Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
File: Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft (raw, json)
Hash identifier: P7loPfZMp+zDnuDnpuoNds/V2gc/HtoZf6QLAbmw7eY=
Subject key identifier: D2:E7:E7:47:5A:33:12:AE:5E:20:4C:5D:F5:66:DF:2F:75:14:B0:ED
Authority key identifier: 3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A
Certificate issuer: /CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
Certificate serial: 0199221ED87FC2BDB69F2302E36331A2CB0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
Manifest number: 166E
Signing time: Sun 07 Sep 2025 03:01:10 +0000
Manifest this update: Sun 07 Sep 2025 03:01:10 +0000
Manifest next update: Mon 08 Sep 2025 03:01:10 +0000
Files and hashes: 1: Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl (hash: 1FIO3XgeZhrWkxGt4/5T5zscD/OAuZzKkPz0PHTEKTQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 03:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:1e:d8:7f:c2:bd:b6:9f:23:02:e3:63:31:a2:cb:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
Validity
Not Before: Sep 7 03:01:10 2025 GMT
Not After : Sep 8 03:01:10 2025 GMT
Subject: CN=d2e7e7475a3312ae5e204c5df566df2f7514b0ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:51:a4:2b:a2:3d:c3:51:72:7a:97:36:e7:25:
ed:5b:29:5a:ab:85:b3:ff:22:d0:ca:b5:2b:72:e6:
58:c7:5d:6f:4a:42:c1:47:c9:96:77:82:d4:49:eb:
13:80:e1:08:4e:8a:eb:40:5c:07:6f:78:0a:39:a5:
ec:0b:78:2e:5c:78:fa:65:44:44:a1:d5:cd:f1:61:
36:f0:d7:41:73:11:74:b4:cb:f4:4b:ed:ce:e0:c2:
85:5d:c8:d6:df:6c:35:93:43:91:52:d2:a8:83:80:
1b:fe:b1:91:dd:9e:44:51:4d:88:78:a8:e9:50:95:
71:6f:d8:28:dd:4d:41:ab:43:ea:ee:e6:6e:34:5a:
70:08:9a:60:84:7a:14:cb:b7:97:d9:f4:f0:d7:30:
50:78:a2:cf:3d:3d:44:ec:d9:14:3a:0b:55:d4:02:
36:fd:8e:61:7a:34:e5:20:42:93:c0:31:65:ab:6c:
71:e6:56:ec:84:53:2f:73:10:3c:4f:84:79:4b:4f:
d8:19:63:3f:c5:51:ad:3f:61:12:c4:89:b9:61:65:
b5:fa:7e:7d:45:2f:9f:8d:4b:b0:13:d8:7d:5a:6e:
35:0e:0a:ce:f6:59:89:33:15:50:21:2e:f9:ea:64:
71:2a:cc:48:3d:ec:46:aa:ea:85:ec:cf:f5:ef:0a:
54:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:E7:E7:47:5A:33:12:AE:5E:20:4C:5D:F5:66:DF:2F:75:14:B0:ED
X509v3 Authority Key Identifier:
keyid:3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:a2:78:dd:25:4c:eb:97:1b:c8:a6:63:74:a4:c3:32:e8:bc:
e4:7b:2f:27:f0:4c:0d:b4:6e:a4:50:6b:4c:fe:2b:3f:ca:3f:
23:c7:89:2b:21:19:29:01:b9:f4:e5:d5:96:46:e8:28:11:d6:
ff:88:d4:a7:fa:fc:c7:80:de:bb:34:42:fb:10:ac:9a:43:04:
cd:4f:1f:90:2c:28:6a:bf:48:e5:2d:7c:1c:10:57:e5:4b:8c:
58:03:44:12:0d:28:7f:45:8e:15:4d:c9:4e:e1:4d:69:0b:d3:
10:04:92:c5:0b:b9:3e:6c:83:8e:98:0d:ed:9c:7e:25:4b:3c:
27:ff:fd:94:3a:57:2f:1b:07:82:43:97:33:64:78:d0:76:93:
b6:03:23:a2:95:47:5f:b4:3c:c9:61:64:c3:11:de:6b:79:a5:
09:4a:f2:ef:9b:92:a9:59:75:82:0e:93:e4:84:00:91:4f:d7:
b1:73:07:2e:be:e2:c4:c1:f2:08:bc:94:8d:39:89:8c:24:ba:
52:6d:d1:81:64:63:03:32:d6:5f:da:64:e5:2d:f0:35:24:32:
55:2c:86:0f:dd:ee:40:07:97:4e:d7:57:19:fc:70:69:f7:21:
a3:38:35:ee:fb:49:f5:57:f9:7e:8c:26:f7:bd:31:cc:3a:c9:
2a:cf:44:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHth/wr22nyMC42MxossPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzg3YzFhNzIzOTM5OGZlZjQyZmJmNGU2YjhiYTY3ZmI0
MTY0N2EwHhcNMjUwOTA3MDMwMTEwWhcNMjUwOTA4MDMwMTEwWjAzMTEwLwYDVQQD
EyhkMmU3ZTc0NzVhMzMxMmFlNWUyMDRjNWRmNTY2ZGYyZjc1MTRiMGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVGkK6I9w1Fyepc25yXtWylaq4Wz
/yLQyrUrcuZYx11vSkLBR8mWd4LUSesTgOEITorrQFwHb3gKOaXsC3guXHj6ZURE
odXN8WE28NdBcxF0tMv0S+3O4MKFXcjW32w1k0ORUtKog4Ab/rGR3Z5EUU2IeKjp
UJVxb9go3U1Bq0Pq7uZuNFpwCJpghHoUy7eX2fTw1zBQeKLPPT1E7NkUOgtV1AI2
/Y5hejTlIEKTwDFlq2xx5lbshFMvcxA8T4R5S0/YGWM/xVGtP2ESxIm5YWW1+n59
RS+fjUuwE9h9Wm41DgrO9lmJMxVQIS756mRxKsxIPexGquqF7M/17wpUUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNLn50daMxKuXiBMXfVm3y91FLDtMB8GA1UdIwQY
MBaAFDp4fBpyOTmP70L79Oa4umf7QWR6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMt
MzZkNzkyMWU5M2IzLzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMtMzZkNzkyMWU5M2Iz
LzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACKJ43SVM
65cbyKZjdKTDMui85HsvJ/BMDbRupFBrTP4rP8o/I8eJKyEZKQG59OXVlkboKBHW
/4jUp/r8x4DeuzRC+xCsmkMEzU8fkCwoar9I5S18HBBX5UuMWANEEg0of0WOFU3J
TuFNaQvTEASSxQu5PmyDjpgN7Zx+JUs8J//9lDpXLxsHgkOXM2R40HaTtgMjopVH
X7Q8yWFkwxHea3mlCUry75uSqVl1gg6T5IQAkU/XsXMHLr7ixMHyCLyUjTmJjCS6
Um3RgWRjAzLWX9pk5S3wNSQyVSyGD93uQAeXTtdXGfxwafchozg17vtJ9Vf5fowm
970xzDrJKs9EIQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:42:27 2025 by rpki-client