Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft
File: OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft (raw, json)
Hash identifier: My6ODIYuutGWy1GjnRrsAB/kUW3ngNJkFjhujOBiTCk=
Subject key identifier: 61:FD:83:CA:F1:2C:56:99:8E:5F:54:1E:DC:20:F1:64:4D:C3:41:FF
Authority key identifier: 38:97:55:42:3F:83:2A:52:8C:93:13:61:10:F0:FE:4B:10:45:35:82
Certificate issuer: /CN=389755423f832a528c93136110f0fe4b10453582
Certificate serial: 01989894E49951CD299688D8BCEDB95D8EBC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJdVQj-DKlKMkxNhEPD-SxBFNYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft
Manifest number: 0CC0
Signing time: Mon 11 Aug 2025 10:02:31 +0000
Manifest this update: Mon 11 Aug 2025 10:02:31 +0000
Manifest next update: Tue 12 Aug 2025 10:02:31 +0000
Files and hashes: 1: Gn-kDrXRDHHv43q56kRDHjj8q1w.roa (hash: Tu0d5Ny8jllovtj2b3OGyqwDSE7dzSUuYk4aE5120L8=)
2: OJdVQj-DKlKMkxNhEPD-SxBFNYI.crl (hash: g+6VzIGbVrGnIEO2aXuyhp3lHxZjcBhF0JWfNe5+ySs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/OJdVQj-DKlKMkxNhEPD-SxBFNYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 10:02:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:98:94:e4:99:51:cd:29:96:88:d8:bc:ed:b9:5d:8e:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=389755423f832a528c93136110f0fe4b10453582
Validity
Not Before: Aug 11 10:02:31 2025 GMT
Not After : Aug 12 10:02:31 2025 GMT
Subject: CN=61fd83caf12c56998e5f541edc20f1644dc341ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:63:24:92:fb:4b:3f:64:3c:cf:a4:f5:16:3f:
f2:b6:f8:11:01:a2:44:26:1d:e8:ea:96:67:a7:27:
99:7f:d0:b4:88:a8:c5:a1:af:16:09:fa:9d:d0:2f:
8a:97:ad:77:4a:ad:bf:79:75:32:5a:81:1a:48:b9:
3c:64:c3:d4:98:b7:2c:2c:ed:82:48:db:3f:df:4b:
3e:9c:91:5c:66:95:47:72:50:2b:4a:3d:e0:5d:d3:
45:86:18:c6:e4:a6:6c:2a:c2:8e:7a:e3:c8:c8:08:
e1:d0:b7:e9:53:86:ea:a3:23:fb:19:bd:60:cd:cb:
72:43:95:c9:67:c8:cd:b3:ef:f9:93:e5:38:16:11:
ed:79:30:72:7c:11:e0:a7:73:7e:cb:2d:92:96:14:
47:f9:ba:e2:3c:46:c2:75:14:77:5b:ec:cb:e6:22:
c8:66:ec:5e:7e:26:8c:49:4f:17:c2:48:f8:70:bc:
f1:72:ff:32:a1:7e:91:52:61:f7:17:c2:ab:5c:60:
37:dc:d5:b6:d5:23:e9:e2:42:0a:bd:cc:fb:f5:a5:
ac:e5:3e:87:ac:ae:40:93:7e:fe:2c:25:72:de:6b:
43:19:a7:d1:ef:cc:b8:f5:0d:6a:bd:71:93:9c:c5:
57:40:7f:c3:a7:bc:44:ba:6a:65:34:ce:f9:49:db:
37:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:FD:83:CA:F1:2C:56:99:8E:5F:54:1E:DC:20:F1:64:4D:C3:41:FF
X509v3 Authority Key Identifier:
keyid:38:97:55:42:3F:83:2A:52:8C:93:13:61:10:F0:FE:4B:10:45:35:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJdVQj-DKlKMkxNhEPD-SxBFNYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:02:7b:43:6e:95:28:73:6e:d3:e2:51:af:31:6c:bc:95:b2:
a7:30:0d:3b:7a:58:b9:d6:0c:b1:d3:d0:66:f7:0d:ee:5f:e1:
b6:f6:c3:bc:6e:18:4c:74:cc:66:64:4d:02:f6:28:bb:0f:7f:
62:1a:bd:97:04:34:16:f0:03:d5:43:99:f3:1a:f3:48:76:d4:
2f:60:79:61:01:f5:81:91:3d:0b:79:cc:99:78:f8:f4:6e:61:
22:6c:9b:de:82:98:23:5c:1d:55:0b:0f:7d:e2:ae:cb:58:0f:
35:c6:a8:34:c3:ea:96:07:b2:f9:19:02:1e:c1:41:ae:ed:78:
d7:a8:13:1d:37:6e:29:c8:c9:c3:bd:cd:1c:1c:83:9a:90:f6:
d6:93:70:b7:69:14:9e:d7:ec:80:e5:de:ff:08:bf:60:89:b5:
88:b9:e2:d7:fc:a3:6c:b0:72:26:9b:a7:8b:80:a8:81:1d:fd:
ee:de:b5:93:ff:a2:6d:52:c5:a6:4b:35:da:ca:05:29:bb:6c:
64:8a:5b:39:3d:23:35:19:13:7f:13:80:50:78:c3:d2:d9:1d:
5a:fc:6c:f2:46:8b:f6:03:25:80:a7:f3:fa:43:fb:8b:58:40:
b2:4a:ee:ef:4d:e9:f3:1c:62:a3:e8:1b:64:ae:de:ac:03:77:
fa:10:60:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiYlOSZUc0plojYvO25XY68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OTc1NTQyM2Y4MzJhNTI4YzkzMTM2MTEwZjBmZTRiMTA0
NTM1ODIwHhcNMjUwODExMTAwMjMxWhcNMjUwODEyMTAwMjMxWjAzMTEwLwYDVQQD
Eyg2MWZkODNjYWYxMmM1Njk5OGU1ZjU0MWVkYzIwZjE2NDRkYzM0MWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWMkkvtLP2Q8z6T1Fj/ytvgRAaJE
Jh3o6pZnpyeZf9C0iKjFoa8WCfqd0C+Kl613Sq2/eXUyWoEaSLk8ZMPUmLcsLO2C
SNs/30s+nJFcZpVHclArSj3gXdNFhhjG5KZsKsKOeuPIyAjh0LfpU4bqoyP7Gb1g
zctyQ5XJZ8jNs+/5k+U4FhHteTByfBHgp3N+yy2SlhRH+briPEbCdRR3W+zL5iLI
ZuxefiaMSU8Xwkj4cLzxcv8yoX6RUmH3F8KrXGA33NW21SPp4kIKvcz79aWs5T6H
rK5Ak37+LCVy3mtDGafR78y49Q1qvXGTnMVXQH/Dp7xEumplNM75Sds3dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGH9g8rxLFaZjl9UHtwg8WRNw0H/MB8GA1UdIwQY
MBaAFDiXVUI/gypSjJMTYRDw/ksQRTWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0pkVlFqLURLbEtNa3hOaEVQRC1TeEJGTllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9kOWI1OTYtNjAxZS00NDI2LWE0Mjgt
NDY5NTdiZDg4NjBkLzEvT0pkVlFqLURLbEtNa3hOaEVQRC1TeEJGTllJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9kOWI1OTYtNjAxZS00NDI2LWE0MjgtNDY5NTdiZDg4NjBk
LzEvT0pkVlFqLURLbEtNa3hOaEVQRC1TeEJGTllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPgJ7Q26V
KHNu0+JRrzFsvJWypzANO3pYudYMsdPQZvcN7l/htvbDvG4YTHTMZmRNAvYouw9/
Yhq9lwQ0FvAD1UOZ8xrzSHbUL2B5YQH1gZE9C3nMmXj49G5hImyb3oKYI1wdVQsP
feKuy1gPNcaoNMPqlgey+RkCHsFBru1416gTHTduKcjJw73NHByDmpD21pNwt2kU
ntfsgOXe/wi/YIm1iLni1/yjbLByJpuni4CogR397t61k/+ibVLFpks12soFKbts
ZIpbOT0jNRkTfxOAUHjD0tkdWvxs8kaL9gMlgKfz+kP7i1hAskru703p8xxio+gb
ZK7erAN3+hBg2Q==
-----END CERTIFICATE-----
Generated at Mon Aug 11 13:11:59 2025 by rpki-client