Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
File: Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft (raw, json)
Hash identifier: q5QnKyMVx/fnaBC6WCJ/t9fZ+prnonBZWTGwFZw+cUo=
Subject key identifier: FA:22:1B:95:D8:1F:C8:D1:55:4A:F9:AB:5A:60:29:B2:EF:AD:00:FD
Authority key identifier: 3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20
Certificate issuer: /CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20
Certificate serial: 0199FD6B1AA17526EB1B20F29405F9D014C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
Manifest number: 0829
Signing time: Sun 19 Oct 2025 17:01:18 +0000
Manifest this update: Sun 19 Oct 2025 17:01:18 +0000
Manifest next update: Mon 20 Oct 2025 17:01:18 +0000
Files and hashes: 1: M82sfYNUsyqK13nZZfstvwDd7Fs.roa (hash: Pwd9phO+f2VaYBcGPbgT8icjGcqdGdD4Q6fe+fixav0=)
2: Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl (hash: M5p2rk9CDjTMeIGIjsvpxEzfd1nd5L/B1URAEwXdtbw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:6b:1a:a1:75:26:eb:1b:20:f2:94:05:f9:d0:14:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20
Validity
Not Before: Oct 19 17:01:18 2025 GMT
Not After : Oct 20 17:01:18 2025 GMT
Subject: CN=fa221b95d81fc8d1554af9ab5a6029b2efad00fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:82:58:f1:07:78:d2:55:64:b0:c9:df:cf:2a:
f7:57:42:34:e1:72:6e:b4:ba:f3:7d:39:38:e0:3a:
78:e8:62:b5:23:35:4d:f6:e5:93:59:c5:07:d6:fa:
9e:e6:c2:07:2e:44:0c:13:0a:3a:5a:ed:d6:86:4a:
d1:b1:87:7e:51:d4:29:a9:4b:98:46:12:5f:0f:ed:
3c:08:c8:42:98:14:48:a3:a1:ec:9b:35:bb:b6:ec:
e0:67:7e:07:40:6d:3c:d8:44:3f:a8:32:55:39:dd:
d4:ab:8a:14:4d:28:a0:69:49:a1:02:15:47:a9:16:
f8:f3:1f:12:19:73:29:cd:aa:87:e3:bc:88:56:0d:
bf:ad:1a:6e:6f:00:ca:92:e6:9b:57:31:f2:e6:bb:
bf:1e:3a:d7:32:e1:42:fd:62:7e:e1:9f:70:87:c8:
b0:4f:b4:0e:56:ed:a1:bd:9f:d2:91:48:91:93:3b:
72:5b:72:1b:d2:ee:15:9b:4e:02:01:8c:8e:42:67:
15:28:3a:4d:e2:51:af:45:e4:cb:46:85:2c:27:8d:
e6:64:8e:4a:7a:e6:db:4a:09:f0:e8:df:51:aa:36:
23:54:8b:34:83:01:ae:bd:f6:28:c2:72:51:df:72:
b9:b3:f6:57:3c:ec:ba:5d:06:1e:2f:9c:e9:0e:df:
b1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:22:1B:95:D8:1F:C8:D1:55:4A:F9:AB:5A:60:29:B2:EF:AD:00:FD
X509v3 Authority Key Identifier:
keyid:3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:be:9c:17:e1:c3:f2:59:a2:96:cc:c4:a8:08:1e:20:a3:e8:
5e:11:c1:62:ef:9d:1d:a5:28:c8:d7:d4:ea:14:2e:0e:ae:95:
36:eb:00:bb:c1:1b:65:a9:c8:18:7d:35:3a:03:38:46:e9:b0:
d4:51:10:e7:a8:dc:19:9f:00:d0:2c:50:c4:3b:8e:86:c2:7a:
92:2f:8d:e1:5f:0c:39:f8:6a:e0:f3:57:fe:41:66:a4:34:d9:
81:07:c6:d8:5d:be:56:53:7e:50:9a:a0:ca:8b:0a:e9:72:8f:
ca:01:a9:84:d3:32:13:75:fa:9f:17:72:a7:ed:56:20:78:ca:
a5:c5:26:7b:78:98:66:ce:8c:01:71:af:18:fd:66:dc:a2:55:
da:57:78:8e:2d:72:8e:7a:cc:c7:1e:25:24:10:aa:8d:c6:4b:
9b:cb:b7:95:c3:31:b5:a1:e6:c0:69:01:17:73:15:68:51:4d:
22:fe:c9:84:71:ce:61:e2:b4:8e:8f:7e:be:a0:e3:93:62:b4:
2f:54:6f:3a:df:5c:0b:f9:49:26:2d:17:f6:72:b6:e5:c1:e0:
58:a4:8a:24:76:ee:16:50:0c:36:ff:ac:c9:5e:95:8b:b7:3b:
19:45:67:97:c5:3c:6f:8f:b2:62:7b:f4:58:a0:40:c8:90:ad:
34:70:7a:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9axqhdSbrGyDylAX50BTEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMTkzNWIzY2JjMjUyN2VhZjE2N2Q2OWIyMDc4ZDMzZTRj
NGRhMjAwHhcNMjUxMDE5MTcwMTE4WhcNMjUxMDIwMTcwMTE4WjAzMTEwLwYDVQQD
EyhmYTIyMWI5NWQ4MWZjOGQxNTU0YWY5YWI1YTYwMjliMmVmYWQwMGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYJY8Qd40lVksMnfzyr3V0I04XJu
tLrzfTk44Dp46GK1IzVN9uWTWcUH1vqe5sIHLkQMEwo6Wu3WhkrRsYd+UdQpqUuY
RhJfD+08CMhCmBRIo6HsmzW7tuzgZ34HQG082EQ/qDJVOd3Uq4oUTSigaUmhAhVH
qRb48x8SGXMpzaqH47yIVg2/rRpubwDKkuabVzHy5ru/HjrXMuFC/WJ+4Z9wh8iw
T7QOVu2hvZ/SkUiRkztyW3Ib0u4Vm04CAYyOQmcVKDpN4lGvReTLRoUsJ43mZI5K
eubbSgnw6N9RqjYjVIs0gwGuvfYownJR33K5s/ZXPOy6XQYeL5zpDt+xTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPoiG5XYH8jRVUr5q1pgKbLvrQD9MB8GA1UdIwQY
MBaAFDoZNbPLwlJ+rxZ9abIHjTPkxNogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYt
YWJmODM3YWNlOGU0LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYtYWJmODM3YWNlOGU0
LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQb6cF+HD
8lmilszEqAgeIKPoXhHBYu+dHaUoyNfU6hQuDq6VNusAu8EbZanIGH01OgM4Rumw
1FEQ56jcGZ8A0CxQxDuOhsJ6ki+N4V8MOfhq4PNX/kFmpDTZgQfG2F2+VlN+UJqg
yosK6XKPygGphNMyE3X6nxdyp+1WIHjKpcUme3iYZs6MAXGvGP1m3KJV2ld4ji1y
jnrMxx4lJBCqjcZLm8u3lcMxtaHmwGkBF3MVaFFNIv7JhHHOYeK0jo9+vqDjk2K0
L1RvOt9cC/lJJi0X9nK25cHgWKSKJHbuFlAMNv+syV6Vi7c7GUVnl8U8b4+yYnv0
WKBAyJCtNHB61A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:13:43 2025 by rpki-client