Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft
File: sd-OADfxroL3viI1rmEsQBD2_pE.mft (raw, json)
Hash identifier: aKz/GPj8BB0bXqB86byteNtb6uwbHXToKJWtgn606M0=
Subject key identifier: DB:32:2C:64:26:17:89:A5:AD:A4:25:8A:FD:70:4F:4E:68:3D:8B:55
Authority key identifier: B1:DF:8E:00:37:F1:AE:82:F7:BE:22:35:AE:61:2C:40:10:F6:FE:91
Certificate issuer: /CN=b1df8e0037f1ae82f7be2235ae612c4010f6fe91
Certificate serial: 0198861F9116982B8F114C9E04CA7F36902A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd-OADfxroL3viI1rmEsQBD2_pE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft
Manifest number: 0136
Signing time: Thu 07 Aug 2025 20:01:12 +0000
Manifest this update: Thu 07 Aug 2025 20:01:12 +0000
Manifest next update: Fri 08 Aug 2025 20:01:12 +0000
Files and hashes: 1: GdRMKH6WdmmVubPmURRtVnS8GV8.roa (hash: gQYTKVfews/6lfRAQlloM0LgEpj91iqOXwXozcwIpNc=)
2: sd-OADfxroL3viI1rmEsQBD2_pE.crl (hash: gttCcYRmYq2rT2aNz370wcMb47HqGAKxL4TPAONzc9M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sd-OADfxroL3viI1rmEsQBD2_pE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 17:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:86:1f:91:16:98:2b:8f:11:4c:9e:04:ca:7f:36:90:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1df8e0037f1ae82f7be2235ae612c4010f6fe91
Validity
Not Before: Aug 7 20:01:12 2025 GMT
Not After : Aug 8 20:01:12 2025 GMT
Subject: CN=db322c64261789a5ada4258afd704f4e683d8b55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d6:95:d2:d1:ab:1b:bd:8b:80:7c:a6:8b:f7:
f6:27:15:7d:6e:c8:8a:c1:0c:7a:de:fe:83:15:b2:
7a:52:45:09:2d:82:c0:df:e6:39:ac:5c:0a:32:80:
2f:ba:cd:87:bb:ef:a2:dc:26:19:fc:b7:58:30:e8:
84:7f:4d:6f:20:e4:60:37:05:34:22:55:d0:83:36:
b5:14:e8:1c:36:84:26:89:80:9e:99:e0:f9:ce:94:
3e:66:72:bf:43:a7:e5:84:67:b3:34:26:86:08:34:
fd:50:20:a4:5e:63:24:1e:88:96:a1:77:26:8d:8b:
81:4b:b0:14:b2:fb:44:e4:52:3d:54:d3:76:7f:61:
54:2d:6a:6a:8f:fb:ab:9b:d7:e4:1f:2b:d8:6e:25:
7c:1d:73:4c:fd:e1:f3:0e:a2:aa:88:0a:0a:02:87:
16:4a:58:78:fb:2e:4d:97:dc:33:d3:e9:df:d8:be:
11:46:dd:22:e2:b0:cf:91:6f:2d:ab:b5:07:e4:fb:
b3:7e:41:27:4d:9e:f1:ad:e6:a9:c2:4d:e3:6e:bd:
b4:14:da:84:b6:1b:f5:45:85:82:58:c4:73:a6:6a:
71:06:5a:30:34:57:91:f6:80:60:ba:49:d1:56:72:
97:61:06:35:f0:c8:9c:41:13:5d:b9:d2:cb:99:75:
93:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:32:2C:64:26:17:89:A5:AD:A4:25:8A:FD:70:4F:4E:68:3D:8B:55
X509v3 Authority Key Identifier:
keyid:B1:DF:8E:00:37:F1:AE:82:F7:BE:22:35:AE:61:2C:40:10:F6:FE:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd-OADfxroL3viI1rmEsQBD2_pE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:92:63:ea:e7:1f:1b:fe:a7:5d:7c:ea:c0:5a:b4:d7:96:d9:
2e:f0:ef:a9:c3:43:c7:bb:9c:da:ae:89:4d:2d:b4:d6:84:5f:
b7:58:80:5a:b6:4e:dc:60:a8:61:68:bd:de:f0:57:5e:7d:3e:
95:b7:58:4f:28:97:5a:a2:24:b6:ba:3c:6e:9e:b0:84:59:fe:
77:76:64:f8:23:74:cc:78:a6:4d:74:bf:ed:9e:96:a1:45:ba:
b2:23:f0:48:f3:5e:a2:94:69:29:02:c5:a2:aa:1c:26:d7:66:
b1:ed:cc:13:98:68:d7:3f:87:86:eb:89:a6:00:5e:4c:bf:07:
ae:2e:14:69:d1:b5:90:de:f1:15:df:b3:0b:7e:80:17:75:93:
6c:31:a6:6d:65:a3:ee:19:09:4f:45:e8:75:10:ef:4f:18:78:
bd:ba:ac:a2:4b:da:b7:6d:70:eb:6b:4a:a2:e9:66:af:8b:45:
a0:b3:ac:cd:40:dd:00:a7:cb:93:62:3e:49:03:25:fe:60:8d:
9a:68:c3:de:14:d1:61:5e:3a:7e:13:27:f3:90:41:fc:bc:90:
8d:96:cc:fc:af:6f:1f:65:2a:4c:42:74:50:67:6b:0a:7a:01:
7d:3d:5b:ca:6e:ac:6b:f8:65:ea:c7:0c:36:3c:d1:f4:e9:c2:
68:c3:d2:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiGH5EWmCuPEUyeBMp/NpAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZGY4ZTAwMzdmMWFlODJmN2JlMjIzNWFlNjEyYzQwMTBm
NmZlOTEwHhcNMjUwODA3MjAwMTEyWhcNMjUwODA4MjAwMTEyWjAzMTEwLwYDVQQD
EyhkYjMyMmM2NDI2MTc4OWE1YWRhNDI1OGFmZDcwNGY0ZTY4M2Q4YjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytaV0tGrG72LgHymi/f2JxV9bsiK
wQx63v6DFbJ6UkUJLYLA3+Y5rFwKMoAvus2Hu++i3CYZ/LdYMOiEf01vIORgNwU0
IlXQgza1FOgcNoQmiYCemeD5zpQ+ZnK/Q6flhGezNCaGCDT9UCCkXmMkHoiWoXcm
jYuBS7AUsvtE5FI9VNN2f2FULWpqj/urm9fkHyvYbiV8HXNM/eHzDqKqiAoKAocW
Slh4+y5Nl9wz0+nf2L4RRt0i4rDPkW8tq7UH5PuzfkEnTZ7xreapwk3jbr20FNqE
thv1RYWCWMRzpmpxBlowNFeR9oBguknRVnKXYQY18MicQRNdudLLmXWTmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNsyLGQmF4mlraQliv1wT05oPYtVMB8GA1UdIwQY
MBaAFLHfjgA38a6C974iNa5hLEAQ9v6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2QtT0FEZnhyb0wzdmlJMXJtRXNRQkQyX3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82YjRhMTgtMDdiYy00MzUzLWI3ZWEt
MTljYTUwY2YzNGFiLzEvc2QtT0FEZnhyb0wzdmlJMXJtRXNRQkQyX3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My82YjRhMTgtMDdiYy00MzUzLWI3ZWEtMTljYTUwY2YzNGFi
LzEvc2QtT0FEZnhyb0wzdmlJMXJtRXNRQkQyX3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQZJj6ucf
G/6nXXzqwFq015bZLvDvqcNDx7uc2q6JTS201oRft1iAWrZO3GCoYWi93vBXXn0+
lbdYTyiXWqIktro8bp6whFn+d3Zk+CN0zHimTXS/7Z6WoUW6siPwSPNeopRpKQLF
oqocJtdmse3ME5ho1z+HhuuJpgBeTL8Hri4UadG1kN7xFd+zC36AF3WTbDGmbWWj
7hkJT0XodRDvTxh4vbqsokvat21w62tKoulmr4tFoLOszUDdAKfLk2I+SQMl/mCN
mmjD3hTRYV46fhMn85BB/LyQjZbM/K9vH2UqTEJ0UGdrCnoBfT1bym6sa/hl6scM
NjzR9OnCaMPSww==
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:35:28 2025 by rpki-client