Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
File: OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft (raw, json)
Hash identifier: UKzhyH/bDDjTXPdXx2H7MUeIxlcqztPUOy6WlLK11lA=
Subject key identifier: E4:EB:62:4B:91:0B:8B:AB:C3:51:A9:06:B2:06:98:11:91:DC:84:00
Authority key identifier: 3A:40:FF:15:4C:45:39:43:A0:B0:2A:A6:50:21:C9:C2:64:94:7C:2B
Certificate issuer: /CN=3a40ff154c453943a0b02aa65021c9c264947c2b
Certificate serial: 0197B70F54E16B627ABFB52A8AF82CF9FBEC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
Manifest number: 0C9B
Signing time: Sat 28 Jun 2025 15:02:04 +0000
Manifest this update: Sat 28 Jun 2025 15:02:04 +0000
Manifest next update: Sun 29 Jun 2025 15:02:04 +0000
Files and hashes: 1: 0wAgKVyytNbhNR-_RR1IsIpFFy0.roa (hash: hGr01I8nbqs/LJEbN09Cfzd/lbJVo6JwWOtLmEfD1wA=)
2: OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl (hash: iYCEdniHvlSInS9MrjjnTGEHEG9UM67WBL9rRbpiHsQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:0f:54:e1:6b:62:7a:bf:b5:2a:8a:f8:2c:f9:fb:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a40ff154c453943a0b02aa65021c9c264947c2b
Validity
Not Before: Jun 28 15:02:04 2025 GMT
Not After : Jun 29 15:02:04 2025 GMT
Subject: CN=e4eb624b910b8babc351a906b206981191dc8400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:0c:d2:42:05:0f:09:71:90:1b:10:96:2f:f8:
71:c0:94:62:89:85:f6:de:0b:3d:19:94:e7:d2:4a:
67:42:89:f5:79:f4:04:ac:c4:83:1b:8d:33:9e:92:
32:ec:be:4a:5f:d1:0c:99:17:7f:d4:c9:ce:e4:a7:
8a:fa:56:75:88:7c:43:b8:84:24:3a:77:37:9d:90:
b0:30:46:cc:49:21:26:d9:da:bf:e5:20:e0:f5:0c:
59:5a:15:b0:7e:51:2e:68:e6:67:bc:db:2e:2f:aa:
07:5d:a6:43:bb:ee:04:e7:79:8e:cd:ca:e5:48:27:
d5:80:33:58:b8:88:42:3f:96:ec:64:3e:0c:95:8f:
5d:fa:e7:85:ef:9b:67:25:22:2f:6b:b2:90:6b:99:
4e:ad:ad:c7:7a:fa:d2:73:e2:22:e1:ef:d2:2f:a2:
1e:7d:49:7d:30:7a:98:02:29:10:4c:75:ac:8e:03:
31:99:67:10:98:b0:ec:b9:17:b9:c6:85:41:8c:4f:
95:0a:1a:4b:11:ac:ba:b7:70:e5:b9:80:ea:78:45:
27:23:f9:50:b5:12:36:2d:fc:87:2e:9a:58:8d:c9:
57:a6:a9:1f:ec:f6:18:75:23:7d:05:9e:c0:93:f8:
4d:eb:7e:64:d9:08:7e:e0:d6:43:a6:67:d9:15:c2:
2e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:EB:62:4B:91:0B:8B:AB:C3:51:A9:06:B2:06:98:11:91:DC:84:00
X509v3 Authority Key Identifier:
keyid:3A:40:FF:15:4C:45:39:43:A0:B0:2A:A6:50:21:C9:C2:64:94:7C:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
