
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
File: oNMhbMzIY-ygw90YmUGxueo3ys0.mft (raw, json)
Hash identifier: ycHShs4ivWY1KH1b04xnJSJ3dMVblYSvIXXJheB5xqI=
Subject key identifier: 0C:03:63:9C:8E:F7:CD:93:3D:8A:45:A6:15:72:65:90:14:F9:F9:4C
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial: 019879AE887B8534721BB0FEC26E4B99BC14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
Manifest number: 0E64
Signing time: Tue 05 Aug 2025 10:02:17 +0000
Manifest this update: Tue 05 Aug 2025 10:02:17 +0000
Manifest next update: Wed 06 Aug 2025 10:02:17 +0000
Files and hashes: 1: YAQOG7HS14oLGl_AE__5KljKQek.roa (hash: vYFfnqVBOtNvOIxvJDmuRRaUo+YW3T+OADCuratSdoU=)
2: i2HYpKIvdGotH7mKcmQ5RAG3huY.roa (hash: 4Nz6YUMbPlVe3PbppTQU2sGDWl5KATygr4DtzeG8qCU=)
3: oNMhbMzIY-ygw90YmUGxueo3ys0.crl (hash: 5E73fo99xKtVwKSZoT/9WolpwrJIGHAS4KhUmJZGr3s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 10:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:79:ae:88:7b:85:34:72:1b:b0:fe:c2:6e:4b:99:bc:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Validity
Not Before: Aug 5 10:02:17 2025 GMT
Not After : Aug 6 10:02:17 2025 GMT
Subject: CN=0c03639c8ef7cd933d8a45a61572659014f9f94c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0f:15:5c:0d:87:15:5a:0f:f1:6a:5c:e1:a4:
25:08:e1:53:67:b8:4e:56:c4:5c:a1:89:36:ce:8f:
dc:e5:b8:b7:52:fb:bf:7a:43:8e:0d:15:34:a1:d7:
86:5f:73:55:ed:2b:78:9b:3d:40:29:35:09:58:3e:
29:9f:01:18:99:81:72:23:6d:03:f8:2a:48:2c:c8:
59:6f:d0:09:de:12:b7:3b:bd:c9:a1:7a:fb:2a:cc:
e1:69:d6:46:6b:18:3f:5d:ac:de:7b:89:4a:1e:76:
b5:44:26:5e:13:61:97:b7:37:ee:47:fe:c1:a9:eb:
f9:a4:31:59:08:a2:af:f0:cc:21:12:7c:5e:f5:ea:
10:13:cd:55:70:d9:36:b2:79:5e:27:4a:22:f2:28:
ab:f3:5b:8c:40:75:ef:9a:e5:16:a4:d4:ad:73:51:
fe:9c:7d:59:5d:33:c6:47:97:89:20:3c:fd:12:13:
2a:1c:b8:da:34:10:08:22:f9:d4:36:ba:1c:bb:1c:
5c:4c:86:f9:d1:ce:48:b0:49:80:b8:ff:14:5b:24:
92:2e:8e:4a:3a:81:3f:7a:8a:ae:56:b0:32:df:82:
a6:c1:89:1c:95:57:10:ab:62:61:82:0b:f9:8f:d7:
25:01:06:1f:3d:e6:a4:8e:d3:09:f3:7d:bb:fd:56:
70:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:03:63:9C:8E:F7:CD:93:3D:8A:45:A6:15:72:65:90:14:F9:F9:4C
X509v3 Authority Key Identifier:
keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:41:bd:00:48:d6:48:62:f7:c8:0a:42:28:1f:6c:93:78:6d:
1b:90:cb:c9:b4:a5:f2:76:d2:1b:8f:c8:49:88:d6:f9:ba:e6:
e5:d7:56:e2:7d:1b:64:81:68:19:dc:26:c0:f4:77:7f:5f:2d:
38:48:2f:bc:54:6c:65:62:5e:94:17:fe:35:99:d9:e3:82:4d:
86:62:c3:19:1a:3e:ff:8f:16:26:41:be:60:bb:c0:f9:50:7e:
a0:a7:38:81:f9:32:4f:66:3d:ea:41:a2:85:23:bd:30:bc:9b:
a2:10:8d:d0:41:b9:85:d3:05:80:57:24:fd:3d:22:40:78:48:
85:01:e0:92:cb:fa:7e:08:ce:18:d0:05:20:04:4e:c2:3d:00:
66:c3:93:06:c1:80:32:1f:ce:af:2a:8c:5b:f9:d9:02:93:22:
ba:9f:7f:62:de:0c:b4:39:af:ac:1b:6c:c9:ea:4e:00:89:a8:
1d:9d:84:e2:3d:a5:25:44:4a:2d:17:59:50:d3:80:49:c8:4b:
8e:46:a0:65:91:d3:67:23:e9:9d:51:83:26:1b:13:a4:be:0d:
84:d3:37:32:df:f2:98:39:11:52:b6:ae:96:a9:f4:99:ee:b1:
30:d0:26:3f:2f:4e:d2:f6:ba:53:89:03:8d:15:20:0a:ac:86:
80:2e:69:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh5roh7hTRyG7D+wm5LmbwUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjUwODA1MTAwMjE3WhcNMjUwODA2MTAwMjE3WjAzMTEwLwYDVQQD
EygwYzAzNjM5YzhlZjdjZDkzM2Q4YTQ1YTYxNTcyNjU5MDE0ZjlmOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAig8VXA2HFVoP8Wpc4aQlCOFTZ7hO
VsRcoYk2zo/c5bi3Uvu/ekOODRU0odeGX3NV7St4mz1AKTUJWD4pnwEYmYFyI20D
+CpILMhZb9AJ3hK3O73JoXr7KszhadZGaxg/Xazee4lKHna1RCZeE2GXtzfuR/7B
qev5pDFZCKKv8MwhEnxe9eoQE81VcNk2snleJ0oi8iir81uMQHXvmuUWpNStc1H+
nH1ZXTPGR5eJIDz9EhMqHLjaNBAIIvnUNrocuxxcTIb50c5IsEmAuP8UWySSLo5K
OoE/eoquVrAy34KmwYkclVcQq2Jhggv5j9clAQYfPeakjtMJ8327/VZwFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAwDY5yO982TPYpFphVyZZAU+flMMB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY0G9AEjW
SGL3yApCKB9sk3htG5DLybSl8nbSG4/ISYjW+brm5ddW4n0bZIFoGdwmwPR3f18t
OEgvvFRsZWJelBf+NZnZ44JNhmLDGRo+/48WJkG+YLvA+VB+oKc4gfkyT2Y96kGi
hSO9MLybohCN0EG5hdMFgFck/T0iQHhIhQHgksv6fgjOGNAFIAROwj0AZsOTBsGA
Mh/OryqMW/nZApMiup9/Yt4MtDmvrBtsyepOAImoHZ2E4j2lJURKLRdZUNOASchL
jkagZZHTZyPpnVGDJhsTpL4NhNM3Mt/ymDkRUraulqn0me6xMNAmPy9O0va6U4kD
jRUgCqyGgC5pxg==
-----END CERTIFICATE-----
Generated at Tue Aug 5 20:21:07 2025 by rpki-client