Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft
File: OhoMABa5sz-T6Kejk9CRkNXhhJk.mft (raw, json)
Hash identifier: 3pzi8NE8ppVmyC+voh1hWq+VJmRE1bTjawUwY4yFNxY=
Subject key identifier: 1F:36:B6:B8:7A:A2:7C:D8:5F:6F:45:C8:73:2B:17:D8:A6:BB:48:6E
Authority key identifier: 3A:1A:0C:00:16:B9:B3:3F:93:E8:A7:A3:93:D0:91:90:D5:E1:84:99
Certificate issuer: /CN=3a1a0c0016b9b33f93e8a7a393d09190d5e18499
Certificate serial: 0199FC58E6E4980B02CF852A68950DCCCB36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OhoMABa5sz-T6Kejk9CRkNXhhJk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft
Manifest number: 0CB9
Signing time: Sun 19 Oct 2025 12:01:48 +0000
Manifest this update: Sun 19 Oct 2025 12:01:48 +0000
Manifest next update: Mon 20 Oct 2025 12:01:48 +0000
Files and hashes: 1: OhoMABa5sz-T6Kejk9CRkNXhhJk.crl (hash: lSapv101+PTSQmHsvO0oWfcDKpl9JVZw7y9rK3WJCzI=)
2: UG2XZdsSP9vahLS8deUbiGwgM84.roa (hash: H+YkvMLky6FPgjSDWIrs7G2kpfOLt2YF+/59bitetA8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft
rsync://rpki.ripe.net/repository/DEFAULT/OhoMABa5sz-T6Kejk9CRkNXhhJk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:58:e6:e4:98:0b:02:cf:85:2a:68:95:0d:cc:cb:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a1a0c0016b9b33f93e8a7a393d09190d5e18499
Validity
Not Before: Oct 19 12:01:48 2025 GMT
Not After : Oct 20 12:01:48 2025 GMT
Subject: CN=1f36b6b87aa27cd85f6f45c8732b17d8a6bb486e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b4:f1:3c:54:c2:97:a7:48:4a:7d:2c:49:43:
70:ee:28:a0:30:ed:b7:f4:5a:67:d4:10:44:9b:40:
2d:53:8e:2c:a1:24:5c:46:c8:76:9f:b4:ab:5d:91:
88:b4:30:70:32:42:cc:27:53:02:ce:81:72:a2:82:
a4:cb:f6:61:a7:6a:30:a0:4c:a1:f3:f8:3d:73:45:
25:39:dc:a0:50:d6:83:ae:8c:9c:eb:98:42:f3:b8:
4f:1b:bd:c9:07:8f:ee:f5:0b:31:06:ca:9e:d8:47:
29:e3:fc:66:28:90:c6:c3:a4:d4:82:1a:22:12:62:
9d:00:56:a6:42:d9:68:bb:a5:25:b4:b1:f3:a7:44:
44:f1:ce:17:78:2d:d4:b6:4b:6c:d2:c6:94:60:b8:
b0:b6:77:00:f8:a0:07:e7:7b:7f:1a:0b:e4:c6:30:
e8:8a:33:01:4c:25:52:28:8a:f5:37:4d:48:2a:ba:
3a:14:71:44:44:8b:dc:30:c4:1e:06:d9:a8:fb:fc:
5f:2a:8e:d7:c0:fe:07:f8:5d:d7:00:3d:dd:c2:8e:
27:2a:ec:9a:33:04:02:a8:71:de:ae:6c:f6:e7:ad:
50:07:24:16:4d:2b:a2:96:60:c6:04:57:5b:9a:22:
76:ed:7a:4e:68:11:f1:87:06:39:33:97:8a:74:f7:
41:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:36:B6:B8:7A:A2:7C:D8:5F:6F:45:C8:73:2B:17:D8:A6:BB:48:6E
X509v3 Authority Key Identifier:
keyid:3A:1A:0C:00:16:B9:B3:3F:93:E8:A7:A3:93:D0:91:90:D5:E1:84:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhoMABa5sz-T6Kejk9CRkNXhhJk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:41:24:3d:be:7c:0a:84:5a:4b:32:00:59:90:14:a5:e9:4a:
0d:cb:23:69:01:69:d9:9e:ca:57:e6:50:7a:93:05:93:2a:92:
2b:0f:36:51:e7:84:6a:7c:2d:3a:ab:2e:83:60:be:0c:b4:9f:
7e:1b:5f:87:1d:d4:1a:c3:20:63:6b:80:8d:f6:66:75:1d:dd:
6b:8c:d3:50:d0:64:20:82:7c:0c:3f:e0:4f:dd:5f:a7:3f:f4:
e8:83:b1:6e:ec:01:7d:14:6b:17:1a:46:de:39:76:3e:a4:39:
81:41:a8:3d:ca:4f:15:50:56:21:b2:b4:57:79:38:3f:a8:40:
52:ad:74:13:07:a7:63:95:2f:ea:0d:74:94:21:6b:33:f4:2f:
0a:3e:c2:3c:6f:b7:13:76:94:d7:17:39:0e:7a:d4:a0:ca:a0:
02:55:db:ca:08:2b:41:70:a7:e2:37:a1:fe:37:a7:ff:4f:f9:
11:a5:a3:fd:f4:5f:27:d9:7e:e6:5d:1b:46:12:66:5e:cf:92:
9b:50:dc:e2:00:34:27:c6:49:fe:47:f6:06:31:6c:25:26:0f:
c6:5b:f7:5e:7d:7e:3c:4e:ae:cb:11:fb:b5:6e:c1:31:d5:81:
d3:88:03:41:61:93:7a:d4:8d:d1:99:6e:a3:e3:97:39:28:ef:
c4:35:81:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WObkmAsCz4UqaJUNzMs2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMWEwYzAwMTZiOWIzM2Y5M2U4YTdhMzkzZDA5MTkwZDVl
MTg0OTkwHhcNMjUxMDE5MTIwMTQ4WhcNMjUxMDIwMTIwMTQ4WjAzMTEwLwYDVQQD
EygxZjM2YjZiODdhYTI3Y2Q4NWY2ZjQ1Yzg3MzJiMTdkOGE2YmI0ODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrTxPFTCl6dISn0sSUNw7iigMO23
9Fpn1BBEm0AtU44soSRcRsh2n7SrXZGItDBwMkLMJ1MCzoFyooKky/Zhp2owoEyh
8/g9c0UlOdygUNaDroyc65hC87hPG73JB4/u9QsxBsqe2Ecp4/xmKJDGw6TUghoi
EmKdAFamQtlou6UltLHzp0RE8c4XeC3Utkts0saUYLiwtncA+KAH53t/GgvkxjDo
ijMBTCVSKIr1N01IKro6FHFERIvcMMQeBtmo+/xfKo7XwP4H+F3XAD3dwo4nKuya
MwQCqHHermz2561QByQWTSuilmDGBFdbmiJ27XpOaBHxhwY5M5eKdPdB3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB82trh6onzYX29FyHMrF9imu0huMB8GA1UdIwQY
MBaAFDoaDAAWubM/k+ino5PQkZDV4YSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hvTUFCYTVzei1UNktlams5Q1JrTlhoaEprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy85OTU4ODEtMzljZC00MTA0LTliMjkt
MGI2NDU5Nzc1YjY0LzEvT2hvTUFCYTVzei1UNktlams5Q1JrTlhoaEprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy85OTU4ODEtMzljZC00MTA0LTliMjktMGI2NDU5Nzc1YjY0
LzEvT2hvTUFCYTVzei1UNktlams5Q1JrTlhoaEprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAkEkPb58
CoRaSzIAWZAUpelKDcsjaQFp2Z7KV+ZQepMFkyqSKw82UeeEanwtOqsug2C+DLSf
fhtfhx3UGsMgY2uAjfZmdR3da4zTUNBkIIJ8DD/gT91fpz/06IOxbuwBfRRrFxpG
3jl2PqQ5gUGoPcpPFVBWIbK0V3k4P6hAUq10EwenY5Uv6g10lCFrM/QvCj7CPG+3
E3aU1xc5DnrUoMqgAlXbyggrQXCn4jeh/jen/0/5EaWj/fRfJ9l+5l0bRhJmXs+S
m1Dc4gA0J8ZJ/kf2BjFsJSYPxlv3Xn1+PE6uyxH7tW7BMdWB04gDQWGTetSN0Zlu
o+OXOSjvxDWBTg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:05:57 2025 by rpki-client