Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
File: OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft (raw, json)
Hash identifier: nss/2tLYN6hTA38J3tsyIHkhb2F+qxfd6xFo15LYxCw=
Subject key identifier: B2:C3:98:AA:20:2F:48:F8:64:1C:D2:94:30:78:68:39:A7:F6:81:1C
Authority key identifier: 3A:40:FF:15:4C:45:39:43:A0:B0:2A:A6:50:21:C9:C2:64:94:7C:2B
Certificate issuer: /CN=3a40ff154c453943a0b02aa65021c9c264947c2b
Certificate serial: 019A4D7423DE2C797C097A460D144E7DD388
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
Manifest number: 0DF2
Signing time: Tue 04 Nov 2025 06:00:48 +0000
Manifest this update: Tue 04 Nov 2025 06:00:48 +0000
Manifest next update: Wed 05 Nov 2025 06:00:48 +0000
Files and hashes: 1: 0wAgKVyytNbhNR-_RR1IsIpFFy0.roa (hash: hGr01I8nbqs/LJEbN09Cfzd/lbJVo6JwWOtLmEfD1wA=)
2: OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl (hash: +IvXxi0jpgCHNIuuzjrP3Utg0nmaV8+Mv9RPFloGPWI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:74:23:de:2c:79:7c:09:7a:46:0d:14:4e:7d:d3:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a40ff154c453943a0b02aa65021c9c264947c2b
Validity
Not Before: Nov 4 06:00:48 2025 GMT
Not After : Nov 5 06:00:48 2025 GMT
Subject: CN=b2c398aa202f48f8641cd29430786839a7f6811c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d3:c6:cd:fd:03:68:04:ec:e8:92:f2:f4:5e:
c7:89:7a:b7:19:bc:ff:23:d3:45:ff:cc:b7:62:00:
b1:8f:11:9f:56:66:b4:18:43:e1:71:9c:50:de:66:
bf:9d:5c:98:02:6a:fb:4a:d2:71:5b:28:86:5b:04:
71:98:64:7e:5c:28:ae:c0:86:37:db:ff:1f:15:f4:
7a:61:0d:d5:f3:db:43:71:eb:98:43:bf:10:30:a1:
f1:ab:72:0a:8a:3b:fb:b1:fc:ca:da:5c:7f:86:7a:
0d:09:a2:28:a6:d7:28:4b:15:b6:08:d4:0a:3b:82:
23:90:c5:fa:7a:84:02:c4:3d:06:95:ec:1f:a1:e9:
c1:97:b2:bc:8d:8c:32:87:a3:ac:0d:66:42:8c:4d:
f6:c7:53:2e:eb:17:00:51:45:e9:3c:0a:d3:60:4d:
1b:c0:6d:04:ab:75:95:76:51:51:01:05:54:93:62:
99:93:a9:c9:4e:85:43:9e:d9:94:85:4b:b0:07:60:
a2:2f:b3:62:a5:7c:02:7f:ff:27:aa:a6:fb:55:17:
9a:89:d0:fa:88:44:b8:11:c7:43:c9:c0:3f:59:b3:
24:a4:1c:68:e0:6d:e5:b7:d8:bb:86:3c:5c:b6:a1:
b7:72:d9:ab:07:5e:9e:78:fc:ac:10:75:96:6c:0e:
8d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:C3:98:AA:20:2F:48:F8:64:1C:D2:94:30:78:68:39:A7:F6:81:1C
X509v3 Authority Key Identifier:
keyid:3A:40:FF:15:4C:45:39:43:A0:B0:2A:A6:50:21:C9:C2:64:94:7C:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:68:f5:ce:63:55:c1:e4:b1:7e:f5:35:83:db:3b:b3:98:bc:
