Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
File: okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft (raw, json)
Hash identifier: 6xHMPdA6g5EiQYsz9iyr01s6H764dEnOR7ljNhVtS3w=
Subject key identifier: 45:6E:E7:13:E1:D1:35:A2:27:4C:1D:51:1C:B0:7A:80:B2:74:50:87
Authority key identifier: A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
Certificate issuer: /CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Certificate serial: 019896A53A9AAA3B6914E6D0CE0E9C195A36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
Manifest number: DF
Signing time: Mon 11 Aug 2025 01:01:07 +0000
Manifest this update: Mon 11 Aug 2025 01:01:07 +0000
Manifest next update: Tue 12 Aug 2025 01:01:07 +0000
Files and hashes: 1: dV2LrBjIlql28uwMDcJVQI6s6A8.roa (hash: F8uj/t68nQ3cbE2EUpzLNyfLklCyKLVmpdDgkWw1Qw4=)
2: okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl (hash: Lp/PfPYWFUOOspiIAProSXUkUHEOXDEqik10PtcpWRo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 01:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:96:a5:3a:9a:aa:3b:69:14:e6:d0:ce:0e:9c:19:5a:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Validity
Not Before: Aug 11 01:01:07 2025 GMT
Not After : Aug 12 01:01:07 2025 GMT
Subject: CN=456ee713e1d135a2274c1d511cb07a80b2745087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:18:ae:7d:00:3a:d2:d5:a7:15:42:f8:0a:77:
0b:d9:13:2d:80:ee:94:f3:a5:ef:eb:4c:55:f8:ea:
b6:06:48:00:fa:58:48:7f:1a:22:fd:bf:1d:69:87:
e0:e0:a9:b4:82:cb:9d:46:56:28:15:ff:fd:87:a6:
2a:cb:7b:52:fa:65:d1:10:a1:8a:32:27:7f:9a:69:
59:49:cc:6d:90:20:61:44:59:0f:50:d6:cb:6c:54:
c3:64:e5:3a:51:6a:01:4e:b4:63:c0:1f:2e:25:83:
d9:8c:74:97:87:2d:ee:aa:e6:2a:75:e8:e5:cf:fb:
e1:4d:2a:83:e9:8e:27:32:cc:f1:52:f6:3a:47:ed:
3e:81:c6:08:b8:52:2e:e5:a3:0e:06:20:63:ab:19:
eb:67:a3:d2:0c:ab:6d:1e:a3:56:99:93:6e:a4:5c:
55:c5:b9:f0:b7:f2:84:ba:cb:54:9d:56:cd:fa:0a:
0b:99:cc:a4:c5:9e:ea:f2:08:c3:39:e4:b3:1b:53:
64:80:75:b1:4a:52:c4:59:45:21:c2:77:00:46:90:
51:37:e5:91:c5:27:19:84:9d:3b:52:11:21:0d:7e:
75:87:c2:ac:19:ed:04:81:fc:88:a9:18:43:d9:c4:
56:a7:e8:73:f4:43:59:ee:13:72:0e:13:d5:92:5f:
31:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:6E:E7:13:E1:D1:35:A2:27:4C:1D:51:1C:B0:7A:80:B2:74:50:87
X509v3 Authority Key Identifier:
keyid:A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:f4:38:53:c3:3e:0a:e7:f2:53:f5:f3:e5:3b:46:bf:c3:fe:
9d:f2:ae:bc:25:a3:0b:c0:a1:f1:68:f9:d2:c0:32:08:16:de:
cb:02:58:5c:d6:8c:9b:50:6b:ec:cf:a6:75:75:7f:4f:8b:03:
ef:60:2a:6b:b3:39:91:e5:38:fb:75:db:da:48:4f:6f:a1:f6:
04:12:d6:45:99:b2:a1:45:27:30:fa:d9:36:64:20:ee:bd:3a:
a4:9b:d5:f5:73:08:be:a1:f3:e4:e5:c9:7f:0d:33:1e:63:40:
71:9f:66:04:3e:68:0c:eb:ab:78:86:ec:7c:cc:6a:39:53:ac:
d3:54:fa:7e:11:40:59:1d:35:07:6b:4e:27:4f:93:13:1f:da:
5b:38:3e:ea:13:43:b2:84:f7:92:ef:9b:4f:35:4d:f3:ac:fd:
4c:22:31:4c:3f:32:a0:a3:9d:75:83:77:bb:a2:72:f5:64:c0:
e3:ed:66:28:89:56:f5:dc:a6:37:dd:af:5d:67:b4:94:f6:ca:
41:a2:ed:ea:bf:5e:50:2f:0c:bc:f6:4f:0e:a4:e6:ca:ad:6f:
96:e2:c3:83:02:39:9a:ff:c3:12:e7:45:6e:7a:71:f7:2c:e1:
ba:49:de:10:18:d7:8f:20:59:5d:b2:19:31:cb:f3:33:ed:5e:
07:85:69:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpTqaqjtpFObQzg6cGVo2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNDM1N2JlMTk1ODc5NmIxMmM0MmI0ZjRjYWM1MWI4M2Rl
OGZkMmIwHhcNMjUwODExMDEwMTA3WhcNMjUwODEyMDEwMTA3WjAzMTEwLwYDVQQD
Eyg0NTZlZTcxM2UxZDEzNWEyMjc0YzFkNTExY2IwN2E4MGIyNzQ1MDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBiufQA60tWnFUL4CncL2RMtgO6U
86Xv60xV+Oq2BkgA+lhIfxoi/b8daYfg4Km0gsudRlYoFf/9h6Yqy3tS+mXREKGK
Mid/mmlZScxtkCBhRFkPUNbLbFTDZOU6UWoBTrRjwB8uJYPZjHSXhy3uquYqdejl
z/vhTSqD6Y4nMszxUvY6R+0+gcYIuFIu5aMOBiBjqxnrZ6PSDKttHqNWmZNupFxV
xbnwt/KEustUnVbN+goLmcykxZ7q8gjDOeSzG1NkgHWxSlLEWUUhwncARpBRN+WR
xScZhJ07UhEhDX51h8KsGe0EgfyIqRhD2cRWp+hz9ENZ7hNyDhPVkl8xlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEVu5xPh0TWiJ0wdURyweoCydFCHMB8GA1UdIwQY
MBaAFKJDV74ZWHlrEsQrT0ysUbg96P0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMt
M2YzY2MxZTU3M2ZkLzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMtM2YzY2MxZTU3M2Zk
LzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnvQ4U8M+
CufyU/Xz5TtGv8P+nfKuvCWjC8Ch8Wj50sAyCBbeywJYXNaMm1Br7M+mdXV/T4sD
72Aqa7M5keU4+3Xb2khPb6H2BBLWRZmyoUUnMPrZNmQg7r06pJvV9XMIvqHz5OXJ
fw0zHmNAcZ9mBD5oDOureIbsfMxqOVOs01T6fhFAWR01B2tOJ0+TEx/aWzg+6hND
soT3ku+bTzVN86z9TCIxTD8yoKOddYN3u6Jy9WTA4+1mKIlW9dymN92vXWe0lPbK
QaLt6r9eUC8MvPZPDqTmyq1vluLDgwI5mv/DEudFbnpx9yzhukneEBjXjyBZXbIZ
McvzM+1eB4VpYw==
-----END CERTIFICATE-----
Generated at Mon Aug 11 07:23:38 2025 by rpki-client