Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
File: 1OKJaJepchZ45oRpOZOlqISQM2Q.mft (raw, json)
Hash identifier: w4TdCjxRbS55fBx05iB+KKR24aCEBWojIgUKecIAagY=
Subject key identifier: 96:EE:BC:39:74:26:C5:F3:5A:38:5C:64:1F:3E:7F:A4:11:99:2D:97
Authority key identifier: D4:E2:89:68:97:A9:72:16:78:E6:84:69:39:93:A5:A8:84:90:33:64
Certificate issuer: /CN=d4e2896897a9721678e684693993a5a884903364
Certificate serial: 019A4E8635727DE9E193338EDFE1584EB156
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 11:00:09 +0000
Manifest this update: Tue 04 Nov 2025 11:00:09 +0000
Manifest next update: Wed 05 Nov 2025 11:00:09 +0000
Files and hashes: 1: 1OKJaJepchZ45oRpOZOlqISQM2Q.crl (hash: 4nVgYfK5nD/dDT6AV9fOELm5AsFn7hTmVLB2/hk7zOM=)
2: WAQz-NVz1tPP197fB-7kdlHEMDo.roa (hash: EfunuE83nVqoEWqBwZZf7jU1FPr/i4YaWTLI4hd6d6w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 11:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:35:72:7d:e9:e1:93:33:8e:df:e1:58:4e:b1:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2896897a9721678e684693993a5a884903364
Validity
Not Before: Nov 4 11:00:09 2025 GMT
Not After : Nov 5 11:00:09 2025 GMT
Subject: CN=96eebc397426c5f35a385c641f3e7fa411992d97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:df:79:6a:1b:20:0d:c5:ae:5c:8d:72:7b:2b:
dc:8e:86:ac:ec:0f:e8:04:d1:ce:10:3e:7d:55:22:
8f:f5:a0:50:04:1c:2a:0e:1f:36:64:8f:97:68:9c:
b3:92:6e:b1:fd:6d:63:11:6a:8f:6c:3d:a5:20:b4:
e3:d8:48:57:53:c7:66:e3:57:28:32:d8:fa:4e:28:
d2:23:db:40:67:39:83:bf:e7:5d:17:a2:16:d6:bb:
3a:30:dd:77:fb:3c:b6:23:22:0e:62:d6:cb:82:5b:
99:3d:03:f3:59:3e:23:73:dc:92:1f:68:04:59:f3:
01:53:f4:4e:b5:68:85:f2:7c:17:09:11:47:f5:9e:
25:21:ed:cb:44:14:18:6b:47:d1:1b:4c:aa:67:ce:
69:43:08:29:84:cd:e4:fb:df:cb:76:8b:65:db:18:
a1:5e:b1:a8:35:1e:68:74:79:be:ee:9f:05:a7:45:
59:ca:6a:30:c6:a7:d4:42:3f:24:fc:d8:7c:23:7a:
59:b0:1c:0f:57:ec:d8:b8:2a:a2:37:d2:9d:5d:b5:
ec:5c:e7:ad:99:4b:3c:46:a1:32:95:30:9e:28:cb:
28:49:ae:dd:42:0c:65:61:40:78:03:ac:59:41:01:
79:05:62:8d:b1:f8:08:b1:8e:79:8f:87:e5:54:91:
9d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:EE:BC:39:74:26:C5:F3:5A:38:5C:64:1F:3E:7F:A4:11:99:2D:97
X509v3 Authority Key Identifier:
keyid:D4:E2:89:68:97:A9:72:16:78:E6:84:69:39:93:A5:A8:84:90:33:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6b:6e:f3:e3:25:5a:b9:a7:d6:78:f1:93:1d:b2:da:b0:50:8a:
2c:e6:93:db:80:bf:40:0b:93:2d:da:86:2c:ee:17:e4:a9:a5:
54:ac:74:5b:1e:28:33:14:6f:78:3e:a2:00:48:2f:df:75:fe:
e0:7a:54:51:66:0f:5d:1f:69:a7:0a:a8:3f:0a:6b:09:ea:05:
51:27:49:6f:4d:40:ea:3e:ee:4e:73:38:32:13:57:4f:e7:88:
18:56:07:9f:cd:42:5b:80:75:28:eb:5f:e8:a9:d9:07:74:3f:
01:90:6d:8c:5b:44:ab:7c:38:9e:46:11:b2:96:7e:26:c8:4d:
2b:2c:c9:8e:d2:f5:df:9d:ed:75:c2:0f:c7:26:c1:5d:09:02:
99:7e:b9:a3:ac:58:f6:76:bf:37:f3:fd:f3:5f:df:e4:1f:83:
a1:07:12:2c:82:a2:69:22:4f:60:2e:85:d2:85:60:1a:de:08:
8d:37:18:f1:ea:51:74:6c:c0:1b:75:47:98:40:43:2d:0e:dd:
fa:69:6d:6a:58:c9:f2:35:8c:31:00:b2:b6:62:03:01:c1:d2:
29:5c:38:1c:8b:62:99:52:0c:26:f0:b8:fc:81:e3:4f:e5:09:
4b:aa:c5:fc:25:9e:1e:bc:07:c4:c7:a3:cf:d4:52:42:8e:83:
66:c2:c8:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhjVyfenhkzOO3+FYTrFWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI4OTY4OTdhOTcyMTY3OGU2ODQ2OTM5OTNhNWE4ODQ5
MDMzNjQwHhcNMjUxMTA0MTEwMDA5WhcNMjUxMTA1MTEwMDA5WjAzMTEwLwYDVQQD
Eyg5NmVlYmMzOTc0MjZjNWYzNWEzODVjNjQxZjNlN2ZhNDExOTkyZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2N95ahsgDcWuXI1yeyvcjoas7A/o
BNHOED59VSKP9aBQBBwqDh82ZI+XaJyzkm6x/W1jEWqPbD2lILTj2EhXU8dm41co
Mtj6TijSI9tAZzmDv+ddF6IW1rs6MN13+zy2IyIOYtbLgluZPQPzWT4jc9ySH2gE
WfMBU/ROtWiF8nwXCRFH9Z4lIe3LRBQYa0fRG0yqZ85pQwgphM3k+9/Ldotl2xih
XrGoNR5odHm+7p8Fp0VZymowxqfUQj8k/Nh8I3pZsBwPV+zYuCqiN9KdXbXsXOet
mUs8RqEylTCeKMsoSa7dQgxlYUB4A6xZQQF5BWKNsfgIsY55j4flVJGdrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJbuvDl0JsXzWjhcZB8+f6QRmS2XMB8GA1UdIwQY
MBaAFNTiiWiXqXIWeOaEaTmTpaiEkDNkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lMjgxMDMtYTBmYi00MjI3LWJjYjEt
ZTQ5N2Q0MGY0ZTJhLzEvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lMjgxMDMtYTBmYi00MjI3LWJjYjEtZTQ5N2Q0MGY0ZTJh
LzEvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa27z4yVa
uafWePGTHbLasFCKLOaT24C/QAuTLdqGLO4X5KmlVKx0Wx4oMxRveD6iAEgv33X+
4HpUUWYPXR9ppwqoPwprCeoFUSdJb01A6j7uTnM4MhNXT+eIGFYHn81CW4B1KOtf
6KnZB3Q/AZBtjFtEq3w4nkYRspZ+JshNKyzJjtL1353tdcIPxybBXQkCmX65o6xY
9na/N/P981/f5B+DoQcSLIKiaSJPYC6F0oVgGt4IjTcY8epRdGzAG3VHmEBDLQ7d
+mltaljJ8jWMMQCytmIDAcHSKVw4HItimVIMJvC4/IHjT+UJS6rF/CWeHrwHxMej
z9RSQo6DZsLIBg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:39:04 2025 by rpki-client