Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
File: M-okCE9ribBlVZkQ4DEetRS-uxE.mft (raw, json)
Hash identifier: 78/Jqxvct8HQP0iX0asfGOv4z9DpfSiy843SnugugSk=
Subject key identifier: BE:51:C8:90:EF:B4:8F:67:58:6E:CB:F8:5B:05:B0:6C:98:BB:7A:25
Authority key identifier: 33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
Certificate issuer: /CN=33ea24084f6b89b065559910e0311eb514bebb11
Certificate serial: 019897EECF089541D1096CF4672892C5D09E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
Manifest number: 0961
Signing time: Mon 11 Aug 2025 07:01:06 +0000
Manifest this update: Mon 11 Aug 2025 07:01:06 +0000
Manifest next update: Tue 12 Aug 2025 07:01:06 +0000
Files and hashes: 1: M-okCE9ribBlVZkQ4DEetRS-uxE.crl (hash: NIFy3YzJ2pt/LzW2WHr6ZibjON4nIayRWT8PNj8jq9Q=)
2: q5bfraBywGI6OWgME5lOUXQvdtQ.roa (hash: VPJfRwAlvqbFoPlw0asR42eLfzS3WBMbNuvc2HvQmEs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:97:ee:cf:08:95:41:d1:09:6c:f4:67:28:92:c5:d0:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ea24084f6b89b065559910e0311eb514bebb11
Validity
Not Before: Aug 11 07:01:06 2025 GMT
Not After : Aug 12 07:01:06 2025 GMT
Subject: CN=be51c890efb48f67586ecbf85b05b06c98bb7a25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ba:74:5c:9c:13:85:d8:43:83:29:a8:93:41:
f9:9e:23:76:f4:a9:1a:95:0a:b9:c1:46:38:ee:ec:
36:db:d1:23:b1:a7:4d:95:88:e0:90:64:7d:38:ea:
42:0e:02:71:96:1d:b3:ec:d0:db:bf:28:86:aa:ab:
28:24:c1:9a:f1:59:36:9e:a8:69:d1:09:29:90:72:
44:05:ce:1d:7d:a5:63:96:76:dc:d2:95:4c:e0:93:
40:b9:a7:22:19:83:e4:76:5e:b0:07:b1:98:16:9c:
79:07:3f:26:11:96:dd:50:e8:d0:b5:8e:0a:ce:87:
38:bf:fb:bf:6d:ac:fe:f5:f2:ef:97:5f:c7:48:21:
ef:23:a5:f5:fd:5b:f1:ef:52:30:d9:65:3f:e9:cc:
97:44:8d:af:bf:bd:e8:ec:a7:f8:d2:5f:34:95:e0:
41:ee:e5:c7:68:9e:85:71:1a:c9:4b:2b:26:9b:3b:
f1:4e:ec:d9:e0:9f:fb:5d:31:1c:b4:ed:b0:04:14:
74:25:74:fd:f4:70:20:f8:c6:b8:59:83:56:61:b6:
27:ee:41:12:10:8a:a3:df:96:b8:6d:c6:42:b7:b2:
3a:90:d0:53:41:b9:18:ba:79:c7:fc:bc:bf:e8:22:
28:90:f7:a7:73:71:04:e7:8a:07:98:30:09:b0:2e:
53:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:51:C8:90:EF:B4:8F:67:58:6E:CB:F8:5B:05:B0:6C:98:BB:7A:25
X509v3 Authority Key Identifier:
keyid:33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:8b:8c:3c:22:ea:d5:1b:52:9e:5c:1d:ee:f1:43:52:4c:70:
a6:1e:0a:9a:13:41:65:7a:d2:38:6d:d0:57:52:ed:c5:da:fe:
c5:f8:75:62:37:66:7c:07:ec:f6:96:98:39:0b:8a:08:fb:c1:
89:b6:b3:c7:4a:84:46:dd:71:a8:03:0c:04:cf:22:51:f3:ab:
1e:03:e8:84:ad:f5:f5:2f:bb:34:0b:3a:20:96:46:b2:d9:5f:
ab:ed:d4:a1:e9:92:0b:38:c3:c9:23:d2:4c:b4:52:72:1f:9e:
d7:92:1b:a8:fb:55:91:e2:3d:b6:ec:91:a3:67:a6:36:1b:5d:
fb:30:82:14:26:7d:44:47:c4:c0:8e:1d:88:60:e6:fc:ce:38:
9a:cb:d2:37:c4:46:34:b5:c6:bf:b0:17:04:97:ca:70:1c:e9:
07:4c:cd:c3:ba:6d:bb:15:49:2f:5c:a6:2a:7c:a8:d7:d3:bb:
a7:7e:8b:9d:86:df:33:76:51:08:27:2e:21:c4:c5:ca:f0:e2:
88:23:97:78:e5:0a:23:b9:d2:dd:a7:08:11:b2:82:66:bf:72:
f1:af:38:93:b8:80:ae:a8:bf:d1:da:f0:40:9f:38:10:5d:8b:
04:85:0c:64:be:b6:03:9e:45:4b:7b:91:f7:39:4d:a3:28:32:
32:ea:ad:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiX7s8IlUHRCWz0ZyiSxdCeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWEyNDA4NGY2Yjg5YjA2NTU1OTkxMGUwMzExZWI1MTRi
ZWJiMTEwHhcNMjUwODExMDcwMTA2WhcNMjUwODEyMDcwMTA2WjAzMTEwLwYDVQQD
EyhiZTUxYzg5MGVmYjQ4ZjY3NTg2ZWNiZjg1YjA1YjA2Yzk4YmI3YTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLp0XJwThdhDgymok0H5niN29Kka
lQq5wUY47uw229EjsadNlYjgkGR9OOpCDgJxlh2z7NDbvyiGqqsoJMGa8Vk2nqhp
0QkpkHJEBc4dfaVjlnbc0pVM4JNAuaciGYPkdl6wB7GYFpx5Bz8mEZbdUOjQtY4K
zoc4v/u/baz+9fLvl1/HSCHvI6X1/Vvx71Iw2WU/6cyXRI2vv73o7Kf40l80leBB
7uXHaJ6FcRrJSysmmzvxTuzZ4J/7XTEctO2wBBR0JXT99HAg+Ma4WYNWYbYn7kES
EIqj35a4bcZCt7I6kNBTQbkYunnH/Ly/6CIokPenc3EE54oHmDAJsC5TDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL5RyJDvtI9nWG7L+FsFsGyYu3olMB8GA1UdIwQY
MBaAFDPqJAhPa4mwZVWZEOAxHrUUvrsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUt
OTA1MTk2ZWJhMGJlLzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUtOTA1MTk2ZWJhMGJl
LzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc4uMPCLq
1RtSnlwd7vFDUkxwph4KmhNBZXrSOG3QV1Ltxdr+xfh1YjdmfAfs9paYOQuKCPvB
ibazx0qERt1xqAMMBM8iUfOrHgPohK319S+7NAs6IJZGstlfq+3UoemSCzjDySPS
TLRSch+e15IbqPtVkeI9tuyRo2emNhtd+zCCFCZ9REfEwI4diGDm/M44msvSN8RG
NLXGv7AXBJfKcBzpB0zNw7ptuxVJL1ymKnyo19O7p36LnYbfM3ZRCCcuIcTFyvDi
iCOXeOUKI7nS3acIEbKCZr9y8a84k7iArqi/0drwQJ84EF2LBIUMZL62A55FS3uR
9zlNoygyMuqtZg==
-----END CERTIFICATE-----
Generated at Mon Aug 11 10:30:10 2025 by rpki-client