Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/5c6745-768e-4d61-b604-835f4e37283c/1/OoOZNq7v8ohnjncmMwIPolm9nPI.mft
File: OoOZNq7v8ohnjncmMwIPolm9nPI.mft (raw, json)
Hash identifier: YIQptnGUMOPusrRzXmaSLno2SJaFAOjOz04DNqk7w6k=
Subject key identifier: C5:F1:43:68:82:B2:0E:B6:42:62:A2:A5:E3:2F:78:F3:35:49:A2:E8
Authority key identifier: 3A:83:99:36:AE:EF:F2:88:67:8E:77:26:33:02:0F:A2:59:BD:9C:F2
Certificate issuer: /CN=3a839936aeeff288678e772633020fa259bd9cf2
Certificate serial: 01987298D0CEC2D9F94257DC0319E87E9303
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OoOZNq7v8ohnjncmMwIPolm9nPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/5c6745-768e-4d61-b604-835f4e37283c/1/OoOZNq7v8ohnjncmMwIPolm9nPI.mft
Manifest number: 05DF
Signing time: Mon 04 Aug 2025 01:01:14 +0000
Manifest this update: Mon 04 Aug 2025 01:01:14 +0000
Manifest next update: Tue 05 Aug 2025 01:01:14 +0000
Files and hashes: 1: OoOZNq7v8ohnjncmMwIPolm9nPI.crl (hash: FYU+JNAhhLIr89mhYsR9s9AySe+WlrrRmVwLrkJkYgQ=)
2: UPULz0BbmOL6oB1Lvph6s81bIVc.roa (hash: KEGK8PJbSBsiHtUKaY1bLTWtxHt/0jD8x2QpGJMF8nk=)
3: Uw9JbudeiyQ7Eqq4TZWKYitXR5Q.roa (hash: PECjzeRoLCDiJc+fMhDdhpnjzdeMhIqjV/edQ5qJgEw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/5c6745-768e-4d61-b604-835f4e37283c/1/OoOZNq7v8ohnjncmMwIPolm9nPI.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/5c6745-768e-4d61-b604-835f4e37283c/1/OoOZNq7v8ohnjncmMwIPolm9nPI.mft
rsync://rpki.ripe.net/repository/DEFAULT/OoOZNq7v8ohnjncmMwIPolm9nPI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 01:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:72:98:d0:ce:c2:d9:f9:42:57:dc:03:19:e8:7e:93:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a839936aeeff288678e772633020fa259bd9cf2
Validity
Not Before: Aug 4 01:01:14 2025 GMT
Not After : Aug 5 01:01:14 2025 GMT
Subject: CN=c5f1436882b20eb64262a2a5e32f78f33549a2e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:14:cd:3c:a5:63:98:5a:3e:0d:3f:3b:1b:01:
0f:95:d5:b7:c6:25:65:0a:31:ad:32:aa:8b:5e:e4:
87:34:a8:db:62:66:ab:b0:af:c4:a9:a2:e2:79:30:
a8:74:40:01:8d:48:5b:b5:7e:19:e4:26:d7:c9:59:
c2:67:78:d0:9f:ce:60:bf:65:c8:29:83:e5:3c:66:
97:05:2d:92:2b:d1:eb:45:26:ea:11:e5:b5:d2:64:
64:e3:0b:52:e6:ab:52:54:ef:e6:1f:41:e2:0b:f4:
ce:5c:39:14:3c:04:bb:e3:20:0b:e0:75:9c:be:76:
ba:93:8c:19:50:8e:94:fa:43:10:74:92:71:78:d9:
4e:7a:05:55:4d:32:99:62:32:c0:de:b8:19:c0:8f:
32:29:d2:42:e1:98:04:64:75:d1:3b:6f:cd:17:11:
20:38:96:41:f3:71:1d:7a:22:49:16:f8:3f:c7:04:
00:71:54:47:69:32:79:04:5f:4d:34:ca:6a:9c:0b:
41:27:67:86:ba:18:6b:d8:04:79:bf:22:31:aa:14:
9b:16:77:25:45:c2:54:39:5a:6d:6d:08:d5:f7:55:
49:6e:ca:6d:57:f1:aa:3f:0c:66:08:80:c7:3c:8b:
ae:65:e5:5d:72:19:69:d3:4a:aa:f7:8a:1a:99:68:
da:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F1:43:68:82:B2:0E:B6:42:62:A2:A5:E3:2F:78:F3:35:49:A2:E8
X509v3 Authority Key Identifier:
