Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
File: OExBksVwSp65aPXPUzuaH3pmYa0.mft (raw, json)
Hash identifier: NdCIOslnU6+JCiqnbCsmubnRD+0L/pPaNsw5NpgU8m8=
Subject key identifier: 44:EA:FA:FC:BA:EF:EA:0F:2A:2C:08:DC:29:00:CE:F3:59:8E:EC:23
Authority key identifier: 38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD
Certificate issuer: /CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
Certificate serial: 019848F75913B6FD7CDE3AC4FF3028B77BC9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
Manifest number: 01DA
Signing time: Sat 26 Jul 2025 23:00:26 +0000
Manifest this update: Sat 26 Jul 2025 23:00:26 +0000
Manifest next update: Sun 27 Jul 2025 23:00:26 +0000
Files and hashes: 1: OExBksVwSp65aPXPUzuaH3pmYa0.crl (hash: +K+zJo3BUr3LdyBP1177J9OVlVAdCDkVfAyV6Uhb40I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 15:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:48:f7:59:13:b6:fd:7c:de:3a:c4:ff:30:28:b7:7b:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
Validity
Not Before: Jul 26 23:00:26 2025 GMT
Not After : Jul 27 23:00:26 2025 GMT
Subject: CN=44eafafcbaefea0f2a2c08dc2900cef3598eec23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b4:b7:6d:96:9a:a2:b0:ae:d9:54:59:7a:03:
3a:43:32:35:5c:9d:ba:6c:99:49:19:e1:42:03:20:
de:9f:12:25:50:e8:2d:15:1b:da:64:e2:a3:e0:e2:
48:0d:be:57:40:e3:68:5a:d8:92:c6:e0:9b:b5:18:
2b:52:88:f2:bb:a6:95:2f:10:80:9f:a2:19:fc:84:
6b:dd:22:6d:8e:c9:20:7a:45:ca:4f:f1:70:12:0a:
10:6a:5c:9a:d4:54:4e:6d:95:51:2f:70:21:9e:68:
76:53:9a:de:7f:89:9e:2c:70:c3:88:2e:12:f3:ab:
33:e7:88:b8:24:73:1b:24:07:ee:f6:16:30:f5:da:
a5:11:d9:95:46:b6:38:32:de:36:10:ad:eb:60:98:
95:ee:2b:c6:22:a7:d0:c6:99:d7:81:4e:c9:3b:9b:
58:1d:dd:56:72:e7:2d:63:0c:7a:44:d1:ca:c7:57:
e8:0a:57:b8:c7:10:85:0c:10:64:50:56:5b:32:06:
34:71:fb:a1:5d:01:77:5e:9f:3c:36:34:43:5a:ae:
96:60:e6:f1:c9:62:66:6a:5b:e2:f7:91:24:3a:8c:
97:20:f4:c8:23:49:07:c3:b2:9c:3f:6b:6b:42:3b:
fb:d7:48:6a:d1:61:89:33:c7:22:1e:cb:28:f2:52:
2c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:EA:FA:FC:BA:EF:EA:0F:2A:2C:08:DC:29:00:CE:F3:59:8E:EC:23
X509v3 Authority Key Identifier:
keyid:38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:bb:90:0c:99:34:28:d2:48:e6:bc:e5:6d:96:18:55:30:4f:
af:de:bf:a4:e6:6e:80:a1:3e:36:43:63:be:cd:32:4b:fb:41:
d2:6b:05:54:15:41:fd:71:a3:9f:0f:d8:ae:7b:41:e4:53:7b:
9a:f6:2e:e1:8e:bf:c6:40:26:e1:be:3d:1d:4e:c5:57:d5:7f:
8c:00:f8:76:5e:23:88:f9:62:d8:2d:ab:83:18:0b:c4:09:59:
62:95:0f:a7:bf:b9:af:07:d5:c6:29:f5:f1:22:b4:61:e1:ab:
fb:d7:d9:15:28:46:2f:04:aa:9b:c7:e4:c7:07:de:1a:79:54:
af:f0:4b:b3:f3:8d:bd:d5:dc:48:4c:71:33:59:46:17:29:56:
9b:4b:fd:0f:ba:95:54:2a:84:3c:1f:42:5d:9c:b7:c1:12:33:
29:c1:7d:f5:14:10:9d:c5:69:0a:3c:e7:f9:73:84:57:fe:ce:
fc:88:d8:3f:6c:62:35:78:54:35:81:ef:16:44:d5:23:d3:8a:
f4:c0:46:32:a8:bb:f4:e9:3f:4a:85:e7:2c:6c:f7:a2:5b:24:
8a:ee:19:35:36:14:62:4f:34:10:6d:3a:4b:8d:b8:09:75:57:
a7:70:5c:53:88:ca:40:fb:6f:01:15:95:b3:69:fa:b9:32:31:
d8:2d:b5:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhI91kTtv183jrE/zAot3vJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NGM0MTkyYzU3MDRhOWViOTY4ZjVjZjUzM2I5YTFmN2E2
NjYxYWQwHhcNMjUwNzI2MjMwMDI2WhcNMjUwNzI3MjMwMDI2WjAzMTEwLwYDVQQD
Eyg0NGVhZmFmY2JhZWZlYTBmMmEyYzA4ZGMyOTAwY2VmMzU5OGVlYzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLS3bZaaorCu2VRZegM6QzI1XJ26
bJlJGeFCAyDenxIlUOgtFRvaZOKj4OJIDb5XQONoWtiSxuCbtRgrUojyu6aVLxCA
n6IZ/IRr3SJtjskgekXKT/FwEgoQalya1FRObZVRL3Ahnmh2U5ref4meLHDDiC4S
86sz54i4JHMbJAfu9hYw9dqlEdmVRrY4Mt42EK3rYJiV7ivGIqfQxpnXgU7JO5tY
Hd1WcuctYwx6RNHKx1foCle4xxCFDBBkUFZbMgY0cfuhXQF3Xp88NjRDWq6WYObx
yWJmalvi95EkOoyXIPTII0kHw7KcP2trQjv710hq0WGJM8ciHsso8lIs9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFETq+vy67+oPKiwI3CkAzvNZjuwjMB8GA1UdIwQY
MBaAFDhMQZLFcEqeuWj1z1M7mh96ZmGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAt
ODNiZTQxOGFhN2Y0LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAtODNiZTQxOGFhN2Y0
LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKLuQDJk0
KNJI5rzlbZYYVTBPr96/pOZugKE+NkNjvs0yS/tB0msFVBVB/XGjnw/YrntB5FN7
mvYu4Y6/xkAm4b49HU7FV9V/jAD4dl4jiPli2C2rgxgLxAlZYpUPp7+5rwfVxin1
8SK0YeGr+9fZFShGLwSqm8fkxwfeGnlUr/BLs/ONvdXcSExxM1lGFylWm0v9D7qV
VCqEPB9CXZy3wRIzKcF99RQQncVpCjzn+XOEV/7O/IjYP2xiNXhUNYHvFkTVI9OK
9MBGMqi79Ok/SoXnLGz3olskiu4ZNTYUYk80EG06S424CXVXp3BcU4jKQPtvARWV
s2n6uTIx2C21Sg==
-----END CERTIFICATE-----
Generated at Sun Jul 27 01:23:42 2025 by rpki-client