Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
File: OkjgM962SsQkPHLOiZ1Tgi32mW0.mft (raw, json)
Hash identifier: xvJBjRByZUcJAc++yG3eKrFzcTGcCo9kkn5NLX23ORM=
Subject key identifier: 7E:6B:1C:2D:66:AD:47:67:B7:37:88:53:1A:46:F5:A3:D5:01:62:A5
Authority key identifier: 3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
Certificate issuer: /CN=3a48e033deb64ac4243c72ce899d53822df6996d
Certificate serial: 0197B7EAA98BEB8D9DC7A8133051668BAFAD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
Manifest number: 1547
Signing time: Sat 28 Jun 2025 19:01:38 +0000
Manifest this update: Sat 28 Jun 2025 19:01:38 +0000
Manifest next update: Sun 29 Jun 2025 19:01:38 +0000
Files and hashes: 1: OkjgM962SsQkPHLOiZ1Tgi32mW0.crl (hash: GPZEPaftMag47C/LqL60eZAAt3MWtgq05hmz3mMoaLk=)
2: oU-Dh2GrIk6DJo0B3ckZobCZQLg.roa (hash: 3M/n9wvPmKU+uLTP2MTaGav/2cb5GDciUi4YXKv/+G0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:ea:a9:8b:eb:8d:9d:c7:a8:13:30:51:66:8b:af:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48e033deb64ac4243c72ce899d53822df6996d
Validity
Not Before: Jun 28 19:01:38 2025 GMT
Not After : Jun 29 19:01:38 2025 GMT
Subject: CN=7e6b1c2d66ad4767b73788531a46f5a3d50162a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:8e:ab:89:d2:41:e6:f7:03:df:b8:25:25:20:
d7:8a:cc:08:e0:be:7e:bb:03:aa:ed:e9:2b:fb:34:
56:ea:24:06:41:f8:de:98:35:66:11:c4:78:f5:a7:
62:08:1e:f2:8a:5e:64:fc:33:53:35:15:1d:4f:0a:
6c:85:9a:c6:0a:58:c6:c7:f0:d4:09:d5:c1:0b:c3:
b5:cb:04:ae:5a:94:02:3d:1e:e4:f5:14:e8:ef:e9:
ec:28:ab:f7:b8:83:99:8b:01:5f:cb:3c:01:02:ec:
c0:d0:5f:6e:d0:00:cc:f6:96:e2:2a:09:f1:51:89:
4e:81:7c:d3:f3:13:4c:ef:3b:d0:43:53:15:1c:75:
d0:dc:23:76:6f:49:a9:d1:b7:6e:92:6d:91:d2:ab:
1d:73:25:b2:82:60:15:31:1e:0f:73:9f:91:9d:b9:
1d:cb:a9:8c:30:f1:57:a1:66:76:b7:5a:4f:ab:a5:
32:3d:09:e4:50:4c:86:ac:b8:0e:1d:67:51:9b:ee:
a8:95:ab:c0:91:6f:d1:da:7b:ef:18:49:6c:99:7f:
72:b8:ce:ab:2c:97:c8:69:81:73:8c:f0:98:21:6a:
21:a5:96:a3:49:6d:c7:33:e8:0e:bd:1d:aa:6e:a4:
ba:df:21:59:7d:79:b3:cd:42:d8:9f:be:e9:d9:df:
96:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:6B:1C:2D:66:AD:47:67:B7:37:88:53:1A:46:F5:A3:D5:01:62:A5
X509v3 Authority Key Identifier:
keyid:3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:03:45:a5:13:32:55:49:72:a7:17:a8:ef:d4:9b:9d:5b:72:
9e:e6:b4:4e:84:d5:fd:43:bb:01:e1:84:e4:f8:30:8a:c6:a9:
5a:39:43:46:31:b3:e8:d9:a3:eb:5e:56:f0:a2:20:32:ad:37:
54:e0:45:d4:77:db:32:69:fc:02:0c:02:b3:01:69:2c:c2:db:
a8:96:e8:1d:9e:51:11:96:c4:f7:71:f5:65:53:49:c7:f2:d1:
ca:ce:5c:37:c2:11:e5:dc:ac:53:52:4b:a9:e1:88:54:11:85:
b1:45:d1:98:69:2a:33:84:69:3e:a1:c9:59:f0:77:80:61:fc:
3c:69:16:77:e6:0e:52:8b:51:7e:6f:9d:d0:85:9d:c4:73:93:
bf:7a:62:2a:bd:2a:f7:78:b6:54:be:60:97:3e:bb:16:c9:1f:
ea:7f:92:41:05:f1:e4:0b:85:4f:b7:c1:06:8d:dd:ea:25:b3:
cd:66:5a:1f:a3:2d:0b:af:85:60:bf:38:01:93:fc:55:58:9d:
36:e4:e6:7a:88:b8:f2:6d:0f:4a:56:c5:43:a8:de:cb:7d:b8:
7e:ec:e8:67:08:5d:da:8e:13:66:65:f7:19:2a:0d:74:66:29:
28:ed:de:a3:cc:4d:11:83:b2:e3:5e:69:dc:4f:11:92:63:fa:
2b:94:1d:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36qmL642dx6gTMFFmi6+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhlMDMzZGViNjRhYzQyNDNjNzJjZTg5OWQ1MzgyMmRm
Njk5NmQwHhcNMjUwNjI4MTkwMTM4WhcNMjUwNjI5MTkwMTM4WjAzMTEwLwYDVQQD
Eyg3ZTZiMWMyZDY2YWQ0NzY3YjczNzg4NTMxYTQ2ZjVhM2Q1MDE2MmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyY6ridJB5vcD37glJSDXiswI4L5+
uwOq7ekr+zRW6iQGQfjemDVmEcR49adiCB7yil5k/DNTNRUdTwpshZrGCljGx/DU
CdXBC8O1ywSuWpQCPR7k9RTo7+nsKKv3uIOZiwFfyzwBAuzA0F9u0ADM9pbiKgnx
UYlOgXzT8xNM7zvQQ1MVHHXQ3CN2b0mp0bdukm2R0qsdcyWygmAVMR4Pc5+Rnbkd
y6mMMPFXoWZ2t1pPq6UyPQnkUEyGrLgOHWdRm+6olavAkW/R2nvvGElsmX9yuM6r
LJfIaYFzjPCYIWohpZajSW3HM+gOvR2qbqS63yFZfXmzzULYn77p2d+WGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH5rHC1mrUdntzeIUxpG9aPVAWKlMB8GA1UdIwQY
MBaAFDpI4DPetkrEJDxyzomdU4It9pltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEt
YzUzMjFkYzllNjRiLzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEtYzUzMjFkYzllNjRi
LzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdQNFpRMy
VUlypxeo79SbnVtynua0ToTV/UO7AeGE5PgwisapWjlDRjGz6Nmj615W8KIgMq03
VOBF1HfbMmn8AgwCswFpLMLbqJboHZ5REZbE93H1ZVNJx/LRys5cN8IR5dysU1JL
qeGIVBGFsUXRmGkqM4RpPqHJWfB3gGH8PGkWd+YOUotRfm+d0IWdxHOTv3piKr0q
93i2VL5glz67Fskf6n+SQQXx5AuFT7fBBo3d6iWzzWZaH6MtC6+FYL84AZP8VVid
NuTmeoi48m0PSlbFQ6jey324fuzoZwhd2o4TZmX3GSoNdGYpKO3eo8xNEYOy415p
3E8RkmP6K5Qdzw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:27:44 2025 by rpki-client