Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/137002-e75f-4201-9988-991a1c714f95/1/OTzIt9LccKJ9QPpFnk5WwAXMxjo.mft
File: OTzIt9LccKJ9QPpFnk5WwAXMxjo.mft (raw, json)
Hash identifier: de/SHJsTvTszS26CgTgTng9ojBOT0Pnq8xSLTorNCSU=
Subject key identifier: 58:B0:11:3D:A8:E3:57:5C:E2:8D:6A:98:57:C6:AD:91:45:22:82:9A
Authority key identifier: 39:3C:C8:B7:D2:DC:70:A2:7D:40:FA:45:9E:4E:56:C0:05:CC:C6:3A
Certificate issuer: /CN=393cc8b7d2dc70a27d40fa459e4e56c005ccc63a
Certificate serial: 01984965C785F227EE4F8CC6DF62D7814A09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTzIt9LccKJ9QPpFnk5WwAXMxjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/137002-e75f-4201-9988-991a1c714f95/1/OTzIt9LccKJ9QPpFnk5WwAXMxjo.mft
Manifest number: 1602
Signing time: Sun 27 Jul 2025 01:01:03 +0000
Manifest this update: Sun 27 Jul 2025 01:01:03 +0000
Manifest next update: Mon 28 Jul 2025 01:01:03 +0000
Files and hashes: 1: M4l3Cf3_669djsGWrF7n0AJt83M.roa (hash: MY4UMlUb6Y1AsO5cCAn8IrigWcCAqjlArLI2bOv+PX8=)
2: OTzIt9LccKJ9QPpFnk5WwAXMxjo.crl (hash: hPqfZk6XG3BeqgVwBY8FmhSXr385KWwU0u019B+o51U=)
3: TXoJbYdgwtSRoMICf6BpMrQmJMs.roa (hash: Ede1kltXJewHDWyl80pDm1qv2UWiny8U21Nq2Z6l0i4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/137002-e75f-4201-9988-991a1c714f95/1/OTzIt9LccKJ9QPpFnk5WwAXMxjo.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/137002-e75f-4201-9988-991a1c714f95/1/OTzIt9LccKJ9QPpFnk5WwAXMxjo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OTzIt9LccKJ9QPpFnk5WwAXMxjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 01:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:49:65:c7:85:f2:27:ee:4f:8c:c6:df:62:d7:81:4a:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=393cc8b7d2dc70a27d40fa459e4e56c005ccc63a
Validity
Not Before: Jul 27 01:01:03 2025 GMT
Not After : Jul 28 01:01:03 2025 GMT
Subject: CN=58b0113da8e3575ce28d6a9857c6ad914522829a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3c:e6:b5:85:b7:26:88:4b:ae:9b:0e:7b:8b:
28:97:44:a0:ce:01:74:c7:38:fa:0b:05:45:5c:ff:
40:f5:df:e4:55:13:a5:53:73:10:41:f7:7b:eb:30:
22:fb:31:87:b5:e6:04:44:fa:10:ac:f9:9a:f9:40:
7f:08:7f:a0:ed:14:75:7a:5e:74:fd:c8:16:41:cb:
34:6e:f4:34:7a:ff:5d:55:22:dc:d3:82:48:af:ed:
47:23:fe:0b:e4:d1:06:3a:78:e6:43:6b:21:d8:45:
ec:59:ed:ca:45:dc:20:09:89:f4:01:be:72:75:42:
70:4a:23:15:3a:3a:bb:7a:9d:b7:4a:cb:ca:e0:0a:
28:db:43:f0:d1:b0:75:4a:9a:f2:f8:99:77:72:1d:
6b:ec:57:17:fc:c8:aa:0e:02:a0:21:1c:e8:c8:09:
c2:89:9f:e6:51:42:47:f5:9e:a5:d0:59:a3:44:b8:
a7:61:a2:63:41:b7:84:83:ff:d0:41:ab:92:9d:f2:
32:f8:80:bf:e9:1e:70:bf:b1:3f:8d:32:7e:16:78:
21:de:a6:49:f9:b9:65:f0:70:d1:3b:58:c5:25:fa:
0c:2c:94:90:b3:9e:b7:12:7d:ca:b9:e8:dc:d3:d5:
14:bb:92:53:32:86:c8:e6:18:cb:28:e6:50:f5:81:
a7:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:B0:11:3D:A8:E3:57:5C:E2:8D:6A:98:57:C6:AD:91:45:22:82:9A
X509v3 Authority Key Identifier:
keyid:39:3C:C8:B7:D2:DC:70:A2:7D:40:FA:45:9E:4E:56:C0:05:CC:C6:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTzIt9LccKJ9QPpFnk5WwAXMxjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/137002-e75f-4201-9988-991a1c714f95/1/OTzIt9LccKJ9QPpFnk5WwAXMxjo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/137002-e75f-4201-9988-991a1c714f95/1/OTzIt9LccKJ9QPpFnk5WwAXMxjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:96:08:9c:c2:e7:e9:ac:d3:ca:12:71:cf:39:ac:b5:38:bf:
21:e0:d2:2e:7d:d8:75:ce:f5:49:9f:d3:ec:e5:a6:bc:55:a0:
17:78:75:08:b4:25:ea:46:5f:2d:60:9e:cf:4f:73:0b:44:ca:
17:6f:fc:f5:78:1f:2b:12:b9:2a:e2:13:56:0f:b6:3d:0f:5b:
c0:bf:08:b8:d6:dd:c8:22:03:39:33:14:10:e2:b8:81:dd:c9:
99:9e:6d:c6:bf:6f:53:d4:8b:3a:98:15:f0:52:1f:66:c1:a3:
99:63:1c:d6:0b:7f:4a:a2:30:23:f4:62:ee:8f:5d:ec:02:11:
ec:ff:ba:5a:df:93:a7:69:10:7a:bc:02:68:5f:b2:ac:49:82:
bf:02:ca:57:e8:a8:09:af:3e:56:ce:b8:58:90:c8:d0:d0:f8:
7c:1c:90:5f:d4:cd:6a:f8:15:e5:88:df:0a:ec:34:1a:30:b0:
5d:bd:ca:f6:fb:c4:13:c5:73:e6:28:ee:c3:ff:21:46:cb:d5:
2d:69:8e:67:f0:4b:ba:df:c0:d5:6b:a9:8a:78:34:a3:e1:df:
71:15:ed:a8:87:e7:4e:11:ab:93:40:71:47:d4:3c:e9:21:84:
15:df:9f:5a:c5:55:29:ac:84:eb:d2:1b:75:2d:a9:e9:93:06:
87:6b:1c:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJZceF8ifuT4zG32LXgUoJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5M2NjOGI3ZDJkYzcwYTI3ZDQwZmE0NTllNGU1NmMwMDVj
Y2M2M2EwHhcNMjUwNzI3MDEwMTAzWhcNMjUwNzI4MDEwMTAzWjAzMTEwLwYDVQQD
Eyg1OGIwMTEzZGE4ZTM1NzVjZTI4ZDZhOTg1N2M2YWQ5MTQ1MjI4MjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzzmtYW3JohLrpsOe4sol0SgzgF0
xzj6CwVFXP9A9d/kVROlU3MQQfd76zAi+zGHteYERPoQrPma+UB/CH+g7RR1el50
/cgWQcs0bvQ0ev9dVSLc04JIr+1HI/4L5NEGOnjmQ2sh2EXsWe3KRdwgCYn0Ab5y
dUJwSiMVOjq7ep23SsvK4Aoo20Pw0bB1Spry+Jl3ch1r7FcX/MiqDgKgIRzoyAnC
iZ/mUUJH9Z6l0FmjRLinYaJjQbeEg//QQauSnfIy+IC/6R5wv7E/jTJ+Fngh3qZJ
+bll8HDRO1jFJfoMLJSQs563En3Kuejc09UUu5JTMobI5hjLKOZQ9YGnoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFiwET2o41dc4o1qmFfGrZFFIoKaMB8GA1UdIwQY
MBaAFDk8yLfS3HCifUD6RZ5OVsAFzMY6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1R6SXQ5TGNjS0o5UVBwRm5rNVd3QVhNeGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8xMzcwMDItZTc1Zi00MjAxLTk5ODgt
OTkxYTFjNzE0Zjk1LzEvT1R6SXQ5TGNjS0o5UVBwRm5rNVd3QVhNeGpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8xMzcwMDItZTc1Zi00MjAxLTk5ODgtOTkxYTFjNzE0Zjk1
LzEvT1R6SXQ5TGNjS0o5UVBwRm5rNVd3QVhNeGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOJYInMLn
6azTyhJxzzmstTi/IeDSLn3Ydc71SZ/T7OWmvFWgF3h1CLQl6kZfLWCez09zC0TK
F2/89XgfKxK5KuITVg+2PQ9bwL8IuNbdyCIDOTMUEOK4gd3JmZ5txr9vU9SLOpgV
8FIfZsGjmWMc1gt/SqIwI/Ri7o9d7AIR7P+6Wt+Tp2kQerwCaF+yrEmCvwLKV+io
Ca8+Vs64WJDI0ND4fByQX9TNavgV5YjfCuw0GjCwXb3K9vvEE8Vz5ijuw/8hRsvV
LWmOZ/BLut/A1Wuping0o+HfcRXtqIfnThGrk0BxR9Q86SGEFd+fWsVVKayE69Ib
dS2p6ZMGh2sccQ==
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:24:23 2025 by rpki-client