Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
File: oNMhbMzIY-ygw90YmUGxueo3ys0.mft (raw, json)
Hash identifier: 9Nl3x1xb4Oqw1/4B2AWNuIGj0m5gxx7THntT6yY82q0=
Subject key identifier: 28:DB:11:84:E8:BD:97:29:CE:D6:E8:2D:AA:2A:71:6D:F7:C6:B4:9D
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial: 01976D3D8BDBF76FD13B6051C755AAC507AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
Manifest number: 0DD9
Signing time: Sat 14 Jun 2025 07:00:39 +0000
Manifest this update: Sat 14 Jun 2025 07:00:39 +0000
Manifest next update: Sun 15 Jun 2025 07:00:39 +0000
Files and hashes: 1: YAQOG7HS14oLGl_AE__5KljKQek.roa (hash: vYFfnqVBOtNvOIxvJDmuRRaUo+YW3T+OADCuratSdoU=)
2: i2HYpKIvdGotH7mKcmQ5RAG3huY.roa (hash: 4Nz6YUMbPlVe3PbppTQU2sGDWl5KATygr4DtzeG8qCU=)
3: oNMhbMzIY-ygw90YmUGxueo3ys0.crl (hash: i1TgeMbYZ7O1lSyXkxKEc18jlZFimRJPW20gDd7vf10=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6d:3d:8b:db:f7:6f:d1:3b:60:51:c7:55:aa:c5:07:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Validity
Not Before: Jun 14 07:00:39 2025 GMT
Not After : Jun 15 07:00:39 2025 GMT
Subject: CN=28db1184e8bd9729ced6e82daa2a716df7c6b49d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:50:90:b0:e2:12:19:d5:c9:db:ce:c8:b7:1d:
80:97:7d:ca:ef:1c:86:4c:bd:2a:02:4a:5e:f1:95:
66:61:c4:e2:f4:a8:0f:f6:de:b4:0f:4e:e2:52:48:
1a:66:af:7f:67:d9:9c:27:19:af:2c:f5:66:65:1b:
2a:64:a8:9e:49:a6:26:c9:8c:b0:fe:c4:5d:a2:80:
c8:6d:58:b3:e7:f6:96:29:57:90:ae:4d:6a:c0:52:
f2:59:18:81:09:e1:b5:c3:4d:15:b2:53:7a:e7:58:
a7:5b:bc:e3:a8:38:cc:89:a1:2e:39:d4:38:9d:5e:
e3:4a:b4:bc:6f:77:79:16:5c:50:7a:fa:e9:31:97:
38:0f:da:50:79:d7:54:02:c0:70:5b:11:a9:86:78:
f1:9a:10:87:84:e7:1e:53:5d:ce:3f:d4:a1:25:b7:
77:41:26:91:75:1e:d6:56:15:4f:3a:27:74:7b:08:
fa:13:f3:87:97:5e:4d:06:04:8d:81:08:bc:5d:b7:
0f:63:ba:bf:da:5b:27:77:19:bb:da:25:3a:22:08:
49:92:a6:6b:0b:50:c0:dd:a8:81:70:6d:4d:7d:34:
33:f6:45:12:89:f6:06:74:10:c2:c6:9b:cb:12:43:
6f:11:eb:f5:14:a7:5e:dd:42:e5:27:f3:c4:2b:3b:
8f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:DB:11:84:E8:BD:97:29:CE:D6:E8:2D:AA:2A:71:6D:F7:C6:B4:9D
X509v3 Authority Key Identifier:
keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:20:38:f3:45:2c:81:ff:22:26:42:a0:a4:a8:15:2e:3e:87:
81:50:48:3a:a3:7d:81:12:8e:35:d2:b7:0e:66:a7:4c:8f:d4:
46:db:b2:ef:ef:04:b9:a2:47:5a:5c:27:31:1a:e7:3d:c9:84:
8e:76:d9:8a:9b:f9:13:62:56:a8:0a:5f:04:9d:9e:83:9e:0f:
d7:a2:9a:5e:81:d0:73:95:ae:7c:31:3e:34:73:78:46:ac:3e:
d0:66:27:cd:8b:9b:11:a7:55:cb:80:cb:b5:8f:53:af:b2:f3:
14:b7:b4:9b:17:0a:68:7f:27:df:10:f1:2e:1e:10:03:c3:e2:
2e:2b:dd:17:fc:5b:8b:0e:03:dd:b3:1b:6c:90:72:c3:e5:a7:
39:b9:da:a1:5a:17:62:7a:e2:d0:16:48:b1:19:c0:98:a5:20:
00:1d:c6:e0:74:0f:6b:b3:74:4e:7c:d9:67:23:f5:d0:9f:06:
34:90:99:07:03:d8:e1:a1:30:12:1c:16:70:a0:ef:f1:49:dd:
65:52:6a:46:f0:a5:e0:29:60:6b:ae:53:4a:b9:67:eb:2a:5a:
36:2a:61:fa:02:7c:a1:81:c2:17:59:fe:d7:9b:74:f8:b0:fa:
f8:78:a4:55:54:4f:9e:9f:a4:15:ce:17:3c:27:bd:8d:e6:4d:
7d:df:8d:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPYvb92/RO2BRx1WqxQerMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjUwNjE0MDcwMDM5WhcNMjUwNjE1MDcwMDM5WjAzMTEwLwYDVQQD
EygyOGRiMTE4NGU4YmQ5NzI5Y2VkNmU4MmRhYTJhNzE2ZGY3YzZiNDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lCQsOISGdXJ287Itx2Al33K7xyG
TL0qAkpe8ZVmYcTi9KgP9t60D07iUkgaZq9/Z9mcJxmvLPVmZRsqZKieSaYmyYyw
/sRdooDIbViz5/aWKVeQrk1qwFLyWRiBCeG1w00VslN651inW7zjqDjMiaEuOdQ4
nV7jSrS8b3d5FlxQevrpMZc4D9pQeddUAsBwWxGphnjxmhCHhOceU13OP9ShJbd3
QSaRdR7WVhVPOid0ewj6E/OHl15NBgSNgQi8XbcPY7q/2lsndxm72iU6IghJkqZr
C1DA3aiBcG1NfTQz9kUSifYGdBDCxpvLEkNvEev1FKde3ULlJ/PEKzuPSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjbEYTovZcpztboLaoqcW33xrSdMB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAryA480Us
gf8iJkKgpKgVLj6HgVBIOqN9gRKONdK3DmanTI/URtuy7+8EuaJHWlwnMRrnPcmE
jnbZipv5E2JWqApfBJ2eg54P16KaXoHQc5WufDE+NHN4Rqw+0GYnzYubEadVy4DL
tY9Tr7LzFLe0mxcKaH8n3xDxLh4QA8PiLivdF/xbiw4D3bMbbJByw+WnObnaoVoX
Ynri0BZIsRnAmKUgAB3G4HQPa7N0TnzZZyP10J8GNJCZBwPY4aEwEhwWcKDv8Und
ZVJqRvCl4Clga65TSrln6ypaNiph+gJ8oYHCF1n+15t0+LD6+HikVVRPnp+kFc4X
PCe9jeZNfd+NWg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:00:44 2025 by rpki-client