Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
File: okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft (raw, json)
Hash identifier: hiG8dyH4kCt6zJXlx7jTanrkGkyyksAa6zC1bpmouOU=
Subject key identifier: DE:FC:D2:80:23:2A:32:07:2B:A5:F9:C5:99:A5:67:73:BF:9E:BD:20
Authority key identifier: A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
Certificate issuer: /CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Certificate serial: 0197C2373EB14FA807599CB595AE6786AA79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
Manifest number: 71
Signing time: Mon 30 Jun 2025 19:01:29 +0000
Manifest this update: Mon 30 Jun 2025 19:01:29 +0000
Manifest next update: Tue 01 Jul 2025 19:01:29 +0000
Files and hashes: 1: dV2LrBjIlql28uwMDcJVQI6s6A8.roa (hash: F8uj/t68nQ3cbE2EUpzLNyfLklCyKLVmpdDgkWw1Qw4=)
2: okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl (hash: ZpWnMUdeDfKwka/AE1I8sBRdq7nADn7pBgx/VsAJz6Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 19:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c2:37:3e:b1:4f:a8:07:59:9c:b5:95:ae:67:86:aa:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Validity
Not Before: Jun 30 19:01:29 2025 GMT
Not After : Jul 1 19:01:29 2025 GMT
Subject: CN=defcd280232a32072ba5f9c599a56773bf9ebd20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:7e:ec:83:3f:0e:39:3d:01:0d:a6:7f:25:4d:
c3:d0:1d:9d:92:e3:36:3b:53:66:77:4b:7c:00:96:
36:f9:40:12:a0:be:a3:2e:16:b9:80:20:31:e4:fc:
04:6b:83:7a:09:7f:6d:44:d0:75:63:dd:4d:8e:fd:
0e:e9:73:3a:6c:6b:8c:6e:de:c1:4e:2d:7e:86:4f:
d5:aa:cb:29:d2:93:d8:03:18:d4:6f:3f:09:12:f7:
76:34:2d:f7:61:f4:92:1e:9a:f5:18:d8:1c:19:9f:
c9:7b:d2:1a:26:cb:77:4f:4f:0e:e7:5b:f1:00:4f:
4b:9a:fc:82:c3:ba:37:c5:99:52:f5:af:dc:f3:70:
25:42:fb:35:d0:8e:92:a5:ca:92:6a:53:a6:42:3d:
92:cc:e7:db:9f:c7:f4:1c:8a:c5:87:44:b5:9e:06:
99:da:69:47:95:30:e9:33:e1:59:e5:61:bc:fa:50:
c3:e1:44:e8:01:52:80:6c:20:22:65:ea:06:60:f6:
97:7a:8b:03:e0:2f:be:e8:1c:91:71:80:47:b1:0b:
f4:42:b5:8a:15:de:3d:55:0d:eb:13:02:10:4a:e8:
7c:b9:fa:20:b4:0a:51:45:2c:3c:ea:a5:a0:65:48:
3a:5e:48:22:cc:2c:de:d6:6d:d3:b4:c3:b4:ad:f4:
4b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:FC:D2:80:23:2A:32:07:2B:A5:F9:C5:99:A5:67:73:BF:9E:BD:20
X509v3 Authority Key Identifier:
keyid:A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:fe:84:32:14:23:73:4f:53:bc:c8:da:86:34:67:65:68:66:
81:92:6e:13:98:54:70:ed:f4:47:26:d8:c6:4a:c3:cd:e6:af:
2b:70:41:13:47:13:62:ed:6e:43:a5:44:70:0c:38:46:53:93:
96:6f:9e:0b:99:a2:09:ca:2c:31:0d:f9:64:50:23:3d:f3:78:
1b:91:4f:3c:2f:38:fa:4d:5f:bc:cb:ea:54:62:bb:e0:bc:c1:
85:8c:d2:f9:a2:ea:97:3f:28:30:94:b8:86:a6:4f:bd:74:1d:
06:64:d4:63:77:f0:4f:82:4d:9b:94:41:f0:57:ac:de:2e:3c:
4a:14:8e:03:ab:90:2c:ad:b0:34:4b:7d:2b:f3:ae:1d:4b:61:
cc:58:04:9f:6a:17:48:44:9a:bc:99:08:88:f6:f9:8c:d1:9e:
98:87:1f:25:af:81:52:03:d7:50:5c:c5:74:33:f8:b5:8c:25:
08:f7:ac:89:2a:71:45:c7:8d:86:95:4b:7b:ec:7b:bb:a9:87:
a0:f5:7b:94:4a:fb:09:4b:29:05:f0:e4:91:98:2b:ac:cb:af:
49:85:0b:f9:5f:26:ba:3f:0b:c8:fd:ef:cb:17:73:30:a9:8a:
d7:9f:7d:4d:65:6c:ea:73:1d:95:11:62:30:ce:9c:49:92:aa:
89:81:34:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfCNz6xT6gHWZy1la5nhqp5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNDM1N2JlMTk1ODc5NmIxMmM0MmI0ZjRjYWM1MWI4M2Rl
OGZkMmIwHhcNMjUwNjMwMTkwMTI5WhcNMjUwNzAxMTkwMTI5WjAzMTEwLwYDVQQD
EyhkZWZjZDI4MDIzMmEzMjA3MmJhNWY5YzU5OWE1Njc3M2JmOWViZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6n7sgz8OOT0BDaZ/JU3D0B2dkuM2
O1Nmd0t8AJY2+UASoL6jLha5gCAx5PwEa4N6CX9tRNB1Y91Njv0O6XM6bGuMbt7B
Ti1+hk/Vqssp0pPYAxjUbz8JEvd2NC33YfSSHpr1GNgcGZ/Je9IaJst3T08O51vx
AE9LmvyCw7o3xZlS9a/c83AlQvs10I6SpcqSalOmQj2SzOfbn8f0HIrFh0S1ngaZ
2mlHlTDpM+FZ5WG8+lDD4UToAVKAbCAiZeoGYPaXeosD4C++6ByRcYBHsQv0QrWK
Fd49VQ3rEwIQSuh8ufogtApRRSw86qWgZUg6XkgizCze1m3TtMO0rfRLqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN780oAjKjIHK6X5xZmlZ3O/nr0gMB8GA1UdIwQY
MBaAFKJDV74ZWHlrEsQrT0ysUbg96P0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMt
M2YzY2MxZTU3M2ZkLzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMtM2YzY2MxZTU3M2Zk
LzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXf6EMhQj
c09TvMjahjRnZWhmgZJuE5hUcO30RybYxkrDzeavK3BBE0cTYu1uQ6VEcAw4RlOT
lm+eC5miCcosMQ35ZFAjPfN4G5FPPC84+k1fvMvqVGK74LzBhYzS+aLqlz8oMJS4
hqZPvXQdBmTUY3fwT4JNm5RB8Fes3i48ShSOA6uQLK2wNEt9K/OuHUthzFgEn2oX
SESavJkIiPb5jNGemIcfJa+BUgPXUFzFdDP4tYwlCPesiSpxRceNhpVLe+x7u6mH
oPV7lEr7CUspBfDkkZgrrMuvSYUL+V8muj8LyP3vyxdzMKmK1599TWVs6nMdlRFi
MM6cSZKqiYE0RA==
-----END CERTIFICATE-----
Generated at Tue Jul 1 01:11:09 2025 by rpki-client