Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
File: oNMhbMzIY-ygw90YmUGxueo3ys0.mft (raw, json)
Hash identifier: GQxzP5LR4MISpElFUxfxf0VVCdRbwZXv0PQUL/Og128=
Subject key identifier: 00:AB:9B:5B:D8:2A:2F:46:A7:C2:BC:F3:0F:75:F7:31:7F:93:AA:16
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial: 019955D4FEBB3AB22AF4261386E7D7E6C4E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
Manifest number: 0ED6
Signing time: Wed 17 Sep 2025 04:00:46 +0000
Manifest this update: Wed 17 Sep 2025 04:00:46 +0000
Manifest next update: Thu 18 Sep 2025 04:00:46 +0000
Files and hashes: 1: YAQOG7HS14oLGl_AE__5KljKQek.roa (hash: vYFfnqVBOtNvOIxvJDmuRRaUo+YW3T+OADCuratSdoU=)
2: i2HYpKIvdGotH7mKcmQ5RAG3huY.roa (hash: 4Nz6YUMbPlVe3PbppTQU2sGDWl5KATygr4DtzeG8qCU=)
3: oNMhbMzIY-ygw90YmUGxueo3ys0.crl (hash: hHjQTSwxIkEGEAgjNlOklasqd3COSEjPUZkhYucRmTs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 03:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:55:d4:fe:bb:3a:b2:2a:f4:26:13:86:e7:d7:e6:c4:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Validity
Not Before: Sep 17 04:00:46 2025 GMT
Not After : Sep 18 04:00:46 2025 GMT
Subject: CN=00ab9b5bd82a2f46a7c2bcf30f75f7317f93aa16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:63:fb:a6:ce:5a:62:7e:c5:9f:33:69:ad:82:
57:82:a8:22:2d:79:8a:40:27:2a:07:cb:5d:78:4e:
63:81:e6:5b:5b:52:56:1d:a9:0d:a9:3f:f9:20:85:
c3:24:87:1b:07:d5:63:5d:2f:04:be:b3:3e:c3:0d:
f5:1f:83:99:b2:8b:e3:ed:99:30:ef:f5:1f:5b:fc:
5a:d0:73:64:94:ca:81:9a:e5:6b:e8:6d:e9:df:9a:
ea:32:94:75:74:34:8a:e1:82:68:2b:f7:ab:09:53:
0c:eb:8f:2c:9e:59:4b:ee:38:71:55:36:fa:1d:6b:
87:d7:b2:a4:ec:28:0d:d4:ad:a3:9e:99:26:5d:9a:
45:54:2a:71:88:80:3c:7b:05:57:a7:ca:83:b8:84:
e3:be:1e:5d:b7:3a:19:3b:97:77:c6:db:1f:8e:67:
44:84:39:b8:15:17:a3:ef:e5:18:df:e9:15:ae:5d:
46:ec:04:06:3d:3e:ed:e7:02:d1:86:95:29:5d:c4:
da:a1:af:25:5a:81:d5:4c:c4:69:35:31:24:c5:f5:
a5:d8:f9:e6:3b:95:88:bb:b5:f4:d6:ec:f9:9b:73:
dd:f5:4f:86:f2:24:2f:23:ec:96:fd:89:37:54:7b:
84:98:52:c2:85:94:7d:c0:be:e6:ad:cd:e5:c4:d4:
53:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:AB:9B:5B:D8:2A:2F:46:A7:C2:BC:F3:0F:75:F7:31:7F:93:AA:16
X509v3 Authority Key Identifier:
keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
07:1e:3b:d3:30:74:d6:05:70:9e:43:73:fc:c3:a6:e5:0e:0c:
2e:c7:05:1a:df:50:a5:f3:0f:49:cc:06:1f:2e:20:e2:cb:5d:
18:c4:36:05:2d:28:96:a1:64:79:71:d6:b7:61:1d:30:29:45:
dd:fa:a6:19:13:36:3c:8b:a9:4c:5f:52:fe:e8:7c:7a:45:f8:
d8:51:db:2c:06:4d:a5:b7:30:f6:4f:e7:66:d0:3a:fe:41:2f:
e2:09:69:6c:f7:1e:c4:2c:b6:6d:8e:d0:d6:cb:81:33:0b:62:
82:ac:17:b7:cf:aa:a3:d1:e4:c0:ee:be:5a:a0:ca:43:ea:56:
3d:2a:e0:70:9f:e2:0d:ca:6f:19:1e:ef:00:82:43:69:5a:de:
af:ba:25:18:8b:c9:5c:cd:2b:80:09:22:8e:eb:05:9a:ec:72:
60:99:38:64:a1:a0:ea:ba:08:5b:3a:11:cc:e6:53:cb:24:cb:
bd:1d:05:38:33:a0:a7:51:09:f3:e3:22:30:ca:8d:8d:b4:dd:
bf:93:d1:ec:0d:3d:3d:2d:b1:6b:27:c2:3e:eb:1a:04:53:0f:
15:06:0b:59:85:2c:25:cd:3f:c2:6a:04:a3:4d:86:a1:0a:ed:
cb:94:df:47:98:78:fb:3d:c4:a5:b8:2c:99:6a:03:96:39:a9:
02:05:9d:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZlV1P67OrIq9CYThufX5sTgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjUwOTE3MDQwMDQ2WhcNMjUwOTE4MDQwMDQ2WjAzMTEwLwYDVQQD
EygwMGFiOWI1YmQ4MmEyZjQ2YTdjMmJjZjMwZjc1ZjczMTdmOTNhYTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmP7ps5aYn7FnzNprYJXgqgiLXmK
QCcqB8tdeE5jgeZbW1JWHakNqT/5IIXDJIcbB9VjXS8EvrM+ww31H4OZsovj7Zkw
7/UfW/xa0HNklMqBmuVr6G3p35rqMpR1dDSK4YJoK/erCVMM648snllL7jhxVTb6
HWuH17Kk7CgN1K2jnpkmXZpFVCpxiIA8ewVXp8qDuITjvh5dtzoZO5d3xtsfjmdE
hDm4FRej7+UY3+kVrl1G7AQGPT7t5wLRhpUpXcTaoa8lWoHVTMRpNTEkxfWl2Pnm
O5WIu7X01uz5m3Pd9U+G8iQvI+yW/Yk3VHuEmFLChZR9wL7mrc3lxNRT1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFACrm1vYKi9Gp8K88w919zF/k6oWMB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABx470zB0
1gVwnkNz/MOm5Q4MLscFGt9QpfMPScwGHy4g4stdGMQ2BS0olqFkeXHWt2EdMClF
3fqmGRM2PIupTF9S/uh8ekX42FHbLAZNpbcw9k/nZtA6/kEv4glpbPcexCy2bY7Q
1suBMwtigqwXt8+qo9HkwO6+WqDKQ+pWPSrgcJ/iDcpvGR7vAIJDaVrer7olGIvJ
XM0rgAkijusFmuxyYJk4ZKGg6roIWzoRzOZTyyTLvR0FODOgp1EJ8+MiMMqNjbTd
v5PR7A09PS2xayfCPusaBFMPFQYLWYUsJc0/wmoEo02GoQrty5TfR5h4+z3Epbgs
mWoDljmpAgWdvw==
-----END CERTIFICATE-----
Generated at Wed Sep 17 08:28:00 2025 by rpki-client