Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
File: DkOg3wWaUlGkALWh8TIboA0xINI.mft (raw, json)
Hash identifier: br9ZjlepiCz9No3ztDnH4fkQvbjCupN9TMNiQA9AI1M=
Subject key identifier: 0D:82:B6:99:EC:F1:32:81:83:18:E5:FF:9E:A9:A7:7F:40:93:95:BF
Authority key identifier: 0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
Certificate issuer: /CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Certificate serial: 0199643552EE946C65F53BE4262858A5D148
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
Manifest number: 1695
Signing time: Fri 19 Sep 2025 23:00:40 +0000
Manifest this update: Fri 19 Sep 2025 23:00:40 +0000
Manifest next update: Sat 20 Sep 2025 23:00:40 +0000
Files and hashes: 1: DkOg3wWaUlGkALWh8TIboA0xINI.crl (hash: vzn8xROoaGnhucAn/DjJEqnzLsGtqpL2Nog9CxHDVto=)
2: meyQlZ2V2fFm7jP19tS1SnwZU8o.roa (hash: Rjzn7WIqlB0uqbC7++KFiY3Pm+Td1rmouk6fxkElj30=)
3: u8p2k1kowabt5V010HcHbUdny4A.roa (hash: +zIIZMzEVP0HgE88S7aeA3JokmowyYpTKNzs1+R3c2M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 16:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:64:35:52:ee:94:6c:65:f5:3b:e4:26:28:58:a5:d1:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Validity
Not Before: Sep 19 23:00:40 2025 GMT
Not After : Sep 20 23:00:40 2025 GMT
Subject: CN=0d82b699ecf132818318e5ff9ea9a77f409395bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:eb:bd:e3:bf:8b:2e:bf:c2:87:ad:07:10:77:
01:e7:ee:62:89:59:6a:d1:8e:f7:74:96:db:5e:87:
b2:36:31:7d:bc:33:fa:4c:35:0e:37:58:0a:48:36:
32:5e:f6:ee:7b:1d:44:ba:9c:44:34:bd:75:74:8c:
68:b0:0d:6f:a2:2e:f9:f4:85:26:d3:e2:24:1c:93:
e6:c4:75:b6:a6:9b:4e:1c:32:6d:c0:a1:f6:8f:d2:
7b:db:f5:a7:71:d3:00:7b:f2:92:dc:f0:8d:f0:27:
73:06:ba:10:12:e4:4e:6b:13:65:6a:dc:36:86:7b:
cb:ba:af:1f:62:0f:04:b3:7f:4c:2c:30:77:1b:50:
40:e3:f9:3b:e5:b4:02:43:1a:52:15:90:b6:54:47:
58:61:10:7a:ad:70:5d:b9:61:ff:75:1f:e3:cd:52:
1f:b8:6e:d9:77:67:08:88:4b:be:e6:f3:80:35:90:
e5:1d:2e:99:5c:eb:57:8a:0e:aa:44:4b:0a:7f:4f:
6f:98:9e:42:95:84:e7:cf:a2:3f:e2:36:66:73:65:
39:b7:45:4a:2c:31:88:06:4d:58:67:cf:2b:ac:02:
c3:e0:36:35:b1:5e:6f:5b:8c:ae:18:8c:d7:fc:48:
df:fe:86:69:2c:30:b5:15:d8:34:f3:10:4b:5a:94:
e4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:82:B6:99:EC:F1:32:81:83:18:E5:FF:9E:A9:A7:7F:40:93:95:BF
X509v3 Authority Key Identifier:
keyid:0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:3f:0a:ab:f6:29:78:06:71:68:be:27:4a:c8:9d:75:2f:7d:
fe:84:e9:04:de:8d:79:58:5d:4d:f0:e5:bf:2e:0b:8c:f1:e9:
76:1f:b2:85:e1:37:d3:36:eb:ab:76:e9:89:73:31:f4:59:10:
72:9f:93:e5:75:c5:50:2c:d7:0f:85:13:e1:c0:df:5d:65:54:
b9:44:3f:ff:d1:b5:f7:08:8a:ab:4b:49:70:c2:5e:45:ed:d1:
28:73:7e:d7:a4:54:b3:2c:0e:f8:17:3d:da:40:00:47:89:2d:
01:d0:53:ae:da:0c:a1:03:d0:b8:01:36:e1:67:ee:a9:3b:19:
0d:98:55:96:08:32:73:e7:34:be:44:46:bf:6d:42:e1:58:d7:
76:80:d4:a2:1a:29:ff:68:0d:0e:e3:66:49:72:6b:bd:0c:85:
52:96:05:41:77:e4:71:83:dd:3d:d4:ec:03:a9:91:ef:eb:a3:
52:c4:00:0d:f7:c4:5e:4a:34:1b:fe:6e:ea:b4:37:13:4f:a3:
c7:e2:8d:b5:e5:12:1a:f1:07:e0:f6:b6:37:72:e5:26:46:dc:
55:08:1e:29:14:e9:4c:d1:63:ec:ff:72:3c:ce:ba:09:d2:35:
5e:9a:65:dc:6b:cc:ee:4b:8a:72:aa:9c:35:5d:3f:6c:a2:c6:
1a:d6:ec:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZlkNVLulGxl9TvkJihYpdFIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNDNhMGRmMDU5YTUyNTFhNDAwYjVhMWYxMzIxYmEwMGQz
MTIwZDIwHhcNMjUwOTE5MjMwMDQwWhcNMjUwOTIwMjMwMDQwWjAzMTEwLwYDVQQD
EygwZDgyYjY5OWVjZjEzMjgxODMxOGU1ZmY5ZWE5YTc3ZjQwOTM5NWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeu947+LLr/Ch60HEHcB5+5iiVlq
0Y73dJbbXoeyNjF9vDP6TDUON1gKSDYyXvbuex1EupxENL11dIxosA1voi759IUm
0+IkHJPmxHW2pptOHDJtwKH2j9J72/WncdMAe/KS3PCN8CdzBroQEuROaxNlatw2
hnvLuq8fYg8Es39MLDB3G1BA4/k75bQCQxpSFZC2VEdYYRB6rXBduWH/dR/jzVIf
uG7Zd2cIiEu+5vOANZDlHS6ZXOtXig6qREsKf09vmJ5ClYTnz6I/4jZmc2U5t0VK
LDGIBk1YZ88rrALD4DY1sV5vW4yuGIzX/Ejf/oZpLDC1Fdg08xBLWpTkFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2Ctpns8TKBgxjl/56pp39Ak5W/MB8GA1UdIwQY
MBaAFA5DoN8FmlJRpAC1ofEyG6ANMSDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMt
MDA0ZmU0MzNjN2M4LzEvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMtMDA0ZmU0MzNjN2M4
LzEvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADj8Kq/Yp
eAZxaL4nSsiddS99/oTpBN6NeVhdTfDlvy4LjPHpdh+yheE30zbrq3bpiXMx9FkQ
cp+T5XXFUCzXD4UT4cDfXWVUuUQ//9G19wiKq0tJcMJeRe3RKHN+16RUsywO+Bc9
2kAAR4ktAdBTrtoMoQPQuAE24WfuqTsZDZhVlggyc+c0vkRGv21C4VjXdoDUohop
/2gNDuNmSXJrvQyFUpYFQXfkcYPdPdTsA6mR7+ujUsQADffEXko0G/5u6rQ3E0+j
x+KNteUSGvEH4Pa2N3LlJkbcVQgeKRTpTNFj7P9yPM66CdI1Xppl3GvM7kuKcqqc
NV0/bKLGGtbsQA==
-----END CERTIFICATE-----
Generated at Sat Sep 20 02:07:43 2025 by rpki-client