Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
File: OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft (raw, json)
Hash identifier: tXYzz09vQwL+9vzI5BGGk/DuIGZtWovpozDBE9IU5T4=
Subject key identifier: 8C:93:A6:8C:1A:7F:F5:8A:D5:C3:3E:F6:8C:83:4A:05:3D:FB:79:17
Authority key identifier: 39:F8:73:CD:39:39:20:3C:77:8A:8E:AA:F1:68:3E:94:64:AC:34:00
Certificate issuer: /CN=39f873cd3939203c778a8eaaf1683e9464ac3400
Certificate serial: 0198D5F17DBA748A09EF8D595B69616D14E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
Manifest number: 01C5
Signing time: Sat 23 Aug 2025 08:00:29 +0000
Manifest this update: Sat 23 Aug 2025 08:00:29 +0000
Manifest next update: Sun 24 Aug 2025 08:00:29 +0000
Files and hashes: 1: 4TBEbTwznRUyfO-99-DGzicdpVY.roa (hash: NUzc37NEChJ2ehR4MuI3RA+Wwr1maBIZ+yC3jO0gtfU=)
2: OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl (hash: okcoBDdD94jjyXmkWLrK2vxGrk+2BiiR3oYGvpg+Q40=)
3: dsqp4bxyFCCs7RL2PZGSdi7KthE.roa (hash: LpothYWyfl3DUg9u8R+0xehBO2vE3vsq9xV0G0H4C0U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 08:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:f1:7d:ba:74:8a:09:ef:8d:59:5b:69:61:6d:14:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f873cd3939203c778a8eaaf1683e9464ac3400
Validity
Not Before: Aug 23 08:00:29 2025 GMT
Not After : Aug 24 08:00:29 2025 GMT
Subject: CN=8c93a68c1a7ff58ad5c33ef68c834a053dfb7917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:86:9a:65:a7:8e:37:75:66:7e:0a:d2:00:bf:
03:90:be:b5:29:ac:ff:67:21:f2:78:a3:aa:f6:fa:
0b:2e:63:ab:33:f9:cb:b4:0b:47:c4:f4:7a:dd:78:
2d:64:19:69:41:65:44:69:1b:d6:02:50:48:f2:46:
00:4a:4d:ce:df:ce:6b:c4:ec:24:70:5a:a9:5e:ad:
79:eb:70:82:64:dd:8c:97:5b:d1:b5:6f:51:5d:83:
5e:7c:4d:17:e7:48:78:62:32:b3:3b:df:3f:d9:87:
01:05:28:98:c6:79:ad:04:5b:53:1c:f8:ca:6a:88:
ea:08:5e:38:b7:84:5d:db:3e:82:f7:91:3d:e8:22:
70:13:f1:7a:8d:23:fc:8b:70:bb:5d:13:2a:51:81:
1f:0a:af:62:a5:a3:3b:05:a6:ab:75:2a:57:c5:f7:
c2:14:d6:ff:a2:7c:3e:32:1c:65:87:b7:57:8b:9a:
fd:59:95:e9:7a:fb:b5:b3:59:8d:f0:42:47:4f:a7:
ae:3c:2c:61:50:28:65:81:9a:3d:24:82:c3:ee:b3:
51:f1:b7:ab:d3:05:74:d0:23:98:10:c2:53:5c:0c:
1d:77:b1:d2:3b:6e:31:bb:c7:a5:2b:02:e9:c8:30:
bd:60:7f:b6:0f:35:86:a6:79:14:96:33:e3:11:2b:
a8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:93:A6:8C:1A:7F:F5:8A:D5:C3:3E:F6:8C:83:4A:05:3D:FB:79:17
X509v3 Authority Key Identifier:
keyid:39:F8:73:CD:39:39:20:3C:77:8A:8E:AA:F1:68:3E:94:64:AC:34:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:df:98:3a:90:33:0d:8b:72:e8:20:83:91:3f:a1:0e:cf:3f:
9c:96:ea:7a:21:ed:5c:f0:12:f6:79:f6:d1:97:19:ac:75:82:
41:b6:21:14:0f:8e:a5:21:d3:44:0b:5d:a7:7d:e6:73:d5:4d:
df:a8:ea:2b:53:23:08:aa:73:eb:64:9d:bc:85:4d:d5:e8:67:
f1:c4:68:d4:2c:10:19:af:d1:ab:29:d5:b7:71:e2:a1:07:6f:
7d:48:50:df:57:5d:12:e8:13:2b:0f:4a:8f:e6:b5:aa:f8:9f:
64:d2:db:27:0c:46:7c:4d:ca:14:90:ee:4e:82:64:0e:45:0f:
84:8e:d1:48:a1:3d:05:44:27:b8:24:3b:b0:86:15:9d:12:3f:
c4:38:6f:87:06:79:ec:2c:3b:15:5a:01:09:68:a7:4b:94:b3:
fd:17:99:44:69:92:74:76:85:2e:26:83:52:c1:20:e2:d2:54:
f9:f7:70:33:7a:ae:d4:91:fc:cd:4d:23:6f:44:b3:ec:61:b7:
ff:5f:8a:b5:17:96:37:f3:cf:cc:94:6f:c4:c2:5c:d4:63:6c:
26:99:84:ed:e4:60:eb:22:d2:6c:30:af:ed:14:ea:62:0b:de:
98:99:73:16:49:14:c4:43:c9:f7:1d:1e:2a:80:7f:9f:95:e7:
4a:75:2e:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8X26dIoJ741ZW2lhbRToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Zjg3M2NkMzkzOTIwM2M3NzhhOGVhYWYxNjgzZTk0NjRh
YzM0MDAwHhcNMjUwODIzMDgwMDI5WhcNMjUwODI0MDgwMDI5WjAzMTEwLwYDVQQD
Eyg4YzkzYTY4YzFhN2ZmNThhZDVjMzNlZjY4YzgzNGEwNTNkZmI3OTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4aaZaeON3VmfgrSAL8DkL61Kaz/
ZyHyeKOq9voLLmOrM/nLtAtHxPR63XgtZBlpQWVEaRvWAlBI8kYASk3O385rxOwk
cFqpXq1563CCZN2Ml1vRtW9RXYNefE0X50h4YjKzO98/2YcBBSiYxnmtBFtTHPjK
aojqCF44t4Rd2z6C95E96CJwE/F6jSP8i3C7XRMqUYEfCq9ipaM7BaardSpXxffC
FNb/onw+Mhxlh7dXi5r9WZXpevu1s1mN8EJHT6euPCxhUChlgZo9JILD7rNR8ber
0wV00COYEMJTXAwdd7HSO24xu8elKwLpyDC9YH+2DzWGpnkUljPjESuo+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIyTpowaf/WK1cM+9oyDSgU9+3kXMB8GA1UdIwQY
MBaAFDn4c805OSA8d4qOqvFoPpRkrDQAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85MGU5MjMtMmYyZC00MDg2LTgxOWMt
NGU2NTViNWI2NDI3LzEvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85MGU5MjMtMmYyZC00MDg2LTgxOWMtNGU2NTViNWI2NDI3
LzEvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXN+YOpAz
DYty6CCDkT+hDs8/nJbqeiHtXPAS9nn20ZcZrHWCQbYhFA+OpSHTRAtdp33mc9VN
36jqK1MjCKpz62SdvIVN1ehn8cRo1CwQGa/RqynVt3HioQdvfUhQ31ddEugTKw9K
j+a1qvifZNLbJwxGfE3KFJDuToJkDkUPhI7RSKE9BUQnuCQ7sIYVnRI/xDhvhwZ5
7Cw7FVoBCWinS5Sz/ReZRGmSdHaFLiaDUsEg4tJU+fdwM3qu1JH8zU0jb0Sz7GG3
/1+KtReWN/PPzJRvxMJc1GNsJpmE7eRg6yLSbDCv7RTqYgvemJlzFkkUxEPJ9x0e
KoB/n5XnSnUumg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:06:47 2025 by rpki-client