Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
File: OKN8JN3KNH1xPteU0zzUqBqLSYo.mft (raw, json)
Hash identifier: x0d6zZXhSGO6ZB8jxzQUG2Gta9b+KJ8tj+UwqM6kQHc=
Subject key identifier: 5C:BD:D4:9D:8E:3F:BA:D7:FF:E2:A7:9E:2D:14:17:0E:3B:67:F5:74
Authority key identifier: 38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A
Certificate issuer: /CN=38a37c24ddca347d713ed794d33cd4a81a8b498a
Certificate serial: 019A4FCFE336B9801C08B6A035D7202E7356
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
Manifest number: 16B9
Signing time: Tue 04 Nov 2025 17:00:15 +0000
Manifest this update: Tue 04 Nov 2025 17:00:15 +0000
Manifest next update: Wed 05 Nov 2025 17:00:15 +0000
Files and hashes: 1: KBxZJWrk1-bZEdk3S7yVEPMKVtM.roa (hash: BpbYbbHeyy+1nQHRcRldIZ4LwMax+kHyBfVOH0ykZeU=)
2: OKN8JN3KNH1xPteU0zzUqBqLSYo.crl (hash: gSd6J1tvc2pcRkeALtjj5lgRFy6SnDP7DbhHSdtE53o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 17:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:cf:e3:36:b9:80:1c:08:b6:a0:35:d7:20:2e:73:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a37c24ddca347d713ed794d33cd4a81a8b498a
Validity
Not Before: Nov 4 17:00:15 2025 GMT
Not After : Nov 5 17:00:15 2025 GMT
Subject: CN=5cbdd49d8e3fbad7ffe2a79e2d14170e3b67f574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6f:f5:27:23:84:ec:81:c1:54:72:e0:39:e0:
9a:7e:a9:9e:0f:1b:b2:c7:22:df:86:77:b9:41:22:
6c:30:9b:b6:73:cd:37:04:f5:2d:0f:4c:1a:09:fe:
9b:a4:00:f9:e8:bf:cd:36:2b:4a:2d:86:96:9f:bb:
9c:92:01:b6:10:1b:5f:ad:55:23:fc:1a:23:8f:26:
13:2e:d9:81:df:d3:c3:f0:7d:a6:6f:a5:e5:df:b0:
f3:75:b7:41:e4:bf:fe:b1:af:57:88:a9:73:f4:f6:
ba:d3:56:68:68:80:dc:c0:75:c4:4f:e9:ba:2f:6d:
6e:65:61:19:7c:08:9a:8e:92:00:0e:54:25:d8:33:
2c:63:00:4a:46:8c:25:39:89:87:94:3f:85:66:df:
51:17:4e:74:7d:dc:6c:6c:1c:41:47:f1:1d:7f:9c:
3e:a9:5c:d7:c4:a5:c4:ab:28:3f:55:a1:3b:74:e6:
71:e0:86:d6:f3:57:e1:4a:ba:11:50:d3:e4:40:68:
bd:e2:1a:01:cf:19:04:a3:65:ec:86:4d:d7:5d:3e:
0e:bd:48:c8:0e:48:70:44:64:3d:47:13:76:b9:56:
11:91:56:9d:1c:dd:74:4e:8b:7d:2d:21:78:3b:e8:
7e:7a:2d:63:1c:70:f9:99:ff:e0:8e:98:ae:da:30:
2f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:BD:D4:9D:8E:3F:BA:D7:FF:E2:A7:9E:2D:14:17:0E:3B:67:F5:74
X509v3 Authority Key Identifier:
