Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.mft
File: roOCT9wp6-SsKGygGETfhtTXXsA.mft (raw, json)
Hash identifier: +n8fEu8/U3YlZ6BfdSg9Z0tvcr86v3SQ344Y7cBwI+8=
Subject key identifier: C5:8C:8B:70:7F:9C:A8:0E:15:C7:A1:2B:FC:52:A5:BA:3D:0E:2C:5A
Authority key identifier: AE:83:82:4F:DC:29:EB:E4:AC:28:6C:A0:18:44:DF:86:D4:D7:5E:C0
Certificate issuer: /CN=ae83824fdc29ebe4ac286ca01844df86d4d75ec0
Certificate serial: 01974EC5A01C7A51CAE399AB753D40548776
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/roOCT9wp6-SsKGygGETfhtTXXsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.mft
Manifest number: 01A4
Signing time: Sun 08 Jun 2025 09:01:03 +0000
Manifest this update: Sun 08 Jun 2025 09:01:03 +0000
Manifest next update: Mon 09 Jun 2025 09:01:03 +0000
Files and hashes: 1: jHCjx-TBB5oXKBhOsM_EWQyL88A.roa (hash: rucNPqCxXwLKo5x3absYJUk2L/e2sCkpCPYtoCEmNPo=)
2: roOCT9wp6-SsKGygGETfhtTXXsA.crl (hash: aXtugPBEIY7Ca6RfcfMw+ZY/5jbcbE8HW4PfViE2/gA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.mft
rsync://rpki.ripe.net/repository/DEFAULT/roOCT9wp6-SsKGygGETfhtTXXsA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4e:c5:a0:1c:7a:51:ca:e3:99:ab:75:3d:40:54:87:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae83824fdc29ebe4ac286ca01844df86d4d75ec0
Validity
Not Before: Jun 8 09:01:03 2025 GMT
Not After : Jun 9 09:01:03 2025 GMT
Subject: CN=c58c8b707f9ca80e15c7a12bfc52a5ba3d0e2c5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:50:2a:f3:e2:5c:76:3d:66:11:e4:0b:1c:79:
91:a4:64:20:c7:73:2f:3d:d6:e3:36:84:4f:ab:4c:
e0:3b:bc:27:02:30:9e:78:84:62:f2:7c:e0:8a:73:
49:19:56:b2:25:49:02:e5:e2:25:25:1e:57:28:a1:
47:4a:38:b9:10:3c:93:9f:82:3e:db:0e:b2:84:4d:
98:aa:16:9f:e4:f8:ab:4a:2f:03:fd:35:db:b2:35:
4f:82:99:17:25:91:33:b0:f7:26:40:3e:80:eb:ac:
7c:33:a5:02:9f:8b:b2:25:4e:36:d4:6e:2f:83:1c:
c0:64:78:1a:12:8d:59:16:37:93:2f:bc:06:93:ce:
44:50:4b:33:1d:e2:4a:2a:98:ab:2b:8b:93:2e:59:
32:16:32:18:b6:7f:c0:a5:cf:f6:d8:80:dd:de:09:
3e:8f:99:33:ac:b6:ad:af:a1:a1:49:9c:cd:08:18:
9d:dc:e9:4b:ff:2e:81:93:21:e2:59:45:76:34:37:
a5:46:b0:3f:26:e9:19:c4:eb:30:31:51:26:c4:78:
8a:d4:a8:5c:0d:14:6b:71:63:c9:b2:76:f1:3d:00:
97:88:30:4b:6f:6a:51:1c:98:65:b1:61:4e:58:26:
cc:d0:60:65:15:a9:e0:5c:db:8b:58:d6:80:dd:1f:
aa:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:8C:8B:70:7F:9C:A8:0E:15:C7:A1:2B:FC:52:A5:BA:3D:0E:2C:5A
X509v3 Authority Key Identifier:
keyid:AE:83:82:4F:DC:29:EB:E4:AC:28:6C:A0:18:44:DF:86:D4:D7:5E:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/roOCT9wp6-SsKGygGETfhtTXXsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:7d:0f:cf:63:95:fc:4e:e4:68:f0:d9:f1:e3:2f:67:e6:d7:
2c:ea:93:f4:90:57:45:e9:34:8a:97:a2:af:f5:0f:98:79:5a:
fb:2f:14:b7:29:d3:96:21:c3:4e:30:08:76:c4:03:d4:fc:5d:
0e:a0:d6:d0:36:ea:9e:3a:2e:03:ac:84:8b:55:f6:bc:7b:cb:
fa:9b:d4:c1:0f:e3:99:ab:34:93:63:5f:19:1a:38:51:4b:91:
74:3f:9a:16:b7:27:03:80:5c:a8:a3:84:2a:61:8c:ab:47:d7:
eb:08:da:03:db:c9:90:a9:a2:9d:81:1b:08:4b:08:40:39:b0:
8f:3b:33:92:b4:5c:bb:1c:82:ec:40:d9:a5:36:42:21:0f:c8:
68:2b:1c:e9:88:9e:f9:91:45:f5:a4:68:de:0d:22:8d:f6:8e:
5a:67:38:a2:cc:4d:ef:b3:7e:16:49:3f:72:e5:6c:e5:1e:d7:
ec:d4:49:f9:6c:54:24:37:84:b5:12:a3:46:0f:b2:1e:60:dc:
99:ab:ff:ca:f6:72:eb:39:c8:a5:94:d8:22:93:d1:0b:ef:74:
37:c9:f1:84:80:7e:42:9c:b2:a0:06:af:e6:0e:d1:3c:f1:c6:
98:92:45:52:a9:ef:cd:84:5b:c0:78:00:57:c1:9e:25:13:1b:
03:99:9c:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOxaAcelHK45mrdT1AVId2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlODM4MjRmZGMyOWViZTRhYzI4NmNhMDE4NDRkZjg2ZDRk
NzVlYzAwHhcNMjUwNjA4MDkwMTAzWhcNMjUwNjA5MDkwMTAzWjAzMTEwLwYDVQQD
EyhjNThjOGI3MDdmOWNhODBlMTVjN2ExMmJmYzUyYTViYTNkMGUyYzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1Aq8+Jcdj1mEeQLHHmRpGQgx3Mv
PdbjNoRPq0zgO7wnAjCeeIRi8nzginNJGVayJUkC5eIlJR5XKKFHSji5EDyTn4I+
2w6yhE2Yqhaf5PirSi8D/TXbsjVPgpkXJZEzsPcmQD6A66x8M6UCn4uyJU421G4v
gxzAZHgaEo1ZFjeTL7wGk85EUEszHeJKKpirK4uTLlkyFjIYtn/Apc/22IDd3gk+
j5kzrLatr6GhSZzNCBid3OlL/y6BkyHiWUV2NDelRrA/JukZxOswMVEmxHiK1Khc
DRRrcWPJsnbxPQCXiDBLb2pRHJhlsWFOWCbM0GBlFangXNuLWNaA3R+qnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMWMi3B/nKgOFcehK/xSpbo9DixaMB8GA1UdIwQY
MBaAFK6Dgk/cKevkrChsoBhE34bU117AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm9PQ1Q5d3A2LVNzS0d5Z0dFVGZodFRYWHNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC83MTc0ZWUtMzA3Ni00OTZjLWIyNTkt
OTcwMDU0NmI1NzExLzEvcm9PQ1Q5d3A2LVNzS0d5Z0dFVGZodFRYWHNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC83MTc0ZWUtMzA3Ni00OTZjLWIyNTktOTcwMDU0NmI1NzEx
LzEvcm9PQ1Q5d3A2LVNzS0d5Z0dFVGZodFRYWHNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACn0Pz2OV
/E7kaPDZ8eMvZ+bXLOqT9JBXRek0ipeir/UPmHla+y8UtynTliHDTjAIdsQD1Pxd
DqDW0DbqnjouA6yEi1X2vHvL+pvUwQ/jmas0k2NfGRo4UUuRdD+aFrcnA4BcqKOE
KmGMq0fX6wjaA9vJkKminYEbCEsIQDmwjzszkrRcuxyC7EDZpTZCIQ/IaCsc6Yie
+ZFF9aRo3g0ijfaOWmc4osxN77N+Fkk/cuVs5R7X7NRJ+WxUJDeEtRKjRg+yHmDc
mav/yvZy6znIpZTYIpPRC+90N8nxhIB+QpyyoAav5g7RPPHGmJJFUqnvzYRbwHgA
V8GeJRMbA5mc9A==
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:14:30 2025 by rpki-client