Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
File: Okj-BwTkrJXjpw6VvrhEJcMWua0.mft (raw, json)
Hash identifier: 67qebJKmFMZ9KJRl05imaLAEqjhigm3PsuXcxjKlD3o=
Subject key identifier: 5B:73:AB:C0:8C:F5:E1:EA:23:51:BB:E0:9A:66:45:3D:C5:DA:93:A6
Authority key identifier: 3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
Certificate issuer: /CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Certificate serial: 0198D5157A33D29A1533C129B98805A91BB5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
Manifest number: 1163
Signing time: Sat 23 Aug 2025 04:00:11 +0000
Manifest this update: Sat 23 Aug 2025 04:00:11 +0000
Manifest next update: Sun 24 Aug 2025 04:00:11 +0000
Files and hashes: 1: Okj-BwTkrJXjpw6VvrhEJcMWua0.crl (hash: rZyKJYNPempR0Dbtoq/CcOLP+5tOc5i/9w+TDgiCqC0=)
2: jBg4c1TddaMZ79OO2ACO6rgKQkE.roa (hash: vxMjeBuQHvoGxQ3EbvzgsnvZ7fj/adVRxxvAS0tcfsE=)
3: yN3-coe-yJTzFymhuWAPFUYAkF4.roa (hash: IPNSpgYWxN2jcOf0NhOGeg6e+K9d2+ZzIVVpZsFLZDI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 04:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:15:7a:33:d2:9a:15:33:c1:29:b9:88:05:a9:1b:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Validity
Not Before: Aug 23 04:00:11 2025 GMT
Not After : Aug 24 04:00:11 2025 GMT
Subject: CN=5b73abc08cf5e1ea2351bbe09a66453dc5da93a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f9:bb:0c:a4:bd:d0:75:d4:ea:11:f7:5f:e0:
2e:7b:8c:8a:b6:47:7d:7b:df:a4:ea:dc:fa:47:14:
ea:fe:6e:09:b1:b5:37:8d:05:82:c0:b7:34:e9:09:
b8:25:2c:32:44:34:8e:f5:53:c4:18:0d:21:e3:70:
38:36:28:36:08:ec:e4:fa:a8:2d:15:1e:39:f6:5e:
22:e0:55:cf:33:a8:0d:b3:36:d7:ca:da:70:98:bf:
67:c2:2e:d5:1f:49:3c:2d:04:4d:76:a8:e5:27:b7:
ae:51:89:1e:9c:9b:38:b3:34:3c:62:06:98:04:44:
db:1f:6b:a2:44:b8:72:ba:aa:a3:58:ba:e9:4c:28:
34:a4:6f:13:72:cc:36:7c:9b:31:c7:38:aa:c2:61:
7b:8e:38:07:12:d2:7e:d7:7b:fd:21:f6:b5:31:d8:
de:db:e9:97:dc:2c:cb:3b:c6:94:50:eb:58:d3:91:
28:3d:71:3a:ae:97:88:33:4f:41:e0:09:73:43:e1:
b1:a6:0c:6d:87:0d:62:b1:a3:58:19:60:95:dc:21:
da:6f:78:0c:8e:c4:2c:8c:f5:a3:43:8a:72:7b:8b:
59:15:20:6f:f7:6e:47:e0:48:ef:0e:24:5d:a3:fb:
12:63:d7:2e:d4:0c:64:bc:44:f8:9e:58:ee:b5:8f:
f6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:73:AB:C0:8C:F5:E1:EA:23:51:BB:E0:9A:66:45:3D:C5:DA:93:A6
X509v3 Authority Key Identifier:
keyid:3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:d2:a7:ea:35:8e:e3:8f:36:9c:47:f1:9c:da:92:07:92:51:
56:ca:2a:41:5a:19:6e:83:2d:88:80:32:f2:9e:53:75:15:7f:
6f:62:77:b9:76:f4:da:a3:67:b4:c8:e0:e6:53:77:4e:3b:7c:
a0:63:df:e8:d5:a4:25:01:69:27:3c:56:02:8c:c0:e8:5c:6a:
83:d2:ff:4a:8a:5b:86:03:8f:db:03:db:f4:b8:8f:3c:61:f8:
fc:13:88:7a:71:9c:1c:87:2b:6c:8c:6e:4d:07:90:84:53:f1:
77:55:3d:27:9e:d8:2b:d7:a3:f9:a5:5d:1c:eb:77:17:c1:91:
3b:e8:db:0f:5f:f0:6f:ea:1e:52:e8:c9:ee:6b:8e:e5:ec:2e:
69:b6:32:78:21:44:d4:14:a7:d5:2b:25:77:ae:df:d6:cc:56:
2e:34:b7:4d:ff:27:11:d7:af:6f:12:8f:e1:c9:84:4b:e6:c8:
4b:b8:08:8e:36:0c:54:52:fd:5f:93:3c:e1:f1:93:bb:bd:26:
df:bf:35:72:a9:b4:97:9e:67:77:a2:66:3f:8a:24:3b:4b:85:
43:8e:ab:e2:b2:13:a8:e8:38:2f:18:0a:7e:6f:a3:62:40:12:
46:3f:e7:5b:33:b7:b8:fe:88:47:7d:d1:01:3b:fd:39:ab:af:
ab:14:4d:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFXoz0poVM8EpuYgFqRu1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhmZTA3MDRlNGFjOTVlM2E3MGU5NWJlYjg0NDI1YzMx
NmI5YWQwHhcNMjUwODIzMDQwMDExWhcNMjUwODI0MDQwMDExWjAzMTEwLwYDVQQD
Eyg1YjczYWJjMDhjZjVlMWVhMjM1MWJiZTA5YTY2NDUzZGM1ZGE5M2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfm7DKS90HXU6hH3X+Aue4yKtkd9
e9+k6tz6RxTq/m4JsbU3jQWCwLc06Qm4JSwyRDSO9VPEGA0h43A4Nig2COzk+qgt
FR459l4i4FXPM6gNszbXytpwmL9nwi7VH0k8LQRNdqjlJ7euUYkenJs4szQ8YgaY
BETbH2uiRLhyuqqjWLrpTCg0pG8Tcsw2fJsxxziqwmF7jjgHEtJ+13v9Ifa1Mdje
2+mX3CzLO8aUUOtY05EoPXE6rpeIM09B4AlzQ+Gxpgxthw1isaNYGWCV3CHab3gM
jsQsjPWjQ4pye4tZFSBv925H4EjvDiRdo/sSY9cu1AxkvET4nljutY/2HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFtzq8CM9eHqI1G74JpmRT3F2pOmMB8GA1UdIwQY
MBaAFDpI/gcE5KyV46cOlb64RCXDFrmtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEt
ZTEyM2U0ZTMwM2UxLzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEtZTEyM2U0ZTMwM2Ux
LzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYdKn6jWO
4482nEfxnNqSB5JRVsoqQVoZboMtiIAy8p5TdRV/b2J3uXb02qNntMjg5lN3Tjt8
oGPf6NWkJQFpJzxWAozA6Fxqg9L/SopbhgOP2wPb9LiPPGH4/BOIenGcHIcrbIxu
TQeQhFPxd1U9J57YK9ej+aVdHOt3F8GRO+jbD1/wb+oeUujJ7muO5ewuabYyeCFE
1BSn1Ssld67f1sxWLjS3Tf8nEdevbxKP4cmES+bIS7gIjjYMVFL9X5M84fGTu70m
3781cqm0l55nd6JmP4okO0uFQ46r4rITqOg4LxgKfm+jYkASRj/nWzO3uP6IR33R
ATv9OauvqxRN9g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:38:27 2025 by rpki-client