Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
File: OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft (raw, json)
Hash identifier: VuvCYgLciT2aowHNRhUjvxcP3gzzlvwcrtsh16vSlBk=
Subject key identifier: 0D:CD:DF:78:F5:C0:FF:D2:E5:06:AE:9D:62:86:FF:C2:A6:17:ED:1A
Authority key identifier: 39:F8:73:CD:39:39:20:3C:77:8A:8E:AA:F1:68:3E:94:64:AC:34:00
Certificate issuer: /CN=39f873cd3939203c778a8eaaf1683e9464ac3400
Certificate serial: 0197B632ED471D10CE854D9200F82AB088F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
Manifest number: 0130
Signing time: Sat 28 Jun 2025 11:01:19 +0000
Manifest this update: Sat 28 Jun 2025 11:01:19 +0000
Manifest next update: Sun 29 Jun 2025 11:01:19 +0000
Files and hashes: 1: 4TBEbTwznRUyfO-99-DGzicdpVY.roa (hash: NUzc37NEChJ2ehR4MuI3RA+Wwr1maBIZ+yC3jO0gtfU=)
2: OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl (hash: CwWgL8XMGOxbWQRtca4p/wd9HgOkJPltHix1Z9Di1dg=)
3: dsqp4bxyFCCs7RL2PZGSdi7KthE.roa (hash: LpothYWyfl3DUg9u8R+0xehBO2vE3vsq9xV0G0H4C0U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:32:ed:47:1d:10:ce:85:4d:92:00:f8:2a:b0:88:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f873cd3939203c778a8eaaf1683e9464ac3400
Validity
Not Before: Jun 28 11:01:19 2025 GMT
Not After : Jun 29 11:01:19 2025 GMT
Subject: CN=0dcddf78f5c0ffd2e506ae9d6286ffc2a617ed1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f5:61:f4:3c:7a:5a:28:47:85:13:6b:3d:1d:
4a:d7:b1:31:2b:88:60:29:5a:92:27:f4:12:5c:c0:
82:e6:3d:f8:b3:ca:09:30:64:4b:57:9f:06:1e:ef:
4f:f6:03:f8:32:14:bf:43:3d:a1:d1:54:49:b1:58:
49:1e:88:b7:16:52:2a:29:c1:f5:89:43:20:b8:ab:
1f:e0:fe:8c:7d:23:59:99:c2:3a:b4:4f:65:da:7f:
6d:ee:6f:ab:4d:82:68:07:6a:78:ba:d9:85:0d:c4:
79:c9:67:fb:9a:e5:d5:4f:32:62:e5:51:14:ea:a9:
da:74:f2:2a:9f:c4:10:54:26:dc:43:32:88:2d:bc:
55:90:9a:45:1b:dc:86:2e:c6:d2:e2:2a:1f:f9:9e:
63:51:d7:6f:8d:d2:e2:51:ad:1c:ec:f6:7a:97:1f:
ee:24:a7:42:15:c2:fb:15:81:70:ef:30:2f:1b:8b:
85:45:80:00:a9:a9:66:b5:b2:81:2d:c2:90:31:00:
0a:16:a1:bb:a5:b5:2f:cb:a0:24:28:4f:9a:b5:89:
37:b1:78:57:cf:9e:ce:40:88:36:ba:dc:a8:0d:41:
b2:16:18:ab:7d:f5:b5:fe:b6:c2:f5:7d:58:01:cf:
74:73:1e:7b:5d:68:da:78:c1:5f:05:67:3e:18:b5:
27:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:CD:DF:78:F5:C0:FF:D2:E5:06:AE:9D:62:86:FF:C2:A6:17:ED:1A
X509v3 Authority Key Identifier:
keyid:39:F8:73:CD:39:39:20:3C:77:8A:8E:AA:F1:68:3E:94:64:AC:34:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:a6:7c:1a:4a:d1:d6:8c:c6:fa:79:65:72:dd:2a:e4:4d:e2:
d3:50:2a:cd:32:8a:6a:44:71:f5:d4:bb:f1:6a:cc:48:6f:09:
4d:6c:f3:5f:db:3b:6a:cf:2e:52:ff:da:ac:1e:21:da:8c:07:
71:33:59:42:d0:5f:a2:6c:49:eb:13:2c:91:fe:0f:c5:85:b8:
13:b9:55:ec:fc:42:34:8c:0c:31:d9:98:f6:ff:6f:b5:f8:37:
0e:4c:3f:96:93:04:f1:b7:15:26:cc:5f:b4:2c:18:b7:78:5b:
f9:4b:74:15:4c:a7:5a:8e:61:05:a8:7a:6c:8f:7c:50:b1:db:
10:89:f0:59:48:e5:b8:8c:d3:fb:75:f8:86:47:92:c3:e4:fa:
6d:ca:48:9b:c1:93:33:de:96:4d:1a:51:d5:c6:f5:ad:4c:38:
25:37:b6:f4:d7:97:d2:bf:e1:67:7a:25:e6:3b:f5:17:d6:ee:
ce:fd:e8:e9:ee:6e:34:12:61:c4:ba:64:48:d7:11:65:3d:83:
a8:ba:8d:7d:be:58:bb:47:7d:e3:cf:0c:f0:41:11:5d:bd:e8:
15:f5:c9:01:86:9c:ae:ce:dc:85:e0:62:f0:8c:89:6c:b8:dc:
7a:94:27:bd:bc:63:d9:ae:cf:cc:32:7c:73:7a:7b:51:e2:3c:
6f:d4:a4:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2Mu1HHRDOhU2SAPgqsIjwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Zjg3M2NkMzkzOTIwM2M3NzhhOGVhYWYxNjgzZTk0NjRh
YzM0MDAwHhcNMjUwNjI4MTEwMTE5WhcNMjUwNjI5MTEwMTE5WjAzMTEwLwYDVQQD
EygwZGNkZGY3OGY1YzBmZmQyZTUwNmFlOWQ2Mjg2ZmZjMmE2MTdlZDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfVh9Dx6WihHhRNrPR1K17ExK4hg
KVqSJ/QSXMCC5j34s8oJMGRLV58GHu9P9gP4MhS/Qz2h0VRJsVhJHoi3FlIqKcH1
iUMguKsf4P6MfSNZmcI6tE9l2n9t7m+rTYJoB2p4utmFDcR5yWf7muXVTzJi5VEU
6qnadPIqn8QQVCbcQzKILbxVkJpFG9yGLsbS4iof+Z5jUddvjdLiUa0c7PZ6lx/u
JKdCFcL7FYFw7zAvG4uFRYAAqalmtbKBLcKQMQAKFqG7pbUvy6AkKE+atYk3sXhX
z57OQIg2utyoDUGyFhirffW1/rbC9X1YAc90cx57XWjaeMFfBWc+GLUn2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA3N33j1wP/S5QaunWKG/8KmF+0aMB8GA1UdIwQY
MBaAFDn4c805OSA8d4qOqvFoPpRkrDQAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85MGU5MjMtMmYyZC00MDg2LTgxOWMt
NGU2NTViNWI2NDI3LzEvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85MGU5MjMtMmYyZC00MDg2LTgxOWMtNGU2NTViNWI2NDI3
LzEvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL6Z8GkrR
1ozG+nllct0q5E3i01AqzTKKakRx9dS78WrMSG8JTWzzX9s7as8uUv/arB4h2owH
cTNZQtBfomxJ6xMskf4PxYW4E7lV7PxCNIwMMdmY9v9vtfg3Dkw/lpME8bcVJsxf
tCwYt3hb+Ut0FUynWo5hBah6bI98ULHbEInwWUjluIzT+3X4hkeSw+T6bcpIm8GT
M96WTRpR1cb1rUw4JTe29NeX0r/hZ3ol5jv1F9buzv3o6e5uNBJhxLpkSNcRZT2D
qLqNfb5Yu0d9488M8EERXb3oFfXJAYacrs7cheBi8IyJbLjcepQnvbxj2a7PzDJ8
c3p7UeI8b9SkaA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 19:47:43 2025 by rpki-client