Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
File: Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft (raw, json)
Hash identifier: Zr7oSSzb1UdE7oDX4jrHOBYrOC7CPhHRbTgj7oPKIw4=
Subject key identifier: AF:40:73:6B:CD:55:97:22:5C:4E:19:15:F8:5A:B4:2C:50:9D:D7:5C
Authority key identifier: 3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20
Certificate issuer: /CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20
Certificate serial: 019848F71DE04DDB21E41C005BD033477F70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
Manifest number: 0747
Signing time: Sat 26 Jul 2025 23:00:11 +0000
Manifest this update: Sat 26 Jul 2025 23:00:11 +0000
Manifest next update: Sun 27 Jul 2025 23:00:11 +0000
Files and hashes: 1: M82sfYNUsyqK13nZZfstvwDd7Fs.roa (hash: Pwd9phO+f2VaYBcGPbgT8icjGcqdGdD4Q6fe+fixav0=)
2: Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl (hash: hAP9aYhZGvxwGSePnlzvQtxKVWemjYB0TMpsa8zthPo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:48:f7:1d:e0:4d:db:21:e4:1c:00:5b:d0:33:47:7f:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20
Validity
Not Before: Jul 26 23:00:11 2025 GMT
Not After : Jul 27 23:00:11 2025 GMT
Subject: CN=af40736bcd5597225c4e1915f85ab42c509dd75c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:20:40:3e:fc:40:d7:9c:76:93:5e:de:86:c6:
b6:2f:6e:49:16:c3:10:9d:42:17:57:bf:4b:35:dd:
96:9f:6c:56:e2:7b:b0:41:bb:89:29:c6:eb:72:b5:
9b:03:fc:86:24:c5:18:ae:11:8a:8a:64:1a:cb:54:
af:de:39:30:e5:3e:c4:67:30:62:49:27:5d:05:c7:
05:9b:0a:87:4a:63:95:c6:68:c6:3b:14:73:7e:11:
86:43:d6:3f:97:27:7d:0c:cf:f4:bd:a1:70:81:ad:
07:3c:80:9d:0a:76:53:07:0c:06:51:27:78:90:a5:
14:e5:56:f7:67:7a:c4:b1:af:bb:44:92:71:64:fd:
d7:4a:9b:b2:57:01:98:a2:3c:77:13:2b:c0:ac:ac:
a0:79:19:af:b5:73:0f:bf:09:61:c7:d1:7f:aa:1e:
4f:94:cc:10:84:98:1d:8e:32:73:cd:4c:94:0d:52:
6a:e0:8d:f3:19:ff:0c:21:b5:ca:cf:a0:80:73:0d:
a0:7b:d9:f8:67:91:8b:54:bc:56:b7:8b:d5:70:ab:
91:4f:aa:96:ac:54:62:75:d9:90:ad:b7:11:ab:1b:
43:92:4e:b9:a3:20:e7:b3:4a:de:a7:17:2d:9d:b3:
6e:a2:11:93:cb:da:6a:9e:db:4a:9a:cd:a4:6e:4e:
59:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:40:73:6B:CD:55:97:22:5C:4E:19:15:F8:5A:B4:2C:50:9D:D7:5C
X509v3 Authority Key Identifier:
keyid:3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:35:9c:6d:b6:29:42:a5:f5:c8:c4:84:de:51:86:4c:61:a2:
d8:57:a7:23:d5:8f:42:62:42:c8:d7:57:a8:4f:27:97:72:b6:
0c:32:8b:80:53:a5:79:ab:1f:c6:19:e8:01:04:a6:65:6d:3d:
b1:b7:9a:8c:88:37:65:57:e2:19:f8:28:1b:9d:aa:73:1d:b3:
2e:90:6d:a1:b4:c2:2b:1d:98:23:02:a5:86:44:d2:9d:9c:b3:
07:a0:0f:02:28:e7:23:c5:df:46:13:51:cb:ba:16:f7:c8:50:
d6:a1:31:cf:0f:5e:82:e5:4c:7d:1b:28:2b:ed:c9:85:9c:1a:
e6:b9:85:f9:7c:5f:49:90:0e:58:5f:66:78:a5:ac:75:13:fc:
d1:96:11:ea:5e:1d:9c:da:36:fa:8f:fb:58:88:4a:c6:d9:ae:
61:59:a6:ba:bb:3b:55:37:f5:42:ec:03:91:82:b4:04:a1:21:
bc:51:4e:63:15:f5:f3:0d:83:ca:71:c3:c8:03:b9:b1:f5:fe:
b6:2f:8b:b1:57:7e:08:d6:35:0b:28:4a:26:42:22:0f:5f:de:
45:34:7e:d0:f9:5b:1e:8f:32:a5:1e:5d:7b:65:c3:66:8d:e5:
e8:8c:73:c4:84:47:ac:c7:91:b5:05:b2:13:a9:94:0b:91:72:
2a:0b:ef:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhI9x3gTdsh5BwAW9AzR39wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMTkzNWIzY2JjMjUyN2VhZjE2N2Q2OWIyMDc4ZDMzZTRj
NGRhMjAwHhcNMjUwNzI2MjMwMDExWhcNMjUwNzI3MjMwMDExWjAzMTEwLwYDVQQD
EyhhZjQwNzM2YmNkNTU5NzIyNWM0ZTE5MTVmODVhYjQyYzUwOWRkNzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3SBAPvxA15x2k17ehsa2L25JFsMQ
nUIXV79LNd2Wn2xW4nuwQbuJKcbrcrWbA/yGJMUYrhGKimQay1Sv3jkw5T7EZzBi
SSddBccFmwqHSmOVxmjGOxRzfhGGQ9Y/lyd9DM/0vaFwga0HPICdCnZTBwwGUSd4
kKUU5Vb3Z3rEsa+7RJJxZP3XSpuyVwGYojx3EyvArKygeRmvtXMPvwlhx9F/qh5P
lMwQhJgdjjJzzUyUDVJq4I3zGf8MIbXKz6CAcw2ge9n4Z5GLVLxWt4vVcKuRT6qW
rFRiddmQrbcRqxtDkk65oyDns0repxctnbNuohGTy9pqnttKms2kbk5ZrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK9Ac2vNVZciXE4ZFfhatCxQnddcMB8GA1UdIwQY
MBaAFDoZNbPLwlJ+rxZ9abIHjTPkxNogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYt
YWJmODM3YWNlOGU0LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYtYWJmODM3YWNlOGU0
LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHjWcbbYp
QqX1yMSE3lGGTGGi2FenI9WPQmJCyNdXqE8nl3K2DDKLgFOleasfxhnoAQSmZW09
sbeajIg3ZVfiGfgoG52qcx2zLpBtobTCKx2YIwKlhkTSnZyzB6APAijnI8XfRhNR
y7oW98hQ1qExzw9eguVMfRsoK+3JhZwa5rmF+XxfSZAOWF9meKWsdRP80ZYR6l4d
nNo2+o/7WIhKxtmuYVmmurs7VTf1QuwDkYK0BKEhvFFOYxX18w2DynHDyAO5sfX+
ti+LsVd+CNY1CyhKJkIiD1/eRTR+0PlbHo8ypR5de2XDZo3l6IxzxIRHrMeRtQWy
E6mUC5FyKgvv1A==
-----END CERTIFICATE-----
Generated at Sun Jul 27 01:59:10 2025 by rpki-client