Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json)
Hash identifier: x7AMu2Axtu3RkfxPDa7h1qXb5JktW5wZ16nRRWzhHz4=
Subject key identifier: 1F:9F:25:78:BD:DC:B0:68:B8:48:BA:80:75:AA:27:05:C3:1A:CD:F9
Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Certificate serial: 0197B70F1885C62A8DFFD3D7AF167F7D4C15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
Manifest number: 0C9C
Signing time: Sat 28 Jun 2025 15:01:49 +0000
Manifest this update: Sat 28 Jun 2025 15:01:49 +0000
Manifest next update: Sun 29 Jun 2025 15:01:49 +0000
Files and hashes: 1: 5FA6usbApR1_cX5AgsEzHiEcMB4.roa (hash: 7OuczURaJl5BP/q53z8kXUiqcwX3Z4OY7NVnaBx1Pg0=)
2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: gRQFI4b17GCHAPxWRBv4eBEOurcpL/kW1lJUMMtZ1ig=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:0f:18:85:c6:2a:8d:ff:d3:d7:af:16:7f:7d:4c:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Validity
Not Before: Jun 28 15:01:49 2025 GMT
Not After : Jun 29 15:01:49 2025 GMT
Subject: CN=1f9f2578bddcb068b848ba8075aa2705c31acdf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a1:41:9d:90:28:21:d8:9b:05:7d:be:6f:b9:
eb:5e:a6:9f:1e:bc:91:71:c5:50:09:66:3b:43:ec:
7d:9d:31:ac:23:0d:22:83:e0:06:02:49:4e:43:6a:
4f:b0:b9:42:83:90:ba:bc:1c:39:9c:68:d2:2e:1c:
63:e1:8c:8f:28:87:b7:76:0e:16:8d:7e:c2:08:9a:
c9:e8:b2:73:ed:5f:e8:cf:09:82:c5:8a:ba:10:55:
ba:03:ea:50:b7:ac:1c:6c:32:7b:f0:69:55:b0:a5:
98:28:74:3e:17:5f:fe:ee:56:a6:a0:9d:60:36:5f:
92:90:85:1e:05:d6:74:a3:bc:c7:16:f6:a5:1c:5a:
84:cc:be:88:81:94:04:d3:9e:1a:fd:cc:b1:6f:cb:
2f:f1:94:aa:aa:28:eb:9b:40:d0:bc:99:12:09:b0:
07:0d:cb:a7:ff:3f:9f:d0:05:95:ab:04:94:ad:26:
f1:a1:1e:78:6e:a7:2e:82:22:65:dd:01:49:fe:52:
15:b0:91:88:05:88:77:64:c7:d3:51:82:37:45:b9:
f2:41:ef:a2:0c:9b:29:85:b8:a2:13:6d:96:d5:d3:
7a:2a:69:97:e3:6b:96:79:43:e7:a1:05:9b:76:9d:
cc:64:48:ad:60:30:3f:e2:6b:19:63:4a:0f:a8:19:
96:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:9F:25:78:BD:DC:B0:68:B8:48:BA:80:75:AA:27:05:C3:1A:CD:F9
X509v3 Authority Key Identifier:
keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:e8:aa:93:ba:45:7b:bf:12:9f:9c:af:75:64:ac:cc:ff:d5:
72:aa:c8:e0:53:7b:33:d1:9d:e9:23:4f:83:cf:ca:b6:a2:0e:
47:9d:49:84:49:13:49:25:ea:d0:09:53:0e:e7:e3:94:f1:a4:
d2:5e:74:6a:21:d3:43:5c:8b:76:42:ba:19:96:c1:c6:2e:2e:
d4:ee:32:c5:9c:85:11:11:85:18:e7:5e:31:3e:8c:cb:c6:01:
ac:3e:b2:b8:4c:69:16:65:01:2f:47:27:af:16:be:4a:ed:68:
a8:25:3d:cd:ca:75:e6:e7:20:30:e4:f4:ed:0e:a6:20:34:38:
42:3e:20:5f:b3:be:b5:00:10:2b:dd:51:25:df:ec:7b:22:21:
88:62:31:99:92:07:86:dd:09:39:eb:8a:47:77:80:1b:82:34:
1e:e2:00:1c:9b:80:c7:dd:4d:3f:49:00:91:a7:c9:a0:1e:e1:
ad:c8:a6:78:52:c3:ea:7a:00:69:04:85:f7:ef:da:d0:72:8e:
82:39:9b:bf:82:1f:79:87:cc:91:e0:ad:04:55:fa:56:e9:f5:
68:b7:77:81:31:0c:0d:a7:a6:39:47:47:cc:23:24:1e:c1:5f:
25:28:7a:e2:86:bc:12:d4:46:ad:e7:fb:c8:a9:02:a2:00:77:
e2:91:a3:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DxiFxiqN/9PXrxZ/fUwVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3
MDU0NzEwHhcNMjUwNjI4MTUwMTQ5WhcNMjUwNjI5MTUwMTQ5WjAzMTEwLwYDVQQD
EygxZjlmMjU3OGJkZGNiMDY4Yjg0OGJhODA3NWFhMjcwNWMzMWFjZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36FBnZAoIdibBX2+b7nrXqafHryR
ccVQCWY7Q+x9nTGsIw0ig+AGAklOQ2pPsLlCg5C6vBw5nGjSLhxj4YyPKIe3dg4W
jX7CCJrJ6LJz7V/ozwmCxYq6EFW6A+pQt6wcbDJ78GlVsKWYKHQ+F1/+7lamoJ1g
Nl+SkIUeBdZ0o7zHFvalHFqEzL6IgZQE054a/cyxb8sv8ZSqqijrm0DQvJkSCbAH
Dcun/z+f0AWVqwSUrSbxoR54bqcugiJl3QFJ/lIVsJGIBYh3ZMfTUYI3RbnyQe+i
DJsphbiiE22W1dN6KmmX42uWeUPnoQWbdp3MZEitYDA/4msZY0oPqBmWrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+fJXi93LBouEi6gHWqJwXDGs35MB8GA1UdIwQY
MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt
M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5
LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANeiqk7pF
e78Sn5yvdWSszP/VcqrI4FN7M9Gd6SNPg8/KtqIOR51JhEkTSSXq0AlTDufjlPGk
0l50aiHTQ1yLdkK6GZbBxi4u1O4yxZyFERGFGOdeMT6My8YBrD6yuExpFmUBL0cn
rxa+Su1oqCU9zcp15ucgMOT07Q6mIDQ4Qj4gX7O+tQAQK91RJd/seyIhiGIxmZIH
ht0JOeuKR3eAG4I0HuIAHJuAx91NP0kAkafJoB7hrcimeFLD6noAaQSF9+/a0HKO
gjmbv4IfeYfMkeCtBFX6Vun1aLd3gTEMDaemOUdHzCMkHsFfJSh64oa8EtRGref7
yKkCogB34pGjyA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:22:34 2025 by rpki-client