Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft
File: oUx52o8IwpnEYya3m55CTkmmh1s.mft (raw, json)
Hash identifier: X83NvjnUcvk+OUUQqFIQUFTKo+XhUtmO/h76t/6Ktto=
Subject key identifier: 81:AA:62:D0:F8:E9:F2:71:18:05:0A:72:62:62:91:CE:59:0F:07:E2
Authority key identifier: A1:4C:79:DA:8F:08:C2:99:C4:63:26:B7:9B:9E:42:4E:49:A6:87:5B
Certificate issuer: /CN=a14c79da8f08c299c46326b79b9e424e49a6875b
Certificate serial: 0198D47459EE9AEDF9D252448E4E3C6319C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oUx52o8IwpnEYya3m55CTkmmh1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft
Manifest number: 15D9
Signing time: Sat 23 Aug 2025 01:04:11 +0000
Manifest this update: Sat 23 Aug 2025 01:04:11 +0000
Manifest next update: Sun 24 Aug 2025 01:04:11 +0000
Files and hashes: 1: oUx52o8IwpnEYya3m55CTkmmh1s.crl (hash: 0hMwVTV2kIKLh/0S8Q3W0GNLQklGoY4B5AT3+q9zong=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft
rsync://rpki.ripe.net/repository/DEFAULT/oUx52o8IwpnEYya3m55CTkmmh1s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 01:04:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:74:59:ee:9a:ed:f9:d2:52:44:8e:4e:3c:63:19:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a14c79da8f08c299c46326b79b9e424e49a6875b
Validity
Not Before: Aug 23 01:04:11 2025 GMT
Not After : Aug 24 01:04:11 2025 GMT
Subject: CN=81aa62d0f8e9f27118050a72626291ce590f07e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b8:a3:a5:ab:49:bc:c8:f6:60:30:bc:67:a5:
bc:db:b4:7d:36:6e:ef:70:be:05:6b:b1:ef:ab:4f:
d8:32:3d:96:98:99:ce:34:5b:50:a4:8a:46:0a:d1:
bf:13:11:eb:28:05:6d:4c:5d:9f:cf:69:db:25:85:
aa:65:d4:a4:8e:aa:ff:d0:dc:76:df:68:05:6b:99:
3d:d8:42:d8:9f:28:4f:e9:7b:20:c5:80:ac:2c:a8:
a4:31:4d:9e:8a:f2:ee:fc:0c:27:07:5f:49:cd:ce:
39:b7:bc:8f:8a:d9:32:25:09:aa:8b:e7:09:32:8d:
f8:f2:0f:31:ed:80:59:b0:89:e0:35:f6:82:57:bd:
b2:9b:9f:28:41:3d:97:5f:a9:a0:1a:e5:79:36:40:
34:7d:fd:dc:59:9f:06:a6:cd:8e:7b:1c:46:d2:4a:
4b:06:15:51:7b:64:0d:3d:ef:91:cb:bb:4e:e9:c1:
83:0f:f2:80:5b:6c:51:36:1b:ea:76:17:74:c0:70:
67:ef:e3:8c:99:e3:9f:b8:44:9a:b4:9f:48:0e:e7:
59:75:c4:30:17:24:84:9d:08:43:c5:c1:d4:8f:56:
f5:44:2e:85:19:f8:56:02:62:a4:d7:b8:14:a0:b8:
40:ae:1d:4d:b7:48:94:65:36:06:74:27:3b:86:e7:
19:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:AA:62:D0:F8:E9:F2:71:18:05:0A:72:62:62:91:CE:59:0F:07:E2
X509v3 Authority Key Identifier:
keyid:A1:4C:79:DA:8F:08:C2:99:C4:63:26:B7:9B:9E:42:4E:49:A6:87:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUx52o8IwpnEYya3m55CTkmmh1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:d6:3d:2a:eb:ac:28:0c:8e:b2:10:3a:15:ca:83:5d:2a:bb:
51:d4:d0:6f:53:13:56:58:20:fd:a0:b5:60:ab:91:ac:72:d3:
79:90:02:35:01:02:6a:7e:8a:8d:1b:2d:b2:7e:94:a4:ba:c7:
41:16:b2:d1:f8:ce:60:47:e5:5d:61:90:98:9e:f7:e5:80:30:
f1:cb:01:64:ee:87:54:28:64:63:ab:72:80:a9:71:12:2c:23:
98:ef:4a:9a:4d:c9:43:65:83:0a:e4:60:48:16:81:02:5a:9c:
11:fd:57:56:3b:78:16:e8:a3:54:44:e9:9d:b1:7f:3f:1b:61:
93:80:f4:2e:2f:4b:ee:9c:9f:57:9f:cb:d6:b1:75:0c:09:09:
c9:78:3b:77:3c:1e:77:71:58:30:3c:12:c2:21:4b:7e:d1:4b:
66:59:86:d8:22:5d:c8:4f:95:f2:e6:98:f9:9a:ea:ad:73:c9:
11:ba:32:34:19:a4:04:c6:40:be:34:31:f1:80:b7:e7:2c:1e:
2d:e4:ad:3b:71:73:4a:f4:30:9e:a3:0c:87:62:ed:a8:58:48:
7d:32:82:3c:ab:d1:a2:9d:2a:5a:d6:42:10:2a:ce:6e:7d:a9:
b5:6a:97:aa:a2:62:f3:92:00:53:4c:2a:91:ca:e8:a9:fe:ad:
a8:c1:77:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdFnumu350lJEjk48YxnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNGM3OWRhOGYwOGMyOTljNDYzMjZiNzliOWU0MjRlNDlh
Njg3NWIwHhcNMjUwODIzMDEwNDExWhcNMjUwODI0MDEwNDExWjAzMTEwLwYDVQQD
Eyg4MWFhNjJkMGY4ZTlmMjcxMTgwNTBhNzI2MjYyOTFjZTU5MGYwN2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLijpatJvMj2YDC8Z6W827R9Nm7v
cL4Fa7Hvq0/YMj2WmJnONFtQpIpGCtG/ExHrKAVtTF2fz2nbJYWqZdSkjqr/0Nx2
32gFa5k92ELYnyhP6XsgxYCsLKikMU2eivLu/AwnB19Jzc45t7yPitkyJQmqi+cJ
Mo348g8x7YBZsIngNfaCV72ym58oQT2XX6mgGuV5NkA0ff3cWZ8Gps2OexxG0kpL
BhVRe2QNPe+Ry7tO6cGDD/KAW2xRNhvqdhd0wHBn7+OMmeOfuESatJ9IDudZdcQw
FySEnQhDxcHUj1b1RC6FGfhWAmKk17gUoLhArh1Nt0iUZTYGdCc7hucZnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIGqYtD46fJxGAUKcmJikc5ZDwfiMB8GA1UdIwQY
MBaAFKFMedqPCMKZxGMmt5ueQk5JpodbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1V4NTJvOEl3cG5FWXlhM201NUNUa21taDFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yMmViNTMtNGY2MC00MTFiLTg0MDkt
ZDRjOTdmZjZlMTFlLzEvb1V4NTJvOEl3cG5FWXlhM201NUNUa21taDFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yMmViNTMtNGY2MC00MTFiLTg0MDktZDRjOTdmZjZlMTFl
LzEvb1V4NTJvOEl3cG5FWXlhM201NUNUa21taDFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHNY9Kuus
KAyOshA6FcqDXSq7UdTQb1MTVlgg/aC1YKuRrHLTeZACNQECan6KjRstsn6UpLrH
QRay0fjOYEflXWGQmJ735YAw8csBZO6HVChkY6tygKlxEiwjmO9Kmk3JQ2WDCuRg
SBaBAlqcEf1XVjt4FuijVETpnbF/Pxthk4D0Li9L7pyfV5/L1rF1DAkJyXg7dzwe
d3FYMDwSwiFLftFLZlmG2CJdyE+V8uaY+ZrqrXPJEboyNBmkBMZAvjQx8YC35ywe
LeStO3FzSvQwnqMMh2LtqFhIfTKCPKvRop0qWtZCECrObn2ptWqXqqJi85IAU0wq
kcroqf6tqMF3IQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:40:56 2025 by rpki-client