Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
File: Okj-BwTkrJXjpw6VvrhEJcMWua0.mft (raw, json)
Hash identifier: Y7+GKczQw8MLUfiiQJxsPEpRNSxsbe8C9ANGGbvv7gE=
Subject key identifier: F3:A5:4C:BA:B5:47:71:44:A6:49:D4:41:85:0A:A5:2F:31:F2:F8:08
Authority key identifier: 3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
Certificate issuer: /CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Certificate serial: 01978320D420552A8E311B3253160AAB632F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
Manifest number: 10B4
Signing time: Wed 18 Jun 2025 13:00:56 +0000
Manifest this update: Wed 18 Jun 2025 13:00:56 +0000
Manifest next update: Thu 19 Jun 2025 13:00:56 +0000
Files and hashes: 1: Okj-BwTkrJXjpw6VvrhEJcMWua0.crl (hash: ymJ3UZfqdCswkK5UX0fg6aRy/SOmtSFnuERuz5PcT1Q=)
2: jBg4c1TddaMZ79OO2ACO6rgKQkE.roa (hash: vxMjeBuQHvoGxQ3EbvzgsnvZ7fj/adVRxxvAS0tcfsE=)
3: yN3-coe-yJTzFymhuWAPFUYAkF4.roa (hash: IPNSpgYWxN2jcOf0NhOGeg6e+K9d2+ZzIVVpZsFLZDI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:83:20:d4:20:55:2a:8e:31:1b:32:53:16:0a:ab:63:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Validity
Not Before: Jun 18 13:00:56 2025 GMT
Not After : Jun 19 13:00:56 2025 GMT
Subject: CN=f3a54cbab5477144a649d441850aa52f31f2f808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f8:12:c0:4f:d7:01:0f:19:cb:6e:8e:8d:39:
14:62:83:d9:14:72:bd:1e:91:29:26:b2:8f:4e:01:
ec:32:36:67:c4:99:10:34:f4:a2:27:f3:39:95:47:
be:31:af:e0:20:a3:53:6e:5b:fe:5c:33:4a:fd:89:
26:9a:97:19:e8:fb:0f:46:6f:3d:9e:1a:a6:b9:55:
c0:51:ff:d5:09:f7:a1:97:80:6c:4f:25:f7:47:3f:
eb:fb:d9:79:be:ce:53:a9:db:fe:a9:8e:7a:2a:1a:
f0:48:cc:fb:74:ee:3e:ad:4a:56:fc:1e:a5:77:53:
3e:80:af:3f:1e:14:e1:c4:d8:46:26:10:8c:31:1e:
e9:bf:c8:35:73:bd:a4:fb:2f:14:a0:36:7a:e1:5d:
e8:28:30:1e:ec:dd:f0:18:67:bd:00:b2:90:40:ac:
95:41:15:9b:4a:e1:c0:ba:53:d3:7b:b3:a4:d4:49:
d6:c0:ab:cf:a5:ef:9a:9a:26:69:06:33:14:39:2f:
14:c5:48:3a:07:ae:8c:1a:45:01:22:e5:85:8d:64:
95:ed:a1:f8:45:65:d4:21:78:da:9d:be:0d:c5:43:
d6:eb:3a:5a:57:22:42:ff:43:7c:47:c9:1b:6c:ff:
6e:ce:66:bd:07:17:1b:44:e0:fb:f3:69:3a:38:87:
92:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A5:4C:BA:B5:47:71:44:A6:49:D4:41:85:0A:A5:2F:31:F2:F8:08
X509v3 Authority Key Identifier:
keyid:3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:ee:df:9f:ac:1e:47:83:89:cd:9c:76:b4:2b:0f:4a:27:57:
6a:f0:2f:d9:e3:2b:bd:fb:be:41:9e:eb:eb:7c:d7:18:db:db:
cb:80:09:34:79:16:9d:16:cd:42:68:24:21:f5:1b:37:c8:78:
7e:b6:99:05:bf:a4:21:f4:6f:01:4c:74:46:96:7b:0b:63:09:
dc:b4:89:80:ae:7d:9b:d2:77:d7:ac:4a:6b:a3:1e:13:c8:ac:
f4:0c:9f:0e:68:a4:c3:f4:e5:df:77:ae:9c:8c:c3:07:b9:c2:
12:17:f5:66:0f:e9:46:15:e5:6a:58:f4:5a:4f:c6:df:06:e0:
1c:81:f4:66:67:93:33:2b:64:7a:45:a2:9c:d0:81:13:82:d9:
3f:0c:7d:f0:a1:cb:72:b8:30:ed:cb:25:83:3a:1b:44:13:dd:
86:15:2d:d2:3d:f7:1f:6f:b9:bb:3e:4d:22:ec:a6:80:aa:14:
00:d8:2c:77:0b:94:ec:f7:2d:c4:82:ef:d5:7f:11:29:aa:52:
9b:53:81:eb:44:cd:07:40:f0:20:66:26:d0:d7:90:7f:20:88:
f2:82:32:c7:9f:1e:1f:0e:08:f3:f7:ba:a8:11:57:ca:63:f0:
51:d5:ee:97:37:7d:78:bf:dc:d0:0e:40:f4:ac:36:58:a2:b6:
ec:61:09:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeDINQgVSqOMRsyUxYKq2MvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhmZTA3MDRlNGFjOTVlM2E3MGU5NWJlYjg0NDI1YzMx
NmI5YWQwHhcNMjUwNjE4MTMwMDU2WhcNMjUwNjE5MTMwMDU2WjAzMTEwLwYDVQQD
EyhmM2E1NGNiYWI1NDc3MTQ0YTY0OWQ0NDE4NTBhYTUyZjMxZjJmODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvgSwE/XAQ8Zy26OjTkUYoPZFHK9
HpEpJrKPTgHsMjZnxJkQNPSiJ/M5lUe+Ma/gIKNTblv+XDNK/YkmmpcZ6PsPRm89
nhqmuVXAUf/VCfehl4BsTyX3Rz/r+9l5vs5Tqdv+qY56KhrwSMz7dO4+rUpW/B6l
d1M+gK8/HhThxNhGJhCMMR7pv8g1c72k+y8UoDZ64V3oKDAe7N3wGGe9ALKQQKyV
QRWbSuHAulPTe7Ok1EnWwKvPpe+amiZpBjMUOS8UxUg6B66MGkUBIuWFjWSV7aH4
RWXUIXjanb4NxUPW6zpaVyJC/0N8R8kbbP9uzma9BxcbROD782k6OIeS3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPOlTLq1R3FEpknUQYUKpS8x8vgIMB8GA1UdIwQY
MBaAFDpI/gcE5KyV46cOlb64RCXDFrmtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEt
ZTEyM2U0ZTMwM2UxLzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEtZTEyM2U0ZTMwM2Ux
LzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAe7fn6we
R4OJzZx2tCsPSidXavAv2eMrvfu+QZ7r63zXGNvby4AJNHkWnRbNQmgkIfUbN8h4
fraZBb+kIfRvAUx0RpZ7C2MJ3LSJgK59m9J316xKa6MeE8is9AyfDmikw/Tl33eu
nIzDB7nCEhf1Zg/pRhXlalj0Wk/G3wbgHIH0ZmeTMytkekWinNCBE4LZPwx98KHL
crgw7cslgzobRBPdhhUt0j33H2+5uz5NIuymgKoUANgsdwuU7PctxILv1X8RKapS
m1OB60TNB0DwIGYm0NeQfyCI8oIyx58eHw4I8/e6qBFXymPwUdXulzd9eL/c0A5A
9Kw2WKK27GEJaQ==
-----END CERTIFICATE-----
Generated at Wed Jun 18 15:26:15 2025 by rpki-client