Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.mft
File: ojIkxQF9NOzcKNDPNkQtZb754KA.mft (raw, json)
Hash identifier: HKrdhQvgV0fFZmC0sGi9ajxoW/3o7SeXHAVDD6N+YwA=
Subject key identifier: 17:60:48:AB:A2:31:12:F4:EE:AC:AB:C3:01:D3:30:6F:EB:8C:D1:BD
Authority key identifier: A2:32:24:C5:01:7D:34:EC:DC:28:D0:CF:36:44:2D:65:BE:F9:E0:A0
Certificate issuer: /CN=a23224c5017d34ecdc28d0cf36442d65bef9e0a0
Certificate serial: 01974BFB80FBBCAB9A1D9B080E9476439E38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.mft
Manifest number: 1587
Signing time: Sat 07 Jun 2025 20:01:02 +0000
Manifest this update: Sat 07 Jun 2025 20:01:02 +0000
Manifest next update: Sun 08 Jun 2025 20:01:02 +0000
Files and hashes: 1: bEhBHj_5ND7DPkcxJc-eHtfnjVE.roa (hash: q7DP36VzuoeI79R3/z9nukbV52RDnraBhFmpjcuFOJ0=)
2: fUWog8dQyKlZmDz3Jt4aoMe12ZM.roa (hash: m7C2vWzzKK+0unJuovK786RQ7kI+1mqtBwzlHAjE+E0=)
3: ojIkxQF9NOzcKNDPNkQtZb754KA.crl (hash: 5KpiohJbTAkua1Dq2qc+5/lbBpl8+xD8/NsoGYVIAbk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4b:fb:80:fb:bc:ab:9a:1d:9b:08:0e:94:76:43:9e:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a23224c5017d34ecdc28d0cf36442d65bef9e0a0
Validity
Not Before: Jun 7 20:01:02 2025 GMT
Not After : Jun 8 20:01:02 2025 GMT
Subject: CN=176048aba23112f4eeacabc301d3306feb8cd1bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:df:22:ca:98:36:c4:c3:4b:9b:f5:b9:74:b1:
72:9d:2a:17:40:6f:85:f5:8c:41:a1:4b:4d:10:9b:
eb:2c:11:3e:de:1b:bd:06:e4:d2:76:aa:c0:51:02:
c4:e9:a0:36:66:34:b1:8b:09:50:a7:e9:3f:ff:e4:
d6:b9:2c:60:9b:23:15:90:19:b5:8e:86:65:05:18:
19:c0:e1:e7:7a:b8:8b:ed:f0:54:6d:47:ba:bb:84:
eb:4a:8b:58:33:95:99:29:e4:5f:49:b5:66:fd:88:
36:e8:c2:2d:da:79:c5:1f:2f:61:68:ff:ce:bd:99:
7f:17:aa:fc:69:41:b4:26:02:60:f2:94:55:6c:fe:
a9:17:28:69:c0:5a:67:06:39:07:0f:16:36:e7:52:
b6:f0:f0:23:74:f1:28:1a:dd:e2:db:d8:8a:21:1c:
a4:46:28:80:2d:bd:8e:57:59:6b:30:0a:60:fe:77:
dc:e0:d5:18:74:9f:f3:19:15:28:a8:7a:19:6e:30:
a2:48:72:38:4c:08:a4:bb:9b:20:1b:4f:85:db:39:
b8:83:fe:36:ce:e4:7e:03:d0:21:70:f6:8e:cc:a1:
09:80:21:3f:b5:39:c0:03:2e:eb:af:c0:73:ff:28:
57:5d:41:dc:93:29:0e:51:5e:d9:fe:1d:3a:6e:57:
7c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:60:48:AB:A2:31:12:F4:EE:AC:AB:C3:01:D3:30:6F:EB:8C:D1:BD
X509v3 Authority Key Identifier:
