Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.mft
File: OvdxDfit1ku5aI4PRYG-pn5ALGY.mft (raw, json)
Hash identifier: 3mkPiFxQjTuAeE0d/1pvH7aNdyAPTFXON1qewjkp4rQ=
Subject key identifier: 72:29:68:68:65:9C:67:80:C0:C1:A4:4D:B3:28:44:D3:20:3D:38:27
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 019927B2C50096E215F1E6FC6BD9CD32E210
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.mft
Manifest number: 0BB0
Signing time: Mon 08 Sep 2025 05:00:51 +0000
Manifest this update: Mon 08 Sep 2025 05:00:51 +0000
Manifest next update: Tue 09 Sep 2025 05:00:51 +0000
Files and hashes: 1: 1-5V6RXgQOXjxU3mO34q_0PmmYk4.roa (hash: UBzppXP3Ubih2qJBoeebTWZSAjaul2dwW+uHzrrKrpI=)
2: OvdxDfit1ku5aI4PRYG-pn5ALGY.crl (hash: oQ9MXZHgC/RXTVulpyoT/+eYRuKSNXD/lG8f648GKK4=)
3: XSqKcr4vohHwUX7C_jwkOz3T4S8.roa (hash: S5RGDFj4AygaOQ9nMJnUMnAW4DmVGX2kAbpxmhv1Nxo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:27:b2:c5:00:96:e2:15:f1:e6:fc:6b:d9:cd:32:e2:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Sep 8 05:00:51 2025 GMT
Not After : Sep 9 05:00:51 2025 GMT
Subject: CN=72296868659c6780c0c1a44db32844d3203d3827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:31:ca:6a:9a:bd:51:78:8c:c4:11:f9:08:ea:
bb:dc:77:e5:27:65:22:0f:cc:3b:61:93:06:09:c7:
e6:3c:5b:4f:dc:a6:fa:35:1b:c9:7c:0f:78:fd:17:
f7:be:f0:3e:1b:a7:49:16:0e:08:24:e4:ba:2d:1a:
5b:85:a7:66:42:7e:fe:5e:16:85:da:93:40:0e:2e:
a5:c9:9f:27:7b:b1:36:d5:47:eb:7d:14:bf:cf:72:
1a:12:15:2f:27:da:23:be:64:c6:d8:98:27:1f:31:
08:ec:1a:a0:9d:97:e7:45:68:00:2f:b5:c8:b5:38:
e2:b3:1c:36:72:b3:68:a4:8e:0c:4d:5f:cf:a6:cd:
53:8f:1f:08:22:ae:7e:e8:07:91:ad:75:7c:df:4d:
1c:f1:c4:e2:6b:e1:8e:32:8c:b7:ea:1a:ba:71:e0:
63:fc:72:bd:ed:32:07:e9:21:86:a3:8a:bc:fd:4a:
78:ae:ca:5f:90:26:31:02:bf:1b:44:4e:3c:74:38:
66:1b:4c:85:06:a3:9a:b1:c1:85:06:51:e1:3f:9e:
b7:c0:2f:fa:fb:7a:a3:b0:a8:40:7c:e0:85:c8:68:
90:27:8c:f9:ad:94:a7:15:35:1d:20:51:bd:b2:c8:
3c:f5:02:af:c6:46:1e:51:c0:a0:71:bd:61:2c:e8:
48:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:29:68:68:65:9C:67:80:C0:C1:A4:4D:B3:28:44:D3:20:3D:38:27
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:5f:9c:71:6e:8e:0c:b5:da:bd:41:be:ce:9b:00:75:ff:39:
ba:96:a1:71:11:ee:6f:b7:84:dd:cc:1b:aa:38:a7:f9:42:52:
be:dc:e3:8c:a7:6b:89:f2:c5:b3:08:b9:9e:0f:46:74:e7:d6:
8e:46:5b:26:b5:2d:44:6a:9d:c9:13:dc:77:13:87:c5:f4:5e:
80:8e:60:a1:63:02:c2:e9:03:af:40:22:71:3c:3a:29:25:09:
37:2d:6f:2b:9b:da:50:6d:1c:f5:3f:5f:ed:c4:b7:33:c5:44:
25:41:4f:92:2d:a0:ad:bf:d5:7c:36:97:c4:b1:6b:38:cc:7e:
3f:4f:1a:ee:4e:77:ab:e4:db:14:ff:37:6f:9e:6f:bc:e7:c5:
98:2e:88:40:1c:72:f7:20:7f:0b:cc:84:34:64:e6:48:4a:b8:
df:3e:80:92:1a:69:f1:ea:4d:02:c2:43:8b:a3:4d:1b:7e:f4:
ca:1d:df:b9:b0:a2:0c:f2:f4:aa:2f:dc:ef:ca:e7:4c:5a:06:
51:5e:64:e9:c3:34:1e:d1:34:63:ac:a4:af:d9:82:83:ec:fa:
a1:3c:fd:e2:ad:e8:50:be:cd:c1:19:58:0d:fa:dd:93:45:37:
39:3f:65:64:b5:13:27:74:18:ff:08:c5:ec:7d:68:98:60:55:
bb:16:f7:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZknssUAluIV8eb8a9nNMuIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjUwOTA4MDUwMDUxWhcNMjUwOTA5MDUwMDUxWjAzMTEwLwYDVQQD
Eyg3MjI5Njg2ODY1OWM2NzgwYzBjMWE0NGRiMzI4NDRkMzIwM2QzODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDHKapq9UXiMxBH5COq73HflJ2Ui
D8w7YZMGCcfmPFtP3Kb6NRvJfA94/Rf3vvA+G6dJFg4IJOS6LRpbhadmQn7+XhaF
2pNADi6lyZ8ne7E21UfrfRS/z3IaEhUvJ9ojvmTG2JgnHzEI7BqgnZfnRWgAL7XI
tTjisxw2crNopI4MTV/Pps1Tjx8IIq5+6AeRrXV8300c8cTia+GOMoy36hq6ceBj
/HK97TIH6SGGo4q8/Up4rspfkCYxAr8bRE48dDhmG0yFBqOascGFBlHhP563wC/6
+3qjsKhAfOCFyGiQJ4z5rZSnFTUdIFG9ssg89QKvxkYeUcCgcb1hLOhI5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHIpaGhlnGeAwMGkTbMoRNMgPTgnMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb1+ccW6O
DLXavUG+zpsAdf85upahcRHub7eE3cwbqjin+UJSvtzjjKdrifLFswi5ng9GdOfW
jkZbJrUtRGqdyRPcdxOHxfRegI5goWMCwukDr0AicTw6KSUJNy1vK5vaUG0c9T9f
7cS3M8VEJUFPki2grb/VfDaXxLFrOMx+P08a7k53q+TbFP83b55vvOfFmC6IQBxy
9yB/C8yENGTmSEq43z6Akhpp8epNAsJDi6NNG370yh3fubCiDPL0qi/c78rnTFoG
UV5k6cM0HtE0Y6ykr9mCg+z6oTz94q3oUL7NwRlYDfrdk0U3OT9lZLUTJ3QY/wjF
7H1omGBVuxb33A==
-----END CERTIFICATE-----
Generated at Mon Sep 8 08:14:29 2025 by rpki-client