Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.mft
File: oVHP748-2G0RrqutTRngal0HDTA.mft (raw, json)
Hash identifier: xhhKo6UJlOm6SJ5RrxhbeStGCVBC2ebWTaHvQPRqTS4=
Subject key identifier: 3A:1C:9E:C7:2A:5A:38:0C:C8:AD:41:D4:51:09:6B:55:DC:80:7F:D4
Authority key identifier: A1:51:CF:EF:8F:3E:D8:6D:11:AE:AB:AD:4D:19:E0:6A:5D:07:0D:30
Certificate issuer: /CN=a151cfef8f3ed86d11aeabad4d19e06a5d070d30
Certificate serial: 0198D65FB9D807A22CEC808E49ABCAB3DA2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oVHP748-2G0RrqutTRngal0HDTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.mft
Manifest number: 1649
Signing time: Sat 23 Aug 2025 10:00:54 +0000
Manifest this update: Sat 23 Aug 2025 10:00:54 +0000
Manifest next update: Sun 24 Aug 2025 10:00:54 +0000
Files and hashes: 1: cURozdoKIb78CE26-wMYNNQ7Uyc.roa (hash: dA/x8vNS0uSWiGck2vmKHPyuh1JLESwmF1FR0wRZ1Jw=)
2: oVHP748-2G0RrqutTRngal0HDTA.crl (hash: 401YTPcvuKkrMPnTyPuo8iPfPYiTJaMYoHe7SyrzSiU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/oVHP748-2G0RrqutTRngal0HDTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:5f:b9:d8:07:a2:2c:ec:80:8e:49:ab:ca:b3:da:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a151cfef8f3ed86d11aeabad4d19e06a5d070d30
Validity
Not Before: Aug 23 10:00:54 2025 GMT
Not After : Aug 24 10:00:54 2025 GMT
Subject: CN=3a1c9ec72a5a380cc8ad41d451096b55dc807fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:6c:80:77:fa:01:1c:39:d5:1e:7e:bd:5f:7e:
94:44:6b:36:5b:85:33:61:49:14:7d:94:e0:ef:29:
b4:79:b2:bc:28:31:a1:50:57:f6:20:04:5e:43:8c:
c9:05:a7:fb:93:e2:f4:67:56:74:ee:a8:f7:4c:8a:
a7:6e:d8:48:ee:30:32:0b:3b:99:84:24:13:d1:02:
91:05:0a:0e:5b:1d:24:fe:63:a3:f1:fc:05:6e:c8:
c4:6c:8e:87:05:37:af:86:8a:c1:c8:89:05:78:55:
4a:e8:c8:ff:8d:a5:a4:83:b7:51:02:b6:74:4a:74:
6e:c4:68:1a:dd:41:eb:f4:e2:20:63:4b:b9:d8:7c:
c5:c7:54:a1:fc:31:f9:d2:0f:3f:34:57:c7:a8:df:
a5:60:af:e4:e7:27:f9:83:c2:66:7a:2f:97:f0:6c:
06:59:cd:ca:f4:2f:50:98:c0:52:97:5c:bf:f0:64:
ca:a3:f5:cc:0c:aa:c3:58:42:b3:a6:bc:af:e0:7e:
3f:8a:f2:be:eb:39:84:3c:05:07:97:04:3a:41:f2:
a6:a8:0b:96:49:48:53:cd:42:44:b0:af:dc:e0:38:
89:34:56:09:77:08:8d:4e:d1:3d:ae:31:3a:11:20:
fa:01:29:7f:9b:ad:7c:4c:c9:78:8f:41:43:c8:3c:
0c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:1C:9E:C7:2A:5A:38:0C:C8:AD:41:D4:51:09:6B:55:DC:80:7F:D4
X509v3 Authority Key Identifier:
keyid:A1:51:CF:EF:8F:3E:D8:6D:11:AE:AB:AD:4D:19:E0:6A:5D:07:0D:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oVHP748-2G0RrqutTRngal0HDTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:ba:fd:20:e8:e0:95:53:80:59:c6:06:4d:18:10:02:37:42:
39:d9:6a:ab:08:9d:49:5e:ba:bd:57:2f:08:4a:62:1a:c5:2b:
c7:86:94:6a:f1:f5:c9:b6:d9:d4:58:f2:f3:fd:da:ff:64:dc:
76:ac:ab:6c:bb:c0:04:6a:60:5b:d6:3d:39:45:af:04:2e:03:
6b:4a:9d:08:6f:b6:88:8c:40:31:02:d8:7c:01:f9:10:48:b8:
0c:62:c1:1a:a5:fe:25:32:01:3b:0d:c5:4c:75:28:c4:03:6a:
3f:c9:11:29:3b:44:96:ba:68:80:41:fa:9f:0b:68:3d:05:30:
76:7a:db:1e:ee:54:0e:4e:3e:de:ec:7b:46:9e:58:e1:bb:c4:
16:04:68:f7:a7:de:c4:55:23:30:13:04:63:05:1d:2c:c4:85:
f1:bb:46:2c:c8:86:a3:4b:e9:81:4c:57:83:a3:c4:71:c1:bf:
f0:5a:e2:42:30:94:06:01:8d:33:31:08:d8:40:c6:43:a6:64:
9f:d4:55:f6:df:1e:32:02:a1:af:c2:01:df:7b:a0:70:30:48:
0d:fb:9e:5d:d3:3c:81:ea:56:cf:33:46:1d:76:d1:5f:8d:ce:
82:63:06:da:5c:26:1c:d4:13:e6:59:c1:1b:5f:af:b8:93:28:
20:d5:29:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX7nYB6Is7ICOSavKs9ovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNTFjZmVmOGYzZWQ4NmQxMWFlYWJhZDRkMTllMDZhNWQw
NzBkMzAwHhcNMjUwODIzMTAwMDU0WhcNMjUwODI0MTAwMDU0WjAzMTEwLwYDVQQD
EygzYTFjOWVjNzJhNWEzODBjYzhhZDQxZDQ1MTA5NmI1NWRjODA3ZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3myAd/oBHDnVHn69X36URGs2W4Uz
YUkUfZTg7ym0ebK8KDGhUFf2IAReQ4zJBaf7k+L0Z1Z07qj3TIqnbthI7jAyCzuZ
hCQT0QKRBQoOWx0k/mOj8fwFbsjEbI6HBTevhorByIkFeFVK6Mj/jaWkg7dRArZ0
SnRuxGga3UHr9OIgY0u52HzFx1Sh/DH50g8/NFfHqN+lYK/k5yf5g8Jmei+X8GwG
Wc3K9C9QmMBSl1y/8GTKo/XMDKrDWEKzpryv4H4/ivK+6zmEPAUHlwQ6QfKmqAuW
SUhTzUJEsK/c4DiJNFYJdwiNTtE9rjE6ESD6ASl/m618TMl4j0FDyDwMywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDocnscqWjgMyK1B1FEJa1XcgH/UMB8GA1UdIwQY
MBaAFKFRz++PPthtEa6rrU0Z4GpdBw0wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1ZIUDc0OC0yRzBScnF1dFRSbmdhbDBIRFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS85NTliOWYtMTQwOC00Y2Y3LThlNzUt
NDA0NmEzMmQyN2E0LzEvb1ZIUDc0OC0yRzBScnF1dFRSbmdhbDBIRFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS85NTliOWYtMTQwOC00Y2Y3LThlNzUtNDA0NmEzMmQyN2E0
LzEvb1ZIUDc0OC0yRzBScnF1dFRSbmdhbDBIRFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbbr9IOjg
lVOAWcYGTRgQAjdCOdlqqwidSV66vVcvCEpiGsUrx4aUavH1ybbZ1Fjy8/3a/2Tc
dqyrbLvABGpgW9Y9OUWvBC4Da0qdCG+2iIxAMQLYfAH5EEi4DGLBGqX+JTIBOw3F
THUoxANqP8kRKTtElrpogEH6nwtoPQUwdnrbHu5UDk4+3ux7Rp5Y4bvEFgRo96fe
xFUjMBMEYwUdLMSF8btGLMiGo0vpgUxXg6PEccG/8FriQjCUBgGNMzEI2EDGQ6Zk
n9RV9t8eMgKhr8IB33ugcDBIDfueXdM8gepWzzNGHXbRX43OgmMG2lwmHNQT5lnB
G1+vuJMoINUp1A==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:05:27 2025 by rpki-client