Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
File: 1OKXHl2BaclArwINsCe-2tiZFZA.mft (raw, json)
Hash identifier: 3C4uqiDxCbYGavZapx8KDk65q63VVOiLxv2enmJ+gSc=
Subject key identifier: 68:B2:45:9C:C2:D7:EF:9D:BA:BC:EE:6A:47:9C:51:BF:BD:71:ED:35
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial: 0199225526242A672CE43843E050D4D8EFF3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
Manifest number: 1675
Signing time: Sun 07 Sep 2025 04:00:29 +0000
Manifest this update: Sun 07 Sep 2025 04:00:29 +0000
Manifest next update: Mon 08 Sep 2025 04:00:29 +0000
Files and hashes: 1: 1OKXHl2BaclArwINsCe-2tiZFZA.crl (hash: sLAvfeqamz9Wm6o8YgfrGzNZxdhOSJjEwbDf38ASIOI=)
2: JSqJ02JsxZMyq1FZ1Ds1WnAXfzM.roa (hash: FrjQUqzgc9bbbA26gpxWpuyB85Zjnu+GzKv9yBO8vww=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 04:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:55:26:24:2a:67:2c:e4:38:43:e0:50:d4:d8:ef:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
Validity
Not Before: Sep 7 04:00:29 2025 GMT
Not After : Sep 8 04:00:29 2025 GMT
Subject: CN=68b2459cc2d7ef9dbabcee6a479c51bfbd71ed35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f6:f4:ba:dc:66:1a:1d:8b:1c:0c:8a:46:2a:
f7:23:31:0a:0d:d0:f2:00:6e:3c:cc:54:2c:27:10:
b5:ff:24:05:b1:83:52:d9:1d:bd:13:ac:ff:62:90:
d7:97:f1:f8:9b:7a:ff:de:30:b2:ee:1d:7e:53:7a:
ff:cc:04:d9:99:e4:d0:9e:27:5d:23:cf:5e:50:32:
cb:19:75:f0:a5:1e:ee:07:1f:81:2b:52:27:02:24:
64:13:f4:49:34:ac:66:33:8d:d6:3f:50:7c:ac:0a:
32:4f:be:e5:54:04:82:95:0f:b5:a2:65:99:8f:2b:
f4:dd:a9:6c:dd:fa:fc:e0:b8:15:95:b3:01:61:98:
c1:3a:4a:59:bd:42:5a:1d:69:ea:be:3b:5c:6c:00:
8c:d9:9d:5d:1e:5a:a1:c6:fa:22:ca:75:fb:7b:d4:
39:34:34:7b:fd:80:c7:2c:c7:47:41:77:63:a2:07:
0e:49:be:be:87:51:65:a9:27:5c:f7:48:20:04:10:
a1:1a:3e:79:2b:af:b5:a4:7a:3c:96:61:a7:9e:b9:
51:0e:cd:d5:4e:f8:42:4a:5d:f6:d3:93:87:0a:03:
b6:69:d0:9d:2b:2d:3e:d8:9e:db:72:69:5f:e9:6e:
ca:70:96:c9:db:04:20:da:0f:11:a7:83:86:f3:3e:
30:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B2:45:9C:C2:D7:EF:9D:BA:BC:EE:6A:47:9C:51:BF:BD:71:ED:35
X509v3 Authority Key Identifier:
keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:09:f5:a8:b4:f8:76:d6:93:6f:ea:d2:8a:d9:28:08:20:98:
41:45:71:e4:ed:68:e8:65:15:11:37:d7:58:97:a9:7e:eb:fb:
30:0e:36:2e:c4:a1:b0:ef:f5:51:78:0e:a2:af:5f:7f:8e:d9:
14:a6:d6:0c:e9:db:04:47:14:12:50:c3:b0:59:19:5c:1e:63:
10:df:f5:f2:d2:12:be:c8:ad:56:68:37:74:51:73:b7:d0:70:
9a:96:bf:0a:9d:ce:d1:d1:7b:0f:92:22:46:b9:fa:49:26:0a:
5f:5f:61:6d:4f:b2:df:ca:54:db:e4:8e:bf:66:0d:b8:43:d4:
f2:3f:63:20:e3:8b:78:1e:ec:f7:1d:da:94:fc:c4:42:d5:46:
93:65:8a:d3:a8:ea:d1:d9:1e:5b:1a:11:d0:f9:7b:b2:fb:38:
73:eb:c7:e2:62:cc:3e:6f:47:bd:91:01:62:c3:89:a1:ae:f8:
80:ae:49:e5:95:74:d8:fe:37:92:bb:f2:4a:72:1d:c5:89:d4:
7d:64:8e:1d:24:60:85:b2:0f:69:9e:9e:a6:43:2f:a4:09:ea:
46:4d:31:1f:7f:ff:d7:ca:9f:2f:6b:20:b4:dd:1f:68:38:61:
46:1c:28:ba:81:5e:23:1e:5a:f9:1a:01:e9:60:61:f1:80:61:
ed:9c:18:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVSYkKmcs5DhD4FDU2O/zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5
OTE1OTAwHhcNMjUwOTA3MDQwMDI5WhcNMjUwOTA4MDQwMDI5WjAzMTEwLwYDVQQD
Eyg2OGIyNDU5Y2MyZDdlZjlkYmFiY2VlNmE0NzljNTFiZmJkNzFlZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPb0utxmGh2LHAyKRir3IzEKDdDy
AG48zFQsJxC1/yQFsYNS2R29E6z/YpDXl/H4m3r/3jCy7h1+U3r/zATZmeTQnidd
I89eUDLLGXXwpR7uBx+BK1InAiRkE/RJNKxmM43WP1B8rAoyT77lVASClQ+1omWZ
jyv03als3fr84LgVlbMBYZjBOkpZvUJaHWnqvjtcbACM2Z1dHlqhxvoiynX7e9Q5
NDR7/YDHLMdHQXdjogcOSb6+h1FlqSdc90ggBBChGj55K6+1pHo8lmGnnrlRDs3V
TvhCSl3205OHCgO2adCdKy0+2J7bcmlf6W7KcJbJ2wQg2g8Rp4OG8z4wWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGiyRZzC1++durzuakecUb+9ce01MB8GA1UdIwQY
MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt
MTg5NDkwZDYwZWE2LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2
LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGgn1qLT4
dtaTb+rSitkoCCCYQUVx5O1o6GUVETfXWJepfuv7MA42LsShsO/1UXgOoq9ff47Z
FKbWDOnbBEcUElDDsFkZXB5jEN/18tISvsitVmg3dFFzt9Bwmpa/Cp3O0dF7D5Ii
Rrn6SSYKX19hbU+y38pU2+SOv2YNuEPU8j9jIOOLeB7s9x3alPzEQtVGk2WK06jq
0dkeWxoR0Pl7svs4c+vH4mLMPm9HvZEBYsOJoa74gK5J5ZV02P43krvySnIdxYnU
fWSOHSRghbIPaZ6epkMvpAnqRk0xH3//18qfL2sgtN0faDhhRhwouoFeIx5a+RoB
6WBh8YBh7ZwY6A==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:30:45 2025 by rpki-client