Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
File: OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft (raw, json)
Hash identifier: Q/qoJMTQFMLPOpP7u68YSq8eWaCH5i+0SUfDsbHmYdg=
Subject key identifier: 77:7E:A5:0A:9C:35:DB:0D:C7:27:10:9E:91:41:CD:7E:72:96:A4:EF
Authority key identifier: 38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
Certificate issuer: /CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Certificate serial: 01987450AAB65DC1B6B5BD3D6B7C594FFFB0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
Manifest number: 157D
Signing time: Mon 04 Aug 2025 09:01:40 +0000
Manifest this update: Mon 04 Aug 2025 09:01:40 +0000
Manifest next update: Tue 05 Aug 2025 09:01:40 +0000
Files and hashes: 1: KBKNSo54C-UjedwUMFB9xB41sio.roa (hash: EOnhGNtgG2NlhPSt6QkJfBoHbT869foRrNlEhdeoqqA=)
2: OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl (hash: ZZqrgy6UaWxMor3kzHGZIO32je/55OIBjx2KES2VDy0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 09:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:50:aa:b6:5d:c1:b6:b5:bd:3d:6b:7c:59:4f:ff:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Validity
Not Before: Aug 4 09:01:40 2025 GMT
Not After : Aug 5 09:01:40 2025 GMT
Subject: CN=777ea50a9c35db0dc727109e9141cd7e7296a4ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6f:a5:48:bf:37:20:0d:1f:a6:c5:60:4f:ab:
24:7a:cf:33:b6:3a:5a:e5:9f:a0:26:5c:45:7a:cd:
9d:ab:ed:2a:8a:db:24:37:40:d8:a2:1f:f7:6d:e1:
b8:99:ff:ec:8b:f0:d5:02:2f:b1:ee:e6:ed:dd:0f:
10:ea:32:07:55:cc:1e:b7:08:29:57:3e:52:aa:9b:
19:0b:ca:96:bd:9c:65:98:68:dc:34:6a:24:c7:58:
e2:a1:6e:a0:d2:b8:97:81:94:e7:2a:7e:0c:7c:29:
2d:55:61:1c:bf:09:27:d4:4c:1a:a3:e8:35:19:e6:
2a:97:dc:75:22:4b:22:6e:b4:e0:47:77:5c:72:4c:
db:b8:dc:14:34:86:20:73:76:ec:aa:a8:c6:d1:0c:
4f:47:c2:85:b7:53:19:c2:0c:0a:a7:5d:6b:c5:54:
b4:95:8c:7b:41:96:85:fa:96:69:97:cd:08:ec:4b:
4d:be:5e:88:43:10:a6:ae:ab:1e:38:d0:79:7d:19:
70:d6:a4:94:f5:ba:22:87:6f:80:67:dc:f0:00:54:
78:de:06:a0:8b:70:3c:a8:7e:b6:10:2a:0f:7e:e6:
77:43:f1:fc:eb:d5:2b:20:f2:f5:43:03:47:39:68:
23:0e:b7:94:96:5a:83:f4:aa:38:7e:b1:9d:33:e2:
05:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:7E:A5:0A:9C:35:DB:0D:C7:27:10:9E:91:41:CD:7E:72:96:A4:EF
X509v3 Authority Key Identifier:
keyid:38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:e7:ca:03:e4:b6:2b:25:f3:7c:89:17:1c:13:d6:de:23:c2:
e1:14:c7:da:04:03:9a:d1:2f:ab:37:54:5c:04:1e:09:83:46:
47:9e:0c:a0:03:ed:47:a2:53:2e:52:93:45:50:8a:de:cf:37:
f5:6a:7e:db:bc:cd:f0:55:9c:8d:60:73:8c:83:09:ce:d8:ec:
89:15:80:16:0f:fa:6c:12:ab:49:53:6d:c3:e4:c4:57:2a:ba:
23:77:92:ae:75:1f:07:17:97:4b:d5:23:04:52:19:6f:7d:be:
36:9a:eb:11:d9:96:91:03:cc:53:57:14:3d:13:b3:8a:18:14:
eb:91:03:75:60:3e:7d:1d:19:e4:94:58:3c:f9:32:7a:7f:60:
84:ef:f4:e7:13:7f:03:de:f2:80:aa:07:32:a6:9f:0c:1b:b5:
4a:2f:37:71:3f:2b:6e:b4:97:7a:3c:d3:1a:d7:a3:8d:46:92:
d2:7d:f8:6f:84:9b:90:bd:6f:a9:8c:77:69:4c:e2:cd:a5:b0:
9f:16:3d:4c:bd:ce:b6:89:3e:a6:e7:44:42:aa:59:02:bb:c5:
7b:cb:ae:1a:97:e8:01:53:b8:6a:63:04:82:80:f4:21:24:57:
f4:9e:ad:a1:ab:e7:f0:68:21:1b:f1:bd:b0:33:ee:12:80:9c:
15:1b:35:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UKq2XcG2tb09a3xZT/+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTBjODgyNmMxOGJjZDUxM2FhYTdlNTIwODFmZjlmZDM3
OTE5ZmIwHhcNMjUwODA0MDkwMTQwWhcNMjUwODA1MDkwMTQwWjAzMTEwLwYDVQQD
Eyg3NzdlYTUwYTljMzVkYjBkYzcyNzEwOWU5MTQxY2Q3ZTcyOTZhNGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzW+lSL83IA0fpsVgT6skes8ztjpa
5Z+gJlxFes2dq+0qitskN0DYoh/3beG4mf/si/DVAi+x7ubt3Q8Q6jIHVcwetwgp
Vz5SqpsZC8qWvZxlmGjcNGokx1jioW6g0riXgZTnKn4MfCktVWEcvwkn1Ewao+g1
GeYql9x1IksibrTgR3dcckzbuNwUNIYgc3bsqqjG0QxPR8KFt1MZwgwKp11rxVS0
lYx7QZaF+pZpl80I7EtNvl6IQxCmrqseONB5fRlw1qSU9boih2+AZ9zwAFR43gag
i3A8qH62ECoPfuZ3Q/H869UrIPL1QwNHOWgjDreUllqD9Ko4frGdM+IFmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHd+pQqcNdsNxycQnpFBzX5ylqTvMB8GA1UdIwQY
MBaAFDigyIJsGLzVE6qn5SCB/5/TeRn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTkt
MDUwMmE2YTU0YWFiLzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTktMDUwMmE2YTU0YWFi
LzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeufKA+S2
KyXzfIkXHBPW3iPC4RTH2gQDmtEvqzdUXAQeCYNGR54MoAPtR6JTLlKTRVCK3s83
9Wp+27zN8FWcjWBzjIMJztjsiRWAFg/6bBKrSVNtw+TEVyq6I3eSrnUfBxeXS9Uj
BFIZb32+NprrEdmWkQPMU1cUPROzihgU65EDdWA+fR0Z5JRYPPkyen9ghO/05xN/
A97ygKoHMqafDBu1Si83cT8rbrSXejzTGtejjUaS0n34b4SbkL1vqYx3aUzizaWw
nxY9TL3Otok+pudEQqpZArvFe8uuGpfoAVO4amMEgoD0ISRX9J6toavn8GghG/G9
sDPuEoCcFRs1LQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 16:09:01 2025 by rpki-client