aa:eb:24:f6:73:57:7a:7f:98:c0:f7:3e:d8:f4:82:67:b0:1b:
4e:df:fa:6c:47:72:e3:80:dc:97:7e:4d:a8:b8:15:91:03:46:
b7:40:7b:5b:50:e1:84:f7:91:45:72:3c:18:db:8f:27:62:33:
44:0f:7b:2e:02:66:3c:60:88:82:6c:d7:61:97:bf:46:89:c5:
59:10:a1:67:99:e1:b0:70:51:df:91:33:34:d8:92:48:01:f1:
4c:c9:2b:1e:8c:38:78:fe:00:e8:6d:e8:e2:22:13:ec:47:6e:
4c:33:68:c9:04:7f:11:09:9a:96:85:d2:c6:c4:d5:e6:e1:ec:
49:d7:31:59:ba:63:a2:e4:93:cd:fb:7e:8d:eb:f1:a2:8f:eb:
e2:a5:08:16:f3:66:ac:14:5e:49:80:99:3c:0a:69:1f:75:2f:
58:96:b3:cb:fb:c2:50:b0:8b:68:94:f5:f9:c9:2b:8d:5f:8d:
ff:f5:f0:27:93:95:c3:19:79:bb:9b:77:42:ac:62:4c:93:b5:
d7:bc:72:14:8f:31:6a:fb:9f:c6:60:43:a7:62:c1:64:a6:8f:
de:be:a7:b8:b1:27:0e:2b:0e:dc:11:13:b3:c6:25:a5:dd:47:
b8:67:e6:c2:03:33:25:d3:79:fd:5d:d5:e9:82:1b:88:ef:87:
72:da:61:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3D1Tha2J6v7Uqivgs+fvsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDBmZjE1NGM0NTM5NDNhMGIwMmFhNjUwMjFjOWMyNjQ5
NDdjMmIwHhcNMjUwNjI4MTUwMjA0WhcNMjUwNjI5MTUwMjA0WjAzMTEwLwYDVQQD
EyhlNGViNjI0YjkxMGI4YmFiYzM1MWE5MDZiMjA2OTgxMTkxZGM4NDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QzSQgUPCXGQGxCWL/hxwJRiiYX2
3gs9GZTn0kpnQon1efQErMSDG40znpIy7L5KX9EMmRd/1MnO5KeK+lZ1iHxDuIQk
Onc3nZCwMEbMSSEm2dq/5SDg9QxZWhWwflEuaOZnvNsuL6oHXaZDu+4E53mOzcrl
SCfVgDNYuIhCP5bsZD4MlY9d+ueF75tnJSIva7KQa5lOra3HevrSc+Ii4e/SL6Ie
fUl9MHqYAikQTHWsjgMxmWcQmLDsuRe5xoVBjE+VChpLEay6t3DluYDqeEUnI/lQ
tRI2LfyHLppYjclXpqkf7PYYdSN9BZ7Ak/hN635k2Qh+4NZDpmfZFcIuswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOTrYkuRC4urw1GpBrIGmBGR3IQAMB8GA1UdIwQY
MBaAFDpA/xVMRTlDoLAqplAhycJklHwrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80ZWZjYWUtYWZjOS00MjJiLWFhZGQt
ODJiYjBiYjExZTNlLzEvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi80ZWZjYWUtYWZjOS00MjJiLWFhZGQtODJiYjBiYjExZTNl
LzEvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqusk9nNX
en+YwPc+2PSCZ7AbTt/6bEdy44Dcl35NqLgVkQNGt0B7W1DhhPeRRXI8GNuPJ2Iz
RA97LgJmPGCIgmzXYZe/RonFWRChZ5nhsHBR35EzNNiSSAHxTMkrHow4eP4A6G3o
4iIT7EduTDNoyQR/EQmaloXSxsTV5uHsSdcxWbpjouSTzft+jevxoo/r4qUIFvNm
rBReSYCZPAppH3UvWJazy/vCULCLaJT1+ckrjV+N//XwJ5OVwxl5u5t3QqxiTJO1
17xyFI8xavufxmBDp2LBZKaP3r6nuLEnDisO3BETs8Ylpd1HuGfmwgMzJdN5/V3V
6YIbiO+HctphxQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:22:13 2025 by rpki-client