keyid:3A:83:99:36:AE:EF:F2:88:67:8E:77:26:33:02:0F:A2:59:BD:9C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OoOZNq7v8ohnjncmMwIPolm9nPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/5c6745-768e-4d61-b604-835f4e37283c/1/OoOZNq7v8ohnjncmMwIPolm9nPI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/5c6745-768e-4d61-b604-835f4e37283c/1/OoOZNq7v8ohnjncmMwIPolm9nPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b8:48:75:a2:44:00:5f:f8:78:b4:11:0f:b7:25:1a:dd:4d:ab:
0d:78:7a:f9:2b:bf:1d:5a:39:6a:0d:11:16:6d:f3:94:0d:36:
69:96:9b:12:03:89:ed:fc:71:b7:59:2e:f4:c6:27:96:fd:9a:
e7:29:32:f3:1b:87:72:9d:69:90:aa:89:a4:28:ae:73:68:89:
8e:2c:02:e6:3b:49:06:c1:0f:bf:4e:6d:ea:75:d5:02:3a:b0:
a2:18:a2:3f:74:38:60:a4:eb:c8:85:72:cf:89:13:83:0c:cf:
18:0f:56:3a:16:77:e8:72:af:11:59:48:ff:aa:8a:0f:bb:e5:
fd:50:68:6a:56:47:ca:e2:12:71:13:88:4c:2d:48:ce:65:71:
0a:4b:a9:55:8e:5e:8c:f3:38:6e:81:f9:9d:db:c8:14:1b:53:
c5:dd:2a:a2:d1:02:f8:8c:45:ee:8e:a5:b3:45:ff:d4:83:d8:
b7:83:6d:49:9d:17:41:56:35:ee:13:5e:0a:37:d2:77:c3:25:
99:f0:b7:e7:9a:5b:1a:4c:7f:95:89:be:aa:b6:95:b0:10:e0:
22:69:72:33:b5:e8:b7:26:78:94:39:94:62:bb:ec:94:dd:9e:
5b:b3:f7:96:bc:72:e4:b6:79:e1:43:1c:6f:cd:5b:d0:0f:09:
9b:dc:4b:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhymNDOwtn5QlfcAxnofpMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhODM5OTM2YWVlZmYyODg2NzhlNzcyNjMzMDIwZmEyNTli
ZDljZjIwHhcNMjUwODA0MDEwMTE0WhcNMjUwODA1MDEwMTE0WjAzMTEwLwYDVQQD
EyhjNWYxNDM2ODgyYjIwZWI2NDI2MmEyYTVlMzJmNzhmMzM1NDlhMmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxTNPKVjmFo+DT87GwEPldW3xiVl
CjGtMqqLXuSHNKjbYmarsK/EqaLieTCodEABjUhbtX4Z5CbXyVnCZ3jQn85gv2XI
KYPlPGaXBS2SK9HrRSbqEeW10mRk4wtS5qtSVO/mH0HiC/TOXDkUPAS74yAL4HWc
vna6k4wZUI6U+kMQdJJxeNlOegVVTTKZYjLA3rgZwI8yKdJC4ZgEZHXRO2/NFxEg
OJZB83EdeiJJFvg/xwQAcVRHaTJ5BF9NNMpqnAtBJ2eGuhhr2AR5vyIxqhSbFncl
RcJUOVptbQjV91VJbsptV/GqPwxmCIDHPIuuZeVdchlp00qq94oamWja2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMXxQ2iCsg62QmKipeMvePM1SaLoMB8GA1UdIwQY
MBaAFDqDmTau7/KIZ453JjMCD6JZvZzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT29PWk5xN3Y4b2huam5jbU13SVBvbG05blBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My81YzY3NDUtNzY4ZS00ZDYxLWI2MDQt
ODM1ZjRlMzcyODNjLzEvT29PWk5xN3Y4b2huam5jbU13SVBvbG05blBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My81YzY3NDUtNzY4ZS00ZDYxLWI2MDQtODM1ZjRlMzcyODNj
LzEvT29PWk5xN3Y4b2huam5jbU13SVBvbG05blBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuEh1okQA
X/h4tBEPtyUa3U2rDXh6+Su/HVo5ag0RFm3zlA02aZabEgOJ7fxxt1ku9MYnlv2a
5yky8xuHcp1pkKqJpCiuc2iJjiwC5jtJBsEPv05t6nXVAjqwohiiP3Q4YKTryIVy
z4kTgwzPGA9WOhZ36HKvEVlI/6qKD7vl/VBoalZHyuIScROITC1IzmVxCkupVY5e
jPM4boH5ndvIFBtTxd0qotEC+IxF7o6ls0X/1IPYt4NtSZ0XQVY17hNeCjfSd8Ml
mfC355pbGkx/lYm+qraVsBDgImlyM7XotyZ4lDmUYrvslN2eW7P3lrxy5LZ54UMc
b81b0A8Jm9xL1g==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:18:27 2025 by rpki-client