Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
File: OpL12TZ1K68tDfcTKZSZzs-p9I0.mft (raw, json)
Hash identifier: y4JysDUgf0pD34G7fUo8hWdYhA8UrC6U0lx3p6jZFag=
Subject key identifier: AA:2A:C9:FC:D0:9D:8E:89:CF:77:7D:FC:51:98:2D:96:24:7D:D4:6F
Authority key identifier: 3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
Certificate issuer: /CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Certificate serial: 01988E0FEDFF3C2CC8C179F28166E1387EC2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
Manifest number: 162A
Signing time: Sat 09 Aug 2025 09:01:05 +0000
Manifest this update: Sat 09 Aug 2025 09:01:05 +0000
Manifest next update: Sun 10 Aug 2025 09:01:05 +0000
Files and hashes: 1: OpL12TZ1K68tDfcTKZSZzs-p9I0.crl (hash: pI04AyD1628LNf3DxtYoouUkYneGB1HJO91uHVWCRN4=)
2: QMe1cQvSWWyTmlxs7mg5bNBSDlw.roa (hash: iejToeWDmgQDOWHcoY74bMQ91/UDUCJzy2kftI9HQTs=)
3: abyvfDmy4Q3zVDJIfxfSkrtZdLo.roa (hash: IZm94vPLNr133XeI56Dl5DQUBKwgG1pbFRgf8ws+6Pw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8e:0f:ed:ff:3c:2c:c8:c1:79:f2:81:66:e1:38:7e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Validity
Not Before: Aug 9 09:01:05 2025 GMT
Not After : Aug 10 09:01:05 2025 GMT
Subject: CN=aa2ac9fcd09d8e89cf777dfc51982d96247dd46f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3d:f3:d9:83:6b:48:3d:05:f5:13:38:1b:40:
75:11:db:56:2c:18:df:80:54:f5:13:65:82:f5:6e:
b0:04:36:e3:44:b3:fb:89:fa:53:74:7a:d9:1d:b9:
3b:e2:4f:95:11:9b:2d:3a:e2:79:1a:02:df:03:a2:
51:e8:98:d8:41:77:61:d3:62:cc:3d:6c:b1:83:aa:
6e:e6:72:34:fa:e3:42:85:56:1e:16:a1:f5:f8:17:
98:53:5d:63:aa:77:e1:15:29:95:c1:bc:e7:d1:c1:
5f:8f:ba:9b:5a:45:87:d0:ff:d0:0b:89:23:6d:34:
3f:64:e7:6c:93:c5:ad:84:69:67:81:a7:fc:22:7a:
6d:14:71:82:04:f4:d1:ec:f8:8a:72:b0:df:f2:fa:
56:7d:d4:e5:73:fe:91:e0:33:50:2a:2c:64:25:1d:
4c:15:0d:25:cc:1e:42:c4:24:b3:00:28:01:89:33:
0b:68:39:43:e2:a3:26:f8:37:fb:e4:07:fa:f3:f0:
df:fe:32:84:31:f2:15:bb:0b:87:0f:66:a3:bc:5b:
a2:03:89:12:b8:b5:84:90:ef:e4:bf:a3:5c:01:07:
00:61:9a:c6:07:de:9b:e5:6e:62:b8:2e:22:45:5a:
e1:4e:e7:b4:8d:c6:1f:ce:40:91:81:2d:af:85:7d:
2b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:2A:C9:FC:D0:9D:8E:89:CF:77:7D:FC:51:98:2D:96:24:7D:D4:6F
X509v3 Authority Key Identifier:
keyid:3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:5b:a8:22:66:73:df:b5:f2:9b:1d:bb:26:d0:44:25:08:b9:
67:d3:64:11:b0:8c:e6:28:d6:a0:89:74:53:c1:3e:55:d1:ef:
d2:28:27:21:c5:67:e9:4e:a1:63:84:6c:a0:6a:3c:48:f6:bc:
07:8a:1b:18:80:8a:14:1b:3e:4f:5d:96:d5:5d:62:37:07:aa:
5f:bd:b0:4c:aa:0a:0d:73:01:53:e1:5c:e4:ea:25:dc:de:24:
18:cc:31:00:40:e1:f9:cf:fd:42:8b:07:db:04:57:81:65:2f:
88:3e:27:3b:71:33:da:8a:a8:9d:14:fb:45:f9:b9:fa:58:a8:
55:30:4e:84:7e:d8:7c:dd:ef:6b:48:6f:ae:de:9f:fe:b7:87:
b7:b3:11:b3:49:1e:34:7b:c4:48:5b:e7:b0:ea:4d:b4:b0:96:
13:23:75:3b:71:3e:b3:30:99:62:ca:3c:31:f3:cf:ff:26:dd:
a8:79:bb:f2:a7:78:9b:53:d3:23:89:00:99:c3:7f:27:16:7e:
70:43:ba:8a:dd:c9:25:f6:19:26:c9:4a:27:71:c8:af:7d:9f:
0e:a2:46:5d:d7:71:f1:01:b6:0f:db:07:9a:b3:13:5d:bb:d5:
45:d9:59:91:28:cb:7c:84:3a:37:1d:b8:da:0a:2e:04:4e:7f:
31:85:d0:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiOD+3/PCzIwXnygWbhOH7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOTJmNWQ5MzY3NTJiYWYyZDBkZjcxMzI5OTQ5OWNlY2Zh
OWY0OGQwHhcNMjUwODA5MDkwMTA1WhcNMjUwODEwMDkwMTA1WjAzMTEwLwYDVQQD
EyhhYTJhYzlmY2QwOWQ4ZTg5Y2Y3NzdkZmM1MTk4MmQ5NjI0N2RkNDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuz3z2YNrSD0F9RM4G0B1EdtWLBjf
gFT1E2WC9W6wBDbjRLP7ifpTdHrZHbk74k+VEZstOuJ5GgLfA6JR6JjYQXdh02LM
PWyxg6pu5nI0+uNChVYeFqH1+BeYU11jqnfhFSmVwbzn0cFfj7qbWkWH0P/QC4kj
bTQ/ZOdsk8WthGlngaf8InptFHGCBPTR7PiKcrDf8vpWfdTlc/6R4DNQKixkJR1M
FQ0lzB5CxCSzACgBiTMLaDlD4qMm+Df75Af68/Df/jKEMfIVuwuHD2ajvFuiA4kS
uLWEkO/kv6NcAQcAYZrGB96b5W5iuC4iRVrhTue0jcYfzkCRgS2vhX0ryQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKoqyfzQnY6Jz3d9/FGYLZYkfdRvMB8GA1UdIwQY
MBaAFDqS9dk2dSuvLQ33EymUmc7PqfSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTIt
MTY5NmIyNDZjZDUwLzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTItMTY5NmIyNDZjZDUw
LzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe1uoImZz
37Xymx27JtBEJQi5Z9NkEbCM5ijWoIl0U8E+VdHv0ignIcVn6U6hY4RsoGo8SPa8
B4obGICKFBs+T12W1V1iNweqX72wTKoKDXMBU+Fc5Ool3N4kGMwxAEDh+c/9QosH
2wRXgWUviD4nO3Ez2oqonRT7Rfm5+lioVTBOhH7YfN3va0hvrt6f/reHt7MRs0ke
NHvESFvnsOpNtLCWEyN1O3E+szCZYso8MfPP/ybdqHm78qd4m1PTI4kAmcN/JxZ+
cEO6it3JJfYZJslKJ3HIr32fDqJGXddx8QG2D9sHmrMTXbvVRdlZkSjLfIQ6Nx24
2gouBE5/MYXQ7g==
-----END CERTIFICATE-----
Generated at Sat Aug 9 10:37:56 2025 by rpki-client