Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
File: 1OKJaJepchZ45oRpOZOlqISQM2Q.mft (raw, json)
Hash identifier: C8ClKEvUqpqbUDtOwSvQxHlSTm+QzuPiA3jUt5DQDzc=
Subject key identifier: F2:D9:62:AA:07:8C:0F:3B:AE:CE:5C:13:07:85:37:5F:00:B2:9A:0B
Authority key identifier: D4:E2:89:68:97:A9:72:16:78:E6:84:69:39:93:A5:A8:84:90:33:64
Certificate issuer: /CN=d4e2896897a9721678e684693993a5a884903364
Certificate serial: 01974A0CB888B918DA6669207E3FD129F819
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
Manifest number: 157D
Signing time: Sat 07 Jun 2025 11:00:36 +0000
Manifest this update: Sat 07 Jun 2025 11:00:36 +0000
Manifest next update: Sun 08 Jun 2025 11:00:36 +0000
Files and hashes: 1: 1OKJaJepchZ45oRpOZOlqISQM2Q.crl (hash: jw5JotXFQfV1CV09bHy0L/H83Vhq48wyKJ0IPj6FDC4=)
2: WAQz-NVz1tPP197fB-7kdlHEMDo.roa (hash: EfunuE83nVqoEWqBwZZf7jU1FPr/i4YaWTLI4hd6d6w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:0c:b8:88:b9:18:da:66:69:20:7e:3f:d1:29:f8:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2896897a9721678e684693993a5a884903364
Validity
Not Before: Jun 7 11:00:36 2025 GMT
Not After : Jun 8 11:00:36 2025 GMT
Subject: CN=f2d962aa078c0f3baece5c130785375f00b29a0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:49:34:02:94:fb:8e:a6:d2:fc:dd:f7:61:18:
b2:fc:d7:0c:9d:94:11:44:61:12:da:a4:7f:29:38:
28:65:9e:c9:ce:1d:4d:9c:f0:f4:4f:0d:7b:7d:36:
fc:85:86:be:d4:77:49:0a:40:36:a9:0f:e1:3b:3a:
98:ee:29:fe:3b:84:d0:be:11:fd:e6:7a:f9:4e:d7:
c3:68:63:95:e4:d9:d2:92:f9:6b:76:63:8b:f3:b0:
8c:b0:be:c0:dc:d5:20:4c:f2:ab:8c:f9:af:87:65:
57:66:e0:dd:20:36:be:12:ae:67:9b:e7:46:e6:3f:
eb:2a:82:66:3c:79:81:86:d3:d9:72:3e:58:90:e3:
b7:4a:ed:df:7b:a9:5e:de:6e:57:f9:3a:a7:7d:a1:
04:f0:94:af:e7:a6:8a:20:3c:d5:20:af:1b:73:49:
2f:cd:3a:af:c2:5d:b1:23:a1:db:b8:1e:97:86:4b:
73:cf:b1:60:93:17:3c:2c:7c:8e:1a:ad:c8:bb:61:
80:46:fe:7e:70:9a:d9:a5:3e:7e:fd:9f:da:67:1a:
3d:e4:44:47:34:5a:e6:ec:a5:d7:77:51:d7:2b:79:
99:ec:f6:c5:31:d4:23:3b:00:55:0f:ec:80:08:d7:
71:4a:61:06:2f:72:14:a7:53:86:4e:cf:26:85:a2:
23:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:D9:62:AA:07:8C:0F:3B:AE:CE:5C:13:07:85:37:5F:00:B2:9A:0B
X509v3 Authority Key Identifier:
keyid:D4:E2:89:68:97:A9:72:16:78:E6:84:69:39:93:A5:A8:84:90:33:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:93:fa:5b:2c:22:44:e6:f6:65:14:13:f6:2f:cc:d5:d2:6c:
