Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
File: OC5TMDOzzpXklyvyOC3awpPC3AE.mft (raw, json)
Hash identifier: Sy8vojLi/z9mkd6Pt6llJMO2Iw5ido/zERoF1Mx+1HY=
Subject key identifier: 5F:9F:EF:AD:28:17:FC:8A:4E:2F:5A:C6:C1:65:5B:F8:81:E3:C2:39
Authority key identifier: 38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
Certificate issuer: /CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Certificate serial: 0199277CE658BE5D2CF4DDCFDE2A01F991EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
Manifest number: 09D3
Signing time: Mon 08 Sep 2025 04:02:00 +0000
Manifest this update: Mon 08 Sep 2025 04:02:00 +0000
Manifest next update: Tue 09 Sep 2025 04:02:00 +0000
Files and hashes: 1: 5Ut0b0NCsET_SBcrRZDGmpxguZ8.roa (hash: yFP/8VV88RGdYS/1gMV2xguqReDrDsPUy9So1+AmUlY=)
2: 5govGzTOoEOkHW5AQQBeXhEslnY.roa (hash: WSesnMfx5MzV8mfpr2Kk+2TovkIoHzCJWKSulEHwHA0=)
3: OC5TMDOzzpXklyvyOC3awpPC3AE.crl (hash: ytd6FAn+7N+kLKPIRPjJ8xiusHVLR9i5emcbmULpt/w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:27:7c:e6:58:be:5d:2c:f4:dd:cf:de:2a:01:f9:91:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Validity
Not Before: Sep 8 04:02:00 2025 GMT
Not After : Sep 9 04:02:00 2025 GMT
Subject: CN=5f9fefad2817fc8a4e2f5ac6c1655bf881e3c239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cd:df:7d:b9:27:72:0f:72:6e:36:1a:0d:ea:
7a:bd:1e:ce:6c:4e:e6:09:85:91:c4:a7:cd:87:f5:
43:20:27:5c:d2:f2:21:7d:4f:ca:02:9e:3d:7c:56:
f6:8b:82:2d:e7:a6:b1:c4:38:69:d1:c6:3a:17:c5:
67:52:30:56:9e:ce:aa:c2:2b:ad:42:14:4c:69:76:
c3:46:02:6c:86:3a:75:eb:ce:96:bb:e7:7b:11:c5:
70:77:6e:ba:ab:ed:5a:92:50:9e:56:b6:35:80:18:
f4:35:0e:d8:0f:41:16:b0:31:df:ac:09:b4:3a:74:
df:67:b7:a6:b3:a1:dd:6f:e4:d1:32:6e:d8:9a:53:
71:2b:50:72:21:4d:4a:f1:8b:62:bd:6b:42:68:74:
ed:3e:1d:ed:bf:fc:6d:5a:f8:5b:f7:c1:90:34:92:
a4:c4:07:04:b7:90:e9:3e:20:02:45:9d:6c:e6:fc:
28:a8:8d:f7:ea:93:a1:8a:7d:92:49:df:2e:61:d4:
c9:a3:90:43:cb:4e:89:4b:1e:72:e0:63:20:6a:90:
65:6d:7c:7d:d3:3f:37:84:82:eb:17:2d:0a:14:14:
b5:32:45:6f:2e:03:c9:da:25:eb:4d:ac:95:59:70:
51:9f:bd:2a:39:c2:b3:ee:81:79:a4:16:f1:90:81:
67:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:9F:EF:AD:28:17:FC:8A:4E:2F:5A:C6:C1:65:5B:F8:81:E3:C2:39
X509v3 Authority Key Identifier:
keyid:38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:0a:aa:85:5c:cf:3f:6c:6c:80:4c:09:48:89:60:7b:05:15:
c7:a5:9a:07:c5:d2:2d:dd:29:00:64:9a:40:61:87:e4:d9:de:
f3:88:29:3b:8e:96:b7:df:69:72:ce:6a:ab:39:c3:d6:58:95:
25:09:81:4c:99:0f:20:c8:5a:53:0a:68:40:5a:3c:10:c4:5e:
3a:71:49:f6:a6:83:3f:b5:a6:89:c0:8d:30:0b:b1:2c:d6:59:
f2:6d:c4:94:93:b9:97:e4:58:9d:a6:35:d3:0d:ec:26:a9:47:
aa:bc:0b:53:fa:d6:b9:99:73:1c:21:ba:5e:9f:8e:9b:4d:69:
7d:31:4a:20:da:b3:db:58:e7:48:9e:aa:3a:b9:9a:d0:27:d5:
d4:6d:77:c0:db:65:1d:9e:aa:19:79:bb:f9:7e:94:ba:a4:30:
2e:b2:ad:f8:d9:3a:ac:ec:f3:9d:b7:7f:88:24:33:d8:ed:0d:
dd:5d:46:35:75:e9:0a:af:e2:f0:f9:da:be:e4:67:0f:16:7c:
b0:a6:37:e4:5c:19:80:ac:0e:93:df:7e:df:e3:b4:96:40:39:
de:0b:dc:3a:ee:45:54:00:df:10:50:be:71:3d:0d:f9:1f:d4:
71:02:4a:96:db:11:24:41:31:49:ca:f4:f7:1c:05:57:e0:f7:
e2:88:5e:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZknfOZYvl0s9N3P3ioB+ZHrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmU1MzMwMzNiM2NlOTVlNDk3MmJmMjM4MmRkYWMyOTNj
MmRjMDEwHhcNMjUwOTA4MDQwMjAwWhcNMjUwOTA5MDQwMjAwWjAzMTEwLwYDVQQD
Eyg1ZjlmZWZhZDI4MTdmYzhhNGUyZjVhYzZjMTY1NWJmODgxZTNjMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0c3ffbkncg9ybjYaDep6vR7ObE7m
CYWRxKfNh/VDICdc0vIhfU/KAp49fFb2i4It56axxDhp0cY6F8VnUjBWns6qwiut
QhRMaXbDRgJshjp1686Wu+d7EcVwd266q+1aklCeVrY1gBj0NQ7YD0EWsDHfrAm0
OnTfZ7ems6Hdb+TRMm7YmlNxK1ByIU1K8YtivWtCaHTtPh3tv/xtWvhb98GQNJKk
xAcEt5DpPiACRZ1s5vwoqI336pOhin2SSd8uYdTJo5BDy06JSx5y4GMgapBlbXx9
0z83hILrFy0KFBS1MkVvLgPJ2iXrTayVWXBRn70qOcKz7oF5pBbxkIFn6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF+f760oF/yKTi9axsFlW/iB48I5MB8GA1UdIwQY
MBaAFDguUzAzs86V5Jcr8jgt2sKTwtwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQt
ZWFhMDkwNTE0YjUyLzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQtZWFhMDkwNTE0YjUy
LzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACQqqhVzP
P2xsgEwJSIlgewUVx6WaB8XSLd0pAGSaQGGH5Nne84gpO46Wt99pcs5qqznD1liV
JQmBTJkPIMhaUwpoQFo8EMReOnFJ9qaDP7WmicCNMAuxLNZZ8m3ElJO5l+RYnaY1
0w3sJqlHqrwLU/rWuZlzHCG6Xp+Om01pfTFKINqz21jnSJ6qOrma0CfV1G13wNtl
HZ6qGXm7+X6UuqQwLrKt+Nk6rOzznbd/iCQz2O0N3V1GNXXpCq/i8PnavuRnDxZ8
sKY35FwZgKwOk99+3+O0lkA53gvcOu5FVADfEFC+cT0N+R/UcQJKltsRJEExScr0
9xwFV+D34oheYA==
-----END CERTIFICATE-----
Generated at Mon Sep 8 10:25:51 2025 by rpki-client