFTzY7CaJyOCzySVe++Vb76ULrh7/IIffjwEmJ4wzgrLtdBI9qEOum/pgP
Xej+YGb/nEyGDKd/YW6TiLsznVyimnjHqdC1pQAbSINq+GeuNrK3V7RKjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNKZSR82kShk9h/NU/HY3GDhWWhbMB8GA1UdIwQY
MBaAFDigyIJsGLzVE6qn5SCB/5/TeRn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTkt
MDUwMmE2YTU0YWFiLzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTktMDUwMmE2YTU0YWFi
LzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhu6A0TTr
EqLiIByiQZQoK8fCMWirkjsuV3HtGccqNxjPGn7XDiQFWlnXLmKHDMQvNSmUlOyQ
yyW6/on9ffoXubOiBk/tC4cIpQpO7LRl9obdh2z9D5NlanUcEajU8Ei/t+Rn7MCi
mMtzpKtkPLJcCVxxsf2ilQWi486J/S7HM4ZKN3AhdrlxHQGbZ3nfd6M+3CJhQW1/
WrsRgeE9QPgYPkxOuHar6R7YFFnFdUGgP6RY/oXnWZ5BxM84LOWT2EkqNKb5388Z
nD9wu/EVuKwzkXVGUjbQhci64rRu1KCM3hL+UsbD8Tpg53r0K3YbFeHa+AnQ6hF5
RRoFWUx3A/iR6A==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:56:17 2025 by rpki-client