3b:ce:7e:7e:c4:57:ae:9c:9e:ee:9e:3f:e4:8d:3d:dc:9b:d7:
a9:c9:b6:0f:7e:8b:1a:f3:d1:08:a5:4c:cb:dd:77:22:dc:e5:
6a:be:45:d3:13:ed:08:46:62:86:7d:e8:39:cf:ad:d3:0a:a1:
a0:c5:62:07:7a:a7:26:5b:f9:d2:a5:ab:4a:83:a3:0d:91:03:
b9:fc:a2:bb:d0:d1:e6:f8:b3:4f:3f:c1:24:41:af:c9:ef:48:
fe:2b:31:60:44:10:6a:6d:25:9f:3c:4f:c3:12:5d:be:fb:b4:
23:c3:d7:20:d5:34:8d:b5:c4:d3:a3:26:f8:05:b6:43:6d:c3:
bc:69:72:05:25:ce:17:fa:28:fb:3a:89:82:28:44:62:84:0c:
fb:08:94:00:74:89:cf:f3:06:93:28:6b:4e:3c:a3:47:83:99:
ac:d9:e1:99:79:b5:f7:0f:da:f6:a9:cb:f4:2c:51:eb:de:66:
ea:11:12:3e:55:93:49:41:e5:b2:ce:80:b2:a1:57:60:72:57:
04:8a:bf:22:99:a9:60:8e:aa:96:de:d1:cd:25:57:16:44:c1:
8b:a4:62:a6:94:d7:d3:d2:bf:e7:f3:82:60:92:09:f8:ec:aa:
93:5e:83:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKDLiIuRjaZmkgfj/RKfgZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI4OTY4OTdhOTcyMTY3OGU2ODQ2OTM5OTNhNWE4ODQ5
MDMzNjQwHhcNMjUwNjA3MTEwMDM2WhcNMjUwNjA4MTEwMDM2WjAzMTEwLwYDVQQD
EyhmMmQ5NjJhYTA3OGMwZjNiYWVjZTVjMTMwNzg1Mzc1ZjAwYjI5YTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEk0ApT7jqbS/N33YRiy/NcMnZQR
RGES2qR/KTgoZZ7Jzh1NnPD0Tw17fTb8hYa+1HdJCkA2qQ/hOzqY7in+O4TQvhH9
5nr5TtfDaGOV5NnSkvlrdmOL87CMsL7A3NUgTPKrjPmvh2VXZuDdIDa+Eq5nm+dG
5j/rKoJmPHmBhtPZcj5YkOO3Su3fe6le3m5X+TqnfaEE8JSv56aKIDzVIK8bc0kv
zTqvwl2xI6HbuB6Xhktzz7Fgkxc8LHyOGq3Iu2GARv5+cJrZpT5+/Z/aZxo95ERH
NFrm7KXXd1HXK3mZ7PbFMdQjOwBVD+yACNdxSmEGL3IUp1OGTs8mhaIjyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPLZYqoHjA87rs5cEweFN18AspoLMB8GA1UdIwQY
MBaAFNTiiWiXqXIWeOaEaTmTpaiEkDNkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lMjgxMDMtYTBmYi00MjI3LWJjYjEt
ZTQ5N2Q0MGY0ZTJhLzEvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lMjgxMDMtYTBmYi00MjI3LWJjYjEtZTQ5N2Q0MGY0ZTJh
LzEvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc5P6Wywi
ROb2ZRQT9i/M1dJsO85+fsRXrpye7p4/5I093JvXqcm2D36LGvPRCKVMy913Itzl
ar5F0xPtCEZihn3oOc+t0wqhoMViB3qnJlv50qWrSoOjDZEDufyiu9DR5vizTz/B
JEGvye9I/isxYEQQam0lnzxPwxJdvvu0I8PXINU0jbXE06Mm+AW2Q23DvGlyBSXO
F/oo+zqJgihEYoQM+wiUAHSJz/MGkyhrTjyjR4OZrNnhmXm19w/a9qnL9CxR695m
6hESPlWTSUHlss6AsqFXYHJXBIq/IpmpYI6qlt7RzSVXFkTBi6RippTX09K/5/OC
YJIJ+Oyqk16Dww==
-----END CERTIFICATE-----
Generated at Sat Jun 7 20:25:19 2025 by rpki-client