Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
File: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft (raw, json)
Hash identifier: aXcCfJ2D3piqTE4Lp72f6Mu30xncCAqpWbNCryZ/3Nw=
Subject key identifier: B6:D4:C6:AE:29:0A:E3:32:8A:B2:E6:D9:1E:71:D9:B7:AB:79:7E:96
Authority key identifier: 38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE
Certificate issuer: /CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
Certificate serial: 019A4E190B8BF9CBD0AE6691D475DE97E379
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
Manifest number: 068E
Signing time: Tue 04 Nov 2025 09:00:55 +0000
Manifest this update: Tue 04 Nov 2025 09:00:55 +0000
Manifest next update: Wed 05 Nov 2025 09:00:55 +0000
Files and hashes: 1: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl (hash: fdj0Yop5iyfD2EgQ3UVswe3AJ9UNMUrBW2bFsDXXCRA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:19:0b:8b:f9:cb:d0:ae:66:91:d4:75:de:97:e3:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
Validity
Not Before: Nov 4 09:00:55 2025 GMT
Not After : Nov 5 09:00:55 2025 GMT
Subject: CN=b6d4c6ae290ae3328ab2e6d91e71d9b7ab797e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8c:d3:23:a1:65:9a:4b:c8:fb:bf:8b:02:f4:
ca:7e:e1:ae:ac:d5:40:3b:04:e8:e0:a4:6b:d9:53:
46:5a:c9:90:f8:46:e6:a1:bb:72:32:f7:e1:ca:e2:
01:e3:cb:0b:72:19:5a:c6:d0:bf:4b:38:c2:f8:ac:
3f:c4:4b:dd:89:cb:c8:ac:fa:46:32:6b:4f:31:76:
12:22:a8:dd:15:3a:21:d8:8f:7f:27:6e:06:83:ea:
9c:cf:42:a1:ad:42:f7:8f:ab:fa:7d:d3:0c:94:97:
b7:31:1c:85:6c:23:38:5b:d8:ad:2f:0f:91:b8:ef:
62:3c:0f:74:4a:d9:a8:e3:cb:0b:e1:c6:c8:95:32:
10:8d:88:47:ee:07:95:d8:96:86:27:e8:ec:a1:2f:
75:6b:e7:41:b1:41:c0:b5:17:8a:55:ed:61:65:af:
91:27:d5:1c:e2:5d:16:0d:50:24:a1:f3:0f:33:cb:
88:04:2e:ba:3e:bc:de:9d:2d:59:96:65:e9:fe:10:
bc:09:6d:12:30:7f:6a:4c:3c:57:af:09:4d:d4:ee:
2a:02:54:1a:9a:14:4b:a9:7e:b0:fb:0c:ee:8c:4d:
07:8f:7d:8f:ff:56:02:25:65:e1:8a:c8:de:91:e1:
c2:5c:11:a8:e0:ae:2c:d9:7d:7a:ea:ae:1b:e5:f9:
f9:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:D4:C6:AE:29:0A:E3:32:8A:B2:E6:D9:1E:71:D9:B7:AB:79:7E:96
X509v3 Authority Key Identifier:
keyid:38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
07:a4:9e:38:ce:9e:f8:bb:d5:a1:30:73:19:43:1c:b0:72:32:
66:d5:88:71:3f:de:a9:60:2c:67:bd:31:a7:ef:41:ce:4d:3e:
b7:de:0c:c8:9a:4e:c5:d9:f4:a2:06:39:cf:e0:6a:b4:2c:89:
ad:34:09:c3:6a:f9:cb:ec:a9:2c:2d:07:b9:ff:d7:a2:72:8a:
02:3b:95:31:19:13:91:a2:ee:04:df:7c:51:37:d0:77:27:35:
ce:52:88:89:b9:ca:9f:35:d1:91:9a:90:e9:e1:54:d5:d9:88:
00:3d:67:b9:56:05:8d:55:f5:50:18:07:c5:e6:bc:72:1b:7a:
7e:9b:5c:c9:d1:69:34:3a:5f:1a:d6:16:7e:ef:cc:e5:16:6d:
38:39:2f:56:bc:06:d7:81:bb:f9:d0:e7:dd:62:8b:c1:f9:44:
97:aa:d5:ad:93:3f:d7:25:13:f2:1a:0c:98:ea:45:2b:e1:2a:
0f:d5:fd:38:e7:1a:14:90:7c:4a:88:a4:08:93:2f:d0:e1:42:
c9:89:1b:7d:6f:57:df:30:48:12:d0:12:d6:b2:b9:8e:31:b4:
fe:5f:ed:00:57:90:79:79:4b:08:07:6d:34:e2:fa:b0:37:3c:
2b:15:bc:10:d4:c7:8f:ae:5a:7d:2a:96:42:d0:84:05:8d:60:
79:a2:31:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGQuL+cvQrmaR1HXel+N5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTFkODlhMTNiM2ViYjdiZjU5ZTQzOTVmM2YwZDhhOGE3
ZDYyY2UwHhcNMjUxMTA0MDkwMDU1WhcNMjUxMTA1MDkwMDU1WjAzMTEwLwYDVQQD
EyhiNmQ0YzZhZTI5MGFlMzMyOGFiMmU2ZDkxZTcxZDliN2FiNzk3ZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIzTI6FlmkvI+7+LAvTKfuGurNVA
OwTo4KRr2VNGWsmQ+EbmobtyMvfhyuIB48sLchlaxtC/SzjC+Kw/xEvdicvIrPpG
MmtPMXYSIqjdFToh2I9/J24Gg+qcz0KhrUL3j6v6fdMMlJe3MRyFbCM4W9itLw+R
uO9iPA90Stmo48sL4cbIlTIQjYhH7geV2JaGJ+jsoS91a+dBsUHAtReKVe1hZa+R
J9Uc4l0WDVAkofMPM8uIBC66PrzenS1ZlmXp/hC8CW0SMH9qTDxXrwlN1O4qAlQa
mhRLqX6w+wzujE0Hj32P/1YCJWXhisjekeHCXBGo4K4s2X166q4b5fn5VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLbUxq4pCuMyirLm2R5x2bereX6WMB8GA1UdIwQY
MBaAFDih2JoTs+u3v1nkOV8/DYqKfWLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTIt
M2E2ZmUzYmE1YzRkLzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTItM2E2ZmUzYmE1YzRk
LzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB6SeOM6e
+LvVoTBzGUMcsHIyZtWIcT/eqWAsZ70xp+9Bzk0+t94MyJpOxdn0ogY5z+BqtCyJ
rTQJw2r5y+ypLC0Huf/XonKKAjuVMRkTkaLuBN98UTfQdyc1zlKIibnKnzXRkZqQ
6eFU1dmIAD1nuVYFjVX1UBgHxea8cht6fptcydFpNDpfGtYWfu/M5RZtODkvVrwG
14G7+dDn3WKLwflEl6rVrZM/1yUT8hoMmOpFK+EqD9X9OOcaFJB8SoikCJMv0OFC
yYkbfW9X3zBIEtAS1rK5jjG0/l/tAFeQeXlLCAdtNOL6sDc8KxW8ENTHj65afSqW
QtCEBY1geaIxCw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:11:36 2025 by rpki-client