Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
File: okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft (raw, json)
Hash identifier: dm/DCRzMzy+80grqCkQIyp3wL1RNMl5ntPmh7Yr9AHA=
Subject key identifier: DC:2D:02:88:6D:68:FC:B5:D1:B7:96:62:E5:CA:62:A5:88:AF:A5:80
Authority key identifier: A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
Certificate issuer: /CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Certificate serial: 0199FBEB6544275C099B57AE5728F2427E63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
Manifest number: 0198
Signing time: Sun 19 Oct 2025 10:02:12 +0000
Manifest this update: Sun 19 Oct 2025 10:02:12 +0000
Manifest next update: Mon 20 Oct 2025 10:02:12 +0000
Files and hashes: 1: dV2LrBjIlql28uwMDcJVQI6s6A8.roa (hash: F8uj/t68nQ3cbE2EUpzLNyfLklCyKLVmpdDgkWw1Qw4=)
2: okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl (hash: tZkksalo3YL4zQtEmBcIVuob/o8d2vXKwwgo9YZCTYY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:65:44:27:5c:09:9b:57:ae:57:28:f2:42:7e:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Validity
Not Before: Oct 19 10:02:12 2025 GMT
Not After : Oct 20 10:02:12 2025 GMT
Subject: CN=dc2d02886d68fcb5d1b79662e5ca62a588afa580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5c:ff:ec:b9:12:2d:2d:1c:30:a7:18:d3:e1:
f2:75:19:38:43:57:94:ad:f2:4d:04:b9:10:04:2b:
a8:9f:62:7e:78:9d:9a:c7:93:50:d9:a0:27:ea:0b:
40:54:3c:5f:6c:59:c3:32:5e:e5:95:bb:51:b4:e5:
c9:82:b6:44:94:59:a1:14:80:fa:94:69:43:26:c4:
64:32:94:42:ff:86:06:cd:fd:a5:75:ee:56:30:5a:
ba:a8:25:28:07:b8:a1:7e:2b:27:f7:bd:20:98:71:
d8:d7:29:af:ca:9d:ae:7e:da:7e:40:d4:e5:ec:f1:
5f:f5:5f:30:58:f5:01:4e:fd:0b:4c:b6:9f:40:35:
b9:a2:60:2b:b6:d0:4c:e7:df:bf:66:dc:30:0b:67:
30:11:78:39:10:71:2b:cd:7b:52:53:d6:49:55:d1:
2f:22:f5:78:02:47:78:fd:57:a8:42:c0:7d:b2:21:
e7:de:59:c8:cc:85:a3:b8:98:52:4e:b7:51:bd:42:
eb:13:5b:07:1e:11:d3:c3:1d:83:df:4d:9c:43:56:
db:31:9a:ec:b3:71:0e:35:a5:66:f1:87:53:dc:55:
ee:49:cf:4f:a8:b8:89:de:66:f5:10:8f:af:f6:0e:
ee:5d:e3:1b:5d:76:32:86:f0:3e:39:3e:ad:2c:af:
46:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:2D:02:88:6D:68:FC:B5:D1:B7:96:62:E5:CA:62:A5:88:AF:A5:80
X509v3 Authority Key Identifier:
keyid:A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
45:cb:0a:e8:66:01:68:3a:82:e3:b7:f5:70:d3:ac:aa:52:e8:
3a:68:31:a0:dc:df:f5:9e:ab:0b:28:d1:35:fe:cf:da:0f:9d:
9b:fa:f6:ec:f3:fc:59:46:c4:0b:43:a7:98:fe:bc:c5:49:97:
e1:aa:a9:7a:49:6e:20:50:70:6c:9e:fb:e7:30:4f:d1:91:22:
26:3e:db:9f:7e:ff:ee:a7:ff:8e:9a:35:ee:65:af:fa:11:37:
32:c1:56:f0:87:49:05:cb:e6:d7:49:8a:76:f7:e9:f5:f3:1b:
db:5e:ac:2b:70:7a:b9:e5:21:af:a3:1f:fe:3c:26:36:c9:6f:
d8:08:1a:22:a8:a0:67:6d:4a:fb:8d:41:3f:b6:45:10:86:c6:
b0:09:28:04:31:74:48:93:a8:be:86:ad:13:46:14:f8:01:85:
28:a6:71:ca:10:f2:59:9b:9a:e8:d3:71:1f:2f:a5:cd:5b:ba:
2e:5d:e3:3a:aa:c6:73:d8:13:57:c9:9b:d4:8c:e6:89:31:1f:
28:28:d2:38:25:10:d1:72:85:ce:ad:df:54:70:41:5b:42:be:
e0:a1:12:68:13:b8:34:3f:0e:0b:4a:5e:70:e0:d8:c3:2d:af:
1c:0b:d5:0c:65:da:e5:50:e2:33:19:31:0e:a4:06:a5:fd:3f:
fb:e4:dc:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn762VEJ1wJm1euVyjyQn5jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNDM1N2JlMTk1ODc5NmIxMmM0MmI0ZjRjYWM1MWI4M2Rl
OGZkMmIwHhcNMjUxMDE5MTAwMjEyWhcNMjUxMDIwMTAwMjEyWjAzMTEwLwYDVQQD
EyhkYzJkMDI4ODZkNjhmY2I1ZDFiNzk2NjJlNWNhNjJhNTg4YWZhNTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplz/7LkSLS0cMKcY0+HydRk4Q1eU
rfJNBLkQBCuon2J+eJ2ax5NQ2aAn6gtAVDxfbFnDMl7llbtRtOXJgrZElFmhFID6
lGlDJsRkMpRC/4YGzf2lde5WMFq6qCUoB7ihfisn970gmHHY1ymvyp2uftp+QNTl
7PFf9V8wWPUBTv0LTLafQDW5omArttBM59+/ZtwwC2cwEXg5EHErzXtSU9ZJVdEv
IvV4Akd4/VeoQsB9siHn3lnIzIWjuJhSTrdRvULrE1sHHhHTwx2D302cQ1bbMZrs
s3EONaVm8YdT3FXuSc9PqLiJ3mb1EI+v9g7uXeMbXXYyhvA+OT6tLK9GowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNwtAohtaPy10beWYuXKYqWIr6WAMB8GA1UdIwQY
MBaAFKJDV74ZWHlrEsQrT0ysUbg96P0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMt
M2YzY2MxZTU3M2ZkLzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMtM2YzY2MxZTU3M2Zk
LzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARcsK6GYB
aDqC47f1cNOsqlLoOmgxoNzf9Z6rCyjRNf7P2g+dm/r27PP8WUbEC0OnmP68xUmX
4aqpekluIFBwbJ775zBP0ZEiJj7bn37/7qf/jpo17mWv+hE3MsFW8IdJBcvm10mK
dvfp9fMb216sK3B6ueUhr6Mf/jwmNslv2AgaIqigZ21K+41BP7ZFEIbGsAkoBDF0
SJOovoatE0YU+AGFKKZxyhDyWZua6NNxHy+lzVu6Ll3jOqrGc9gTV8mb1IzmiTEf
KCjSOCUQ0XKFzq3fVHBBW0K+4KESaBO4ND8OC0pecODYwy2vHAvVDGXa5VDiMxkx
DqQGpf0/++TcnQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:34:45 2025 by rpki-client