Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
File: 1OKJaJepchZ45oRpOZOlqISQM2Q.mft (raw, json)
Hash identifier: ROBpzSVOLfmvMIkNfEHW8A+9nGECuAV0WQfTVN7163A=
Subject key identifier: 51:11:2F:82:62:36:EC:5B:9E:EC:64:DA:E3:FB:78:0B:7C:C7:42:CB
Authority key identifier: D4:E2:89:68:97:A9:72:16:78:E6:84:69:39:93:A5:A8:84:90:33:64
Certificate issuer: /CN=d4e2896897a9721678e684693993a5a884903364
Certificate serial: 019873741192644D622444E32763BB450326
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
Manifest number: 1617
Signing time: Mon 04 Aug 2025 05:00:43 +0000
Manifest this update: Mon 04 Aug 2025 05:00:43 +0000
Manifest next update: Tue 05 Aug 2025 05:00:43 +0000
Files and hashes: 1: 1OKJaJepchZ45oRpOZOlqISQM2Q.crl (hash: U6ObpjbI1o68PQMKNzmJdn158zyShS+h/WA3TlU5Tlk=)
2: WAQz-NVz1tPP197fB-7kdlHEMDo.roa (hash: EfunuE83nVqoEWqBwZZf7jU1FPr/i4YaWTLI4hd6d6w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:73:74:11:92:64:4d:62:24:44:e3:27:63:bb:45:03:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2896897a9721678e684693993a5a884903364
Validity
Not Before: Aug 4 05:00:43 2025 GMT
Not After : Aug 5 05:00:43 2025 GMT
Subject: CN=51112f826236ec5b9eec64dae3fb780b7cc742cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9f:8b:39:07:6b:30:39:e6:7c:97:9d:8b:6f:
0d:8c:7c:42:ef:31:5a:5f:a5:39:24:9a:44:4e:2a:
36:ce:78:6f:7c:20:59:d9:6b:e8:34:8a:68:65:1e:
67:ed:19:a1:ae:0b:5f:dd:89:d0:85:fb:fe:df:10:
5b:cc:4a:d2:7f:8c:6d:54:a5:e0:89:7d:e4:c2:d6:
2e:6b:69:ca:7a:03:ac:2f:35:05:fd:c4:44:0a:00:
c6:ca:39:25:14:9f:f9:72:a2:28:ac:f9:67:06:37:
cf:d0:89:bf:98:5f:82:0e:e7:0b:cf:fe:39:a5:93:
56:8a:50:c1:1c:e2:01:11:e8:88:27:32:e2:99:4d:
10:e2:bb:a4:59:35:a7:4a:1c:8d:1d:4d:f0:22:30:
d4:3e:f3:5a:f4:a0:ef:db:d0:a9:1b:bc:2a:4b:5e:
f6:2d:db:0e:d2:32:0f:26:0f:d4:c9:65:e9:79:1f:
eb:9d:64:13:30:e5:bf:f2:4c:73:ff:a7:56:b2:e7:
7b:ca:03:34:4b:24:7d:02:2e:13:ad:36:f1:e8:65:
e0:9a:74:b1:5f:c1:24:75:a8:c8:6e:2b:e3:7f:7e:
4c:96:fb:ab:1a:06:6f:fd:60:1e:d3:f0:e4:62:89:
94:51:d0:f0:d3:e9:e3:92:92:5e:cd:0c:89:22:6a:
7c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:11:2F:82:62:36:EC:5B:9E:EC:64:DA:E3:FB:78:0B:7C:C7:42:CB
X509v3 Authority Key Identifier:
keyid:D4:E2:89:68:97:A9:72:16:78:E6:84:69:39:93:A5:A8:84:90:33:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:00:14:4e:d0:a2:02:0e:90:f5:c6:9c:9e:37:5e:e4:1e:7c:
88:55:0a:6d:b9:9d:ff:2a:73:05:ce:0e:3a:e9:41:76:25:f1:
c5:2e:0b:4c:b7:30:ac:ff:14:4f:07:6d:80:0c:b5:25:1d:be:
81:11:af:bc:38:ae:66:1e:bb:69:92:b5:d6:2c:78:bc:0b:21:
da:c7:aa:9f:e8:b8:c2:67:b4:69:2d:b8:4f:be:04:90:cb:92:
35:84:9b:dc:60:3b:01:67:b8:74:1f:16:13:37:dc:1a:0c:6a:
69:e6:ee:8c:8e:0c:77:92:72:b9:14:e2:3f:39:be:1c:45:de:
b3:82:cb:da:28:f7:da:02:87:16:0e:27:f5:c2:72:34:78:2c:
15:22:70:2e:7b:d3:44:8d:96:2f:d6:93:9d:1d:c2:37:e3:93:
50:e2:eb:12:f3:ae:bd:b5:02:b9:a6:2a:17:1a:6b:c0:f1:b7:
46:38:f5:6c:bd:20:05:b3:44:cd:a8:c4:23:92:25:b4:12:3f:
33:38:3b:48:60:9e:3c:73:25:ee:1c:ae:eb:69:ad:af:28:81:
29:41:0c:1a:36:33:43:54:51:c0:32:ca:85:fb:48:06:58:3c:
45:2b:ee:e0:be:23:cb:9a:8a:d7:0d:5e:fc:55:f1:76:27:ff:
77:f0:98:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzdBGSZE1iJETjJ2O7RQMmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI4OTY4OTdhOTcyMTY3OGU2ODQ2OTM5OTNhNWE4ODQ5
MDMzNjQwHhcNMjUwODA0MDUwMDQzWhcNMjUwODA1MDUwMDQzWjAzMTEwLwYDVQQD
Eyg1MTExMmY4MjYyMzZlYzViOWVlYzY0ZGFlM2ZiNzgwYjdjYzc0MmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzp+LOQdrMDnmfJedi28NjHxC7zFa
X6U5JJpETio2znhvfCBZ2WvoNIpoZR5n7Rmhrgtf3YnQhfv+3xBbzErSf4xtVKXg
iX3kwtYua2nKegOsLzUF/cRECgDGyjklFJ/5cqIorPlnBjfP0Im/mF+CDucLz/45
pZNWilDBHOIBEeiIJzLimU0Q4rukWTWnShyNHU3wIjDUPvNa9KDv29CpG7wqS172
LdsO0jIPJg/UyWXpeR/rnWQTMOW/8kxz/6dWsud7ygM0SyR9Ai4TrTbx6GXgmnSx
X8EkdajIbivjf35MlvurGgZv/WAe0/DkYomUUdDw0+njkpJezQyJImp8WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFERL4JiNuxbnuxk2uP7eAt8x0LLMB8GA1UdIwQY
MBaAFNTiiWiXqXIWeOaEaTmTpaiEkDNkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lMjgxMDMtYTBmYi00MjI3LWJjYjEt
ZTQ5N2Q0MGY0ZTJhLzEvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lMjgxMDMtYTBmYi00MjI3LWJjYjEtZTQ5N2Q0MGY0ZTJh
LzEvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWAAUTtCi
Ag6Q9cacnjde5B58iFUKbbmd/ypzBc4OOulBdiXxxS4LTLcwrP8UTwdtgAy1JR2+
gRGvvDiuZh67aZK11ix4vAsh2seqn+i4wme0aS24T74EkMuSNYSb3GA7AWe4dB8W
EzfcGgxqaebujI4Md5JyuRTiPzm+HEXes4LL2ij32gKHFg4n9cJyNHgsFSJwLnvT
RI2WL9aTnR3CN+OTUOLrEvOuvbUCuaYqFxprwPG3Rjj1bL0gBbNEzajEI5IltBI/
Mzg7SGCePHMl7hyu62mtryiBKUEMGjYzQ1RRwDLKhftIBlg8RSvu4L4jy5qK1w1e
/FXxdif/d/CYzg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:00:35 2025 by rpki-client