Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
File: okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft (raw, json)
Hash identifier: q1S9mM6lU/LEeJQrf0b+hMbXMyJuBAcJAnJCWoFenKE=
Subject key identifier: A4:E3:6C:D5:DC:A8:53:04:BA:7B:E3:13:68:54:8A:58:01:E4:61:4B
Authority key identifier: A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
Certificate issuer: /CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Certificate serial: 019A54C09806CCF41FA2E6256DD6115302D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
Manifest number: 01C6
Signing time: Wed 05 Nov 2025 16:01:39 +0000
Manifest this update: Wed 05 Nov 2025 16:01:39 +0000
Manifest next update: Thu 06 Nov 2025 16:01:39 +0000
Files and hashes: 1: dV2LrBjIlql28uwMDcJVQI6s6A8.roa (hash: F8uj/t68nQ3cbE2EUpzLNyfLklCyKLVmpdDgkWw1Qw4=)
2: okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl (hash: 6BeKfnML6NC1VJ3TJ0Vpk+U/YQNSPGcWIg3g5H4fCcg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 16:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:c0:98:06:cc:f4:1f:a2:e6:25:6d:d6:11:53:02:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Validity
Not Before: Nov 5 16:01:39 2025 GMT
Not After : Nov 6 16:01:39 2025 GMT
Subject: CN=a4e36cd5dca85304ba7be31368548a5801e4614b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9b:b6:6d:66:85:89:ba:59:cf:e0:63:a2:3c:
79:b6:02:34:a9:2e:12:b0:8f:1d:32:ba:ae:d1:29:
18:97:c0:7b:f1:48:6f:e1:0b:de:8c:2b:b5:28:0e:
d0:f7:a3:39:3d:1a:78:64:cd:ed:cf:3c:52:3d:9b:
87:24:e3:b7:8e:8a:fe:45:b3:c6:70:d5:7f:8c:5e:
11:5d:eb:c6:bb:09:e1:52:9a:ee:e6:a7:24:f2:55:
2d:ab:5c:07:ee:eb:ec:82:ed:1e:7a:1f:6f:5b:89:
3e:a2:c7:4d:e4:e4:33:d2:d8:75:ee:30:ae:28:fb:
16:69:f3:9d:22:7c:dc:66:4f:e4:e5:10:3c:db:bb:
5c:5f:0c:aa:86:6c:12:12:da:11:05:13:c0:1e:eb:
be:f9:1c:bb:02:15:80:a2:ef:4e:46:06:9b:04:eb:
f9:ed:c6:e6:20:39:d4:d8:f5:95:0a:8a:a0:21:db:
c9:dd:97:a2:ba:99:69:b8:de:e5:29:42:ac:32:88:
63:1c:1d:25:74:62:53:89:2c:f9:24:b0:ac:61:96:
13:5e:11:bf:a1:b2:a1:5f:c3:27:c2:5b:a5:db:65:
88:c6:70:4b:3c:86:64:35:ee:f5:b4:21:fc:26:49:
d6:50:cd:ab:fb:5b:9b:85:38:8b:d2:51:ca:af:90:
02:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E3:6C:D5:DC:A8:53:04:BA:7B:E3:13:68:54:8A:58:01:E4:61:4B
X509v3 Authority Key Identifier:
keyid:A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:bb:b0:1d:dc:71:3e:88:e5:06:6c:fa:a9:2e:79:59:7f:4e:
fa:8c:9b:7b:b0:18:58:24:72:e4:47:96:40:46:f4:b4:90:5d:
54:65:ac:f4:8b:84:f1:f9:2f:73:10:42:3c:5b:b8:81:6f:4c:
64:88:d4:ae:a1:b9:cc:13:6e:15:85:18:ed:ea:5d:cd:2b:71:
10:ff:b9:fc:49:fb:fe:3a:bf:ae:6b:dc:59:11:b4:ff:55:ab:
ab:b6:d7:f1:ac:0c:15:08:8e:33:ac:57:c7:ce:5e:1b:7a:fc:
3e:31:f3:78:fd:ff:a9:58:51:94:4f:dd:78:92:be:a7:7b:18:
11:83:50:59:31:5d:bc:85:0c:50:d3:d1:48:43:78:d0:e2:5e:
35:2c:c1:60:7c:85:32:f4:47:55:38:5f:60:c8:ad:80:84:a7:
49:74:3f:f1:38:33:0a:24:93:f6:70:f3:92:92:2a:ac:e6:7f:
02:94:a3:fc:0b:d6:5a:03:7d:f7:9b:64:fd:63:30:cc:73:2f:
32:12:f4:e2:09:26:75:58:0e:07:70:b1:da:2d:37:ce:21:71:
65:b1:9b:1e:af:ee:0c:c9:ae:bf:e3:a2:00:32:47:d1:f2:c6:
e8:cc:c8:b7:c1:f8:23:2f:64:0b:88:bf:1c:ad:d0:18:33:17:
dc:f1:2a:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUwJgGzPQfouYlbdYRUwLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNDM1N2JlMTk1ODc5NmIxMmM0MmI0ZjRjYWM1MWI4M2Rl
OGZkMmIwHhcNMjUxMTA1MTYwMTM5WhcNMjUxMTA2MTYwMTM5WjAzMTEwLwYDVQQD
EyhhNGUzNmNkNWRjYTg1MzA0YmE3YmUzMTM2ODU0OGE1ODAxZTQ2MTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5u2bWaFibpZz+Bjojx5tgI0qS4S
sI8dMrqu0SkYl8B78Uhv4QvejCu1KA7Q96M5PRp4ZM3tzzxSPZuHJOO3jor+RbPG
cNV/jF4RXevGuwnhUpru5qck8lUtq1wH7uvsgu0eeh9vW4k+osdN5OQz0th17jCu
KPsWafOdInzcZk/k5RA827tcXwyqhmwSEtoRBRPAHuu++Ry7AhWAou9ORgabBOv5
7cbmIDnU2PWVCoqgIdvJ3ZeiuplpuN7lKUKsMohjHB0ldGJTiSz5JLCsYZYTXhG/
obKhX8Mnwlul22WIxnBLPIZkNe71tCH8JknWUM2r+1ubhTiL0lHKr5ACNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKTjbNXcqFMEunvjE2hUilgB5GFLMB8GA1UdIwQY
MBaAFKJDV74ZWHlrEsQrT0ysUbg96P0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMt
M2YzY2MxZTU3M2ZkLzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMtM2YzY2MxZTU3M2Zk
LzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWruwHdxx
PojlBmz6qS55WX9O+oybe7AYWCRy5EeWQEb0tJBdVGWs9IuE8fkvcxBCPFu4gW9M
ZIjUrqG5zBNuFYUY7epdzStxEP+5/En7/jq/rmvcWRG0/1Wrq7bX8awMFQiOM6xX
x85eG3r8PjHzeP3/qVhRlE/deJK+p3sYEYNQWTFdvIUMUNPRSEN40OJeNSzBYHyF
MvRHVThfYMitgISnSXQ/8TgzCiST9nDzkpIqrOZ/ApSj/AvWWgN995tk/WMwzHMv
MhL04gkmdVgOB3Cx2i03ziFxZbGbHq/uDMmuv+OiADJH0fLG6MzIt8H4Iy9kC4i/
HK3QGDMX3PEqMw==
-----END CERTIFICATE-----
Generated at Thu Nov 6 01:51:42 2025 by rpki-client