keyid:A2:32:24:C5:01:7D:34:EC:DC:28:D0:CF:36:44:2D:65:BE:F9:E0:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:4a:97:9a:3c:f9:86:12:9a:79:5e:e0:f8:50:91:d7:a1:cb:
ac:64:b0:ac:06:d6:c1:23:b1:dd:6d:ee:11:64:28:dd:54:09:
ce:7d:e8:d5:e4:1b:d2:76:86:d3:73:fa:3c:e5:59:94:1e:19:
d5:18:ba:f2:8c:7b:a5:8e:87:b1:ef:25:da:dc:6c:56:fc:04:
1c:3c:45:0d:47:6f:76:8b:31:99:a4:e3:6c:24:0a:fa:3c:a3:
b6:5a:17:95:85:69:b9:e3:5a:d7:e7:8d:8a:a5:25:b8:b6:36:
d5:26:ee:8a:9f:40:8c:c0:19:3b:bd:09:72:f4:19:f2:fd:d8:
26:5b:a7:c6:dd:91:0d:98:12:2f:4c:17:73:64:6a:68:49:36:
fd:dc:19:f2:a6:2b:e0:3c:ab:e9:8a:07:4f:15:26:f9:af:be:
0b:0f:aa:8a:15:76:bf:a2:28:6f:68:62:49:e6:af:d1:60:36:
2b:20:0b:2d:8f:7e:dc:85:b6:67:7d:ba:71:7b:66:4d:d6:98:
46:15:c1:d3:ca:e5:4a:8a:ec:bc:d2:b7:d8:bb:99:02:58:fa:
f1:b8:79:43:e1:28:81:53:13:95:71:7a:f1:cd:97:b8:59:06:
c3:a1:a4:63:38:ad:61:f0:4b:ab:92:25:66:37:85:18:c2:94:
5c:1a:bf:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdL+4D7vKuaHZsIDpR2Q544MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMzIyNGM1MDE3ZDM0ZWNkYzI4ZDBjZjM2NDQyZDY1YmVm
OWUwYTAwHhcNMjUwNjA3MjAwMTAyWhcNMjUwNjA4MjAwMTAyWjAzMTEwLwYDVQQD
EygxNzYwNDhhYmEyMzExMmY0ZWVhY2FiYzMwMWQzMzA2ZmViOGNkMWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr98iypg2xMNLm/W5dLFynSoXQG+F
9YxBoUtNEJvrLBE+3hu9BuTSdqrAUQLE6aA2ZjSxiwlQp+k//+TWuSxgmyMVkBm1
joZlBRgZwOHneriL7fBUbUe6u4TrSotYM5WZKeRfSbVm/Yg26MIt2nnFHy9haP/O
vZl/F6r8aUG0JgJg8pRVbP6pFyhpwFpnBjkHDxY251K28PAjdPEoGt3i29iKIRyk
RiiALb2OV1lrMApg/nfc4NUYdJ/zGRUoqHoZbjCiSHI4TAiku5sgG0+F2zm4g/42
zuR+A9AhcPaOzKEJgCE/tTnAAy7rr8Bz/yhXXUHckykOUV7Z/h06bld8mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBdgSKuiMRL07qyrwwHTMG/rjNG9MB8GA1UdIwQY
MBaAFKIyJMUBfTTs3CjQzzZELWW++eCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjdkMTQtZDc1MS00NTczLTk5MTkt
ZmVjOGE4MGVkMjMzLzEvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjdkMTQtZDc1MS00NTczLTk5MTktZmVjOGE4MGVkMjMz
LzEvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN0qXmjz5
hhKaeV7g+FCR16HLrGSwrAbWwSOx3W3uEWQo3VQJzn3o1eQb0naG03P6POVZlB4Z
1Ri68ox7pY6Hse8l2txsVvwEHDxFDUdvdosxmaTjbCQK+jyjtloXlYVpueNa1+eN
iqUluLY21Sbuip9AjMAZO70JcvQZ8v3YJlunxt2RDZgSL0wXc2RqaEk2/dwZ8qYr
4Dyr6YoHTxUm+a++Cw+qihV2v6Iob2hiSeav0WA2KyALLY9+3IW2Z326cXtmTdaY
RhXB08rlSorsvNK32LuZAlj68bh5Q+EogVMTlXF68c2XuFkGw6GkYzitYfBLq5Il
ZjeFGMKUXBq/tA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:14:26 2025 by rpki-client