Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft
File: 2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft (raw, json)
Hash identifier: OIW705fF3OD9ueSTOfJ6iSFr6zqEtgQBRJ94im9Jnbo=
Subject key identifier: E1:6B:67:7A:1C:9B:4B:A6:2F:FC:BF:37:BD:1D:04:7B:58:A9:64:41
Authority key identifier: DA:73:A3:9A:0E:04:5D:DF:AE:F5:02:F1:FD:91:C6:CC:16:50:94:59
Certificate issuer: /CN=da73a39a0e045ddfaef502f1fd91c6cc16509459
Certificate serial: 0198752B9FB2944504E3FE7B26BA6BE37FA8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft
Manifest number: 0DA7
Signing time: Mon 04 Aug 2025 13:00:49 +0000
Manifest this update: Mon 04 Aug 2025 13:00:49 +0000
Manifest next update: Tue 05 Aug 2025 13:00:49 +0000
Files and hashes: 1: 2nOjmg4EXd-u9QLx_ZHGzBZQlFk.crl (hash: 6Gp/m0cRRObYZRcwf5q3xMba7hQtbE2zNFOTtOhC8LA=)
2: nEst59VNXuZ4VJfEimqfkDoIWMw.roa (hash: MVYyTOwc+4oCrDyXY6sI17JYzQycO6fjKklmhjG1KnA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:75:2b:9f:b2:94:45:04:e3:fe:7b:26:ba:6b:e3:7f:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da73a39a0e045ddfaef502f1fd91c6cc16509459
Validity
Not Before: Aug 4 13:00:49 2025 GMT
Not After : Aug 5 13:00:49 2025 GMT
Subject: CN=e16b677a1c9b4ba62ffcbf37bd1d047b58a96441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:82:66:4e:8d:32:84:be:4d:1c:cc:9a:fa:f8:
06:0b:c6:84:f6:a4:2f:61:1a:b4:97:67:37:13:74:
7c:6e:43:9f:69:18:f0:96:55:9e:51:7c:3a:d5:92:
cc:69:1f:c7:ec:fc:0c:26:52:29:58:ed:b1:cb:6d:
00:e0:06:a8:84:77:37:2e:ba:39:8f:29:84:78:74:
a2:ba:f7:ab:cd:83:4e:2c:e1:66:97:2b:10:72:70:
0e:1d:de:38:30:a5:d1:f6:3f:79:2f:5b:fe:cc:3b:
31:72:bf:e1:1f:8d:1c:d1:56:c8:3b:b6:02:e5:b0:
7f:07:c3:ac:41:c6:bb:fb:fb:c0:6f:ea:6d:9c:db:
12:b6:46:08:60:95:37:aa:45:bf:d7:ca:a8:eb:a9:
25:71:a9:5d:6a:b1:25:3f:e7:30:6c:34:43:aa:16:
3a:3e:53:f5:9b:5a:54:67:f4:e1:f0:f8:c5:00:9f:
82:31:bb:67:1f:18:85:f3:23:42:5f:1e:29:b9:54:
10:3a:54:43:72:ce:da:0e:e8:e7:66:f8:9e:b8:c7:
27:9d:89:bd:cf:cd:0c:08:f9:f6:2b:6a:55:4c:93:
ee:c8:91:ee:c0:88:75:b8:ab:07:b6:fb:e6:6d:54:
15:56:06:85:6e:cc:af:a7:ce:9c:9d:42:ce:be:50:
7f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:6B:67:7A:1C:9B:4B:A6:2F:FC:BF:37:BD:1D:04:7B:58:A9:64:41
X509v3 Authority Key Identifier:
keyid:DA:73:A3:9A:0E:04:5D:DF:AE:F5:02:F1:FD:91:C6:CC:16:50:94:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:a2:25:13:eb:d2:17:53:ed:74:e5:65:4d:04:71:00:2e:ab:
