Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft
File: OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft (raw, json)
Hash identifier: 7Vt4iu99u3U/3EKTsM4IyMOGBR0EKZDRAkEV+CSEsf4=
Subject key identifier: AA:05:7C:E3:D9:88:D2:0E:F1:BE:6E:D6:B9:CD:04:AD:80:F7:50:E5
Authority key identifier: 38:5C:F4:93:9B:EE:EA:EA:F4:40:9C:28:40:EB:34:4C:AB:08:50:E0
Certificate issuer: /CN=385cf4939beeeaeaf4409c2840eb344cab0850e0
Certificate serial: 0197B77C34CCBD281AF1DBDBE4BE1B0F1804
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFz0k5vu6ur0QJwoQOs0TKsIUOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft
Manifest number: 0AFC
Signing time: Sat 28 Jun 2025 17:00:59 +0000
Manifest this update: Sat 28 Jun 2025 17:00:59 +0000
Manifest next update: Sun 29 Jun 2025 17:00:59 +0000
Files and hashes: 1: KI_OzKHWNWDApgfZA8fhKRHWYNw.roa (hash: KgInzOYraW/0zKTqbj1OirpA4x6saReBh+LdfK4ZXdI=)
2: OFz0k5vu6ur0QJwoQOs0TKsIUOA.crl (hash: G3ZDXN4sFAJb1MdKz3JiFVrev/aT9OPgM1AukrPsq78=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OFz0k5vu6ur0QJwoQOs0TKsIUOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:7c:34:cc:bd:28:1a:f1:db:db:e4:be:1b:0f:18:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385cf4939beeeaeaf4409c2840eb344cab0850e0
Validity
Not Before: Jun 28 17:00:59 2025 GMT
Not After : Jun 29 17:00:59 2025 GMT
Subject: CN=aa057ce3d988d20ef1be6ed6b9cd04ad80f750e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:6c:ac:e9:25:48:af:14:0a:70:e4:49:69:58:
6f:1c:09:cf:f9:37:cd:bd:cc:4d:18:c5:a7:b9:a0:
96:2f:d8:af:b3:1d:d6:68:74:16:45:43:1f:59:e8:
19:a7:26:c7:7b:c8:0c:d4:ac:cb:06:95:8c:35:cc:
23:64:ef:0e:ae:fe:be:f4:a7:0a:d7:b7:91:42:c4:
5d:7a:c0:6d:02:2f:3c:7b:ac:b7:c6:5b:72:7b:b8:
64:50:0e:2e:f0:5d:c0:92:bd:b4:66:52:18:b3:43:
98:b7:e2:96:f6:f6:4d:b2:47:fe:93:53:c9:70:03:
68:86:01:6c:f6:ca:d3:e5:34:35:cc:25:8d:b3:ce:
88:29:ba:d6:8f:16:f5:fc:20:0c:d8:d9:5c:bc:10:
58:cb:4b:20:b5:a3:72:7f:de:9f:72:31:03:74:0e:
30:52:f8:14:3e:1c:aa:b1:4a:81:c7:64:73:7b:15:
23:9f:3b:c8:8a:e3:0c:a3:7a:0f:4a:53:53:42:39:
8a:e6:21:51:59:8d:86:d1:d3:7c:00:5e:f7:c8:0a:
f8:ed:b9:c2:01:9f:3e:c0:bd:a7:f8:b9:41:09:b7:
63:35:43:85:22:32:09:d6:11:f5:fe:a9:47:61:eb:
46:92:d2:a6:fd:93:09:fb:c9:a8:8c:90:5e:df:8f:
27:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:05:7C:E3:D9:88:D2:0E:F1:BE:6E:D6:B9:CD:04:AD:80:F7:50:E5
X509v3 Authority Key Identifier:
keyid:38:5C:F4:93:9B:EE:EA:EA:F4:40:9C:28:40:EB:34:4C:AB:08:50:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFz0k5vu6ur0QJwoQOs0TKsIUOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:24:22:cd:62:04:40:77:a8:d0:f6:b9:8b:b7:22:2e:fe:f2:
c6:8c:87:82:30:1f:da:26:cc:d9:c8:3f:26:8b:04:1c:39:91:
44:4b:fa:47:93:c3:87:fb:b6:2d:54:1e:da:1a:7c:3d:14:31:
f5:e3:7b:ec:f7:0c:fe:ec:b7:e2:d4:e4:f4:87:6a:4c:dc:37:
88:7f:68:34:1a:b3:37:bc:4e:8f:4e:36:a9:79:7e:98:30:27:
ce:fb:5d:fe:9e:21:fe:e0:20:8c:70:77:28:ff:a8:b7:46:3d:
fe:7f:f5:70:f9:bd:81:82:0f:6f:40:53:e9:b4:a4:a2:27:fb:
cb:5d:e0:48:30:f0:7e:7b:04:19:69:59:55:69:24:10:fb:25:
c3:76:61:61:8f:2f:5d:ff:7c:e2:48:8c:55:83:32:76:72:df:
02:ac:6a:b4:e5:29:ad:d6:99:4e:84:2e:6d:8f:1b:65:7b:60:
ff:7c:ff:41:38:71:e5:b0:93:4a:bc:e3:17:ec:64:69:12:8f:
47:77:a9:2d:92:67:3d:42:42:d0:a3:67:85:f0:8d:18:8a:b3:
54:d7:8b:8c:de:63:80:7f:ab:c9:89:6e:cb:e2:66:de:ee:6c:
ba:a5:82:81:6a:56:1b:38:85:0e:7d:de:a8:6f:33:fd:b9:96:
21:45:1a:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fDTMvSga8dvb5L4bDxgEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NWNmNDkzOWJlZWVhZWFmNDQwOWMyODQwZWIzNDRjYWIw
ODUwZTAwHhcNMjUwNjI4MTcwMDU5WhcNMjUwNjI5MTcwMDU5WjAzMTEwLwYDVQQD
EyhhYTA1N2NlM2Q5ODhkMjBlZjFiZTZlZDZiOWNkMDRhZDgwZjc1MGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Wys6SVIrxQKcORJaVhvHAnP+TfN
vcxNGMWnuaCWL9ivsx3WaHQWRUMfWegZpybHe8gM1KzLBpWMNcwjZO8Orv6+9KcK
17eRQsRdesBtAi88e6y3xltye7hkUA4u8F3Akr20ZlIYs0OYt+KW9vZNskf+k1PJ
cANohgFs9srT5TQ1zCWNs86IKbrWjxb1/CAM2NlcvBBYy0sgtaNyf96fcjEDdA4w
UvgUPhyqsUqBx2RzexUjnzvIiuMMo3oPSlNTQjmK5iFRWY2G0dN8AF73yAr47bnC
AZ8+wL2n+LlBCbdjNUOFIjIJ1hH1/qlHYetGktKm/ZMJ+8mojJBe348n2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKoFfOPZiNIO8b5u1rnNBK2A91DlMB8GA1UdIwQY
MBaAFDhc9JOb7urq9ECcKEDrNEyrCFDgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Z6MGs1dnU2dXIwUUp3b1FPczBUS3NJVU9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8zNWI2YmQtMTRiNi00M2RjLTgzODQt
N2I3NjE1ZmYwZTk2LzEvT0Z6MGs1dnU2dXIwUUp3b1FPczBUS3NJVU9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8zNWI2YmQtMTRiNi00M2RjLTgzODQtN2I3NjE1ZmYwZTk2
LzEvT0Z6MGs1dnU2dXIwUUp3b1FPczBUS3NJVU9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATCQizWIE
QHeo0Pa5i7ciLv7yxoyHgjAf2ibM2cg/JosEHDmRREv6R5PDh/u2LVQe2hp8PRQx
9eN77PcM/uy34tTk9IdqTNw3iH9oNBqzN7xOj042qXl+mDAnzvtd/p4h/uAgjHB3
KP+ot0Y9/n/1cPm9gYIPb0BT6bSkoif7y13gSDDwfnsEGWlZVWkkEPslw3ZhYY8v
Xf984kiMVYMydnLfAqxqtOUprdaZToQubY8bZXtg/3z/QThx5bCTSrzjF+xkaRKP
R3epLZJnPUJC0KNnhfCNGIqzVNeLjN5jgH+ryYluy+Jm3u5suqWCgWpWGziFDn3e
qG8z/bmWIUUa8g==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:17:55 2025 by rpki-client