Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
File: OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft (raw, json)
Hash identifier: 16RxurfaHU8Z11P01a6h5X/rMxgaOv1GCJRLCBpc7Xc=
Subject key identifier: 0D:28:DB:EE:75:0C:4E:FC:CE:D5:78:62:21:49:CD:C8:FF:52:EE:41
Authority key identifier: 38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
Certificate issuer: /CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Certificate serial: 019A4F62440CAEB1F46EBE1A5EBEC97EDE17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
Manifest number: 1673
Signing time: Tue 04 Nov 2025 15:00:31 +0000
Manifest this update: Tue 04 Nov 2025 15:00:31 +0000
Manifest next update: Wed 05 Nov 2025 15:00:31 +0000
Files and hashes: 1: KBKNSo54C-UjedwUMFB9xB41sio.roa (hash: EOnhGNtgG2NlhPSt6QkJfBoHbT869foRrNlEhdeoqqA=)
2: OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl (hash: 2pv7dBT+hp4TDG9EFWobo6IOCRmjS6/Ejd3AZN9f44Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:62:44:0c:ae:b1:f4:6e:be:1a:5e:be:c9:7e:de:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Validity
Not Before: Nov 4 15:00:31 2025 GMT
Not After : Nov 5 15:00:31 2025 GMT
Subject: CN=0d28dbee750c4efcced578622149cdc8ff52ee41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:d1:71:12:c9:dd:c3:e4:a7:2d:51:5a:ab:c9:
a1:9a:00:a9:58:4a:5d:85:27:2f:73:86:e6:e0:5e:
cb:70:3c:26:cf:07:90:35:0f:d1:9c:18:c0:2f:be:
3d:8e:5b:75:b2:d7:49:4c:9c:e2:33:fd:23:70:19:
df:b6:fc:2d:6e:27:2d:f5:f8:4c:4b:45:72:a1:0a:
a1:ea:eb:f7:73:fa:b8:60:fe:76:5b:0f:c0:db:e4:
31:90:a2:13:db:f1:44:b8:e1:c1:a2:28:11:43:3e:
36:41:f6:18:7c:ae:89:92:0d:44:31:86:f2:94:f2:
5f:8e:cc:5e:89:da:10:5f:38:26:30:18:09:d4:36:
e4:68:fd:c1:22:75:3b:10:1e:74:24:b7:c2:0d:58:
13:c9:27:04:47:33:69:9e:de:f8:4b:4f:68:7f:74:
86:bd:55:e6:74:aa:79:ab:4a:75:60:9e:05:1e:3d:
6b:7b:52:0d:d7:bf:aa:1a:1c:52:b5:5b:2e:a2:cd:
13:52:97:c9:92:4b:16:3e:a0:3c:8c:68:8e:f0:4e:
f7:de:c8:97:52:ef:bd:91:cd:4f:a2:ae:46:c5:4f:
eb:30:2c:28:cc:f7:bd:a9:02:55:41:b8:49:c9:fa:
69:a5:9b:95:1f:18:b1:37:97:9e:0f:7b:94:32:6c:
00:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:28:DB:EE:75:0C:4E:FC:CE:D5:78:62:21:49:CD:C8:FF:52:EE:41
X509v3 Authority Key Identifier:
keyid:38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:23:0f:eb:f6:24:da:68:5e:29:d6:f7:02:06:95:1b:98:33:
03:63:7c:00:5e:56:aa:98:02:05:65:41:00:17:97:ca:cb:f0:
0b:8c:58:a6:8e:f6:be:c4:2f:ec:fd:48:59:0e:15:5d:34:09:
16:63:3d:fb:9a:9b:5a:99:1d:b6:e5:21:bd:f2:63:c1:39:65:
9b:0a:b8:35:9a:fe:22:72:1b:01:fe:ef:16:43:ed:60:0b:2f:
08:95:82:50:92:f4:b5:56:93:56:b9:a9:81:37:45:e3:31:d0:
a8:a3:72:f3:f3:88:00:62:06:52:fe:42:89:85:3e:0a:fe:89:
1a:12:72:b1:b0:07:87:e5:08:a6:d6:5c:58:bf:df:04:23:34:
74:39:37:aa:50:a2:89:b9:99:88:b0:15:b3:ff:c9:fa:f0:5b:
82:e7:d8:2f:7f:aa:74:6b:c5:46:d8:c3:42:12:fa:29:d0:51:
20:a4:a6:a5:8d:8b:39:df:20:21:88:df:db:6c:9e:b1:bc:37:
59:e4:d6:1f:d4:a5:96:70:be:72:02:28:31:55:6a:7d:50:75:
94:db:05:6f:c6:d7:9d:e0:e2:97:11:26:ca:70:0a:aa:3e:99:
de:32:e8:e7:de:1d:3d:fa:b9:3b:77:dc:92:2c:57:61:2e:0d:
86:9b:96:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYkQMrrH0br4aXr7Jft4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTBjODgyNmMxOGJjZDUxM2FhYTdlNTIwODFmZjlmZDM3
OTE5ZmIwHhcNMjUxMTA0MTUwMDMxWhcNMjUxMTA1MTUwMDMxWjAzMTEwLwYDVQQD
EygwZDI4ZGJlZTc1MGM0ZWZjY2VkNTc4NjIyMTQ5Y2RjOGZmNTJlZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+dFxEsndw+SnLVFaq8mhmgCpWEpd
hScvc4bm4F7LcDwmzweQNQ/RnBjAL749jlt1stdJTJziM/0jcBnftvwtbict9fhM
S0VyoQqh6uv3c/q4YP52Ww/A2+QxkKIT2/FEuOHBoigRQz42QfYYfK6Jkg1EMYby
lPJfjsxeidoQXzgmMBgJ1DbkaP3BInU7EB50JLfCDVgTyScERzNpnt74S09of3SG
vVXmdKp5q0p1YJ4FHj1re1IN17+qGhxStVsuos0TUpfJkksWPqA8jGiO8E733siX
Uu+9kc1Poq5GxU/rMCwozPe9qQJVQbhJyfpppZuVHxixN5eeD3uUMmwAUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0o2+51DE78ztV4YiFJzcj/Uu5BMB8GA1UdIwQY
MBaAFDigyIJsGLzVE6qn5SCB/5/TeRn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTkt
MDUwMmE2YTU0YWFiLzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTktMDUwMmE2YTU0YWFi
LzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkSMP6/Yk
2mheKdb3AgaVG5gzA2N8AF5WqpgCBWVBABeXysvwC4xYpo72vsQv7P1IWQ4VXTQJ
FmM9+5qbWpkdtuUhvfJjwTllmwq4NZr+InIbAf7vFkPtYAsvCJWCUJL0tVaTVrmp
gTdF4zHQqKNy8/OIAGIGUv5CiYU+Cv6JGhJysbAHh+UIptZcWL/fBCM0dDk3qlCi
ibmZiLAVs//J+vBbgufYL3+qdGvFRtjDQhL6KdBRIKSmpY2LOd8gIYjf22yesbw3
WeTWH9SllnC+cgIoMVVqfVB1lNsFb8bXneDilxEmynAKqj6Z3jLo594dPfq5O3fc
kixXYS4NhpuWsQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:17:03 2025 by rpki-client