Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
File: oNMhbMzIY-ygw90YmUGxueo3ys0.mft (raw, json)
Hash identifier: ogHd4FS216KXB08i4eBGQ8E9dmHDXsbIvnIL2GvDrlA=
Subject key identifier: 58:38:94:D3:CC:1D:9F:09:F3:7D:21:41:46:49:88:C1:B7:1B:D1:7B
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial: 0198477828968E222900E48065A99C9C93AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
Manifest number: 0E4A
Signing time: Sat 26 Jul 2025 16:01:53 +0000
Manifest this update: Sat 26 Jul 2025 16:01:53 +0000
Manifest next update: Sun 27 Jul 2025 16:01:53 +0000
Files and hashes: 1: YAQOG7HS14oLGl_AE__5KljKQek.roa (hash: vYFfnqVBOtNvOIxvJDmuRRaUo+YW3T+OADCuratSdoU=)
2: i2HYpKIvdGotH7mKcmQ5RAG3huY.roa (hash: 4Nz6YUMbPlVe3PbppTQU2sGDWl5KATygr4DtzeG8qCU=)
3: oNMhbMzIY-ygw90YmUGxueo3ys0.crl (hash: dfE7LhjSQkv3wX6UyAiEE6QDteJiBM2SCrkmopIXyeU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:47:78:28:96:8e:22:29:00:e4:80:65:a9:9c:9c:93:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Validity
Not Before: Jul 26 16:01:53 2025 GMT
Not After : Jul 27 16:01:53 2025 GMT
Subject: CN=583894d3cc1d9f09f37d2141464988c1b71bd17b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:61:36:91:72:40:98:c1:94:a7:04:21:49:b7:
ca:d1:36:0d:86:c0:3b:cf:49:11:41:74:2f:9d:5d:
95:7c:b4:a9:9e:25:4a:b7:c9:24:78:aa:83:d4:5e:
72:34:41:d7:d2:1b:94:bd:a6:4a:f1:7f:05:91:56:
30:d8:9b:32:16:47:85:05:4f:1c:9f:e4:15:f6:3c:
84:e9:6e:f9:cf:af:01:7f:3a:a6:2d:7c:e8:dd:87:
f0:79:30:4d:d9:81:c6:c4:f8:4e:f9:7a:fa:6c:60:
59:5c:c2:c3:34:47:c5:c3:09:1e:0a:69:65:fe:c2:
93:3a:ad:35:a2:a2:54:b8:b6:eb:75:65:35:f4:51:
43:35:a9:72:60:01:ee:6e:c3:73:8c:ca:d5:12:e5:
33:a4:bc:71:ae:e8:ae:0a:4e:1c:15:1c:36:e6:cc:
b8:0d:27:46:48:e6:b5:d0:05:46:b3:13:b0:7f:2d:
34:88:08:e2:74:2b:c7:8f:69:94:97:6c:c3:45:ca:
d7:d3:cb:90:09:bc:46:e5:c6:ae:3d:4a:cb:c8:9a:
76:92:fd:9b:aa:e7:33:97:22:f4:e0:b8:09:6a:46:
19:79:68:8e:ba:9c:fb:71:fc:e0:dc:ea:12:f8:ee:
31:c2:56:08:44:d4:16:66:cf:9e:73:88:55:7a:33:
43:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:38:94:D3:CC:1D:9F:09:F3:7D:21:41:46:49:88:C1:B7:1B:D1:7B
X509v3 Authority Key Identifier:
keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:ee:9b:53:67:3f:56:50:60:42:34:70:e9:d9:84:fe:66:0f:
f3:e3:af:67:7a:0e:5e:7e:46:1d:a4:93:81:18:59:28:0a:60:
4e:1a:ec:04:d3:45:13:a1:a2:57:8a:5d:49:4b:d4:bd:e9:74:
c4:f8:fe:fa:78:63:a2:a7:22:2d:ca:ac:e1:a3:86:03:d7:02:
9b:37:92:93:41:d0:1d:55:59:16:41:2d:b9:4f:f7:07:2b:8a:
a7:56:b3:92:8d:6d:15:31:3b:e7:cd:df:84:4d:6b:48:b1:16:
d4:26:99:a6:30:c4:75:bc:cb:0d:ab:37:fc:e2:8e:fb:04:ae:
5a:94:6a:b6:f3:77:94:f2:d1:e1:d0:b0:0b:b8:cd:a8:87:07:
30:8b:a8:cf:f3:62:b3:5c:8e:a7:02:1f:cc:08:c1:54:cd:06:
d4:8c:43:28:6a:0a:93:72:3e:a9:fd:a8:ea:35:6b:f2:93:35:
26:fb:91:2a:ed:d3:05:ab:9c:f1:54:c6:83:d9:7f:53:fd:ca:
88:af:9a:23:ab:34:e6:72:7d:b8:df:8b:0e:d3:63:71:a1:9e:
7d:f0:0c:96:7f:0c:f1:9b:0c:d1:84:82:f3:2b:7d:45:55:22:
33:7c:6a:f6:43:b1:01:1c:0b:57:d2:07:8b:61:a2:af:11:22:
25:4d:c6:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhHeCiWjiIpAOSAZamcnJOuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjUwNzI2MTYwMTUzWhcNMjUwNzI3MTYwMTUzWjAzMTEwLwYDVQQD
Eyg1ODM4OTRkM2NjMWQ5ZjA5ZjM3ZDIxNDE0NjQ5ODhjMWI3MWJkMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2E2kXJAmMGUpwQhSbfK0TYNhsA7
z0kRQXQvnV2VfLSpniVKt8kkeKqD1F5yNEHX0huUvaZK8X8FkVYw2JsyFkeFBU8c
n+QV9jyE6W75z68BfzqmLXzo3YfweTBN2YHGxPhO+Xr6bGBZXMLDNEfFwwkeCmll
/sKTOq01oqJUuLbrdWU19FFDNalyYAHubsNzjMrVEuUzpLxxruiuCk4cFRw25sy4
DSdGSOa10AVGsxOwfy00iAjidCvHj2mUl2zDRcrX08uQCbxG5cauPUrLyJp2kv2b
quczlyL04LgJakYZeWiOupz7cfzg3OoS+O4xwlYIRNQWZs+ec4hVejNDYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFg4lNPMHZ8J830hQUZJiMG3G9F7MB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG+6bU2c/
VlBgQjRw6dmE/mYP8+OvZ3oOXn5GHaSTgRhZKApgThrsBNNFE6GiV4pdSUvUvel0
xPj++nhjoqciLcqs4aOGA9cCmzeSk0HQHVVZFkEtuU/3ByuKp1azko1tFTE7583f
hE1rSLEW1CaZpjDEdbzLDas3/OKO+wSuWpRqtvN3lPLR4dCwC7jNqIcHMIuoz/Ni
s1yOpwIfzAjBVM0G1IxDKGoKk3I+qf2o6jVr8pM1JvuRKu3TBauc8VTGg9l/U/3K
iK+aI6s05nJ9uN+LDtNjcaGeffAMln8M8ZsM0YSC8yt9RVUiM3xq9kOxARwLV9IH
i2GirxEiJU3GPg==
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:05:57 2025 by rpki-client