Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.mft
File: OJDnpFSaVx9otoja1PXO2OUpBos.mft (raw, json)
Hash identifier: QQiz3My5nbF/rUefMV8G1FowAjhyLBm8xSgoGtt47Ik=
Subject key identifier: CB:7E:A3:95:05:51:8E:FF:3B:16:32:FC:96:2C:E7:F5:71:22:71:01
Authority key identifier: 38:90:E7:A4:54:9A:57:1F:68:B6:88:DA:D4:F5:CE:D8:E5:29:06:8B
Certificate issuer: /CN=3890e7a4549a571f68b688dad4f5ced8e529068b
Certificate serial: 019923A0E5240BC234CDB859E3116EF9495B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJDnpFSaVx9otoja1PXO2OUpBos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.mft
Manifest number: 1672
Signing time: Sun 07 Sep 2025 10:02:50 +0000
Manifest this update: Sun 07 Sep 2025 10:02:50 +0000
Manifest next update: Mon 08 Sep 2025 10:02:50 +0000
Files and hashes: 1: OJDnpFSaVx9otoja1PXO2OUpBos.crl (hash: EGJ4VM4O5SDPXOZBWOmeYkfHLJA4jBfHnghMyY5Hxqo=)
2: XaY9bUiZ_CFGYXPkNboje_P8adc.roa (hash: b9+EkuxILTVWiZrAAhWN9xohV/5GiE1XVfEOgozpLGc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.mft
rsync://rpki.ripe.net/repository/DEFAULT/OJDnpFSaVx9otoja1PXO2OUpBos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:a0:e5:24:0b:c2:34:cd:b8:59:e3:11:6e:f9:49:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3890e7a4549a571f68b688dad4f5ced8e529068b
Validity
Not Before: Sep 7 10:02:50 2025 GMT
Not After : Sep 8 10:02:50 2025 GMT
Subject: CN=cb7ea39505518eff3b1632fc962ce7f571227101
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:43:fa:ed:d4:3c:e3:4a:f7:6b:70:60:62:99:
a1:a6:26:81:6b:f8:10:68:0b:6a:b2:29:de:71:aa:
d2:e0:de:8a:1c:cd:63:70:70:c2:f4:ff:1d:1c:73:
f1:cb:78:7a:04:9c:da:74:8e:c7:b3:ea:bd:b2:15:
12:c3:0b:66:94:0c:2f:ea:42:34:b9:70:46:af:af:
01:55:c2:1b:f9:d3:67:04:37:03:3f:74:c2:ef:07:
36:0d:05:88:a4:e2:8c:9c:1c:8a:85:37:9a:f9:9a:
31:0f:7e:cc:73:48:52:96:56:6d:13:36:ec:c4:44:
44:fe:65:4f:cc:29:12:34:6c:f8:9d:cc:fd:b4:72:
c2:a3:4d:89:af:bc:52:5b:39:cb:17:09:26:a0:c4:
e6:3a:bc:bf:88:62:80:52:d7:63:d4:be:13:5c:1e:
61:5a:8d:44:00:ca:a9:42:4d:fd:ae:50:32:fb:95:
26:9b:87:56:57:ec:35:90:3d:83:1b:a2:b6:41:df:
c8:fb:ea:16:52:4a:44:29:e2:02:b9:da:9d:c8:b3:
87:71:b9:38:f3:fa:1a:ab:30:d6:d3:d8:9f:93:f1:
d1:18:a9:77:5f:27:62:02:56:03:16:bf:d3:42:eb:
4d:9d:64:95:d6:5b:92:67:2c:9e:ed:1e:de:df:88:
35:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7E:A3:95:05:51:8E:FF:3B:16:32:FC:96:2C:E7:F5:71:22:71:01
X509v3 Authority Key Identifier:
keyid:38:90:E7:A4:54:9A:57:1F:68:B6:88:DA:D4:F5:CE:D8:E5:29:06:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJDnpFSaVx9otoja1PXO2OUpBos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:30:79:4a:78:b6:b5:6a:bb:04:ef:e1:43:e9:7f:5f:bc:fc:
2f:b2:b4:b9:0a:b4:1b:e8:cf:0a:5c:cd:46:fb:60:03:89:e2:
9c:7a:02:4a:ec:a7:c9:27:33:a1:be:f0:84:d1:5a:99:fe:16:
63:22:ee:0c:6e:0f:05:38:27:16:fa:ca:9e:ba:20:a6:8d:c3:
37:fc:98:ff:15:50:42:c9:3f:64:e2:b0:e0:5a:af:ae:28:fc:
59:28:dd:86:07:5e:ef:9a:42:93:5c:86:cb:ba:33:ad:c2:a5:
4e:7d:8d:11:3e:cc:fb:e0:eb:e7:fa:0d:58:0e:28:b8:f4:23:
21:3f:63:d3:53:b4:90:e4:81:78:20:21:cb:99:1a:1e:05:52:
19:3d:bf:3f:56:12:84:c1:ae:cf:a8:c7:b8:5d:03:32:e1:12:
9b:b1:72:1c:72:4d:f0:e4:57:0d:8e:4d:c5:53:cb:cb:b2:bd:
bd:de:33:5e:c2:4a:ac:08:9c:d9:9b:5e:f8:29:5c:43:91:e6:
fb:00:84:91:84:3b:b9:d9:99:77:3f:1c:a5:24:79:11:9a:84:
04:e8:86:c2:e5:8a:14:24:89:8d:6b:04:6f:ef:09:d4:1e:2f:
02:7d:e4:33:5a:ed:59:cf:bc:af:0c:69:26:a9:59:69:ec:a2:
1c:4d:f4:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoOUkC8I0zbhZ4xFu+UlbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OTBlN2E0NTQ5YTU3MWY2OGI2ODhkYWQ0ZjVjZWQ4ZTUy
OTA2OGIwHhcNMjUwOTA3MTAwMjUwWhcNMjUwOTA4MTAwMjUwWjAzMTEwLwYDVQQD
EyhjYjdlYTM5NTA1NTE4ZWZmM2IxNjMyZmM5NjJjZTdmNTcxMjI3MTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkP67dQ840r3a3BgYpmhpiaBa/gQ
aAtqsinecarS4N6KHM1jcHDC9P8dHHPxy3h6BJzadI7Hs+q9shUSwwtmlAwv6kI0
uXBGr68BVcIb+dNnBDcDP3TC7wc2DQWIpOKMnByKhTea+ZoxD37Mc0hSllZtEzbs
xERE/mVPzCkSNGz4ncz9tHLCo02Jr7xSWznLFwkmoMTmOry/iGKAUtdj1L4TXB5h
Wo1EAMqpQk39rlAy+5Umm4dWV+w1kD2DG6K2Qd/I++oWUkpEKeICudqdyLOHcbk4
8/oaqzDW09ifk/HRGKl3XydiAlYDFr/TQutNnWSV1luSZyye7R7e34g1ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMt+o5UFUY7/OxYy/JYs5/VxInEBMB8GA1UdIwQY
MBaAFDiQ56RUmlcfaLaI2tT1ztjlKQaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0pEbnBGU2FWeDlvdG9qYTFQWE8yT1VwQm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8yNWRmNGUtYWZjNS00YzUwLThkZTIt
OTQ4MTJjN2Y0NDllLzEvT0pEbnBGU2FWeDlvdG9qYTFQWE8yT1VwQm9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8yNWRmNGUtYWZjNS00YzUwLThkZTItOTQ4MTJjN2Y0NDll
LzEvT0pEbnBGU2FWeDlvdG9qYTFQWE8yT1VwQm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADzB5Sni2
tWq7BO/hQ+l/X7z8L7K0uQq0G+jPClzNRvtgA4ninHoCSuynySczob7whNFamf4W
YyLuDG4PBTgnFvrKnrogpo3DN/yY/xVQQsk/ZOKw4Fqvrij8WSjdhgde75pCk1yG
y7ozrcKlTn2NET7M++Dr5/oNWA4ouPQjIT9j01O0kOSBeCAhy5kaHgVSGT2/P1YS
hMGuz6jHuF0DMuESm7FyHHJN8ORXDY5NxVPLy7K9vd4zXsJKrAic2Zte+ClcQ5Hm
+wCEkYQ7udmZdz8cpSR5EZqEBOiGwuWKFCSJjWsEb+8J1B4vAn3kM1rtWc+8rwxp
JqlZaeyiHE30aw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:52:36 2025 by rpki-client