Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.mft
File: dOEz6h5A_BPgdOMncQpTRKlgtcA.mft (raw, json)
Hash identifier: fSg8OiXJ5iz77+OeauoC12NJvSbz3iZ2njVyLWOqS5M=
Subject key identifier: F3:A1:6E:F0:B1:C8:96:38:E8:03:8F:6D:71:A3:D6:85:17:EC:E0:29
Authority key identifier: 74:E1:33:EA:1E:40:FC:13:E0:74:E3:27:71:0A:53:44:A9:60:B5:C0
Certificate issuer: /CN=74e133ea1e40fc13e074e327710a5344a960b5c0
Certificate serial: 0198D6CDEF2A332CA13F295DAA7686180DB7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.mft
Manifest number: 0CF9
Signing time: Sat 23 Aug 2025 12:01:16 +0000
Manifest this update: Sat 23 Aug 2025 12:01:16 +0000
Manifest next update: Sun 24 Aug 2025 12:01:16 +0000
Files and hashes: 1: XXhZSJTw-3dSmsRY9bvXQqHBaIs.roa (hash: mmW0AxSNYmhmTbAA4XApc0Tjpzzlw3yy/NM/Jy4hxuI=)
2: dOEz6h5A_BPgdOMncQpTRKlgtcA.crl (hash: zPyE2xOWNLGiyietPKduaWfCRGk9NXQON/ldunvdSJQ=)
3: lQpPjj9gpOYnRRV52S0ec3Spick.roa (hash: 2/R15nQqw+pyTSeVtt80lTdeScEa1kOW3xe+Ueb0Hdo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:cd:ef:2a:33:2c:a1:3f:29:5d:aa:76:86:18:0d:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e133ea1e40fc13e074e327710a5344a960b5c0
Validity
Not Before: Aug 23 12:01:16 2025 GMT
Not After : Aug 24 12:01:16 2025 GMT
Subject: CN=f3a16ef0b1c89638e8038f6d71a3d68517ece029
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e5:f4:96:57:98:7d:da:8a:90:31:d1:3f:73:
f1:d8:f3:62:ca:7e:83:61:41:32:08:4d:5e:d9:5a:
08:8a:31:2c:bc:7f:4a:24:96:bf:ba:89:1c:21:21:
61:69:65:66:c5:0a:db:0e:72:51:be:54:2d:d3:ba:
68:26:c5:b0:dd:96:dc:f7:23:27:c8:ff:d6:5f:72:
b7:5d:62:89:5c:35:b8:dd:be:6a:21:38:ad:e9:e7:
6f:84:c6:e7:50:ff:4b:45:b4:d4:0b:ff:7b:11:aa:
1b:3b:40:83:90:59:c8:aa:df:74:80:fe:28:5a:38:
8e:20:d6:13:a8:9c:9b:49:8e:31:41:f5:ae:e6:92:
9f:2f:c2:e7:fe:b8:ed:1a:e0:43:49:9a:02:05:73:
40:e7:01:e2:85:14:f3:ae:94:ef:42:29:d5:26:8d:
db:e9:32:6e:92:5d:13:56:6f:af:3e:53:d2:dd:e8:
11:b9:3b:cb:bd:dc:f0:85:ee:d9:fe:f0:88:31:2c:
9b:78:65:da:7f:da:34:8f:5e:d1:be:d1:21:b0:d8:
d2:fa:d4:e3:df:b1:cd:b6:5a:b3:2d:77:9d:ab:7f:
12:dd:61:30:33:eb:58:03:86:20:0f:cc:c9:02:56:
b5:f2:0d:55:cd:97:80:2e:13:3f:64:84:47:80:73:
92:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A1:6E:F0:B1:C8:96:38:E8:03:8F:6D:71:A3:D6:85:17:EC:E0:29
X509v3 Authority Key Identifier:
keyid:74:E1:33:EA:1E:40:FC:13:E0:74:E3:27:71:0A:53:44:A9:60:B5:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c1:57:8e:21:33:b2:87:14:18:d5:a5:7b:1f:e8:4a:e4:f0:45:
37:ef:6b:de:7e:b6:ae:a2:3d:1b:88:be:96:b0:50:cc:43:44:
d3:d3:b4:86:80:73:2c:f6:ba:eb:bd:71:1b:bd:e2:12:88:b1:
53:3f:d5:25:2e:73:70:92:ef:1a:78:09:f4:ec:4a:3e:41:24:
48:fd:90:c3:84:08:7f:88:32:9b:74:0b:0c:46:40:63:c9:4a:
e5:e4:6c:cd:12:06:24:83:6c:fd:3b:68:88:ce:1a:ee:95:cd:
55:3a:8d:6a:c7:55:53:09:48:cd:ff:0a:02:25:8c:61:da:33:
46:a1:32:27:92:1d:e8:49:9d:25:ee:ae:3f:f1:ef:3c:26:26:
b0:68:37:69:f1:d9:42:64:dd:f8:ae:7c:4a:9a:2e:ad:8b:05:
12:92:07:73:c8:fc:96:fa:37:a6:9b:f5:6e:ab:67:b7:64:11:
76:ca:05:fc:94:19:9f:e9:cd:9c:6b:1c:52:5c:4c:f4:5c:1d:
44:96:78:d2:80:16:e9:87:4c:cb:d7:9b:cf:61:28:da:3f:aa:
31:89:74:81:98:dc:17:93:2d:b2:e9:47:d3:53:ac:e6:d3:f6:
95:83:1c:91:5e:ea:08:48:2b:a9:d0:04:31:0b:9e:a0:b2:31:
a3:9d:b0:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWze8qMyyhPyldqnaGGA23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTEzM2VhMWU0MGZjMTNlMDc0ZTMyNzcxMGE1MzQ0YTk2
MGI1YzAwHhcNMjUwODIzMTIwMTE2WhcNMjUwODI0MTIwMTE2WjAzMTEwLwYDVQQD
EyhmM2ExNmVmMGIxYzg5NjM4ZTgwMzhmNmQ3MWEzZDY4NTE3ZWNlMDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuX0lleYfdqKkDHRP3Px2PNiyn6D
YUEyCE1e2VoIijEsvH9KJJa/uokcISFhaWVmxQrbDnJRvlQt07poJsWw3Zbc9yMn
yP/WX3K3XWKJXDW43b5qITit6edvhMbnUP9LRbTUC/97EaobO0CDkFnIqt90gP4o
WjiOINYTqJybSY4xQfWu5pKfL8Ln/rjtGuBDSZoCBXNA5wHihRTzrpTvQinVJo3b
6TJukl0TVm+vPlPS3egRuTvLvdzwhe7Z/vCIMSybeGXaf9o0j17RvtEhsNjS+tTj
37HNtlqzLXedq38S3WEwM+tYA4YgD8zJAla18g1VzZeALhM/ZIRHgHOSGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPOhbvCxyJY46AOPbXGj1oUX7OApMB8GA1UdIwQY
MBaAFHThM+oeQPwT4HTjJ3EKU0SpYLXAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9FejZoNUFfQlBnZE9NbmNRcFRSS2xndGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8xZjU1ODctY2I5Mi00OTE3LThjZjMt
MmNiOWUyMTcyZjk3LzEvZE9FejZoNUFfQlBnZE9NbmNRcFRSS2xndGNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8xZjU1ODctY2I5Mi00OTE3LThjZjMtMmNiOWUyMTcyZjk3
LzEvZE9FejZoNUFfQlBnZE9NbmNRcFRSS2xndGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwVeOITOy
hxQY1aV7H+hK5PBFN+9r3n62rqI9G4i+lrBQzENE09O0hoBzLPa6671xG73iEoix
Uz/VJS5zcJLvGngJ9OxKPkEkSP2Qw4QIf4gym3QLDEZAY8lK5eRszRIGJINs/Tto
iM4a7pXNVTqNasdVUwlIzf8KAiWMYdozRqEyJ5Id6EmdJe6uP/HvPCYmsGg3afHZ
QmTd+K58SpourYsFEpIHc8j8lvo3ppv1bqtnt2QRdsoF/JQZn+nNnGscUlxM9Fwd
RJZ40oAW6YdMy9ebz2Eo2j+qMYl0gZjcF5MtsulH01Os5tP2lYMckV7qCEgrqdAE
MQueoLIxo52wrQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:03:37 2025 by rpki-client