Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
File: okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft (raw, json)
Hash identifier: DMq5BDTOW3y4MDOGDUwGKKCErb/RVWUJC0z2Cccw8MQ=
Subject key identifier: 3E:A8:55:D2:FE:A5:55:26:4D:4C:FA:42:5A:87:D8:F3:ED:B9:F3:54
Authority key identifier: A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
Certificate issuer: /CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Certificate serial: 0198D47441222B2600669652D57BAAB22341
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
Manifest number: FF
Signing time: Sat 23 Aug 2025 01:04:05 +0000
Manifest this update: Sat 23 Aug 2025 01:04:05 +0000
Manifest next update: Sun 24 Aug 2025 01:04:05 +0000
Files and hashes: 1: dV2LrBjIlql28uwMDcJVQI6s6A8.roa (hash: F8uj/t68nQ3cbE2EUpzLNyfLklCyKLVmpdDgkWw1Qw4=)
2: okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl (hash: OFPJ3aRbAvDQGRxBRPHe5NnOFLCV8c04CFeTYL/4Y08=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:74:41:22:2b:26:00:66:96:52:d5:7b:aa:b2:23:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Validity
Not Before: Aug 23 01:04:05 2025 GMT
Not After : Aug 24 01:04:05 2025 GMT
Subject: CN=3ea855d2fea555264d4cfa425a87d8f3edb9f354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:24:c0:d5:13:30:9c:86:23:f5:0d:fd:53:c1:
5d:9e:81:e2:56:3d:12:e8:1c:e2:b6:79:45:a0:28:
05:50:70:dc:aa:7e:9a:08:d3:e2:22:26:ac:df:50:
33:a8:a8:cc:f3:8b:d0:62:70:fb:af:21:0b:1a:60:
b6:05:c4:a4:a7:c0:a4:d1:5d:7f:f2:18:4c:bb:2a:
e3:a3:6e:2d:72:15:e9:5b:7e:b4:ac:c8:6e:6e:da:
e6:e8:d2:5d:ec:64:87:99:14:e8:d6:d8:37:ad:ff:
39:0d:22:aa:8d:04:2b:7b:7a:f5:4e:96:07:cb:07:
e0:15:82:0a:56:8a:fc:91:bc:4f:0e:00:a6:a4:90:
6b:47:a3:68:3e:4e:04:93:9c:40:5c:59:56:34:06:
b6:8c:d3:71:d3:44:99:9f:90:b3:2f:82:13:a2:3d:
5f:1f:3c:1f:3a:2a:94:52:ff:f8:da:68:20:09:a1:
7b:91:cb:f1:f1:d0:68:58:8f:ca:c0:31:dc:1e:19:
92:3b:b3:36:17:29:69:f0:b3:7d:26:27:52:6c:23:
90:bd:32:03:a7:24:66:9b:29:f6:a6:e1:3a:20:76:
88:d2:10:06:44:a6:5d:c3:0f:01:11:cf:75:30:70:
1d:7c:ad:d4:da:d8:0d:db:e8:4a:c2:72:ef:da:f2:
13:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A8:55:D2:FE:A5:55:26:4D:4C:FA:42:5A:87:D8:F3:ED:B9:F3:54
X509v3 Authority Key Identifier:
keyid:A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:24:92:4a:c3:fa:a8:ea:2e:08:ab:5f:71:1f:49:df:73:5b:
74:f1:07:0d:7d:34:7c:69:54:27:72:d6:c9:34:42:eb:e0:3f:
b2:4a:de:40:37:5f:f3:40:05:b8:8d:81:5e:de:00:f4:3e:37:
ac:91:ce:31:f6:30:00:e6:88:6c:ee:f5:ad:34:d0:4a:cb:54:
ec:02:42:7d:35:bd:d4:23:31:bb:75:02:2d:b3:25:be:ae:09:
e7:69:ba:14:e1:31:19:a6:10:f5:ec:b8:ee:c7:cb:ae:64:48:
08:9d:7f:a4:46:c9:f9:81:98:6f:7d:04:42:db:24:a0:1f:91:
e5:f9:bc:7a:80:64:ee:82:b7:6a:58:72:86:44:c8:15:aa:a2:
34:ae:4f:8f:f9:8c:6d:2d:36:c7:fc:e8:76:78:b6:38:61:4d:
e3:62:8a:79:af:43:3a:30:a8:91:96:da:6f:c9:82:59:d8:c4:
73:a7:1b:d8:f3:8e:e7:cb:bd:00:3c:05:62:49:84:f7:63:b2:
87:45:21:25:3b:02:7f:5c:36:47:71:1e:84:ab:39:1a:53:38:
be:2a:a4:fa:0e:dc:eb:f2:20:13:2e:18:8d:e0:20:46:cc:01:
1f:bd:fd:d8:27:01:b4:ed:df:ba:d2:96:a2:e2:2e:db:87:00:
6a:d3:c5:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdEEiKyYAZpZS1XuqsiNBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNDM1N2JlMTk1ODc5NmIxMmM0MmI0ZjRjYWM1MWI4M2Rl
OGZkMmIwHhcNMjUwODIzMDEwNDA1WhcNMjUwODI0MDEwNDA1WjAzMTEwLwYDVQQD
EygzZWE4NTVkMmZlYTU1NTI2NGQ0Y2ZhNDI1YTg3ZDhmM2VkYjlmMzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyTA1RMwnIYj9Q39U8FdnoHiVj0S
6BzitnlFoCgFUHDcqn6aCNPiIias31AzqKjM84vQYnD7ryELGmC2BcSkp8Ck0V1/
8hhMuyrjo24tchXpW360rMhubtrm6NJd7GSHmRTo1tg3rf85DSKqjQQre3r1TpYH
ywfgFYIKVor8kbxPDgCmpJBrR6NoPk4Ek5xAXFlWNAa2jNNx00SZn5CzL4IToj1f
HzwfOiqUUv/42mggCaF7kcvx8dBoWI/KwDHcHhmSO7M2Fylp8LN9JidSbCOQvTID
pyRmmyn2puE6IHaI0hAGRKZdww8BEc91MHAdfK3U2tgN2+hKwnLv2vITGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD6oVdL+pVUmTUz6QlqH2PPtufNUMB8GA1UdIwQY
MBaAFKJDV74ZWHlrEsQrT0ysUbg96P0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMt
M2YzY2MxZTU3M2ZkLzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMtM2YzY2MxZTU3M2Zk
LzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADCSSSsP6
qOouCKtfcR9J33NbdPEHDX00fGlUJ3LWyTRC6+A/skreQDdf80AFuI2BXt4A9D43
rJHOMfYwAOaIbO71rTTQSstU7AJCfTW91CMxu3UCLbMlvq4J52m6FOExGaYQ9ey4
7sfLrmRICJ1/pEbJ+YGYb30EQtskoB+R5fm8eoBk7oK3alhyhkTIFaqiNK5Pj/mM
bS02x/zodni2OGFN42KKea9DOjCokZbab8mCWdjEc6cb2POO58u9ADwFYkmE92Oy
h0UhJTsCf1w2R3EehKs5GlM4viqk+g7c6/IgEy4YjeAgRswBH7392CcBtO3futKW
ouIu24cAatPF7Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:25:00 2025 by rpki-client