Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft
File: OhoMABa5sz-T6Kejk9CRkNXhhJk.mft (raw, json)
Hash identifier: OqFLPTqjQF+gnvglzWZSytV52VcgQjTEEEfgOglbmZg=
Subject key identifier: 0A:03:9C:A4:D0:C3:0E:C5:AD:E7:5D:05:C8:B1:A8:B1:F2:65:96:FE
Authority key identifier: 3A:1A:0C:00:16:B9:B3:3F:93:E8:A7:A3:93:D0:91:90:D5:E1:84:99
Certificate issuer: /CN=3a1a0c0016b9b33f93e8a7a393d09190d5e18499
Certificate serial: 019891476ED08FA3FE1BBA515F876061A380
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OhoMABa5sz-T6Kejk9CRkNXhhJk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft
Manifest number: 0BFD
Signing time: Sun 10 Aug 2025 00:00:34 +0000
Manifest this update: Sun 10 Aug 2025 00:00:34 +0000
Manifest next update: Mon 11 Aug 2025 00:00:34 +0000
Files and hashes: 1: OhoMABa5sz-T6Kejk9CRkNXhhJk.crl (hash: MuIxE+cJ7ve4sanWDsm/XxaiKVkTf0RYx0Z/tEtJwqg=)
2: UG2XZdsSP9vahLS8deUbiGwgM84.roa (hash: H+YkvMLky6FPgjSDWIrs7G2kpfOLt2YF+/59bitetA8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft
rsync://rpki.ripe.net/repository/DEFAULT/OhoMABa5sz-T6Kejk9CRkNXhhJk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 23:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:91:47:6e:d0:8f:a3:fe:1b:ba:51:5f:87:60:61:a3:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a1a0c0016b9b33f93e8a7a393d09190d5e18499
Validity
Not Before: Aug 10 00:00:34 2025 GMT
Not After : Aug 11 00:00:34 2025 GMT
Subject: CN=0a039ca4d0c30ec5ade75d05c8b1a8b1f26596fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9d:c8:61:09:bc:a8:2f:3a:63:4d:3c:76:87:
86:36:65:a7:43:a3:25:dc:71:e9:45:25:2d:4d:13:
a5:c6:27:13:77:64:8a:e1:89:8f:01:c2:73:21:e0:
42:ac:8a:79:ce:5a:8d:95:74:0a:60:de:43:a8:90:
5a:ef:d5:78:e1:22:7a:44:5b:87:9c:55:ac:22:66:
bc:6c:13:59:37:04:b5:fd:74:57:8e:10:9e:8b:4d:
5f:0e:34:00:63:71:97:7a:fb:80:b2:4c:21:19:e8:
37:d0:57:3b:7f:5e:a7:70:7e:e3:da:e0:8e:fc:21:
a8:bc:e6:a0:e5:f7:de:e3:99:ff:87:f9:d0:44:8f:
a1:9a:24:db:98:96:b4:be:a4:f4:84:5d:97:12:40:
56:3a:29:6d:cb:9f:35:e3:57:00:44:4a:93:0c:89:
7e:20:e4:29:4d:32:e7:87:a0:0f:9b:3b:f0:98:cd:
f0:bb:3f:c2:a1:98:9b:39:e3:5e:70:63:68:de:2f:
9c:36:22:60:64:dd:2d:00:4e:56:fa:0d:f6:c7:2e:
a5:66:b8:47:2b:51:a9:80:04:a6:bd:e1:b7:79:83:
b5:0f:7b:0c:75:e3:42:d2:af:50:cd:80:c6:ca:e0:
86:f6:1b:a2:71:0d:18:06:78:0a:6d:8c:70:58:05:
af:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:03:9C:A4:D0:C3:0E:C5:AD:E7:5D:05:C8:B1:A8:B1:F2:65:96:FE
X509v3 Authority Key Identifier:
