Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
File: M-okCE9ribBlVZkQ4DEetRS-uxE.mft (raw, json)
Hash identifier: Ak90s+AFPFMZo28mTiZeO9b4mYvsXyIVDTHg4UgvJto=
Subject key identifier: D6:F3:AD:C5:5B:E6:9A:CE:C4:0A:01:DD:EB:46:3C:DE:D7:17:D6:65
Authority key identifier: 33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
Certificate issuer: /CN=33ea24084f6b89b065559910e0311eb514bebb11
Certificate serial: 0199FD33E52F2CBA225C56AA8335967696C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
Manifest number: 0A1A
Signing time: Sun 19 Oct 2025 16:01:00 +0000
Manifest this update: Sun 19 Oct 2025 16:01:00 +0000
Manifest next update: Mon 20 Oct 2025 16:01:00 +0000
Files and hashes: 1: M-okCE9ribBlVZkQ4DEetRS-uxE.crl (hash: HBAew2eGuZpJ9KFAsuhBTumB8W2yriTBbdvGuCBzRnE=)
2: q5bfraBywGI6OWgME5lOUXQvdtQ.roa (hash: VPJfRwAlvqbFoPlw0asR42eLfzS3WBMbNuvc2HvQmEs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:33:e5:2f:2c:ba:22:5c:56:aa:83:35:96:76:96:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ea24084f6b89b065559910e0311eb514bebb11
Validity
Not Before: Oct 19 16:01:00 2025 GMT
Not After : Oct 20 16:01:00 2025 GMT
Subject: CN=d6f3adc55be69acec40a01ddeb463cded717d665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:66:d5:b0:29:29:ec:23:1d:8c:c0:ec:e4:6f:
e0:b7:9a:45:ae:81:d7:61:05:f7:8d:45:84:98:eb:
44:46:77:63:f8:43:8a:79:6b:a1:bb:ad:5e:c9:00:
da:2f:7d:ad:1d:a7:00:10:af:c5:3f:91:2a:9d:af:
33:e9:67:66:37:f5:39:fc:c3:8f:7d:e0:4a:4e:44:
93:99:61:fc:db:bc:41:8a:c4:63:76:e2:73:17:09:
c0:7d:2e:f7:d5:40:2d:9f:4a:e9:b9:c1:a7:f4:90:
5e:54:f0:86:52:ba:d4:93:32:a1:6d:4c:24:ad:5a:
f3:a2:7e:3e:71:3f:6e:f6:53:c2:9e:ba:6f:04:14:
ef:ae:02:c8:1d:3a:c6:ee:ad:bc:2b:2d:38:fa:3f:
35:ef:4b:a4:a0:89:ed:47:62:76:7b:a5:0a:59:f9:
ff:f0:f8:1c:68:fd:26:69:19:f4:aa:17:d2:25:6c:
a6:16:e7:43:ca:55:77:42:2a:df:4d:fe:4d:1c:4f:
f5:fc:fb:89:aa:c4:27:1d:3f:77:03:a4:21:6b:56:
b5:38:39:eb:b8:37:8b:51:54:b3:1e:80:7f:4f:ca:
07:ba:d2:b6:fd:f9:de:12:70:35:ac:1d:df:fb:cf:
97:4c:0a:a0:d7:26:63:30:5a:a9:35:d1:95:55:16:
6b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:F3:AD:C5:5B:E6:9A:CE:C4:0A:01:DD:EB:46:3C:DE:D7:17:D6:65
X509v3 Authority Key Identifier:
keyid:33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:6b:16:a7:f2:8e:3b:c5:e3:40:b0:57:63:11:18:a4:a0:73:
6e:2b:d3:53:9e:c5:ce:85:33:ba:bb:06:8f:9f:9d:9d:20:68:
3b:cb:b5:81:8c:f9:7a:ad:10:36:f0:fc:6d:69:af:fb:16:f4:
1e:69:c6:f4:4a:28:c4:9a:c0:5e:c7:8a:3e:5f:66:11:b7:ca:
f2:72:cb:38:9e:2e:ef:23:46:3c:1e:56:a9:61:22:b7:68:ec:
9b:65:1d:07:b3:ab:b7:bd:43:fd:1c:11:65:f3:63:01:9e:1f:
98:01:3e:30:09:09:5b:46:ab:eb:3b:fb:99:f4:ed:76:12:6e:
ac:9b:c0:ec:a3:16:2b:df:fd:c7:f8:60:d1:cf:42:cb:8e:ac:
30:1e:09:15:4c:b7:7e:52:11:10:e2:09:74:c2:9a:35:86:33:
33:66:3f:c1:e2:09:1a:99:f5:38:85:e1:a4:6c:49:c3:8c:25:
b2:b5:17:55:bf:33:2f:8c:6b:b6:af:96:06:ba:21:66:c9:2c:
90:00:4b:16:84:0e:cd:ae:cd:b3:3c:94:a1:d9:f7:da:0d:61:
8d:5d:05:8a:f3:71:9d:5c:7f:1d:12:3c:91:9b:8a:40:d4:c7:
2c:43:0a:a5:0a:ac:38:3f:89:84:02:48:ef:e0:e6:e9:b7:38:
20:10:7d:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9M+UvLLoiXFaqgzWWdpbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWEyNDA4NGY2Yjg5YjA2NTU1OTkxMGUwMzExZWI1MTRi
ZWJiMTEwHhcNMjUxMDE5MTYwMTAwWhcNMjUxMDIwMTYwMTAwWjAzMTEwLwYDVQQD
EyhkNmYzYWRjNTViZTY5YWNlYzQwYTAxZGRlYjQ2M2NkZWQ3MTdkNjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWbVsCkp7CMdjMDs5G/gt5pFroHX
YQX3jUWEmOtERndj+EOKeWuhu61eyQDaL32tHacAEK/FP5Eqna8z6WdmN/U5/MOP
feBKTkSTmWH827xBisRjduJzFwnAfS731UAtn0rpucGn9JBeVPCGUrrUkzKhbUwk
rVrzon4+cT9u9lPCnrpvBBTvrgLIHTrG7q28Ky04+j8170ukoIntR2J2e6UKWfn/
8PgcaP0maRn0qhfSJWymFudDylV3QirfTf5NHE/1/PuJqsQnHT93A6Qha1a1ODnr
uDeLUVSzHoB/T8oHutK2/fneEnA1rB3f+8+XTAqg1yZjMFqpNdGVVRZrVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNbzrcVb5prOxAoB3etGPN7XF9ZlMB8GA1UdIwQY
MBaAFDPqJAhPa4mwZVWZEOAxHrUUvrsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUt
OTA1MTk2ZWJhMGJlLzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUtOTA1MTk2ZWJhMGJl
LzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF2sWp/KO
O8XjQLBXYxEYpKBzbivTU57FzoUzursGj5+dnSBoO8u1gYz5eq0QNvD8bWmv+xb0
HmnG9EooxJrAXseKPl9mEbfK8nLLOJ4u7yNGPB5WqWEit2jsm2UdB7Ort71D/RwR
ZfNjAZ4fmAE+MAkJW0ar6zv7mfTtdhJurJvA7KMWK9/9x/hg0c9Cy46sMB4JFUy3
flIREOIJdMKaNYYzM2Y/weIJGpn1OIXhpGxJw4wlsrUXVb8zL4xrtq+WBrohZsks
kABLFoQOza7NszyUodn32g1hjV0FivNxnVx/HRI8kZuKQNTHLEMKpQqsOD+JhAJI
7+Dm6bc4IBB9Tw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:45:06 2025 by rpki-client