Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
File: M-okCE9ribBlVZkQ4DEetRS-uxE.mft (raw, json)
Hash identifier: 9aLpaHn1m3iD5WTaJAAZsWrS/CQMTtgw6LgFbqD2T0A=
Subject key identifier: 37:F1:B7:7E:AE:91:DB:FB:47:29:A8:1B:01:D5:6C:66:3C:74:68:76
Authority key identifier: 33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
Certificate issuer: /CN=33ea24084f6b89b065559910e0311eb514bebb11
Certificate serial: 019A4E4F51BDA9373518CF77212625A03F9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
Manifest number: 0A44
Signing time: Tue 04 Nov 2025 10:00:12 +0000
Manifest this update: Tue 04 Nov 2025 10:00:12 +0000
Manifest next update: Wed 05 Nov 2025 10:00:12 +0000
Files and hashes: 1: M-okCE9ribBlVZkQ4DEetRS-uxE.crl (hash: czlwOtcv0oM9Dt8JGnK8mum79G10rAIEEBHE/rGr9as=)
2: q5bfraBywGI6OWgME5lOUXQvdtQ.roa (hash: VPJfRwAlvqbFoPlw0asR42eLfzS3WBMbNuvc2HvQmEs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:4f:51:bd:a9:37:35:18:cf:77:21:26:25:a0:3f:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ea24084f6b89b065559910e0311eb514bebb11
Validity
Not Before: Nov 4 10:00:12 2025 GMT
Not After : Nov 5 10:00:12 2025 GMT
Subject: CN=37f1b77eae91dbfb4729a81b01d56c663c746876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:39:fd:78:85:47:05:c6:19:31:90:67:70:0b:
1a:ed:c4:b5:7a:d1:8b:f8:ef:6c:41:f2:da:40:b2:
01:69:76:43:0a:ce:83:70:c5:f6:1f:65:fe:f5:ca:
17:c4:c1:7c:04:34:ac:8a:07:28:e8:e7:07:07:fe:
b2:d2:d4:d8:a7:d9:52:26:95:98:c0:e4:1b:b3:6b:
95:4f:84:9c:b9:42:4b:fb:13:89:3d:14:4f:47:f0:
5f:8c:6d:e6:98:14:3f:cc:55:d4:79:a9:c5:ad:33:
6c:5f:2c:3a:9e:1b:69:c5:c8:47:8d:ea:f6:e3:68:
75:a8:bf:c1:7d:3e:60:86:0c:61:d3:7f:4d:5e:3e:
22:cd:4a:1c:60:fc:24:6d:91:81:de:59:38:8a:bf:
7f:7f:41:1c:f7:e1:15:74:ac:21:cf:63:88:27:78:
b2:ee:11:49:d6:e9:4c:01:ea:57:19:e4:6e:67:d2:
63:7a:7d:b1:67:6b:53:88:c3:d5:15:fd:d7:d6:31:
37:e3:80:f5:67:2a:79:d2:10:91:75:88:11:96:05:
02:e2:9b:f4:88:85:60:3c:61:81:5f:35:86:23:28:
bb:ff:02:5d:34:18:f4:a7:e9:04:55:bf:af:c5:71:
66:c5:19:d0:57:c7:3a:67:83:53:25:43:65:1b:a4:
92:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F1:B7:7E:AE:91:DB:FB:47:29:A8:1B:01:D5:6C:66:3C:74:68:76
X509v3 Authority Key Identifier:
keyid:33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:0f:31:1a:5b:0b:40:3b:24:4a:78:c5:52:28:8a:d0:7d:ec:
a6:d8:bd:fa:5e:dc:6b:97:d4:5e:ec:3e:ef:76:f5:29:3c:61:
f4:ea:da:75:a2:1d:29:14:47:93:39:3d:a5:c0:4f:52:a2:fd:
6f:1b:a7:73:2c:d1:b2:43:ef:40:37:a0:00:83:8e:ad:9a:42:
5c:f9:4b:5d:17:76:df:58:c2:68:aa:d0:12:be:8e:9f:b8:f3:
0e:cf:7a:50:6f:6f:f7:f2:f7:88:e3:0d:54:53:00:1e:0f:b1:
c0:29:03:65:68:fa:d8:ef:e0:c1:70:16:83:6f:f2:24:5a:56:
e3:e2:8e:36:66:10:1b:1a:c1:92:a2:c0:10:2a:37:57:be:e0:
6d:3d:6c:cd:dd:32:5f:09:fb:44:4c:48:f0:30:57:a9:36:32:
68:c3:a4:8f:fe:d6:10:40:5b:85:77:7c:6b:52:b8:28:4c:eb:
cb:5c:68:22:76:ba:50:d5:d3:3f:5a:c3:c8:e8:ee:18:f3:7a:
8b:c6:eb:37:31:4f:89:7d:87:5e:48:c0:f9:38:07:5d:c6:68:
e7:53:70:47:84:48:28:21:74:93:d7:bc:0c:38:9c:0e:e0:de:
37:e8:b9:f5:58:90:7d:1f:6f:cb:04:11:19:c9:8e:95:59:01:
87:e8:cd:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT1G9qTc1GM93ISYloD+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWEyNDA4NGY2Yjg5YjA2NTU1OTkxMGUwMzExZWI1MTRi
ZWJiMTEwHhcNMjUxMTA0MTAwMDEyWhcNMjUxMTA1MTAwMDEyWjAzMTEwLwYDVQQD
EygzN2YxYjc3ZWFlOTFkYmZiNDcyOWE4MWIwMWQ1NmM2NjNjNzQ2ODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjn9eIVHBcYZMZBncAsa7cS1etGL
+O9sQfLaQLIBaXZDCs6DcMX2H2X+9coXxMF8BDSsigco6OcHB/6y0tTYp9lSJpWY
wOQbs2uVT4ScuUJL+xOJPRRPR/BfjG3mmBQ/zFXUeanFrTNsXyw6nhtpxchHjer2
42h1qL/BfT5ghgxh039NXj4izUocYPwkbZGB3lk4ir9/f0Ec9+EVdKwhz2OIJ3iy
7hFJ1ulMAepXGeRuZ9Jjen2xZ2tTiMPVFf3X1jE344D1Zyp50hCRdYgRlgUC4pv0
iIVgPGGBXzWGIyi7/wJdNBj0p+kEVb+vxXFmxRnQV8c6Z4NTJUNlG6SSQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDfxt36ukdv7RymoGwHVbGY8dGh2MB8GA1UdIwQY
MBaAFDPqJAhPa4mwZVWZEOAxHrUUvrsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUt
OTA1MTk2ZWJhMGJlLzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUtOTA1MTk2ZWJhMGJl
LzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARw8xGlsL
QDskSnjFUiiK0H3spti9+l7ca5fUXuw+73b1KTxh9OradaIdKRRHkzk9pcBPUqL9
bxuncyzRskPvQDegAIOOrZpCXPlLXRd231jCaKrQEr6On7jzDs96UG9v9/L3iOMN
VFMAHg+xwCkDZWj62O/gwXAWg2/yJFpW4+KONmYQGxrBkqLAECo3V77gbT1szd0y
Xwn7RExI8DBXqTYyaMOkj/7WEEBbhXd8a1K4KEzry1xoIna6UNXTP1rDyOjuGPN6
i8brNzFPiX2HXkjA+TgHXcZo51NwR4RIKCF0k9e8DDicDuDeN+i59ViQfR9vywQR
GcmOlVkBh+jNCg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:24:53 2025 by rpki-client