Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
File: Okj-BwTkrJXjpw6VvrhEJcMWua0.mft (raw, json)
Hash identifier: VpTQ6vE/93uinkTGxSt6RRCfgATPD41T9SV5eGRFQyk=
Subject key identifier: B9:68:7F:BE:55:55:F8:67:08:40:99:90:84:ED:84:78:A5:8F:70:8F
Authority key identifier: 3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
Certificate issuer: /CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Certificate serial: 0197B7458FEAF82DB9ECEFE675D12D6B3FF1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
Manifest number: 10CF
Signing time: Sat 28 Jun 2025 16:01:18 +0000
Manifest this update: Sat 28 Jun 2025 16:01:18 +0000
Manifest next update: Sun 29 Jun 2025 16:01:18 +0000
Files and hashes: 1: Okj-BwTkrJXjpw6VvrhEJcMWua0.crl (hash: wKbA1zniT4i4GkK+1vz4a3KX5RbRgql/CnQB+YWVoEA=)
2: jBg4c1TddaMZ79OO2ACO6rgKQkE.roa (hash: vxMjeBuQHvoGxQ3EbvzgsnvZ7fj/adVRxxvAS0tcfsE=)
3: yN3-coe-yJTzFymhuWAPFUYAkF4.roa (hash: IPNSpgYWxN2jcOf0NhOGeg6e+K9d2+ZzIVVpZsFLZDI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:45:8f:ea:f8:2d:b9:ec:ef:e6:75:d1:2d:6b:3f:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Validity
Not Before: Jun 28 16:01:18 2025 GMT
Not After : Jun 29 16:01:18 2025 GMT
Subject: CN=b9687fbe5555f8670840999084ed8478a58f708f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5c:d9:e0:45:a4:6f:92:2a:59:2f:c0:9b:ef:
6e:6e:d8:27:9d:e4:6f:61:4e:a4:30:3d:77:1e:d7:
ec:42:20:b7:d0:c4:bb:3e:aa:33:fd:af:4c:15:d1:
e3:f5:18:62:92:47:b3:54:a3:d8:77:44:e2:bc:ba:
7f:9f:d7:ce:83:de:6a:2b:cd:8b:4b:e6:63:ba:00:
99:d7:51:0d:e0:fd:d0:00:ec:3e:c5:7d:18:7d:e8:
fe:c4:24:b3:92:21:24:5c:13:04:9a:d2:1d:79:ee:
67:a5:f3:a0:6a:5e:8f:db:c7:d2:8a:77:7b:d8:4c:
cb:21:e6:a2:03:db:e7:29:9a:97:f5:74:75:09:5d:
62:c4:d6:e2:ba:4f:e3:69:3c:ca:0b:1e:68:85:2b:
61:ca:07:86:ec:fe:bb:f4:40:04:3c:31:1d:e0:f4:
41:9a:65:7e:06:bc:3a:ee:e3:0f:f4:2d:65:e2:ea:
9f:a8:5a:e3:5e:bf:c6:45:a6:2d:27:d8:bf:d3:d7:
03:31:7c:55:92:bc:ae:2d:34:22:51:a4:94:71:2d:
b3:eb:10:c6:b6:51:9b:53:15:22:31:a4:5e:84:75:
59:ff:b6:ec:ad:5e:0d:e9:42:68:07:dc:6a:51:89:
bb:ee:7d:b4:02:36:39:76:9b:f6:ed:e1:de:ee:fa:
66:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:68:7F:BE:55:55:F8:67:08:40:99:90:84:ED:84:78:A5:8F:70:8F
X509v3 Authority Key Identifier:
keyid:3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:ef:9d:40:f1:ab:6b:80:d6:36:a5:15:d3:b7:54:16:74:c0:
9b:8a:38:0b:b2:06:38:69:31:cd:6c:9a:90:b4:18:f0:4d:e9:
c8:36:75:46:72:ba:f0:2f:de:23:28:90:3e:35:d9:a5:0e:a9:
5a:e9:59:c3:f7:4b:b7:04:27:45:4d:a8:0a:45:ef:db:39:ba:
9e:0f:31:96:25:8d:1d:35:80:2a:e0:d1:81:36:ea:50:3b:55:
12:1d:f9:7f:71:1c:d5:cd:32:eb:27:58:e1:a5:09:7c:84:14:
08:c9:a2:81:86:a4:bd:9a:d0:fe:d2:f1:bf:5c:ae:5e:e6:cf:
5e:58:e9:90:00:75:55:a6:33:d9:8d:e4:5d:55:ee:9a:c7:6b:
22:aa:1b:4f:49:29:1f:4e:56:64:f6:c3:78:7f:72:d5:5e:96:
e7:4c:13:d2:4d:c5:ba:b1:10:f3:1e:2a:e8:e4:3b:e5:13:6b:
ba:a5:56:65:6c:67:a0:de:73:f0:f9:f7:f6:4f:bb:18:ba:07:
6f:24:89:6c:9d:d3:ee:c1:2b:94:0b:9c:bc:c2:1e:11:65:58:
29:72:c1:33:d6:49:0d:58:5e:27:01:53:e9:d8:31:53:75:68:
82:e0:e1:59:40:43:9e:8f:91:51:73:62:5a:2a:21:79:9f:21:
f9:24:77:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RY/q+C257O/mddEtaz/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhmZTA3MDRlNGFjOTVlM2E3MGU5NWJlYjg0NDI1YzMx
NmI5YWQwHhcNMjUwNjI4MTYwMTE4WhcNMjUwNjI5MTYwMTE4WjAzMTEwLwYDVQQD
EyhiOTY4N2ZiZTU1NTVmODY3MDg0MDk5OTA4NGVkODQ3OGE1OGY3MDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulzZ4EWkb5IqWS/Am+9ubtgnneRv
YU6kMD13HtfsQiC30MS7Pqoz/a9MFdHj9RhikkezVKPYd0TivLp/n9fOg95qK82L
S+ZjugCZ11EN4P3QAOw+xX0Yfej+xCSzkiEkXBMEmtIdee5npfOgal6P28fSind7
2EzLIeaiA9vnKZqX9XR1CV1ixNbiuk/jaTzKCx5ohSthygeG7P679EAEPDEd4PRB
mmV+Brw67uMP9C1l4uqfqFrjXr/GRaYtJ9i/09cDMXxVkryuLTQiUaSUcS2z6xDG
tlGbUxUiMaRehHVZ/7bsrV4N6UJoB9xqUYm77n20AjY5dpv27eHe7vpm7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLlof75VVfhnCECZkITthHilj3CPMB8GA1UdIwQY
MBaAFDpI/gcE5KyV46cOlb64RCXDFrmtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEt
ZTEyM2U0ZTMwM2UxLzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEtZTEyM2U0ZTMwM2Ux
LzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXe+dQPGr
a4DWNqUV07dUFnTAm4o4C7IGOGkxzWyakLQY8E3pyDZ1RnK68C/eIyiQPjXZpQ6p
WulZw/dLtwQnRU2oCkXv2zm6ng8xliWNHTWAKuDRgTbqUDtVEh35f3Ec1c0y6ydY
4aUJfIQUCMmigYakvZrQ/tLxv1yuXubPXljpkAB1VaYz2Y3kXVXumsdrIqobT0kp
H05WZPbDeH9y1V6W50wT0k3FurEQ8x4q6OQ75RNruqVWZWxnoN5z8Pn39k+7GLoH
bySJbJ3T7sErlAucvMIeEWVYKXLBM9ZJDVheJwFT6dgxU3VoguDhWUBDno+RUXNi
WioheZ8h+SR3Zw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:31:03 2025 by rpki-client