Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
File: Okj-BwTkrJXjpw6VvrhEJcMWua0.mft (raw, json)
Hash identifier: HFhXtjhkjZQYEThS34Rh7XDo8VAHjDtxxoMcT6QfDIw=
Subject key identifier: F4:F8:26:05:5E:B1:03:A6:68:7C:43:A0:CC:40:D1:D3:F6:2E:25:BF
Authority key identifier: 3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
Certificate issuer: /CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Certificate serial: 01988BB33181CE690B06D48E302546BE228B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
Manifest number: 113D
Signing time: Fri 08 Aug 2025 22:00:33 +0000
Manifest this update: Fri 08 Aug 2025 22:00:33 +0000
Manifest next update: Sat 09 Aug 2025 22:00:33 +0000
Files and hashes: 1: Okj-BwTkrJXjpw6VvrhEJcMWua0.crl (hash: EKYAo4mLMFAxu6UNifDcD+7AkmWX9z+ndT4Wx3zTS4E=)
2: jBg4c1TddaMZ79OO2ACO6rgKQkE.roa (hash: vxMjeBuQHvoGxQ3EbvzgsnvZ7fj/adVRxxvAS0tcfsE=)
3: yN3-coe-yJTzFymhuWAPFUYAkF4.roa (hash: IPNSpgYWxN2jcOf0NhOGeg6e+K9d2+ZzIVVpZsFLZDI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8b:b3:31:81:ce:69:0b:06:d4:8e:30:25:46:be:22:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Validity
Not Before: Aug 8 22:00:33 2025 GMT
Not After : Aug 9 22:00:33 2025 GMT
Subject: CN=f4f826055eb103a6687c43a0cc40d1d3f62e25bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6c:2a:01:c9:78:fb:0e:46:f7:fe:06:58:87:
c6:f4:6c:ce:18:23:ee:6b:0d:b8:62:09:2b:d0:0d:
a0:9d:43:2b:fb:8b:4c:26:e6:df:35:75:df:44:ea:
17:30:81:b7:3c:68:53:5b:4a:02:c7:0e:bc:ba:4c:
b4:b8:d6:d7:1d:c5:d7:6f:55:2c:45:e8:49:66:d8:
67:ae:95:86:aa:a7:c1:88:34:6e:c7:6c:5a:d1:45:
6d:c9:b6:7a:8f:ad:35:b8:b9:58:11:b3:7d:5d:43:
c0:cb:a1:1f:3a:c0:e9:b3:b9:a0:0f:03:2d:73:71:
af:d6:53:bc:0f:1e:72:27:ed:b2:ab:c1:ea:e4:6a:
7b:d0:85:a5:f3:19:30:08:11:04:4c:05:17:e7:f7:
4a:d2:3c:b2:c5:12:2d:d1:27:58:a9:10:cf:70:ef:
f1:65:6b:b1:d2:0e:2f:40:e8:3d:e5:20:40:f0:e0:
57:21:f7:65:a9:f1:81:5d:85:74:87:b2:21:0a:cd:
18:c5:9d:e3:28:64:e9:2e:f1:b6:d2:a3:2b:66:59:
15:3d:11:59:41:7e:4d:82:02:c2:da:71:3d:89:b5:
59:1a:0c:13:b1:94:5c:18:aa:e8:0e:3a:e6:7a:d0:
5f:99:16:b6:cb:20:23:9d:1d:61:b7:6a:14:a5:7f:
51:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F8:26:05:5E:B1:03:A6:68:7C:43:A0:CC:40:D1:D3:F6:2E:25:BF
X509v3 Authority Key Identifier:
