Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json)
Hash identifier: fZW0gZPyC+E+GndaQnKsNhUoan/wjzmlrIc7F4jZ/0E=
Subject key identifier: 55:0C:B6:49:E0:5C:80:6E:A9:26:19:99:43:48:AB:17:9D:25:13:3E
Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Certificate serial: 0198D6CCFDE5CC06D9444BDC3E1687260122
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
Manifest number: 0D31
Signing time: Sat 23 Aug 2025 12:00:15 +0000
Manifest this update: Sat 23 Aug 2025 12:00:15 +0000
Manifest next update: Sun 24 Aug 2025 12:00:15 +0000
Files and hashes: 1: 5FA6usbApR1_cX5AgsEzHiEcMB4.roa (hash: 7OuczURaJl5BP/q53z8kXUiqcwX3Z4OY7NVnaBx1Pg0=)
2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: yV36smswcmEKF5V7j961B8ZBNFvvHbsnbDbFAIRVhPQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:cc:fd:e5:cc:06:d9:44:4b:dc:3e:16:87:26:01:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Validity
Not Before: Aug 23 12:00:15 2025 GMT
Not After : Aug 24 12:00:15 2025 GMT
Subject: CN=550cb649e05c806ea92619994348ab179d25133e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2a:10:d2:dc:b7:fa:06:c0:0c:5d:96:9f:d2:
db:89:68:20:6a:e9:6f:a5:0c:cb:e1:dc:d5:86:c6:
14:b1:e5:45:8d:c3:c2:3b:72:3e:ab:10:b1:4a:54:
65:01:78:00:2c:23:00:15:a5:c5:42:98:c8:61:2e:
96:c0:04:d8:aa:42:22:a6:a9:32:ca:d3:8f:4e:50:
06:fa:34:fc:37:d7:b9:ce:a2:e0:22:39:2e:5c:6b:
3f:4a:bb:73:d9:20:e8:5d:7a:a3:93:46:cb:52:bc:
02:b9:55:d0:0c:ac:6d:9b:20:ce:9b:11:4b:ff:7f:
2e:74:51:50:3d:fa:4b:b8:d5:64:92:af:6a:88:7a:
c1:1d:7a:52:b2:05:e4:63:b9:42:10:75:ee:30:11:
cd:9d:18:ae:3e:e7:fa:0f:a1:da:ba:dd:d8:9e:be:
68:5c:17:b1:f5:1a:ec:9f:22:9e:02:7d:05:48:60:
7d:e8:fa:72:ed:fa:c1:47:2c:85:19:ca:fb:8e:40:
90:b2:e2:2f:59:68:b7:a5:f7:55:c5:ff:b5:52:f0:
5b:4a:97:74:70:6b:c1:a3:02:01:dd:d1:e7:cc:0e:
39:97:24:3e:98:3a:b6:01:08:1f:b7:8a:f9:4f:17:
c0:d2:93:2d:a3:5c:ff:58:dc:9d:d5:30:8f:5d:f8:
7f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:0C:B6:49:E0:5C:80:6E:A9:26:19:99:43:48:AB:17:9D:25:13:3E
X509v3 Authority Key Identifier:
keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:cf:71:14:db:7e:0e:81:c2:fe:1c:f6:5e:07:04:2b:7c:a2:
12:35:18:a2:05:c4:01:fa:78:15:05:f9:22:22:be:1a:26:8e:
4c:b4:c9:36:6e:b8:52:ab:9a:4a:da:b4:d8:3c:03:d1:ea:bc:
5b:5f:4e:f3:d5:b3:4c:ae:3b:5a:3e:61:d7:8b:b4:0f:2a:c3:
a9:05:c3:e9:43:35:fc:77:f3:ab:bb:3e:34:df:7b:9a:71:0c:
04:08:bd:fc:00:b6:02:14:68:d3:a4:b0:19:d8:8b:1b:81:47:
21:80:6e:a6:02:ba:6e:ff:6f:6b:22:25:49:55:4a:a9:e1:c6:
08:11:73:6a:1d:19:eb:04:d8:91:be:3b:73:ef:0c:76:b1:b8:
c4:97:9a:29:35:29:45:68:29:5c:9b:bc:bb:72:33:34:28:4b:
cb:c9:24:b2:cb:bd:fc:d3:00:9f:30:ed:e0:fc:da:93:99:40:
af:10:6f:0e:02:eb:3d:9f:d1:2a:36:7f:5b:66:94:ba:22:85:
5d:cd:5e:e7:b0:69:b4:fd:65:34:52:12:28:6d:a7:c9:31:2f:
8e:63:50:86:5c:29:cb:1d:1f:f6:60:63:41:e6:40:e4:44:0b:
1c:f4:e5:04:e5:4f:bf:72:04:66:22:e7:4a:d4:6c:71:c7:2b:
a2:0d:e2:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzP3lzAbZREvcPhaHJgEiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3
MDU0NzEwHhcNMjUwODIzMTIwMDE1WhcNMjUwODI0MTIwMDE1WjAzMTEwLwYDVQQD
Eyg1NTBjYjY0OWUwNWM4MDZlYTkyNjE5OTk0MzQ4YWIxNzlkMjUxMzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCoQ0ty3+gbADF2Wn9LbiWggaulv
pQzL4dzVhsYUseVFjcPCO3I+qxCxSlRlAXgALCMAFaXFQpjIYS6WwATYqkIipqky
ytOPTlAG+jT8N9e5zqLgIjkuXGs/Srtz2SDoXXqjk0bLUrwCuVXQDKxtmyDOmxFL
/38udFFQPfpLuNVkkq9qiHrBHXpSsgXkY7lCEHXuMBHNnRiuPuf6D6Haut3Ynr5o
XBex9RrsnyKeAn0FSGB96Ppy7frBRyyFGcr7jkCQsuIvWWi3pfdVxf+1UvBbSpd0
cGvBowIB3dHnzA45lyQ+mDq2AQgft4r5TxfA0pMto1z/WNyd1TCPXfh/OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFUMtkngXIBuqSYZmUNIqxedJRM+MB8GA1UdIwQY
MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt
M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5
LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKc9xFNt+
DoHC/hz2XgcEK3yiEjUYogXEAfp4FQX5IiK+GiaOTLTJNm64UquaStq02DwD0eq8
W19O89WzTK47Wj5h14u0DyrDqQXD6UM1/Hfzq7s+NN97mnEMBAi9/AC2AhRo06Sw
GdiLG4FHIYBupgK6bv9vayIlSVVKqeHGCBFzah0Z6wTYkb47c+8MdrG4xJeaKTUp
RWgpXJu8u3IzNChLy8kkssu9/NMAnzDt4Pzak5lArxBvDgLrPZ/RKjZ/W2aUuiKF
Xc1e57BptP1lNFISKG2nyTEvjmNQhlwpyx0f9mBjQeZA5EQLHPTlBOVPv3IEZiLn
StRscccrog3i6Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:24:46 2025 by rpki-client