29:77:3d:b3:29:5f:2e:36:ef:69:76:5b:9c:34:80:90:77:ba:
ce:0c:af:79:8e:20:ba:fd:f2:ff:67:8d:58:c8:b1:fa:72:d1:
d4:a1:77:4b:5c:a2:d1:34:08:a0:3b:74:cb:19:a4:28:5b:d9:
31:ba:ba:17:fe:13:c7:d9:06:f0:c7:88:1e:52:df:26:f6:85:
74:de:28:1e:14:eb:81:52:71:8f:32:58:ea:49:8b:99:09:1e:
46:42:ab:06:30:13:bc:36:b5:4f:41:ca:44:0b:a4:af:48:ba:
0f:20:c9:5a:3b:55:78:e0:b8:77:bf:92:a9:4d:ac:29:54:21:
b1:79:17:6e:fd:09:90:99:8d:0c:8c:cc:83:f3:52:3a:18:4d:
3a:cf:c9:55:dd:2c:c2:67:af:3b:3c:d1:33:be:d5:5b:e7:ad:
25:40:7c:a8:cb:04:d6:02:94:d5:4e:46:13:25:ec:f2:2e:41:
1c:c2:bb:46:6c:ff:2c:83:d4:62:c7:a2:b1:78:a2:37:dd:56:
a3:17:e9:18:f9:ae:2b:a9:fa:08:46:90:b7:0d:df:b9:ec:7c:
49:1d:69:5a:68:b2:be:43:e1:c6:49:dc:c0:fc:aa:e1:43:79:
34:2a:ce:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdCPeLHl8CXpGDRROfdOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDBmZjE1NGM0NTM5NDNhMGIwMmFhNjUwMjFjOWMyNjQ5
NDdjMmIwHhcNMjUxMTA0MDYwMDQ4WhcNMjUxMTA1MDYwMDQ4WjAzMTEwLwYDVQQD
EyhiMmMzOThhYTIwMmY0OGY4NjQxY2QyOTQzMDc4NjgzOWE3ZjY4MTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptPGzf0DaATs6JLy9F7HiXq3Gbz/
I9NF/8y3YgCxjxGfVma0GEPhcZxQ3ma/nVyYAmr7StJxWyiGWwRxmGR+XCiuwIY3
2/8fFfR6YQ3V89tDceuYQ78QMKHxq3IKijv7sfzK2lx/hnoNCaIoptcoSxW2CNQK
O4IjkMX6eoQCxD0GlewfoenBl7K8jYwyh6OsDWZCjE32x1Mu6xcAUUXpPArTYE0b
wG0Eq3WVdlFRAQVUk2KZk6nJToVDntmUhUuwB2CiL7NipXwCf/8nqqb7VReaidD6
iES4EcdDycA/WbMkpBxo4G3lt9i7hjxctqG3ctmrB16eePysEHWWbA6N0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLLDmKogL0j4ZBzSlDB4aDmn9oEcMB8GA1UdIwQY
MBaAFDpA/xVMRTlDoLAqplAhycJklHwrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80ZWZjYWUtYWZjOS00MjJiLWFhZGQt
ODJiYjBiYjExZTNlLzEvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi80ZWZjYWUtYWZjOS00MjJiLWFhZGQtODJiYjBiYjExZTNl
LzEvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI2j1zmNV
weSxfvU1g9s7s5i8KXc9sylfLjbvaXZbnDSAkHe6zgyveY4guv3y/2eNWMix+nLR
1KF3S1yi0TQIoDt0yxmkKFvZMbq6F/4Tx9kG8MeIHlLfJvaFdN4oHhTrgVJxjzJY
6kmLmQkeRkKrBjATvDa1T0HKRAukr0i6DyDJWjtVeOC4d7+SqU2sKVQhsXkXbv0J
kJmNDIzMg/NSOhhNOs/JVd0swmevOzzRM77VW+etJUB8qMsE1gKU1U5GEyXs8i5B
HMK7Rmz/LIPUYseisXiiN91WoxfpGPmuK6n6CEaQtw3fuex8SR1pWmiyvkPhxknc
wPyq4UN5NCrOoQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:41:56 2025 by rpki-client