keyid:3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:a4:98:9c:22:1f:4a:82:73:e3:52:cc:a4:25:ae:4a:79:d1:
4c:bf:70:93:7b:e4:90:aa:1c:94:65:df:7d:a5:05:5a:c8:c7:
f8:3e:05:1a:51:82:c2:a2:e7:cb:65:35:30:89:ee:8a:9d:cb:
44:0b:44:64:70:d6:09:03:01:9e:8a:4f:fe:73:36:02:e2:82:
f1:b8:fc:83:53:bb:86:3c:6c:ef:37:49:9b:55:ed:8f:12:8e:
18:ce:08:c9:fe:4c:83:ef:2f:69:98:48:66:7c:3a:aa:3b:e4:
dc:a8:ff:8e:b4:34:6b:c5:20:52:7e:a9:21:40:dc:d7:b2:5e:
ef:48:bd:8b:a9:cb:8e:3d:a6:96:ee:c0:c8:d6:62:dd:da:e7:
49:97:99:56:ee:b7:a0:e6:eb:5b:d4:7d:b4:c6:b8:88:55:96:
5b:d1:ef:f1:dc:0e:8b:01:cb:49:d2:f8:b0:aa:8c:01:6a:6c:
d6:5c:01:cf:18:65:f3:a9:4b:d7:e1:53:aa:83:da:3b:a9:72:
1a:21:bd:63:6e:af:5d:e4:c1:e3:bc:76:83:e5:26:b3:0c:f0:
ce:4e:c1:81:2f:54:9d:b0:ab:4d:c4:ce:64:5a:bd:ff:ab:6e:
da:d6:48:58:ba:b7:4e:3a:6d:cd:06:59:e0:d9:41:53:eb:03:
41:43:2d:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLszGBzmkLBtSOMCVGviKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhmZTA3MDRlNGFjOTVlM2E3MGU5NWJlYjg0NDI1YzMx
NmI5YWQwHhcNMjUwODA4MjIwMDMzWhcNMjUwODA5MjIwMDMzWjAzMTEwLwYDVQQD
EyhmNGY4MjYwNTVlYjEwM2E2Njg3YzQzYTBjYzQwZDFkM2Y2MmUyNWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2wqAcl4+w5G9/4GWIfG9GzOGCPu
aw24Ygkr0A2gnUMr+4tMJubfNXXfROoXMIG3PGhTW0oCxw68uky0uNbXHcXXb1Us
RehJZthnrpWGqqfBiDRux2xa0UVtybZ6j601uLlYEbN9XUPAy6EfOsDps7mgDwMt
c3Gv1lO8Dx5yJ+2yq8Hq5Gp70IWl8xkwCBEETAUX5/dK0jyyxRIt0SdYqRDPcO/x
ZWux0g4vQOg95SBA8OBXIfdlqfGBXYV0h7IhCs0YxZ3jKGTpLvG20qMrZlkVPRFZ
QX5NggLC2nE9ibVZGgwTsZRcGKroDjrmetBfmRa2yyAjnR1ht2oUpX9R6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPT4JgVesQOmaHxDoMxA0dP2LiW/MB8GA1UdIwQY
MBaAFDpI/gcE5KyV46cOlb64RCXDFrmtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEt
ZTEyM2U0ZTMwM2UxLzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEtZTEyM2U0ZTMwM2Ux
LzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYKSYnCIf
SoJz41LMpCWuSnnRTL9wk3vkkKoclGXffaUFWsjH+D4FGlGCwqLny2U1MInuip3L
RAtEZHDWCQMBnopP/nM2AuKC8bj8g1O7hjxs7zdJm1XtjxKOGM4Iyf5Mg+8vaZhI
Znw6qjvk3Kj/jrQ0a8UgUn6pIUDc17Je70i9i6nLjj2mlu7AyNZi3drnSZeZVu63
oObrW9R9tMa4iFWWW9Hv8dwOiwHLSdL4sKqMAWps1lwBzxhl86lL1+FTqoPaO6ly
GiG9Y26vXeTB47x2g+Umswzwzk7BgS9UnbCrTcTOZFq9/6tu2tZIWLq3TjptzQZZ
4NlBU+sDQUMtsQ==
-----END CERTIFICATE-----
Generated at Sat Aug 9 02:56:55 2025 by rpki-client