Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
File: OkjgM962SsQkPHLOiZ1Tgi32mW0.mft (raw, json)
Hash identifier: 5wBXjddUC6nzI4Eu7I1BTLmPVvq9gNf4OTXobJs0VXc=
Subject key identifier: 24:89:2F:CC:3C:7E:10:DA:C6:6C:6A:8D:2D:13:3B:0D:54:2C:B0:3A
Authority key identifier: 3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
Certificate issuer: /CN=3a48e033deb64ac4243c72ce899d53822df6996d
Certificate serial: 019A4E4FE78D750CA349A6DAFDC25DF00676
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
Manifest number: 169E
Signing time: Tue 04 Nov 2025 10:00:50 +0000
Manifest this update: Tue 04 Nov 2025 10:00:50 +0000
Manifest next update: Wed 05 Nov 2025 10:00:50 +0000
Files and hashes: 1: OkjgM962SsQkPHLOiZ1Tgi32mW0.crl (hash: K4eh9JZSo+QhDJRVEpTqAX+PYolRXV0xo/iTuUbdOkQ=)
2: oU-Dh2GrIk6DJo0B3ckZobCZQLg.roa (hash: 3M/n9wvPmKU+uLTP2MTaGav/2cb5GDciUi4YXKv/+G0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:4f:e7:8d:75:0c:a3:49:a6:da:fd:c2:5d:f0:06:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48e033deb64ac4243c72ce899d53822df6996d
Validity
Not Before: Nov 4 10:00:50 2025 GMT
Not After : Nov 5 10:00:50 2025 GMT
Subject: CN=24892fcc3c7e10dac66c6a8d2d133b0d542cb03a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a3:e6:43:61:0a:4c:2d:d0:4e:49:31:9a:af:
5a:27:7c:58:9d:a1:7e:2e:57:c4:29:7a:39:50:47:
59:9e:f4:92:4a:ae:6e:84:e3:5b:ed:ab:1f:eb:e1:
b8:e8:43:76:a4:e6:aa:bc:f5:a0:8c:83:0e:1c:63:
f6:6a:ef:06:87:a1:51:df:fa:d6:84:b9:d6:0f:da:
e0:4e:29:f9:9f:2e:2a:b7:63:cb:38:77:21:a3:31:
19:c1:d2:1c:f6:ca:3d:18:04:b4:c7:08:a8:db:99:
46:59:1e:ee:42:ec:5f:fc:c7:6a:08:47:b5:9c:4a:
57:b5:01:7a:3e:70:d0:09:6f:ee:91:78:e6:74:ea:
17:b2:e8:23:40:88:30:fc:3d:93:0d:26:16:06:ad:
26:3e:2d:2b:7b:70:58:f1:33:d1:d7:2b:98:eb:e9:
86:00:da:c3:73:47:15:cf:17:65:d2:d7:88:2e:4b:
7e:40:4b:76:25:fd:3e:e6:36:02:43:ac:97:0a:b8:
9c:99:1e:84:aa:ff:ff:14:78:f5:d0:5e:b6:a2:03:
e9:af:45:89:54:ce:e5:e3:99:f5:28:ed:fe:3d:b6:
1f:2c:f5:33:f6:31:bf:4c:82:a6:e6:d1:18:0f:b9:
e0:3b:25:7a:31:a3:a8:29:d6:8e:4b:35:f0:5a:60:
11:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:89:2F:CC:3C:7E:10:DA:C6:6C:6A:8D:2D:13:3B:0D:54:2C:B0:3A
X509v3 Authority Key Identifier:
keyid:3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:46:f1:d9:66:59:cc:2f:a4:e6:85:75:5f:a5:39:78:c2:ab:
00:8d:4f:46:97:a3:c1:6b:b0:18:19:e1:fb:cf:80:75:75:24:
91:ec:5c:8e:a2:70:f0:bd:c6:28:55:8b:a0:da:05:65:3a:d9:
2b:13:4a:98:bf:c6:ed:30:06:ff:94:5f:00:71:8c:20:34:33:
0c:0b:e1:d2:a0:ce:fb:1b:3b:a5:b3:ff:3a:3e:06:89:cc:53:
cb:bc:b8:a1:3c:64:4c:aa:fe:06:c9:c4:0a:2d:55:ee:7b:1b:
e0:bb:9a:af:fa:20:d6:a1:35:62:70:07:8a:7e:d3:66:38:32:
06:15:14:2f:ca:e6:46:a2:44:38:d6:fb:ac:f6:a3:26:57:f0:
62:d9:2d:fd:eb:a6:a8:9c:ea:6c:41:f8:4a:b8:07:98:bf:1e:
1e:bd:4e:1d:86:6f:55:70:73:77:27:52:0d:41:1a:8c:a3:e2:
1d:c6:97:83:62:12:36:05:79:ad:8c:cf:51:9d:4a:73:8f:a4:
c8:55:0a:c1:1a:97:d5:72:f2:75:6e:ae:0c:78:77:d5:6b:62:
55:6d:d7:e5:0b:c6:0c:a7:c4:c7:c4:c9:01:54:61:ee:2f:94:
ed:b0:be:fb:28:a6:1a:49:ea:5c:f0:cc:ff:b2:3e:aa:98:a2:
91:f4:4c:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT+eNdQyjSaba/cJd8AZ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhlMDMzZGViNjRhYzQyNDNjNzJjZTg5OWQ1MzgyMmRm
Njk5NmQwHhcNMjUxMTA0MTAwMDUwWhcNMjUxMTA1MTAwMDUwWjAzMTEwLwYDVQQD
EygyNDg5MmZjYzNjN2UxMGRhYzY2YzZhOGQyZDEzM2IwZDU0MmNiMDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaPmQ2EKTC3QTkkxmq9aJ3xYnaF+
LlfEKXo5UEdZnvSSSq5uhONb7asf6+G46EN2pOaqvPWgjIMOHGP2au8Gh6FR3/rW
hLnWD9rgTin5ny4qt2PLOHchozEZwdIc9so9GAS0xwio25lGWR7uQuxf/MdqCEe1
nEpXtQF6PnDQCW/ukXjmdOoXsugjQIgw/D2TDSYWBq0mPi0re3BY8TPR1yuY6+mG
ANrDc0cVzxdl0teILkt+QEt2Jf0+5jYCQ6yXCricmR6Eqv//FHj10F62ogPpr0WJ
VM7l45n1KO3+PbYfLPUz9jG/TIKm5tEYD7ngOyV6MaOoKdaOSzXwWmARgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCSJL8w8fhDaxmxqjS0TOw1ULLA6MB8GA1UdIwQY
MBaAFDpI4DPetkrEJDxyzomdU4It9pltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEt
YzUzMjFkYzllNjRiLzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEtYzUzMjFkYzllNjRi
LzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVkbx2WZZ
zC+k5oV1X6U5eMKrAI1PRpejwWuwGBnh+8+AdXUkkexcjqJw8L3GKFWLoNoFZTrZ
KxNKmL/G7TAG/5RfAHGMIDQzDAvh0qDO+xs7pbP/Oj4GicxTy7y4oTxkTKr+BsnE
Ci1V7nsb4Luar/og1qE1YnAHin7TZjgyBhUUL8rmRqJEONb7rPajJlfwYtkt/eum
qJzqbEH4SrgHmL8eHr1OHYZvVXBzdydSDUEajKPiHcaXg2ISNgV5rYzPUZ1Kc4+k
yFUKwRqX1XLydW6uDHh31WtiVW3X5QvGDKfEx8TJAVRh7i+U7bC++yimGknqXPDM
/7I+qpiikfRMfA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:23:21 2025 by rpki-client