Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
File: Okj-BwTkrJXjpw6VvrhEJcMWua0.mft (raw, json)
Hash identifier: HyOexDC20BsvEUv4HNK0fgb94XgZpUZ/JfzVJswlztM=
Subject key identifier: 18:6A:0D:38:A1:32:DD:54:D5:BF:84:04:22:7C:6E:16:E2:F5:54:7A
Authority key identifier: 3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
Certificate issuer: /CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Certificate serial: 019A006C4F0AA9E3619ABFA8B0DDB8E1DFA5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
Manifest number: 11FE
Signing time: Mon 20 Oct 2025 07:01:29 +0000
Manifest this update: Mon 20 Oct 2025 07:01:29 +0000
Manifest next update: Tue 21 Oct 2025 07:01:29 +0000
Files and hashes: 1: Okj-BwTkrJXjpw6VvrhEJcMWua0.crl (hash: 3mS/UouIgsIhd6vc36HXiTvFrlJIYKcGc91X+Aes+uE=)
2: jBg4c1TddaMZ79OO2ACO6rgKQkE.roa (hash: vxMjeBuQHvoGxQ3EbvzgsnvZ7fj/adVRxxvAS0tcfsE=)
3: yN3-coe-yJTzFymhuWAPFUYAkF4.roa (hash: IPNSpgYWxN2jcOf0NhOGeg6e+K9d2+ZzIVVpZsFLZDI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 07:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:6c:4f:0a:a9:e3:61:9a:bf:a8:b0:dd:b8:e1:df:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Validity
Not Before: Oct 20 07:01:29 2025 GMT
Not After : Oct 21 07:01:29 2025 GMT
Subject: CN=186a0d38a132dd54d5bf8404227c6e16e2f5547a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:98:69:84:ee:84:d2:22:01:d5:0b:8b:4a:ec:
52:a6:74:8d:e4:01:a4:ba:79:97:c6:a2:57:84:a0:
ae:be:34:f3:2c:e4:2c:4e:27:80:9b:06:77:1e:59:
f3:5e:46:51:1e:17:c3:7b:3b:ea:d2:ff:7d:e1:b1:
b4:bb:fb:74:4a:4f:55:7a:a7:ba:27:d2:fc:5a:5a:
89:1a:f2:b6:a4:25:81:37:cb:8b:b4:57:8b:5e:8b:
72:0c:d4:f7:79:8a:30:fb:3f:e8:1c:38:28:6b:7b:
24:6b:ed:e8:19:9e:4b:1a:17:a8:61:1b:88:95:3f:
bd:92:6b:9a:32:30:bc:8f:14:a9:9f:53:ca:34:c8:
70:93:17:88:33:97:39:d3:1f:16:77:c7:6f:81:c0:
20:17:32:9c:f3:13:da:57:50:5d:db:89:46:8f:4a:
fe:f1:d5:9c:61:eb:80:57:34:09:69:90:ee:fa:db:
57:27:4f:bd:d7:f2:36:ac:3f:0d:4c:ee:d0:a2:72:
9f:07:5f:94:d8:fd:da:f3:85:7b:f8:d7:97:c9:11:
5f:ec:24:31:40:05:0f:67:76:5c:e1:e9:3c:ab:d4:
1f:49:3d:07:aa:ad:8e:79:7d:4b:9f:c1:8d:71:c0:
49:91:8a:02:41:8c:a2:7b:07:a3:30:83:46:49:bd:
98:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:6A:0D:38:A1:32:DD:54:D5:BF:84:04:22:7C:6E:16:E2:F5:54:7A
X509v3 Authority Key Identifier:
keyid:3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:d2:5c:75:79:fd:35:92:44:f4:1f:71:79:e5:8c:f5:74:ef:
fa:91:83:53:af:e2:19:44:08:60:54:a7:8b:6e:e7:70:7b:14:
52:6f:35:e6:50:a1:56:18:bc:7a:7d:db:6f:f5:88:4f:ee:d1:
bc:ca:59:5f:1f:1f:0d:48:92:dd:f8:13:21:04:93:d0:2d:19:
4c:80:c2:41:94:dc:5d:76:c9:6b:05:a0:06:24:d8:be:78:20:
94:1a:30:10:8b:7f:17:32:69:64:30:9d:fc:4f:fd:de:5d:64:
7b:5a:72:43:07:42:8d:e9:94:80:a0:ac:e4:83:e6:c9:41:f2:
30:16:2e:67:46:2c:7b:49:8a:9f:34:18:3d:e2:47:5f:30:53:
ed:46:e5:b5:bc:a8:9b:04:bb:5f:2b:76:20:33:91:3a:0e:bb:
1a:91:62:be:21:6f:83:3c:af:27:53:e8:68:78:b6:d4:b2:c8:
9f:08:c6:b5:f3:fa:00:e2:45:e3:95:a6:00:11:75:fd:15:7f:
2c:7a:9b:5b:ff:10:ef:f1:c6:f9:b4:b7:87:69:de:48:bd:de:
96:7f:08:54:94:2a:3e:c4:1b:3f:5e:46:81:32:c8:ca:42:04:
1e:2b:dd:ef:dd:80:3e:92:19:f7:ef:1e:52:06:e6:95:91:eb:
05:ba:26:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAbE8KqeNhmr+osN244d+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhmZTA3MDRlNGFjOTVlM2E3MGU5NWJlYjg0NDI1YzMx
NmI5YWQwHhcNMjUxMDIwMDcwMTI5WhcNMjUxMDIxMDcwMTI5WjAzMTEwLwYDVQQD
EygxODZhMGQzOGExMzJkZDU0ZDViZjg0MDQyMjdjNmUxNmUyZjU1NDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35hphO6E0iIB1QuLSuxSpnSN5AGk
unmXxqJXhKCuvjTzLOQsTieAmwZ3HlnzXkZRHhfDezvq0v994bG0u/t0Sk9Veqe6
J9L8WlqJGvK2pCWBN8uLtFeLXotyDNT3eYow+z/oHDgoa3ska+3oGZ5LGheoYRuI
lT+9kmuaMjC8jxSpn1PKNMhwkxeIM5c50x8Wd8dvgcAgFzKc8xPaV1Bd24lGj0r+
8dWcYeuAVzQJaZDu+ttXJ0+91/I2rD8NTO7QonKfB1+U2P3a84V7+NeXyRFf7CQx
QAUPZ3Zc4ek8q9QfST0Hqq2OeX1Ln8GNccBJkYoCQYyiewejMINGSb2YmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBhqDTihMt1U1b+EBCJ8bhbi9VR6MB8GA1UdIwQY
MBaAFDpI/gcE5KyV46cOlb64RCXDFrmtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEt
ZTEyM2U0ZTMwM2UxLzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEtZTEyM2U0ZTMwM2Ux
LzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMtJcdXn9
NZJE9B9xeeWM9XTv+pGDU6/iGUQIYFSni27ncHsUUm815lChVhi8en3bb/WIT+7R
vMpZXx8fDUiS3fgTIQST0C0ZTIDCQZTcXXbJawWgBiTYvngglBowEIt/FzJpZDCd
/E/93l1ke1pyQwdCjemUgKCs5IPmyUHyMBYuZ0Yse0mKnzQYPeJHXzBT7Ubltbyo
mwS7Xyt2IDOROg67GpFiviFvgzyvJ1PoaHi21LLInwjGtfP6AOJF45WmABF1/RV/
LHqbW/8Q7/HG+bS3h2neSL3eln8IVJQqPsQbP15GgTLIykIEHivd792APpIZ9+8e
UgbmlZHrBbomMQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:44:53 2025 by rpki-client