Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
File: OkGxVaq20SKf00jqoD0PeQPxJno.mft (raw, json)
Hash identifier: HNY/pMhagZ9/3YYN85ploYEoC/5HVsQfwPRq9FNEKhA=
Subject key identifier: 3E:75:7C:AF:01:D4:D4:1B:DB:86:E7:35:46:5B:88:CE:61:A5:2F:68
Authority key identifier: 3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
Certificate issuer: /CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Certificate serial: 0199FC2170A84ED16C987D1946BA9EC992AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
Manifest number: 11E9
Signing time: Sun 19 Oct 2025 11:01:13 +0000
Manifest this update: Sun 19 Oct 2025 11:01:13 +0000
Manifest next update: Mon 20 Oct 2025 11:01:13 +0000
Files and hashes: 1: DUYlFbh6FULGzgdthf_PMDp6hOU.roa (hash: JR7UbEi2bM6dLHHY3xrq1gui3NHbn1GkWRWkFGTRYw0=)
2: OkGxVaq20SKf00jqoD0PeQPxJno.crl (hash: SSww6/5x0QOnH5IOT64srDV+zEHm3NBGVA3MbTI7Arw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:21:70:a8:4e:d1:6c:98:7d:19:46:ba:9e:c9:92:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Validity
Not Before: Oct 19 11:01:13 2025 GMT
Not After : Oct 20 11:01:13 2025 GMT
Subject: CN=3e757caf01d4d41bdb86e735465b88ce61a52f68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a4:48:19:6a:f5:2e:14:56:75:ad:fe:5a:47:
b9:44:ee:41:cf:f2:44:ff:ed:5a:69:64:70:5e:59:
e5:a1:77:39:fe:95:3d:c1:a5:a2:94:86:32:96:99:
e0:fe:d4:5c:25:9e:63:de:39:22:16:f6:e2:ac:06:
3f:af:c9:41:ca:21:23:f5:81:31:01:7f:66:6a:d9:
98:d7:c7:e2:92:d1:9f:ac:8a:67:0a:ae:ba:34:42:
4f:8c:83:69:a0:95:20:c0:57:6b:85:91:59:23:d8:
96:55:2e:b3:d6:ba:20:6b:ac:bb:4e:58:f9:14:60:
49:7d:c3:9f:6b:38:c0:ed:ac:31:e0:7a:78:9e:28:
32:4b:0e:0e:f9:c4:ba:db:95:62:5f:9e:a6:58:de:
68:9e:45:cb:9e:db:94:0d:04:e1:0d:f5:e8:99:de:
1f:db:c2:dd:8e:da:c0:74:11:13:71:54:d6:f4:3c:
b4:39:e6:16:54:9a:2a:80:d9:a3:91:b3:1d:70:fd:
28:dd:c7:96:4d:e6:fe:bc:55:2f:5d:41:80:f6:a6:
b3:46:1c:7c:c3:9e:60:98:f2:04:f7:27:de:b6:a1:
0b:26:1a:ab:49:6c:ba:27:e8:37:3d:1e:e4:7a:16:
91:fc:cb:4e:b3:e9:69:9a:a7:f6:b9:a9:58:68:ea:
db:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:75:7C:AF:01:D4:D4:1B:DB:86:E7:35:46:5B:88:CE:61:A5:2F:68
X509v3 Authority Key Identifier:
keyid:3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:ea:82:ec:e8:0a:6c:a4:65:21:15:71:96:d3:95:ee:53:ec:
3f:9f:75:3c:8b:36:d4:bd:6d:cc:f7:2d:34:58:72:c3:bc:a5:
2e:3c:9b:2b:93:05:26:10:1c:11:81:5b:77:ba:94:bc:cc:27:
d8:eb:38:4b:dd:a0:0c:c9:59:ec:7f:5e:1b:2f:6e:09:2b:80:
fa:d9:d2:f8:48:85:91:4c:01:db:b2:df:35:3e:bc:52:31:3f:
6c:c2:0b:56:b7:3e:0e:73:e7:46:4b:41:fb:aa:dd:40:43:2a:
07:a7:bf:b2:3d:b1:af:ff:24:7e:7f:73:e1:5f:51:60:01:f9:
75:94:78:b0:e6:ad:a0:b0:7e:d9:8d:0a:d3:da:1f:98:29:95:
dd:a6:a8:70:b6:38:59:0f:98:56:38:74:f8:5b:03:fe:8b:a5:
e1:e7:2e:eb:94:a3:68:9e:69:d2:bd:df:34:80:f0:54:03:05:
5e:13:fb:ec:bd:dc:e0:46:e8:01:e3:04:49:c7:ef:0d:22:01:
16:6c:1c:94:8f:49:55:a6:40:fe:fc:76:36:c1:e0:9e:fd:a0:
0c:b6:2f:3e:fe:52:fa:79:74:12:f0:18:8f:9b:58:80:32:54:
b5:a2:5a:7e:ce:e9:10:84:6e:b6:b4:bf:14:19:b7:a2:f3:fb:
b4:46:25:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IXCoTtFsmH0ZRrqeyZKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDFiMTU1YWFiNmQxMjI5ZmQzNDhlYWEwM2QwZjc5MDNm
MTI2N2EwHhcNMjUxMDE5MTEwMTEzWhcNMjUxMDIwMTEwMTEzWjAzMTEwLwYDVQQD
EygzZTc1N2NhZjAxZDRkNDFiZGI4NmU3MzU0NjViODhjZTYxYTUyZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6RIGWr1LhRWda3+Wke5RO5Bz/JE
/+1aaWRwXlnloXc5/pU9waWilIYylpng/tRcJZ5j3jkiFvbirAY/r8lByiEj9YEx
AX9matmY18fiktGfrIpnCq66NEJPjINpoJUgwFdrhZFZI9iWVS6z1roga6y7Tlj5
FGBJfcOfazjA7awx4Hp4nigySw4O+cS625ViX56mWN5onkXLntuUDQThDfXomd4f
28LdjtrAdBETcVTW9Dy0OeYWVJoqgNmjkbMdcP0o3ceWTeb+vFUvXUGA9qazRhx8
w55gmPIE9yfetqELJhqrSWy6J+g3PR7kehaR/MtOs+lpmqf2ualYaOrbCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD51fK8B1NQb24bnNUZbiM5hpS9oMB8GA1UdIwQY
MBaAFDpBsVWqttEin9NI6qA9D3kD8SZ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUt
MmIzYjRjNzgwNDE5LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUtMmIzYjRjNzgwNDE5
LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW+qC7OgK
bKRlIRVxltOV7lPsP591PIs21L1tzPctNFhyw7ylLjybK5MFJhAcEYFbd7qUvMwn
2Os4S92gDMlZ7H9eGy9uCSuA+tnS+EiFkUwB27LfNT68UjE/bMILVrc+DnPnRktB
+6rdQEMqB6e/sj2xr/8kfn9z4V9RYAH5dZR4sOatoLB+2Y0K09ofmCmV3aaocLY4
WQ+YVjh0+FsD/oul4ecu65SjaJ5p0r3fNIDwVAMFXhP77L3c4EboAeMEScfvDSIB
FmwclI9JVaZA/vx2NsHgnv2gDLYvPv5S+nl0EvAYj5tYgDJUtaJafs7pEIRutrS/
FBm3ovP7tEYlHA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:58:46 2025 by rpki-client