keyid:3A:1A:0C:00:16:B9:B3:3F:93:E8:A7:A3:93:D0:91:90:D5:E1:84:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhoMABa5sz-T6Kejk9CRkNXhhJk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:c2:5b:16:e4:e6:a9:f5:61:55:1c:89:6b:3d:14:c2:d7:b9:
74:5a:ef:07:c8:f7:9d:58:48:af:05:90:31:79:f1:ec:2c:de:
6e:08:81:b7:17:f8:59:37:26:2e:d1:0e:36:6b:c5:2b:16:84:
79:e1:11:b5:3a:61:26:d0:8b:bb:96:e9:02:42:37:44:ac:79:
7c:21:73:96:52:c4:75:d0:6a:7f:46:10:4b:e8:db:ee:27:ea:
fc:29:97:ad:62:26:8c:94:25:75:28:72:b6:d7:bc:ae:ad:a7:
ce:25:62:c5:ea:70:01:00:00:91:66:2a:30:b4:98:47:73:0b:
a8:ff:5d:fb:61:4a:bc:14:3e:20:80:78:63:8a:7c:3c:43:2f:
17:b8:d1:76:ab:3e:6e:7d:bc:20:bd:ef:67:7c:51:e8:1b:bf:
0d:13:9d:16:0a:f9:d4:4d:12:df:77:ac:ca:08:bf:b2:92:00:
3b:2c:3f:de:04:cd:00:a2:e2:b5:03:a8:2c:da:b6:55:4e:87:
54:39:d4:64:09:7c:53:86:8a:f7:1a:33:a2:e1:1b:3d:82:f9:
76:41:07:ab:9f:af:a0:ce:cb:1e:ac:7e:c5:ae:a8:a9:2c:ab:
25:57:a8:bc:d4:07:18:b8:77:0f:46:63:4e:dd:0c:94:df:f1:
7a:b2:55:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiRR27Qj6P+G7pRX4dgYaOAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMWEwYzAwMTZiOWIzM2Y5M2U4YTdhMzkzZDA5MTkwZDVl
MTg0OTkwHhcNMjUwODEwMDAwMDM0WhcNMjUwODExMDAwMDM0WjAzMTEwLwYDVQQD
EygwYTAzOWNhNGQwYzMwZWM1YWRlNzVkMDVjOGIxYThiMWYyNjU5NmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtp3IYQm8qC86Y008doeGNmWnQ6Ml
3HHpRSUtTROlxicTd2SK4YmPAcJzIeBCrIp5zlqNlXQKYN5DqJBa79V44SJ6RFuH
nFWsIma8bBNZNwS1/XRXjhCei01fDjQAY3GXevuAskwhGeg30Fc7f16ncH7j2uCO
/CGovOag5ffe45n/h/nQRI+hmiTbmJa0vqT0hF2XEkBWOilty58141cAREqTDIl+
IOQpTTLnh6APmzvwmM3wuz/CoZibOeNecGNo3i+cNiJgZN0tAE5W+g32xy6lZrhH
K1GpgASmveG3eYO1D3sMdeNC0q9QzYDGyuCG9huicQ0YBngKbYxwWAWvXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAoDnKTQww7FreddBcixqLHyZZb+MB8GA1UdIwQY
MBaAFDoaDAAWubM/k+ino5PQkZDV4YSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hvTUFCYTVzei1UNktlams5Q1JrTlhoaEprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy85OTU4ODEtMzljZC00MTA0LTliMjkt
MGI2NDU5Nzc1YjY0LzEvT2hvTUFCYTVzei1UNktlams5Q1JrTlhoaEprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy85OTU4ODEtMzljZC00MTA0LTliMjktMGI2NDU5Nzc1YjY0
LzEvT2hvTUFCYTVzei1UNktlams5Q1JrTlhoaEprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT8JbFuTm
qfVhVRyJaz0Uwte5dFrvB8j3nVhIrwWQMXnx7CzebgiBtxf4WTcmLtEONmvFKxaE
eeERtTphJtCLu5bpAkI3RKx5fCFzllLEddBqf0YQS+jb7ifq/CmXrWImjJQldShy
tte8rq2nziVixepwAQAAkWYqMLSYR3MLqP9d+2FKvBQ+IIB4Y4p8PEMvF7jRdqs+
bn28IL3vZ3xR6Bu/DROdFgr51E0S33esygi/spIAOyw/3gTNAKLitQOoLNq2VU6H
VDnUZAl8U4aK9xozouEbPYL5dkEHq5+voM7LHqx+xa6oqSyrJVeovNQHGLh3D0Zj
Tt0MlN/xerJV0Q==
-----END CERTIFICATE-----
Generated at Sun Aug 10 05:44:06 2025 by rpki-client