Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
File: M-okCE9ribBlVZkQ4DEetRS-uxE.mft (raw, json)
Hash identifier: 2G7fxQLdmrphjnOz27bDJnZKQ8kWE37MH5mGtaHacps=
Subject key identifier: D0:AA:49:0A:F7:6D:4F:9A:52:7F:14:5B:A9:E8:69:52:C6:99:E7:E8
Authority key identifier: 33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
Certificate issuer: /CN=33ea24084f6b89b065559910e0311eb514bebb11
Certificate serial: 0197B7EA814E9039CA2D102E348B57A73907
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
Manifest number: 08ED
Signing time: Sat 28 Jun 2025 19:01:28 +0000
Manifest this update: Sat 28 Jun 2025 19:01:28 +0000
Manifest next update: Sun 29 Jun 2025 19:01:28 +0000
Files and hashes: 1: M-okCE9ribBlVZkQ4DEetRS-uxE.crl (hash: io47+Sk4P1/vctWbSbtzpxlKVQFM+bKkZdu0jbkQUXU=)
2: q5bfraBywGI6OWgME5lOUXQvdtQ.roa (hash: VPJfRwAlvqbFoPlw0asR42eLfzS3WBMbNuvc2HvQmEs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:ea:81:4e:90:39:ca:2d:10:2e:34:8b:57:a7:39:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ea24084f6b89b065559910e0311eb514bebb11
Validity
Not Before: Jun 28 19:01:28 2025 GMT
Not After : Jun 29 19:01:28 2025 GMT
Subject: CN=d0aa490af76d4f9a527f145ba9e86952c699e7e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:05:52:b5:d7:8d:1c:70:9d:c0:4b:1f:c3:6b:
7c:55:7d:5b:26:47:74:01:63:0c:91:a5:45:4d:53:
8c:22:b1:cb:74:c9:4d:32:c2:5d:f0:c2:65:3b:eb:
9e:c6:b8:1b:a7:cd:2e:27:ce:14:ef:8a:7e:41:e5:
28:6e:fd:8a:ad:01:db:7c:8c:3c:d2:30:23:95:52:
53:76:03:64:6d:19:d0:99:73:22:3c:e7:9c:bb:ea:
dc:bd:26:8d:fb:42:dc:b1:35:6d:54:8d:14:bb:bf:
2d:6d:ab:71:97:8e:21:f2:17:31:28:f2:b9:cb:d5:
c0:ea:3e:28:ae:95:61:db:74:b6:ce:4e:f9:54:e2:
01:23:92:f3:a3:3a:e4:b6:49:b1:e3:69:cd:a2:7d:
df:4c:b1:c3:5f:62:05:2b:e9:c3:f8:d4:14:27:ed:
03:5e:ca:f1:1d:fd:bd:44:7f:c5:ac:25:db:f2:f6:
b8:58:76:0e:3f:37:e6:c4:65:ea:fe:df:d4:7c:77:
b7:6d:94:95:61:de:30:84:c3:55:6a:9b:e0:95:a4:
84:14:4a:79:24:94:a3:75:0b:04:1e:de:89:78:c3:
ab:8f:29:27:aa:26:2d:dc:2f:38:55:15:2d:5a:31:
75:51:52:ad:16:e6:bc:aa:1c:0c:da:4f:99:24:c2:
ee:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:AA:49:0A:F7:6D:4F:9A:52:7F:14:5B:A9:E8:69:52:C6:99:E7:E8
X509v3 Authority Key Identifier:
keyid:33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:16:4e:a7:53:87:cc:aa:99:a9:df:6a:88:0a:2a:b3:a1:d8:
21:12:14:96:3f:42:65:bf:90:52:c4:af:e2:58:d0:13:24:51:
25:ee:26:e9:04:c0:18:a8:a4:5f:9a:a4:b2:c6:02:db:2e:44:
81:f0:f1:30:dc:db:ef:26:01:f1:32:91:15:45:df:18:04:97:
b9:82:dd:f5:eb:dd:7f:20:1b:ca:73:29:65:bd:9e:13:1d:22:
f2:e1:34:e4:f5:a4:8a:c6:de:fa:4e:80:47:7f:e6:7d:81:85:
dd:5b:31:33:50:d3:45:0c:90:ca:d9:5e:4c:75:40:09:54:cf:
c6:02:2d:80:37:c7:8b:4d:5a:53:e7:7d:3c:07:35:37:ab:f1:
c7:a2:a4:ba:b7:97:e7:7b:b0:78:09:fd:ed:b2:a0:bf:31:2b:
59:b3:a0:7f:be:b9:b7:b5:2f:cc:ef:f7:49:c8:0f:7a:ea:71:
0c:d6:77:22:84:af:1b:2c:c0:fc:69:db:4e:0d:58:e8:aa:18:
d0:14:e1:9b:40:25:31:ac:41:4f:8c:cb:99:ff:8c:b8:4b:5f:
41:3d:23:44:86:26:6b:39:42:b9:8b:32:32:6d:ae:0d:e3:bd:
2f:b8:32:0c:67:99:d5:8d:a1:e7:e1:a1:6c:d2:ae:f3:e7:3b:
cb:72:89:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36oFOkDnKLRAuNItXpzkHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWEyNDA4NGY2Yjg5YjA2NTU1OTkxMGUwMzExZWI1MTRi
ZWJiMTEwHhcNMjUwNjI4MTkwMTI4WhcNMjUwNjI5MTkwMTI4WjAzMTEwLwYDVQQD
EyhkMGFhNDkwYWY3NmQ0ZjlhNTI3ZjE0NWJhOWU4Njk1MmM2OTllN2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gVStdeNHHCdwEsfw2t8VX1bJkd0
AWMMkaVFTVOMIrHLdMlNMsJd8MJlO+uexrgbp80uJ84U74p+QeUobv2KrQHbfIw8
0jAjlVJTdgNkbRnQmXMiPOecu+rcvSaN+0LcsTVtVI0Uu78tbatxl44h8hcxKPK5
y9XA6j4orpVh23S2zk75VOIBI5Lzozrktkmx42nNon3fTLHDX2IFK+nD+NQUJ+0D
XsrxHf29RH/FrCXb8va4WHYOPzfmxGXq/t/UfHe3bZSVYd4whMNVapvglaSEFEp5
JJSjdQsEHt6JeMOrjyknqiYt3C84VRUtWjF1UVKtFua8qhwM2k+ZJMLuQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNCqSQr3bU+aUn8UW6noaVLGmefoMB8GA1UdIwQY
MBaAFDPqJAhPa4mwZVWZEOAxHrUUvrsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUt
OTA1MTk2ZWJhMGJlLzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUtOTA1MTk2ZWJhMGJl
LzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHBZOp1OH
zKqZqd9qiAoqs6HYIRIUlj9CZb+QUsSv4ljQEyRRJe4m6QTAGKikX5qkssYC2y5E
gfDxMNzb7yYB8TKRFUXfGASXuYLd9evdfyAbynMpZb2eEx0i8uE05PWkisbe+k6A
R3/mfYGF3VsxM1DTRQyQytleTHVACVTPxgItgDfHi01aU+d9PAc1N6vxx6KkureX
53uweAn97bKgvzErWbOgf765t7UvzO/3ScgPeupxDNZ3IoSvGyzA/GnbTg1Y6KoY
0BThm0AlMaxBT4zLmf+MuEtfQT0jRIYmazlCuYsyMm2uDeO9L7gyDGeZ1Y2h5+Gh
bNKu8+c7y3KJaw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:35:56 2025 by rpki-client