Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/c01f90-d0fa-4976-b1c0-d1ff75a7a35c/1/oNxs0zNOAmkDIjc8O1BuQYT67H8.mft
File: oNxs0zNOAmkDIjc8O1BuQYT67H8.mft (raw, json)
Hash identifier: mAeJ83hO9jb+PeyKBxXfJb/ae6hSqvT8r29sgoEAF68=
Subject key identifier: 4D:F3:7B:48:5C:98:DB:9E:AB:D7:23:D3:A4:85:AD:88:75:B6:C8:AA
Authority key identifier: A0:DC:6C:D3:33:4E:02:69:03:22:37:3C:3B:50:6E:41:84:FA:EC:7F
Certificate issuer: /CN=a0dc6cd3334e02690322373c3b506e4184faec7f
Certificate serial: 01987E65DB2443A74361CA884084114DBF28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNxs0zNOAmkDIjc8O1BuQYT67H8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/c01f90-d0fa-4976-b1c0-d1ff75a7a35c/1/oNxs0zNOAmkDIjc8O1BuQYT67H8.mft
Manifest number: 0449
Signing time: Wed 06 Aug 2025 08:01:01 +0000
Manifest this update: Wed 06 Aug 2025 08:01:01 +0000
Manifest next update: Thu 07 Aug 2025 08:01:01 +0000
Files and hashes: 1: L2QPsEXXxjypDuteGOkuNir3lUA.roa (hash: mcJaTh3VxTTNDuoHtoju+OCGdo4jk9ztR2/hlQRPaNY=)
2: oNxs0zNOAmkDIjc8O1BuQYT67H8.crl (hash: 0PTTjpiPfVK4pP68Vf/nmfyp6th9TXUUG6B+cZugb9o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/c01f90-d0fa-4976-b1c0-d1ff75a7a35c/1/oNxs0zNOAmkDIjc8O1BuQYT67H8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/c01f90-d0fa-4976-b1c0-d1ff75a7a35c/1/oNxs0zNOAmkDIjc8O1BuQYT67H8.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNxs0zNOAmkDIjc8O1BuQYT67H8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 08:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7e:65:db:24:43:a7:43:61:ca:88:40:84:11:4d:bf:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0dc6cd3334e02690322373c3b506e4184faec7f
Validity
Not Before: Aug 6 08:01:01 2025 GMT
Not After : Aug 7 08:01:01 2025 GMT
Subject: CN=4df37b485c98db9eabd723d3a485ad8875b6c8aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:d2:21:53:56:45:3d:15:20:57:bd:5b:5b:bf:
73:4e:fa:c4:ca:50:a3:97:30:5b:c1:33:5f:20:11:
24:ac:1e:bf:fb:09:a1:5a:18:40:f5:da:b0:25:df:
3e:41:c2:b4:72:43:90:f5:2d:c2:47:88:c6:05:52:
86:20:77:e1:4f:7b:5a:f1:7b:7c:79:22:fc:c0:37:
74:bf:6f:9a:bd:07:ea:ad:d2:ff:77:0c:89:d2:80:
fd:4e:ab:ec:30:88:99:af:f1:75:79:a9:1e:ff:84:
7f:ef:85:df:cd:df:7b:12:45:3d:2b:d1:17:e0:6d:
d0:22:71:37:5d:ce:40:e5:62:b0:82:20:0d:05:14:
56:7a:1e:c0:f4:2c:07:60:df:e8:bc:c5:23:ee:83:
24:ec:62:48:e3:89:79:2b:0d:6f:32:d0:04:88:03:
8f:5a:56:03:df:fd:42:e5:d1:18:ad:32:c2:a0:4e:
8d:43:74:3e:a7:8a:3e:22:d0:96:f4:d2:ac:9c:d3:
f1:2e:7b:44:6f:29:77:77:90:23:67:8c:66:c0:7d:
42:b2:53:e1:1d:ba:e5:39:fc:ca:99:fd:27:03:63:
bb:db:e4:f6:a6:5d:5d:61:fa:07:40:ec:b9:20:6a:
d5:a1:04:9f:12:20:9d:63:79:ac:79:8c:50:80:45:
0e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:F3:7B:48:5C:98:DB:9E:AB:D7:23:D3:A4:85:AD:88:75:B6:C8:AA
X509v3 Authority Key Identifier:
keyid:A0:DC:6C:D3:33:4E:02:69:03:22:37:3C:3B:50:6E:41:84:FA:EC:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNxs0zNOAmkDIjc8O1BuQYT67H8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c01f90-d0fa-4976-b1c0-d1ff75a7a35c/1/oNxs0zNOAmkDIjc8O1BuQYT67H8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c01f90-d0fa-4976-b1c0-d1ff75a7a35c/1/oNxs0zNOAmkDIjc8O1BuQYT67H8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:64:72:ed:b5:06:a9:1f:a7:b9:a9:fe:ec:1d:e3:d9:cb:7e:
ce:fd:8c:eb:9a:1b:74:80:3f:94:d1:15:e2:03:84:56:21:81:
20:c1:f7:4f:14:16:95:e3:21:9f:27:51:cc:81:fc:58:21:61:
d9:6d:1d:f1:f0:49:76:db:51:98:c7:31:00:14:e2:bd:02:88:
b4:4a:c7:a9:b4:c4:db:13:85:c7:f7:2b:bb:43:ed:e5:e3:6b:
f3:a9:e3:e3:b2:af:e5:f5:43:4f:ed:da:ce:c1:68:e3:92:a2:
40:c2:f2:5f:b1:32:c6:48:76:5b:4b:73:20:38:14:61:e2:0a:
54:77:14:e8:d1:b5:1e:75:9c:9e:86:da:84:b2:48:ea:e9:ae:
cb:1d:41:2c:bd:de:89:21:b8:51:db:cb:0f:06:ea:cf:d5:ef:
5f:e2:30:03:ac:74:9a:cb:18:84:2b:e5:fa:fe:57:00:8d:f3:
c3:b1:d8:cc:6b:08:06:53:81:be:07:a9:94:b9:b6:ff:ef:17:
cf:ec:64:06:93:28:0b:99:77:cc:0e:7c:36:c8:72:0d:25:31:
71:4a:90:9b:d9:22:a3:b4:57:9a:a1:21:07:94:63:c7:b2:4b:
5a:e1:d5:10:5a:14:be:c4:3e:c8:8c:8f:98:1f:b4:25:3f:a1:
a0:9f:aa:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh+ZdskQ6dDYcqIQIQRTb8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZGM2Y2QzMzM0ZTAyNjkwMzIyMzczYzNiNTA2ZTQxODRm
YWVjN2YwHhcNMjUwODA2MDgwMTAxWhcNMjUwODA3MDgwMTAxWjAzMTEwLwYDVQQD
Eyg0ZGYzN2I0ODVjOThkYjllYWJkNzIzZDNhNDg1YWQ4ODc1YjZjOGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA89IhU1ZFPRUgV71bW79zTvrEylCj
lzBbwTNfIBEkrB6/+wmhWhhA9dqwJd8+QcK0ckOQ9S3CR4jGBVKGIHfhT3ta8Xt8
eSL8wDd0v2+avQfqrdL/dwyJ0oD9TqvsMIiZr/F1eake/4R/74Xfzd97EkU9K9EX
4G3QInE3Xc5A5WKwgiANBRRWeh7A9CwHYN/ovMUj7oMk7GJI44l5Kw1vMtAEiAOP
WlYD3/1C5dEYrTLCoE6NQ3Q+p4o+ItCW9NKsnNPxLntEbyl3d5AjZ4xmwH1CslPh
HbrlOfzKmf0nA2O72+T2pl1dYfoHQOy5IGrVoQSfEiCdY3mseYxQgEUO3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE3ze0hcmNueq9cj06SFrYh1tsiqMB8GA1UdIwQY
MBaAFKDcbNMzTgJpAyI3PDtQbkGE+ux/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb054czB6Tk9BbWtESWpjOE8xQnVRWVQ2N0g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jMDFmOTAtZDBmYS00OTc2LWIxYzAt
ZDFmZjc1YTdhMzVjLzEvb054czB6Tk9BbWtESWpjOE8xQnVRWVQ2N0g4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jMDFmOTAtZDBmYS00OTc2LWIxYzAtZDFmZjc1YTdhMzVj
LzEvb054czB6Tk9BbWtESWpjOE8xQnVRWVQ2N0g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUGRy7bUG
qR+nuan+7B3j2ct+zv2M65obdIA/lNEV4gOEViGBIMH3TxQWleMhnydRzIH8WCFh
2W0d8fBJdttRmMcxABTivQKItErHqbTE2xOFx/cru0Pt5eNr86nj47Kv5fVDT+3a
zsFo45KiQMLyX7Eyxkh2W0tzIDgUYeIKVHcU6NG1HnWcnobahLJI6umuyx1BLL3e
iSG4UdvLDwbqz9XvX+IwA6x0mssYhCvl+v5XAI3zw7HYzGsIBlOBvgeplLm2/+8X
z+xkBpMoC5l3zA58NshyDSUxcUqQm9kio7RXmqEhB5Rjx7JLWuHVEFoUvsQ+yIyP
mB+0JT+hoJ+qyw==
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:06:53 2025 by rpki-client