Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft
File: OhoMABa5sz-T6Kejk9CRkNXhhJk.mft (raw, json)
Hash identifier: RxXIPv/ijo2o4EYVnRyqZGAJZad0ZuHA0Nxhp34ja18=
Subject key identifier: BF:95:81:4B:D1:5C:F9:DC:3B:05:4B:08:6B:6D:1E:89:DA:C1:DD:8A
Authority key identifier: 3A:1A:0C:00:16:B9:B3:3F:93:E8:A7:A3:93:D0:91:90:D5:E1:84:99
Certificate issuer: /CN=3a1a0c0016b9b33f93e8a7a393d09190d5e18499
Certificate serial: 0197CC4CCC932295D4E360536649EAB59022
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OhoMABa5sz-T6Kejk9CRkNXhhJk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft
Manifest number: 0B97
Signing time: Wed 02 Jul 2025 18:01:14 +0000
Manifest this update: Wed 02 Jul 2025 18:01:14 +0000
Manifest next update: Thu 03 Jul 2025 18:01:14 +0000
Files and hashes: 1: OhoMABa5sz-T6Kejk9CRkNXhhJk.crl (hash: ckk3tvspcyR9amDD7CmuFIM2SG1W/7uTw03pqQCjz+o=)
2: UG2XZdsSP9vahLS8deUbiGwgM84.roa (hash: H+YkvMLky6FPgjSDWIrs7G2kpfOLt2YF+/59bitetA8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft
rsync://rpki.ripe.net/repository/DEFAULT/OhoMABa5sz-T6Kejk9CRkNXhhJk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 18:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cc:4c:cc:93:22:95:d4:e3:60:53:66:49:ea:b5:90:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a1a0c0016b9b33f93e8a7a393d09190d5e18499
Validity
Not Before: Jul 2 18:01:14 2025 GMT
Not After : Jul 3 18:01:14 2025 GMT
Subject: CN=bf95814bd15cf9dc3b054b086b6d1e89dac1dd8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3b:69:b6:57:20:4b:1b:6b:0e:37:91:0e:5c:
5c:9e:43:db:0c:00:62:d6:4a:b1:eb:2d:ba:be:d5:
be:3e:61:f8:49:4d:45:12:7b:5e:f1:d8:62:7d:e8:
9d:4c:81:57:6f:08:08:8b:1a:d4:79:5e:de:83:6d:
92:a2:bf:72:1a:66:c6:40:f4:a8:73:02:ff:1d:0e:
d1:70:38:7f:ef:5d:0c:63:bf:82:bb:05:c1:de:31:
b5:35:da:d0:38:6e:da:d3:55:31:d2:da:cd:47:52:
55:8e:53:14:78:8f:d9:0e:f6:34:fd:33:0d:fd:d2:
44:68:36:f3:58:9d:27:65:1e:41:3f:31:98:ab:6a:
e0:e2:53:f5:6d:89:a9:f2:d9:df:7b:71:25:46:10:
d4:34:8d:51:2a:c2:7a:1e:4a:2e:23:db:c7:ee:f7:
fb:4a:d1:77:02:56:d1:89:4f:56:b1:c9:8b:c3:06:
76:22:20:55:a0:cc:c4:0c:1a:96:af:db:8c:d6:fa:
4c:d3:90:7e:58:18:fb:27:6d:67:b9:32:bb:53:c9:
01:fb:00:2e:26:48:01:e6:9f:c3:f0:52:ad:d6:9a:
8d:04:99:b1:51:8c:a4:d6:39:8a:bd:39:ae:88:40:
f1:e2:c0:7b:e4:db:13:0e:ba:db:43:00:2d:fa:92:
67:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:95:81:4B:D1:5C:F9:DC:3B:05:4B:08:6B:6D:1E:89:DA:C1:DD:8A
X509v3 Authority Key Identifier:
keyid:3A:1A:0C:00:16:B9:B3:3F:93:E8:A7:A3:93:D0:91:90:D5:E1:84:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhoMABa5sz-T6Kejk9CRkNXhhJk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:e9:6c:78:65:cd:bc:bd:2c:5f:b0:04:96:92:5b:36:42:db:
4e:39:eb:2c:6a:e2:53:cc:30:99:9b:a8:39:30:78:73:57:f6:
e3:24:5d:30:da:72:36:30:fd:90:6a:9f:18:63:ac:c3:cb:54:
0b:dc:01:96:6a:6b:a1:4d:7e:26:2d:9c:23:f4:4e:2e:3b:fe:
c5:b2:42:a2:31:c9:d1:40:c9:3a:5e:b1:44:b2:a7:d6:11:e2:
6b:76:a4:0e:4c:ad:66:7d:49:c0:49:a4:c7:83:ed:91:eb:e4:
cf:56:f3:ff:58:ca:21:0a:ff:0b:8c:7f:4d:7d:b8:5b:c5:b9:
11:27:05:40:f3:77:e5:f7:4f:60:eb:ff:af:3d:21:8c:48:3e:
e3:27:f3:7b:30:4a:56:e2:19:0f:bb:e8:f6:16:c9:59:64:80:
17:30:c6:58:e7:81:07:8e:d7:79:9c:fb:e8:b7:ab:64:8c:d2:
eb:9b:16:80:1a:23:9f:f3:c9:03:b8:ae:84:35:75:48:f5:ea:
cd:e9:cc:6e:33:20:f2:fe:7d:e9:a7:8b:a8:c7:2e:69:2e:0d:
b5:6e:2f:c6:7b:63:db:30:3b:27:bc:93:d6:0d:b9:38:58:c8:
51:38:ed:c6:48:49:2b:03:28:66:7e:37:36:31:5e:3a:df:a9:
9b:ac:29:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfMTMyTIpXU42BTZknqtZAiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMWEwYzAwMTZiOWIzM2Y5M2U4YTdhMzkzZDA5MTkwZDVl
MTg0OTkwHhcNMjUwNzAyMTgwMTE0WhcNMjUwNzAzMTgwMTE0WjAzMTEwLwYDVQQD
EyhiZjk1ODE0YmQxNWNmOWRjM2IwNTRiMDg2YjZkMWU4OWRhYzFkZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTtptlcgSxtrDjeRDlxcnkPbDABi
1kqx6y26vtW+PmH4SU1FEnte8dhifeidTIFXbwgIixrUeV7eg22Sor9yGmbGQPSo
cwL/HQ7RcDh/710MY7+CuwXB3jG1NdrQOG7a01Ux0trNR1JVjlMUeI/ZDvY0/TMN
/dJEaDbzWJ0nZR5BPzGYq2rg4lP1bYmp8tnfe3ElRhDUNI1RKsJ6HkouI9vH7vf7
StF3AlbRiU9WscmLwwZ2IiBVoMzEDBqWr9uM1vpM05B+WBj7J21nuTK7U8kB+wAu
JkgB5p/D8FKt1pqNBJmxUYyk1jmKvTmuiEDx4sB75NsTDrrbQwAt+pJnAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+VgUvRXPncOwVLCGttHonawd2KMB8GA1UdIwQY
MBaAFDoaDAAWubM/k+ino5PQkZDV4YSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hvTUFCYTVzei1UNktlams5Q1JrTlhoaEprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy85OTU4ODEtMzljZC00MTA0LTliMjkt
MGI2NDU5Nzc1YjY0LzEvT2hvTUFCYTVzei1UNktlams5Q1JrTlhoaEprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy85OTU4ODEtMzljZC00MTA0LTliMjktMGI2NDU5Nzc1YjY0
LzEvT2hvTUFCYTVzei1UNktlams5Q1JrTlhoaEprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZulseGXN
vL0sX7AElpJbNkLbTjnrLGriU8wwmZuoOTB4c1f24yRdMNpyNjD9kGqfGGOsw8tU
C9wBlmproU1+Ji2cI/ROLjv+xbJCojHJ0UDJOl6xRLKn1hHia3akDkytZn1JwEmk
x4Ptkevkz1bz/1jKIQr/C4x/TX24W8W5EScFQPN35fdPYOv/rz0hjEg+4yfzezBK
VuIZD7vo9hbJWWSAFzDGWOeBB47XeZz76LerZIzS65sWgBojn/PJA7iuhDV1SPXq
zenMbjMg8v596aeLqMcuaS4NtW4vxntj2zA7J7yT1g25OFjIUTjtxkhJKwMoZn43
NjFeOt+pm6wpRA==
-----END CERTIFICATE-----
Generated at Thu Jul 3 02:55:59 2025 by rpki-client