45:cd:04:8a:a9:4a:8e:b9:7c:6a:31:da:82:61:6f:69:38:95:
37:ae:bc:41:db:4d:12:f7:1c:5d:d1:db:bf:22:61:cc:ab:c5:
bc:2b:4f:fb:8d:96:74:d3:d7:44:ce:c1:c7:6d:0e:8d:e3:fa:
8c:2b:ac:5f:6b:73:98:68:0a:b4:5e:d1:56:5b:48:87:86:82:
10:d0:ea:37:82:49:ee:82:d5:01:c6:c8:02:a6:f1:f1:3f:37:
df:33:6b:d3:ac:ea:bf:6b:96:c5:e3:68:dc:05:e8:0e:73:9e:
fd:de:32:9d:68:d6:be:49:ac:d0:3c:52:44:14:cd:a4:9f:1e:
3e:1c:85:55:ce:db:c3:a5:08:98:98:40:d5:36:e8:ab:67:9c:
68:5d:0d:b6:40:4d:8b:2f:08:f1:19:ec:70:e2:6f:71:33:f8:
56:f0:23:de:f9:60:36:eb:b4:8b:8c:6e:1e:29:17:3a:14:01:
c1:2d:ab:99:b6:40:db:76:c3:03:1a:9e:8f:1e:e6:84:c0:8f:
be:e1:8b:b6:9e:ad:5b:83:ee:df:8d:83:f6:2b:0a:86:94:62:
e4:41:4c:e8:42:62:0d:6b:58:66:48:99:b9:d3:95:49:4f:a9:
ae:4f:d2:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh1K5+ylEUE4/57Jrpr43+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzNhMzlhMGUwNDVkZGZhZWY1MDJmMWZkOTFjNmNjMTY1
MDk0NTkwHhcNMjUwODA0MTMwMDQ5WhcNMjUwODA1MTMwMDQ5WjAzMTEwLwYDVQQD
EyhlMTZiNjc3YTFjOWI0YmE2MmZmY2JmMzdiZDFkMDQ3YjU4YTk2NDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4JmTo0yhL5NHMya+vgGC8aE9qQv
YRq0l2c3E3R8bkOfaRjwllWeUXw61ZLMaR/H7PwMJlIpWO2xy20A4AaohHc3Lro5
jymEeHSiuverzYNOLOFmlysQcnAOHd44MKXR9j95L1v+zDsxcr/hH40c0VbIO7YC
5bB/B8OsQca7+/vAb+ptnNsStkYIYJU3qkW/18qo66klcaldarElP+cwbDRDqhY6
PlP1m1pUZ/Th8PjFAJ+CMbtnHxiF8yNCXx4puVQQOlRDcs7aDujnZvieuMcnnYm9
z80MCPn2K2pVTJPuyJHuwIh1uKsHtvvmbVQVVgaFbsyvp86cnULOvlB/nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOFrZ3ocm0umL/y/N70dBHtYqWRBMB8GA1UdIwQY
MBaAFNpzo5oOBF3frvUC8f2RxswWUJRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5Pam1nNEVYZC11OVFMeF9aSEd6QlpRbEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8xNzM3ZmMtYjIyMS00ZmYwLWJmYTct
NWQ2NzRjYWRkZDZmLzEvMm5Pam1nNEVYZC11OVFMeF9aSEd6QlpRbEZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8xNzM3ZmMtYjIyMS00ZmYwLWJmYTctNWQ2NzRjYWRkZDZm
LzEvMm5Pam1nNEVYZC11OVFMeF9aSEd6QlpRbEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF6IlE+vS
F1PtdOVlTQRxAC6rRc0EiqlKjrl8ajHagmFvaTiVN668QdtNEvccXdHbvyJhzKvF
vCtP+42WdNPXRM7Bx20OjeP6jCusX2tzmGgKtF7RVltIh4aCENDqN4JJ7oLVAcbI
Aqbx8T833zNr06zqv2uWxeNo3AXoDnOe/d4ynWjWvkms0DxSRBTNpJ8ePhyFVc7b
w6UImJhA1Tboq2ecaF0NtkBNiy8I8RnscOJvcTP4VvAj3vlgNuu0i4xuHikXOhQB
wS2rmbZA23bDAxqejx7mhMCPvuGLtp6tW4Pu342D9isKhpRi5EFM6EJiDWtYZkiZ
udOVSU+prk/Sug==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:01:05 2025 by rpki-client