Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
File: oNMhbMzIY-ygw90YmUGxueo3ys0.mft (raw, json)
Hash identifier: CMGIgrze1NBeVZ8R0XHkmAureBz8iXQluFNb9ILYos4=
Subject key identifier: 95:B4:01:75:45:C4:A2:5A:F0:5A:5C:5C:C3:D1:93:CA:9B:8F:E3:8E
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial: 01974A7ABF89CA6799C9F238C0A1C05E26DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
Manifest number: 0DC7
Signing time: Sat 07 Jun 2025 13:00:47 +0000
Manifest this update: Sat 07 Jun 2025 13:00:47 +0000
Manifest next update: Sun 08 Jun 2025 13:00:47 +0000
Files and hashes: 1: YAQOG7HS14oLGl_AE__5KljKQek.roa (hash: vYFfnqVBOtNvOIxvJDmuRRaUo+YW3T+OADCuratSdoU=)
2: i2HYpKIvdGotH7mKcmQ5RAG3huY.roa (hash: 4Nz6YUMbPlVe3PbppTQU2sGDWl5KATygr4DtzeG8qCU=)
3: oNMhbMzIY-ygw90YmUGxueo3ys0.crl (hash: TsS+ngFVzYWCz0gnWeAMzkizyAHTBLJjwPgqhhgIAlc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 13:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:7a:bf:89:ca:67:99:c9:f2:38:c0:a1:c0:5e:26:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Validity
Not Before: Jun 7 13:00:47 2025 GMT
Not After : Jun 8 13:00:47 2025 GMT
Subject: CN=95b4017545c4a25af05a5c5cc3d193ca9b8fe38e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:98:b4:48:18:09:46:ef:aa:cf:4c:44:ac:68:
83:6e:5d:c7:7e:a7:f9:ba:7e:a4:11:61:0e:4c:2f:
8e:77:01:50:5e:ed:19:6c:ff:3b:27:5f:a3:07:c8:
30:60:54:8f:8a:40:b6:88:5b:51:6d:2a:a3:fb:71:
63:fe:6b:63:24:d5:d8:09:8a:26:cc:b8:8b:36:97:
01:b9:7f:f3:f5:43:66:29:83:b2:f4:26:32:60:09:
38:69:f6:82:84:b0:aa:72:fe:dc:ac:bf:77:17:2f:
0f:5f:42:ab:b8:91:f7:8c:e0:fd:84:30:13:89:29:
99:50:6f:8d:d3:f5:ce:09:d0:34:c6:99:52:9a:e6:
06:30:93:be:86:fc:ca:f7:3d:f7:71:a6:c0:0b:49:
11:b5:9e:79:eb:50:91:3a:5c:3f:97:be:72:1a:c9:
93:27:71:d1:81:61:5e:8c:99:25:4d:20:17:54:0f:
b4:7d:d9:a7:1a:bc:80:eb:df:c1:0e:d0:0c:c1:ba:
53:aa:80:b5:25:fc:f8:30:a4:5c:b4:6e:62:8a:b6:
d3:5f:74:b0:36:cb:67:59:30:c1:e0:63:d4:2d:71:
45:b9:78:c5:04:5c:c1:11:a7:58:36:0b:11:92:23:
75:c8:77:9b:40:53:b7:ca:32:62:da:6e:bd:46:fa:
41:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B4:01:75:45:C4:A2:5A:F0:5A:5C:5C:C3:D1:93:CA:9B:8F:E3:8E
X509v3 Authority Key Identifier:
keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:dc:af:f5:f7:cb:38:c9:cd:91:9f:cb:6d:db:fc:59:9e:f5:
da:ac:9c:ec:95:f6:78:2a:23:1a:34:2b:eb:46:f5:5a:21:e3:
30:8e:ab:23:14:2e:5f:f8:02:04:6c:ab:a0:76:a0:df:52:61:
59:61:fb:48:09:89:39:05:1e:29:b4:9d:de:6d:64:45:35:40:
26:f4:41:e8:8a:e9:8d:d4:30:8a:8d:5e:8e:97:b0:a3:af:73:
f3:9c:ce:de:a7:c2:13:24:89:5d:99:07:d0:d9:5e:91:ec:ba:
a4:b4:6e:dd:02:35:de:df:40:0f:89:2e:53:b2:ad:49:81:16:
0e:7e:d8:62:9f:c3:1b:c1:38:a5:cd:63:cc:8f:26:d2:6d:5f:
41:95:ed:c5:24:14:48:c4:52:da:20:ad:94:8c:dc:f6:cf:0a:
7c:9e:64:c5:e2:31:d8:37:07:01:ed:b7:e2:a9:18:72:68:86:
2d:24:6a:d6:a5:0e:57:53:a2:b4:47:a8:9d:b7:da:af:bb:c3:
d4:65:b4:c2:68:e2:dd:06:76:f0:48:85:8c:72:d3:af:09:a5:
c6:24:4a:ce:f1:8f:53:57:ff:e1:27:55:5c:7d:47:9c:4c:4f:
b2:6b:f0:af:0f:28:6a:0a:4d:af:6a:74:3a:23:eb:d6:af:f4:
cd:94:d0:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKer+JymeZyfI4wKHAXibcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjUwNjA3MTMwMDQ3WhcNMjUwNjA4MTMwMDQ3WjAzMTEwLwYDVQQD
Eyg5NWI0MDE3NTQ1YzRhMjVhZjA1YTVjNWNjM2QxOTNjYTliOGZlMzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZi0SBgJRu+qz0xErGiDbl3Hfqf5
un6kEWEOTC+OdwFQXu0ZbP87J1+jB8gwYFSPikC2iFtRbSqj+3Fj/mtjJNXYCYom
zLiLNpcBuX/z9UNmKYOy9CYyYAk4afaChLCqcv7crL93Fy8PX0KruJH3jOD9hDAT
iSmZUG+N0/XOCdA0xplSmuYGMJO+hvzK9z33cabAC0kRtZ5561CROlw/l75yGsmT
J3HRgWFejJklTSAXVA+0fdmnGryA69/BDtAMwbpTqoC1Jfz4MKRctG5iirbTX3Sw
NstnWTDB4GPULXFFuXjFBFzBEadYNgsRkiN1yHebQFO3yjJi2m69RvpBOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJW0AXVFxKJa8FpcXMPRk8qbj+OOMB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFNyv9ffL
OMnNkZ/Lbdv8WZ712qyc7JX2eCojGjQr60b1WiHjMI6rIxQuX/gCBGyroHag31Jh
WWH7SAmJOQUeKbSd3m1kRTVAJvRB6IrpjdQwio1ejpewo69z85zO3qfCEySJXZkH
0Nlekey6pLRu3QI13t9AD4kuU7KtSYEWDn7YYp/DG8E4pc1jzI8m0m1fQZXtxSQU
SMRS2iCtlIzc9s8KfJ5kxeIx2DcHAe234qkYcmiGLSRq1qUOV1OitEeonbfar7vD
1GW0wmji3QZ28EiFjHLTrwmlxiRKzvGPU1f/4SdVXH1HnExPsmvwrw8oagpNr2p0
OiPr1q/0zZTQ1w==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:19:34 2025 by rpki-client