Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.mft
File: obceuN8XHmQvGyuQQZAB8fxEXk0.mft (raw, json)
Hash identifier: OfRGSyk4FKwDNNPCJXw+Vs6D5CRGnoCOrdo+cciwZ14=
Subject key identifier: 22:02:BE:56:A5:C5:1A:A1:FF:1A:4A:10:C6:10:F9:B5:80:E0:07:B5
Authority key identifier: A1:B7:1E:B8:DF:17:1E:64:2F:1B:2B:90:41:90:01:F1:FC:44:5E:4D
Certificate issuer: /CN=a1b71eb8df171e642f1b2b90419001f1fc445e4d
Certificate serial: 01974EC5196CA69B7A994DF350AE951FDA23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/obceuN8XHmQvGyuQQZAB8fxEXk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.mft
Manifest number: 0E45
Signing time: Sun 08 Jun 2025 09:00:29 +0000
Manifest this update: Sun 08 Jun 2025 09:00:29 +0000
Manifest next update: Mon 09 Jun 2025 09:00:29 +0000
Files and hashes: 1: cGMojoHA_ji4dpM9uQ1afR_tOH0.roa (hash: i1gFi8NRL0iquVx1S2o3krHyHH6AFrbXa2Ge0Nqnor8=)
2: obceuN8XHmQvGyuQQZAB8fxEXk0.crl (hash: /sqaDUGFwie+bx1ZXYMtgCJ2k5gRiiOSFqspwUjOyxk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/obceuN8XHmQvGyuQQZAB8fxEXk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 09:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4e:c5:19:6c:a6:9b:7a:99:4d:f3:50:ae:95:1f:da:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1b71eb8df171e642f1b2b90419001f1fc445e4d
Validity
Not Before: Jun 8 09:00:29 2025 GMT
Not After : Jun 9 09:00:29 2025 GMT
Subject: CN=2202be56a5c51aa1ff1a4a10c610f9b580e007b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:10:f6:f7:5a:b2:c4:cb:90:82:7f:91:a9:83:
bf:8e:a2:2d:d0:37:74:41:34:38:9e:7a:03:be:28:
c8:1e:ae:55:dd:f9:80:8f:45:90:9a:38:58:65:e2:
b6:32:05:9f:ed:33:d9:bb:6d:02:5c:59:69:13:99:
88:79:46:c2:d8:cf:57:44:fc:70:76:eb:b7:3d:b4:
0d:3e:c3:34:b7:ef:ad:90:a8:5d:31:91:b0:a5:fc:
f7:e3:6a:35:f6:4d:68:b7:2f:18:f4:e8:02:83:f7:
fa:69:df:b3:bf:d9:7c:63:10:7c:4f:c2:94:48:cc:
09:ec:f0:60:fb:89:fc:89:52:34:dd:13:0b:02:20:
0f:37:0a:4d:25:6c:d7:c1:1d:1e:d6:37:df:cb:b7:
8c:5e:97:48:47:83:99:3b:84:be:81:c6:72:3e:e9:
97:a4:85:31:fb:51:6b:42:68:ba:1f:0c:21:f4:75:
c4:16:f5:85:a3:2b:1c:7c:a5:c4:20:0a:63:d5:e9:
be:a2:31:c3:9d:84:b1:aa:e3:87:a9:ce:f0:65:9d:
a7:13:06:88:14:1b:8d:59:64:92:8a:5c:7c:08:8b:
95:89:0a:62:ce:8d:be:ca:40:a1:6a:d7:79:f4:05:
f2:36:9d:a7:59:ec:f9:05:8e:af:fe:de:9f:ce:e7:
68:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:02:BE:56:A5:C5:1A:A1:FF:1A:4A:10:C6:10:F9:B5:80:E0:07:B5
X509v3 Authority Key Identifier:
keyid:A1:B7:1E:B8:DF:17:1E:64:2F:1B:2B:90:41:90:01:F1:FC:44:5E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obceuN8XHmQvGyuQQZAB8fxEXk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:68:69:c2:bf:87:90:95:06:82:0c:b3:21:d8:5d:65:25:4b:
c6:05:f7:a4:6c:db:9d:f7:dc:f8:29:56:38:e7:ce:b7:9f:41:
2a:d9:06:bb:fd:3b:49:ff:0b:fe:49:12:21:da:17:07:dd:1e:
4e:b1:b1:8a:64:5e:51:24:49:41:a7:b6:91:f9:e2:b1:88:1c:
cc:76:1f:8f:f1:12:90:57:df:d4:07:4e:01:0d:7b:34:d8:09:
d7:1d:12:0e:3c:f3:d1:42:96:92:e2:2f:47:5a:4b:bc:a4:8f:
a2:51:0c:c2:f4:f1:6b:7a:86:04:43:87:c1:96:7c:60:d9:1d:
6f:86:c4:10:4e:6f:3e:9e:d3:4e:9f:13:7f:51:94:1e:2b:2c:
b9:bb:36:cc:7f:0f:d7:d1:d7:c8:37:b2:9f:ce:4d:6e:ca:f2:
a9:6e:4d:72:66:1f:75:ba:29:70:70:1f:39:6e:d4:a6:58:c7:
2a:16:68:1e:07:bb:f4:18:56:74:97:21:44:a8:3c:81:db:01:
b1:69:92:6e:64:4c:45:6d:b4:dd:0a:cd:9a:ab:ad:93:2e:3f:
ac:9f:d4:43:5a:3a:e8:fa:b6:ad:48:fe:46:85:82:32:ad:1d:
54:bf:01:ed:0e:8e:1d:e6:21:7a:7a:cb:4a:0e:03:15:87:60:
6e:7c:3c:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOxRlsppt6mU3zUK6VH9ojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjcxZWI4ZGYxNzFlNjQyZjFiMmI5MDQxOTAwMWYxZmM0
NDVlNGQwHhcNMjUwNjA4MDkwMDI5WhcNMjUwNjA5MDkwMDI5WjAzMTEwLwYDVQQD
EygyMjAyYmU1NmE1YzUxYWExZmYxYTRhMTBjNjEwZjliNTgwZTAwN2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxD291qyxMuQgn+RqYO/jqIt0Dd0
QTQ4nnoDvijIHq5V3fmAj0WQmjhYZeK2MgWf7TPZu20CXFlpE5mIeUbC2M9XRPxw
duu3PbQNPsM0t++tkKhdMZGwpfz342o19k1oty8Y9OgCg/f6ad+zv9l8YxB8T8KU
SMwJ7PBg+4n8iVI03RMLAiAPNwpNJWzXwR0e1jffy7eMXpdIR4OZO4S+gcZyPumX
pIUx+1FrQmi6Hwwh9HXEFvWFoyscfKXEIApj1em+ojHDnYSxquOHqc7wZZ2nEwaI
FBuNWWSSilx8CIuViQpizo2+ykChatd59AXyNp2nWez5BY6v/t6fzudo8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCICvlalxRqh/xpKEMYQ+bWA4Ae1MB8GA1UdIwQY
MBaAFKG3HrjfFx5kLxsrkEGQAfH8RF5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JjZXVOOFhIbVF2R3l1UVFaQUI4ZnhFWGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mMDg4YmQtNTAyOS00OTAzLTk2MTYt
MDY3MmVhMDQ0MGJiLzEvb2JjZXVOOFhIbVF2R3l1UVFaQUI4ZnhFWGswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mMDg4YmQtNTAyOS00OTAzLTk2MTYtMDY3MmVhMDQ0MGJi
LzEvb2JjZXVOOFhIbVF2R3l1UVFaQUI4ZnhFWGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeWhpwr+H
kJUGggyzIdhdZSVLxgX3pGzbnffc+ClWOOfOt59BKtkGu/07Sf8L/kkSIdoXB90e
TrGximReUSRJQae2kfnisYgczHYfj/ESkFff1AdOAQ17NNgJ1x0SDjzz0UKWkuIv
R1pLvKSPolEMwvTxa3qGBEOHwZZ8YNkdb4bEEE5vPp7TTp8Tf1GUHissubs2zH8P
19HXyDeyn85NbsryqW5NcmYfdbopcHAfOW7UpljHKhZoHge79BhWdJchRKg8gdsB
sWmSbmRMRW203QrNmqutky4/rJ/UQ1o66Pq2rUj+RoWCMq0dVL8B7Q6OHeYhenrL
Sg4DFYdgbnw8Aw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 19:20:37 2025 by rpki-client