Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.mft
File: OXbmqwhMnu7ehuKva95yFSdLlac.mft (raw, json)
Hash identifier: RvNkQMc9e+qmUN6f1BIt5+VJnemVFFhrFZYLqkZTVg0=
Subject key identifier: 78:A8:A4:BC:82:6C:EF:17:24:3B:69:99:A6:9C:69:95:51:80:11:F4
Authority key identifier: 39:76:E6:AB:08:4C:9E:EE:DE:86:E2:AF:6B:DE:72:15:27:4B:95:A7
Certificate issuer: /CN=3976e6ab084c9eeede86e2af6bde7215274b95a7
Certificate serial: 019921E7FC43FBFD58CEE12B7ECB53EC90A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXbmqwhMnu7ehuKva95yFSdLlac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.mft
Manifest number: 166F
Signing time: Sun 07 Sep 2025 02:01:15 +0000
Manifest this update: Sun 07 Sep 2025 02:01:15 +0000
Manifest next update: Mon 08 Sep 2025 02:01:15 +0000
Files and hashes: 1: OXbmqwhMnu7ehuKva95yFSdLlac.crl (hash: 4hNzKZs8QzVHk3R6E3CTww69DfEqmcYR83tC0IBB68Q=)
2: bS8D5tTeBAXDkMQSy-j-MAcdPro.roa (hash: R+yA1y5Nb8S44doc/dttKyd8pVatx4WMIyAI41rpB+c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.mft
rsync://rpki.ripe.net/repository/DEFAULT/OXbmqwhMnu7ehuKva95yFSdLlac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 02:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:21:e7:fc:43:fb:fd:58:ce:e1:2b:7e:cb:53:ec:90:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3976e6ab084c9eeede86e2af6bde7215274b95a7
Validity
Not Before: Sep 7 02:01:15 2025 GMT
Not After : Sep 8 02:01:15 2025 GMT
Subject: CN=78a8a4bc826cef17243b6999a69c6995518011f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f7:99:08:60:3c:c1:bf:d9:04:d8:04:80:f5:
db:d6:cd:63:b6:5d:12:3c:0f:3b:05:d9:e2:97:49:
e9:81:24:99:cb:aa:03:31:10:66:10:4c:3a:f3:ee:
0a:62:e9:5b:f9:ec:6a:f5:cd:e1:e9:7b:22:1c:23:
ce:9e:88:de:fb:99:fe:d4:0f:df:c0:8b:b3:da:c8:
1f:64:0e:46:70:9b:37:ef:4e:bf:5a:81:e8:6a:43:
65:21:e2:a1:42:88:00:b8:09:65:de:05:1f:4f:81:
b2:90:0a:3a:85:58:27:c1:73:c8:02:9c:89:9e:07:
97:fd:f3:f5:89:0d:b2:a4:59:63:34:7a:8e:ac:71:
9b:54:6c:9c:74:97:5e:65:39:bd:ad:cd:51:6d:9a:
99:60:22:fd:5b:29:73:52:eb:2c:bb:32:47:9f:3f:
2e:87:1a:c7:5b:32:d4:bf:10:6a:3a:19:c8:28:2b:
a6:aa:d1:07:c8:e0:2a:51:f5:35:61:05:33:8b:bc:
5d:ca:df:8e:5f:13:7b:35:16:b8:86:a4:2a:c4:9b:
3d:06:da:8e:d4:a0:bc:ed:b3:47:8c:72:c5:c8:94:
c9:d3:22:0a:4e:cb:1a:aa:52:8d:b8:5e:93:76:76:
a3:18:04:4b:fe:3c:2a:c4:ff:cd:ef:ec:a0:a8:20:
e5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:A8:A4:BC:82:6C:EF:17:24:3B:69:99:A6:9C:69:95:51:80:11:F4
X509v3 Authority Key Identifier:
