Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
File: M-okCE9ribBlVZkQ4DEetRS-uxE.mft (raw, json)
Hash identifier: JReS7qxpR+Ku4YnaQ1SaKJlr0asFh4LkkxWc8YHd/38=
Subject key identifier: 72:F8:27:1D:9C:D1:98:9C:05:C6:FC:C0:69:EF:ED:35:13:02:D5:FC
Authority key identifier: 33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
Certificate issuer: /CN=33ea24084f6b89b065559910e0311eb514bebb11
Certificate serial: 0198D998FAB42337965877BF36A6A26AF56E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
Manifest number: 0983
Signing time: Sun 24 Aug 2025 01:02:18 +0000
Manifest this update: Sun 24 Aug 2025 01:02:18 +0000
Manifest next update: Mon 25 Aug 2025 01:02:18 +0000
Files and hashes: 1: M-okCE9ribBlVZkQ4DEetRS-uxE.crl (hash: cZpTuxT8V/ynwUlJy7emKc8H1Z/KoQthVLDG+EI0UiU=)
2: q5bfraBywGI6OWgME5lOUXQvdtQ.roa (hash: VPJfRwAlvqbFoPlw0asR42eLfzS3WBMbNuvc2HvQmEs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 17:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d9:98:fa:b4:23:37:96:58:77:bf:36:a6:a2:6a:f5:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ea24084f6b89b065559910e0311eb514bebb11
Validity
Not Before: Aug 24 01:02:18 2025 GMT
Not After : Aug 25 01:02:18 2025 GMT
Subject: CN=72f8271d9cd1989c05c6fcc069efed351302d5fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8e:63:d2:34:4f:bb:fe:88:b8:b5:3a:01:55:
5d:11:b0:83:a1:22:07:ca:47:2f:0e:a3:ec:86:8e:
8a:0b:cd:5c:e5:a7:80:3e:e8:1c:fb:1c:be:3a:fa:
1d:ef:0b:9f:94:f1:b3:48:f9:6d:c8:b4:ab:02:9b:
95:5e:b8:b7:7a:20:80:99:a4:47:3c:9e:35:55:79:
f9:10:69:b6:34:9e:9c:91:11:26:1f:8a:73:16:c5:
78:c9:bf:6f:d8:7d:12:c5:c8:da:25:b1:0c:05:6b:
82:77:97:7d:4b:ee:9e:7b:e3:57:aa:60:b6:11:8f:
89:9e:2a:15:64:db:46:e6:71:a8:08:f2:a4:69:0e:
5a:40:35:2e:35:c6:c6:6f:c3:38:b6:ad:61:6a:64:
a8:c4:a1:ee:9e:76:11:be:a9:85:7d:02:5f:98:4c:
b5:f9:d8:34:52:20:a3:dd:b0:65:f7:78:66:00:b2:
01:9a:93:27:a3:b9:fd:e9:50:ab:8e:03:0c:f5:90:
cb:44:9c:4c:4d:3d:fd:b0:cd:fa:b8:8d:b8:fb:7a:
28:4e:ca:e7:9c:15:a7:0c:7d:19:e6:a0:d4:e6:67:
50:f1:51:58:10:25:3e:e7:87:b1:6d:b2:09:69:de:
51:db:b1:5e:91:cc:13:e0:52:12:d9:84:0d:38:80:
ba:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F8:27:1D:9C:D1:98:9C:05:C6:FC:C0:69:EF:ED:35:13:02:D5:FC
X509v3 Authority Key Identifier:
keyid:33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:cc:0f:0a:26:92:a9:d4:1c:f4:8b:7c:62:a6:cd:8f:b6:c3:
8f:ad:ff:dc:ab:d7:eb:74:eb:3d:21:d8:7c:1c:e1:9b:2d:b7:
69:49:29:9f:74:0f:6a:09:6d:59:41:db:96:be:4a:2c:67:34:
1f:24:65:0f:a5:4a:0b:2c:66:c3:ba:a3:27:96:eb:50:4f:c0:
c9:85:99:f4:a1:21:2f:b5:23:35:6c:9b:68:e2:5d:b7:46:4d:
97:30:18:39:91:c8:76:c6:af:5a:22:ac:15:99:89:60:e7:16:
66:0a:e4:17:72:e3:18:89:97:e6:2c:19:39:b5:41:38:8c:3f:
c4:d6:95:62:d6:8f:db:46:02:d5:7f:01:f6:af:3d:19:0f:a0:
ef:cd:c7:46:a5:b4:4c:cf:63:92:9b:21:bf:67:14:dc:10:36:
01:57:80:72:e9:75:ea:6d:42:cd:fe:26:24:6f:19:79:df:6b:
09:d5:8e:b1:f4:20:70:3d:87:2c:0d:73:7f:9a:ea:75:19:6a:
b8:2a:dc:8b:60:a9:8d:7d:ed:ce:18:4b:1f:75:7b:57:c6:7e:
bf:f6:81:e0:1c:b6:2f:8b:7f:b3:da:d3:bb:6f:1f:2b:e7:32:
16:c5:10:36:dd:ae:4f:3e:89:fa:34:20:6b:40:aa:1e:62:88:
2d:fd:f1:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjZmPq0IzeWWHe/NqaiavVuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWEyNDA4NGY2Yjg5YjA2NTU1OTkxMGUwMzExZWI1MTRi
ZWJiMTEwHhcNMjUwODI0MDEwMjE4WhcNMjUwODI1MDEwMjE4WjAzMTEwLwYDVQQD
Eyg3MmY4MjcxZDljZDE5ODljMDVjNmZjYzA2OWVmZWQzNTEzMDJkNWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqo5j0jRPu/6IuLU6AVVdEbCDoSIH
ykcvDqPsho6KC81c5aeAPugc+xy+Ovod7wuflPGzSPltyLSrApuVXri3eiCAmaRH
PJ41VXn5EGm2NJ6ckREmH4pzFsV4yb9v2H0SxcjaJbEMBWuCd5d9S+6ee+NXqmC2
EY+JnioVZNtG5nGoCPKkaQ5aQDUuNcbGb8M4tq1hamSoxKHunnYRvqmFfQJfmEy1
+dg0UiCj3bBl93hmALIBmpMno7n96VCrjgMM9ZDLRJxMTT39sM36uI24+3ooTsrn
nBWnDH0Z5qDU5mdQ8VFYECU+54exbbIJad5R27FekcwT4FIS2YQNOIC6BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHL4Jx2c0ZicBcb8wGnv7TUTAtX8MB8GA1UdIwQY
MBaAFDPqJAhPa4mwZVWZEOAxHrUUvrsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUt
OTA1MTk2ZWJhMGJlLzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUtOTA1MTk2ZWJhMGJl
LzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFMwPCiaS
qdQc9It8YqbNj7bDj63/3KvX63TrPSHYfBzhmy23aUkpn3QPagltWUHblr5KLGc0
HyRlD6VKCyxmw7qjJ5brUE/AyYWZ9KEhL7UjNWybaOJdt0ZNlzAYOZHIdsavWiKs
FZmJYOcWZgrkF3LjGImX5iwZObVBOIw/xNaVYtaP20YC1X8B9q89GQ+g783HRqW0
TM9jkpshv2cU3BA2AVeAcul16m1Czf4mJG8Zed9rCdWOsfQgcD2HLA1zf5rqdRlq
uCrci2CpjX3tzhhLH3V7V8Z+v/aB4By2L4t/s9rTu28fK+cyFsUQNt2uTz6J+jQg
a0CqHmKILf3xCQ==
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:12:24 2025 by rpki-client