keyid:38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:bc:05:6c:94:b5:fc:60:46:a4:9c:28:c4:9e:8b:cc:c6:eb:
83:92:2a:72:41:23:4e:cb:01:00:bd:25:f9:22:5b:cf:b8:c6:
82:5c:ea:05:ea:fa:cf:c7:08:b6:86:93:29:7a:f2:03:89:34:
ba:ca:43:53:b9:02:d4:fe:b8:a5:e6:91:4b:ab:f5:60:0b:38:
9e:6f:a9:5a:e3:00:c4:d4:4c:ef:61:e8:d3:76:57:bb:93:c7:
10:17:9c:ea:f2:e1:22:d5:05:1b:11:24:71:08:de:ea:c0:17:
96:33:dc:e2:70:30:90:d9:34:48:69:8d:c1:ab:ce:97:a5:3b:
33:c4:48:6e:d6:40:1b:33:15:58:e2:4e:3f:5b:5e:8a:fa:a8:
53:46:04:a5:a3:1f:a3:5b:7c:5f:5a:5f:98:20:93:ea:07:41:
e9:b9:48:55:7e:24:c3:57:9a:74:80:17:d9:ea:bc:2c:af:70:
92:18:47:b1:94:6d:19:98:9f:e9:40:00:41:5d:09:f6:49:c3:
13:f5:a1:b9:db:fd:a8:e3:ee:8c:c9:71:39:c9:60:f1:ab:a2:
0f:00:9e:ec:ad:30:a1:33:cc:74:19:e3:1c:71:43:64:c2:88:
27:07:3c:62:86:a9:d7:64:a0:d5:ca:b2:8b:77:12:61:1c:f1:
24:10:49:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPz+M2uYAcCLagNdcgLnNWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTM3YzI0ZGRjYTM0N2Q3MTNlZDc5NGQzM2NkNGE4MWE4
YjQ5OGEwHhcNMjUxMTA0MTcwMDE1WhcNMjUxMTA1MTcwMDE1WjAzMTEwLwYDVQQD
Eyg1Y2JkZDQ5ZDhlM2ZiYWQ3ZmZlMmE3OWUyZDE0MTcwZTNiNjdmNTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvm/1JyOE7IHBVHLgOeCafqmeDxuy
xyLfhne5QSJsMJu2c803BPUtD0waCf6bpAD56L/NNitKLYaWn7uckgG2EBtfrVUj
/BojjyYTLtmB39PD8H2mb6Xl37DzdbdB5L/+sa9XiKlz9Pa601ZoaIDcwHXET+m6
L21uZWEZfAiajpIADlQl2DMsYwBKRowlOYmHlD+FZt9RF050fdxsbBxBR/Edf5w+
qVzXxKXEqyg/VaE7dOZx4IbW81fhSroRUNPkQGi94hoBzxkEo2Xshk3XXT4OvUjI
DkhwRGQ9RxN2uVYRkVadHN10Tot9LSF4O+h+ei1jHHD5mf/gjpiu2jAvOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFy91J2OP7rX/+Knni0UFw47Z/V0MB8GA1UdIwQY
MBaAFDijfCTdyjR9cT7XlNM81Kgai0mKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZTMzYzMtZDE5Ny00NWYyLTgyOGUt
NDRhNDlkMjYzNzAwLzEvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZTMzYzMtZDE5Ny00NWYyLTgyOGUtNDRhNDlkMjYzNzAw
LzEvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWLwFbJS1
/GBGpJwoxJ6LzMbrg5IqckEjTssBAL0l+SJbz7jGglzqBer6z8cItoaTKXryA4k0
uspDU7kC1P64peaRS6v1YAs4nm+pWuMAxNRM72Ho03ZXu5PHEBec6vLhItUFGxEk
cQje6sAXljPc4nAwkNk0SGmNwavOl6U7M8RIbtZAGzMVWOJOP1teivqoU0YEpaMf
o1t8X1pfmCCT6gdB6blIVX4kw1eadIAX2eq8LK9wkhhHsZRtGZif6UAAQV0J9knD
E/Whudv9qOPujMlxOclg8auiDwCe7K0woTPMdBnjHHFDZMKIJwc8Yoap12Sg1cqy
i3cSYRzxJBBJ3Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:59:46 2025 by rpki-client