Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
File: 1OKJaJepchZ45oRpOZOlqISQM2Q.mft (raw, json)
Hash identifier: KPEsJZj80oIdrYulFNQpCINRYgXWvBcH4HwKCa23bTM=
Subject key identifier: 00:2A:2E:F3:B7:2A:37:AE:AB:31:5B:5B:E9:1B:AC:0A:2F:D9:F0:40
Authority key identifier: D4:E2:89:68:97:A9:72:16:78:E6:84:69:39:93:A5:A8:84:90:33:64
Certificate issuer: /CN=d4e2896897a9721678e684693993a5a884903364
Certificate serial: 019768F2E44654905AF69E63275F9E2F9AF2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
Manifest number: 158D
Signing time: Fri 13 Jun 2025 11:00:37 +0000
Manifest this update: Fri 13 Jun 2025 11:00:37 +0000
Manifest next update: Sat 14 Jun 2025 11:00:37 +0000
Files and hashes: 1: 1OKJaJepchZ45oRpOZOlqISQM2Q.crl (hash: wHj0IJsA+tUxzLX/s0WampxoIv27zlBAgiA6O4Rd6kc=)
2: WAQz-NVz1tPP197fB-7kdlHEMDo.roa (hash: EfunuE83nVqoEWqBwZZf7jU1FPr/i4YaWTLI4hd6d6w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 11:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:68:f2:e4:46:54:90:5a:f6:9e:63:27:5f:9e:2f:9a:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2896897a9721678e684693993a5a884903364
Validity
Not Before: Jun 13 11:00:37 2025 GMT
Not After : Jun 14 11:00:37 2025 GMT
Subject: CN=002a2ef3b72a37aeab315b5be91bac0a2fd9f040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a4:8f:ac:fc:2d:75:e3:d1:19:6b:b1:5a:84:
36:9a:19:fd:7d:36:22:79:55:51:f5:ce:c1:9b:df:
61:0c:ca:95:20:6c:11:60:ed:b5:13:0e:e3:16:c0:
9c:9a:3a:b9:25:ce:06:75:1a:e4:b5:9a:3f:2d:1f:
cc:a0:7c:15:cf:6d:f4:74:f4:40:e7:ac:0f:7a:96:
85:18:e6:82:1b:e5:fb:81:f4:05:2d:10:44:a7:04:
f8:51:46:c6:69:2f:aa:9b:6a:c7:b5:3b:96:f4:40:
c7:13:90:b4:4d:0d:ae:21:80:19:9c:c1:a8:59:68:
9b:10:23:ec:b7:8c:cc:cc:06:28:a3:3d:a8:41:ae:
ee:05:63:39:76:b2:a1:70:c6:cf:ff:80:72:ea:3d:
45:d6:0d:0a:82:1f:06:ec:2a:6f:c2:95:e2:3b:aa:
c4:a3:fc:07:88:d8:3c:5b:3a:cb:3c:b6:41:84:95:
3d:c9:6c:38:8e:46:ad:7a:0b:82:ac:92:24:62:de:
54:a7:6d:14:d7:aa:13:4b:15:c5:9d:be:e9:67:df:
21:e1:9a:41:f0:3b:29:ea:c3:fd:98:62:c4:2f:5b:
46:71:65:fe:2c:14:fb:68:b3:23:af:47:a2:8b:92:
a6:cf:48:5b:84:96:db:82:46:3f:e9:d8:d6:50:ca:
10:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:2A:2E:F3:B7:2A:37:AE:AB:31:5B:5B:E9:1B:AC:0A:2F:D9:F0:40
X509v3 Authority Key Identifier:
keyid:D4:E2:89:68:97:A9:72:16:78:E6:84:69:39:93:A5:A8:84:90:33:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:41:85:97:53:94:51:ab:c5:e3:66:b5:a6:be:95:c0:1e:04:
be:0b:7f:1e:53:7b:1e:89:93:93:80:36:78:48:2d:7c:7d:94:
1d:e3:8c:07:11:bd:0d:2d:31:9c:e1:29:d0:16:50:34:67:98:
e0:e3:0d:f8:dd:28:19:59:f2:df:16:0b:51:ba:1b:da:cb:3f:
b5:79:bf:55:88:6a:71:a8:ec:c7:02:b7:98:26:8e:36:63:bd:
b4:c5:3b:64:ac:01:9b:ca:6c:10:c3:79:f0:f4:a2:1e:da:05:
66:b2:ad:2b:3e:c7:28:84:c0:d0:be:11:6b:cc:dd:bd:00:6c:
48:27:f5:8a:21:09:31:dd:7f:1b:0d:37:2b:f7:69:bd:5e:26:
64:d0:cd:5f:ae:e3:b4:b3:06:7a:b5:6c:b0:59:b6:e2:2e:4b:
03:24:3a:a4:37:bf:b8:25:68:8e:e5:d5:70:56:f7:41:de:cf:
0c:2e:07:f0:7e:5c:ab:d1:04:3b:2e:f9:df:c4:b4:2b:e1:b5:
67:5e:d4:17:75:79:51:88:a0:47:da:a7:f5:1d:95:46:33:52:
68:64:ce:5f:d7:7a:9b:d8:5c:ab:ae:7c:eb:33:5f:e5:1a:15:
d0:3c:f5:04:2c:9b:78:1f:a0:00:32:2f:41:72:74:de:5a:cb:
b5:20:74:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdo8uRGVJBa9p5jJ1+eL5ryMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI4OTY4OTdhOTcyMTY3OGU2ODQ2OTM5OTNhNWE4ODQ5
MDMzNjQwHhcNMjUwNjEzMTEwMDM3WhcNMjUwNjE0MTEwMDM3WjAzMTEwLwYDVQQD
EygwMDJhMmVmM2I3MmEzN2FlYWIzMTViNWJlOTFiYWMwYTJmZDlmMDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6SPrPwtdePRGWuxWoQ2mhn9fTYi
eVVR9c7Bm99hDMqVIGwRYO21Ew7jFsCcmjq5Jc4GdRrktZo/LR/MoHwVz230dPRA
56wPepaFGOaCG+X7gfQFLRBEpwT4UUbGaS+qm2rHtTuW9EDHE5C0TQ2uIYAZnMGo
WWibECPst4zMzAYooz2oQa7uBWM5drKhcMbP/4By6j1F1g0Kgh8G7CpvwpXiO6rE
o/wHiNg8WzrLPLZBhJU9yWw4jkateguCrJIkYt5Up20U16oTSxXFnb7pZ98h4ZpB
8Dsp6sP9mGLEL1tGcWX+LBT7aLMjr0eii5Kmz0hbhJbbgkY/6djWUMoQsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAAqLvO3KjeuqzFbW+kbrAov2fBAMB8GA1UdIwQY
MBaAFNTiiWiXqXIWeOaEaTmTpaiEkDNkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lMjgxMDMtYTBmYi00MjI3LWJjYjEt
ZTQ5N2Q0MGY0ZTJhLzEvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lMjgxMDMtYTBmYi00MjI3LWJjYjEtZTQ5N2Q0MGY0ZTJh
LzEvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVUGFl1OU
UavF42a1pr6VwB4Evgt/HlN7HomTk4A2eEgtfH2UHeOMBxG9DS0xnOEp0BZQNGeY
4OMN+N0oGVny3xYLUbob2ss/tXm/VYhqcajsxwK3mCaONmO9tMU7ZKwBm8psEMN5
8PSiHtoFZrKtKz7HKITA0L4Ra8zdvQBsSCf1iiEJMd1/Gw03K/dpvV4mZNDNX67j
tLMGerVssFm24i5LAyQ6pDe/uCVojuXVcFb3Qd7PDC4H8H5cq9EEOy7538S0K+G1
Z17UF3V5UYigR9qn9R2VRjNSaGTOX9d6m9hcq6586zNf5RoV0Dz1BCybeB+gADIv
QXJ03lrLtSB0YQ==
-----END CERTIFICATE-----
Generated at Fri Jun 13 18:56:23 2025 by rpki-client