keyid:39:76:E6:AB:08:4C:9E:EE:DE:86:E2:AF:6B:DE:72:15:27:4B:95:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXbmqwhMnu7ehuKva95yFSdLlac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:81:c7:2b:3a:f8:a9:24:44:4c:a2:32:47:24:af:01:d3:6f:
d7:31:b1:5d:2b:2d:1b:fb:22:a5:94:6c:e9:d6:89:71:4e:98:
cb:3c:9e:c9:84:5f:df:3b:91:51:82:2c:c7:14:69:23:58:4f:
9b:c2:a2:b8:75:12:fb:33:dd:0a:f2:5f:a4:ca:1f:aa:b1:46:
ba:56:63:94:34:a3:84:47:93:df:45:33:d6:65:4a:be:fb:d5:
59:ec:28:1f:c6:7d:7e:e2:21:4d:de:23:b0:0e:ef:82:78:fd:
ca:65:4e:fe:e5:f9:a4:73:d1:82:68:bd:8b:38:dc:a6:5a:db:
86:5d:4d:8c:b4:fa:95:b0:eb:da:18:c0:94:50:42:a6:1e:29:
63:50:53:d3:8c:03:f2:12:98:74:22:8f:cb:62:63:13:0e:a1:
4d:4e:fc:e5:59:2e:f9:f7:03:c1:7a:10:40:a9:c7:07:8f:a0:
58:1b:23:00:a1:2f:f3:1f:99:17:65:7d:ed:1a:30:47:e9:21:
1b:d6:19:eb:f9:c8:9d:ba:84:e6:01:28:e9:57:90:7b:d0:13:
1e:43:5c:54:6d:b1:d8:cb:16:68:e6:8b:d9:8d:e7:c6:91:16:
22:d1:ce:a5:42:bf:da:30:00:30:4a:99:33:1b:7c:ed:6d:f8:
75:e3:09:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkh5/xD+/1YzuErfstT7JCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzZlNmFiMDg0YzllZWVkZTg2ZTJhZjZiZGU3MjE1Mjc0
Yjk1YTcwHhcNMjUwOTA3MDIwMTE1WhcNMjUwOTA4MDIwMTE1WjAzMTEwLwYDVQQD
Eyg3OGE4YTRiYzgyNmNlZjE3MjQzYjY5OTlhNjljNjk5NTUxODAxMWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0veZCGA8wb/ZBNgEgPXb1s1jtl0S
PA87Bdnil0npgSSZy6oDMRBmEEw68+4KYulb+exq9c3h6XsiHCPOnoje+5n+1A/f
wIuz2sgfZA5GcJs3706/WoHoakNlIeKhQogAuAll3gUfT4GykAo6hVgnwXPIApyJ
ngeX/fP1iQ2ypFljNHqOrHGbVGycdJdeZTm9rc1RbZqZYCL9WylzUussuzJHnz8u
hxrHWzLUvxBqOhnIKCumqtEHyOAqUfU1YQUzi7xdyt+OXxN7NRa4hqQqxJs9BtqO
1KC87bNHjHLFyJTJ0yIKTssaqlKNuF6TdnajGARL/jwqxP/N7+ygqCDlZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHiopLyCbO8XJDtpmaacaZVRgBH0MB8GA1UdIwQY
MBaAFDl25qsITJ7u3obir2vechUnS5WnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hibXF3aE1udTdlaHVLdmE5NXlGU2RMbGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC83MDI5Y2MtZDMzMS00NjA2LTg4OWMt
ZDY2Njc0Y2ZhNDI0LzEvT1hibXF3aE1udTdlaHVLdmE5NXlGU2RMbGFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC83MDI5Y2MtZDMzMS00NjA2LTg4OWMtZDY2Njc0Y2ZhNDI0
LzEvT1hibXF3aE1udTdlaHVLdmE5NXlGU2RMbGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALoHHKzr4
qSRETKIyRySvAdNv1zGxXSstG/sipZRs6daJcU6YyzyeyYRf3zuRUYIsxxRpI1hP
m8KiuHUS+zPdCvJfpMofqrFGulZjlDSjhEeT30Uz1mVKvvvVWewoH8Z9fuIhTd4j
sA7vgnj9ymVO/uX5pHPRgmi9izjcplrbhl1NjLT6lbDr2hjAlFBCph4pY1BT04wD
8hKYdCKPy2JjEw6hTU785Vku+fcDwXoQQKnHB4+gWBsjAKEv8x+ZF2V97RowR+kh
G9YZ6/nInbqE5gEo6VeQe9ATHkNcVG2x2MsWaOaL2Y3nxpEWItHOpUK/2jAAMEqZ
Mxt87W34deMJmg==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:23:01 2025 by rpki-client