Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
File: OkjgM962SsQkPHLOiZ1Tgi32mW0.mft (raw, json)
Hash identifier: 2avZVBcV7lPqww+9hrXha3dCXisQ6q/hYOoYw5UTL4s=
Subject key identifier: 80:27:E2:2B:19:7F:1F:5D:79:12:BC:B5:F1:55:70:25:A2:D4:44:A2
Authority key identifier: 3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
Certificate issuer: /CN=3a48e033deb64ac4243c72ce899d53822df6996d
Certificate serial: 0199FD3418FDEEF9151494A77E8237DDB7CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
Manifest number: 1674
Signing time: Sun 19 Oct 2025 16:01:13 +0000
Manifest this update: Sun 19 Oct 2025 16:01:13 +0000
Manifest next update: Mon 20 Oct 2025 16:01:13 +0000
Files and hashes: 1: OkjgM962SsQkPHLOiZ1Tgi32mW0.crl (hash: hvN69OFRmCmVcyxt3xN8f+PhKU/Fh9z9rR42qyEvxIY=)
2: oU-Dh2GrIk6DJo0B3ckZobCZQLg.roa (hash: 3M/n9wvPmKU+uLTP2MTaGav/2cb5GDciUi4YXKv/+G0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:34:18:fd:ee:f9:15:14:94:a7:7e:82:37:dd:b7:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48e033deb64ac4243c72ce899d53822df6996d
Validity
Not Before: Oct 19 16:01:13 2025 GMT
Not After : Oct 20 16:01:13 2025 GMT
Subject: CN=8027e22b197f1f5d7912bcb5f1557025a2d444a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:67:76:a1:55:0e:8b:6f:7d:34:b0:16:e1:d7:
30:b0:dc:31:41:1c:a1:9f:7e:46:d0:b7:90:d7:e9:
34:8c:b1:86:09:dc:8d:d0:d3:09:ff:bc:d7:77:ed:
1c:47:77:b6:85:5f:39:81:df:25:a1:9c:68:37:56:
5a:ca:0b:9f:9b:c4:de:a9:55:c3:d6:b5:85:bf:df:
5e:b9:78:cc:96:56:30:16:ad:de:31:ea:8a:f3:c6:
5b:9e:9b:a1:64:66:2f:a4:51:17:3e:b7:f9:0d:35:
36:50:ed:fd:d1:24:96:c8:21:44:c0:61:4f:72:b6:
2e:55:1b:3c:cf:a6:b1:8f:c6:a6:70:0f:f2:ed:5d:
3c:92:b9:94:f7:e2:26:84:b1:48:83:a0:12:70:ee:
e6:a3:f9:09:a0:ab:12:7f:f8:77:7e:34:60:55:da:
59:f6:6a:4f:26:82:dd:ec:05:20:58:98:03:ab:e6:
d9:1f:12:71:d2:fd:d4:4e:0c:e8:cc:0e:74:48:95:
77:d7:73:29:08:2e:c1:80:9a:5b:b3:f5:01:50:c2:
55:80:c7:c3:90:3a:9f:95:c0:30:c2:b2:c5:7a:c0:
c5:88:8a:3c:df:64:c1:21:28:50:0e:ef:16:15:4e:
60:ae:87:10:52:4c:7f:56:48:a1:42:b6:cd:52:70:
d3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:27:E2:2B:19:7F:1F:5D:79:12:BC:B5:F1:55:70:25:A2:D4:44:A2
X509v3 Authority Key Identifier:
keyid:3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bb:19:f6:82:f4:c8:77:dc:85:f3:a9:64:65:7c:3e:fb:d4:1e:
92:a4:3d:11:cf:23:91:bf:db:34:0a:68:8a:3c:a2:49:5b:a6:
da:89:c6:d3:20:b9:bd:1d:0c:d8:d9:f5:e7:28:c6:b6:1f:fe:
3f:95:de:34:ab:e5:85:5b:64:75:53:33:56:cd:60:1c:b3:e0:
64:f1:16:ff:e3:68:cd:62:b3:1f:4e:02:4f:60:59:63:d8:86:
97:38:40:91:3a:4e:4c:29:81:99:cf:39:1b:e8:54:2a:1f:07:
29:9b:2a:83:c3:e7:82:e2:7c:d1:5d:65:24:47:e1:b3:8d:71:
c1:03:8d:ae:99:7d:fc:15:44:57:c6:0a:98:62:5e:1c:08:0e:
07:18:2a:a0:8f:db:01:c6:4d:70:b6:6a:38:9c:a0:95:1a:e7:
f6:de:d2:7e:f7:74:e6:9a:eb:e2:b2:fe:f4:fd:eb:e0:8b:66:
0c:85:50:bf:ee:b7:e5:1b:93:10:ec:68:0c:02:d7:43:f3:b4:
23:95:14:d4:d3:7b:59:ef:d0:a5:4f:06:d2:ad:15:fa:b5:55:
8a:d3:5d:b8:e5:2e:41:4d:f7:68:d3:f7:f3:c9:86:80:05:d6:
e3:67:a4:ea:61:97:01:f0:a7:2d:64:00:e5:76:55:9d:4c:4d:
98:d4:19:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NBj97vkVFJSnfoI33bfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhlMDMzZGViNjRhYzQyNDNjNzJjZTg5OWQ1MzgyMmRm
Njk5NmQwHhcNMjUxMDE5MTYwMTEzWhcNMjUxMDIwMTYwMTEzWjAzMTEwLwYDVQQD
Eyg4MDI3ZTIyYjE5N2YxZjVkNzkxMmJjYjVmMTU1NzAyNWEyZDQ0NGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGd2oVUOi299NLAW4dcwsNwxQRyh
n35G0LeQ1+k0jLGGCdyN0NMJ/7zXd+0cR3e2hV85gd8loZxoN1Zaygufm8TeqVXD
1rWFv99euXjMllYwFq3eMeqK88ZbnpuhZGYvpFEXPrf5DTU2UO390SSWyCFEwGFP
crYuVRs8z6axj8amcA/y7V08krmU9+ImhLFIg6AScO7mo/kJoKsSf/h3fjRgVdpZ
9mpPJoLd7AUgWJgDq+bZHxJx0v3UTgzozA50SJV313MpCC7BgJpbs/UBUMJVgMfD
kDqflcAwwrLFesDFiIo832TBIShQDu8WFU5grocQUkx/VkihQrbNUnDTwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIAn4isZfx9deRK8tfFVcCWi1ESiMB8GA1UdIwQY
MBaAFDpI4DPetkrEJDxyzomdU4It9pltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEt
YzUzMjFkYzllNjRiLzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEtYzUzMjFkYzllNjRi
LzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuxn2gvTI
d9yF86lkZXw++9QekqQ9Ec8jkb/bNApoijyiSVum2onG0yC5vR0M2Nn15yjGth/+
P5XeNKvlhVtkdVMzVs1gHLPgZPEW/+NozWKzH04CT2BZY9iGlzhAkTpOTCmBmc85
G+hUKh8HKZsqg8PnguJ80V1lJEfhs41xwQONrpl9/BVEV8YKmGJeHAgOBxgqoI/b
AcZNcLZqOJyglRrn9t7Sfvd05prr4rL+9P3r4ItmDIVQv+635RuTEOxoDALXQ/O0
I5UU1NN7We/QpU8G0q0V+rVVitNduOUuQU33aNP388mGgAXW42ek6mGXAfCnLWQA
5XZVnUxNmNQZbw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:01:42 2025 by rpki-client