Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft
File: oNki4v4kvSzaeToqrcEzYlAM2bE.mft (raw, json)
Hash identifier: rWAb02QSeB//KORhFpWwqtA9iuqP40QMuQqmevzTiNg=
Subject key identifier: F4:F7:99:A6:5B:BF:FF:BC:23:F9:C5:14:AE:C9:57:8E:15:21:B1:45
Authority key identifier: A0:D9:22:E2:FE:24:BD:2C:DA:79:3A:2A:AD:C1:33:62:50:0C:D9:B1
Certificate issuer: /CN=a0d922e2fe24bd2cda793a2aadc13362500cd9b1
Certificate serial: 0199FC8F52FA16400D9E60256D9B4AC6EED3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNki4v4kvSzaeToqrcEzYlAM2bE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft
Manifest number: 0CE5
Signing time: Sun 19 Oct 2025 13:01:15 +0000
Manifest this update: Sun 19 Oct 2025 13:01:15 +0000
Manifest next update: Mon 20 Oct 2025 13:01:15 +0000
Files and hashes: 1: QU8GopeOlHwkTprCT-S3aTgX93c.roa (hash: wdEn+nBxYgSylw1Zt9va3XXWns8S/pGLaLLxEZ/5irY=)
2: oNki4v4kvSzaeToqrcEzYlAM2bE.crl (hash: NrDk1QRMV/ojDNSoF2lSoD/cVJ9cOxbJbKcCjQjuV/Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNki4v4kvSzaeToqrcEzYlAM2bE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:8f:52:fa:16:40:0d:9e:60:25:6d:9b:4a:c6:ee:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d922e2fe24bd2cda793a2aadc13362500cd9b1
Validity
Not Before: Oct 19 13:01:15 2025 GMT
Not After : Oct 20 13:01:15 2025 GMT
Subject: CN=f4f799a65bbfffbc23f9c514aec9578e1521b145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5d:d3:f4:b5:25:c8:74:3d:d2:31:7a:97:38:
9a:77:f2:66:54:8a:8e:aa:6c:e2:63:8e:9d:7c:1f:
a7:08:aa:b5:f5:49:9a:19:2e:6c:cc:52:d3:fa:f2:
6f:15:a6:4b:35:a6:29:e4:58:85:31:99:a4:24:99:
fa:77:3f:6e:83:b5:4f:59:9e:90:77:4c:8a:36:ff:
cd:57:a0:b0:44:2e:77:c9:26:b8:71:1e:3f:57:cf:
db:fe:64:ce:a5:64:2c:bf:82:4f:03:98:44:e0:ae:
13:9a:e0:fd:bf:01:72:78:1e:e5:9b:75:c8:81:19:
1e:82:e5:dc:6d:d6:6f:00:15:e9:d8:31:e1:99:21:
39:d5:84:a4:b1:29:d0:06:fe:77:84:d1:fd:38:b7:
57:0f:dc:80:c4:80:0e:41:8f:d0:d3:97:d8:df:b5:
35:7b:e5:32:5a:07:4c:a4:38:27:80:f4:fd:0a:d8:
1e:06:56:48:20:9c:76:6c:fe:07:68:ab:46:05:ec:
3c:54:75:3a:d4:95:9c:73:9b:43:66:89:11:11:ce:
ec:ca:6b:58:19:49:a8:9c:e5:92:14:44:11:9f:9d:
e7:63:65:5d:42:19:ff:72:b2:46:a6:d6:2b:fb:c5:
61:47:02:b1:5b:03:32:b7:d2:1b:29:4e:d3:f5:bf:
36:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F7:99:A6:5B:BF:FF:BC:23:F9:C5:14:AE:C9:57:8E:15:21:B1:45
X509v3 Authority Key Identifier:
keyid:A0:D9:22:E2:FE:24:BD:2C:DA:79:3A:2A:AD:C1:33:62:50:0C:D9:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNki4v4kvSzaeToqrcEzYlAM2bE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:84:11:4e:eb:eb:9f:5d:98:29:0c:40:9f:88:f7:96:aa:4c:
19:45:21:f4:a8:54:9b:b0:d1:55:f5:5c:a6:c6:e1:68:20:d3:
d2:81:a8:3a:9b:8a:c5:71:49:b7:0f:55:3d:be:0b:e5:96:46:
11:c1:2a:da:da:62:d3:88:73:60:be:c4:f5:ef:e9:45:29:b9:
82:1a:aa:db:84:bd:df:d9:2a:c1:d6:26:90:fe:15:e3:ef:9d:
d8:57:18:e2:fb:2a:96:d1:91:19:67:61:cb:e6:d6:b2:ea:c3:
67:ba:87:0a:3c:a5:7e:c2:da:20:14:40:4e:89:59:ce:8e:18:
91:dc:4b:16:59:47:ea:16:52:a3:ee:43:f6:0c:c2:80:ac:fe:
ce:31:2f:30:17:a9:15:e3:1f:20:79:a2:31:b3:56:b8:37:7b:
d7:50:7e:b4:b1:9f:f4:ae:d0:4e:2c:bb:62:c4:f7:fb:8f:71:
5a:83:4e:5b:30:e5:09:04:4c:3a:b4:78:bc:22:c9:d3:b5:10:
bd:c4:a8:d7:20:47:43:06:7c:c2:2e:57:0f:45:9e:f4:26:01:
f9:35:31:8b:05:c2:2e:05:3b:81:84:86:cc:54:88:2c:f3:a4:
53:22:ee:2d:40:07:dd:97:ba:df:e5:55:08:9d:86:de:f3:da:
ed:62:12:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j1L6FkANnmAlbZtKxu7TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDkyMmUyZmUyNGJkMmNkYTc5M2EyYWFkYzEzMzYyNTAw
Y2Q5YjEwHhcNMjUxMDE5MTMwMTE1WhcNMjUxMDIwMTMwMTE1WjAzMTEwLwYDVQQD
EyhmNGY3OTlhNjViYmZmZmJjMjNmOWM1MTRhZWM5NTc4ZTE1MjFiMTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzF3T9LUlyHQ90jF6lziad/JmVIqO
qmziY46dfB+nCKq19UmaGS5szFLT+vJvFaZLNaYp5FiFMZmkJJn6dz9ug7VPWZ6Q
d0yKNv/NV6CwRC53ySa4cR4/V8/b/mTOpWQsv4JPA5hE4K4TmuD9vwFyeB7lm3XI
gRkeguXcbdZvABXp2DHhmSE51YSksSnQBv53hNH9OLdXD9yAxIAOQY/Q05fY37U1
e+UyWgdMpDgngPT9CtgeBlZIIJx2bP4HaKtGBew8VHU61JWcc5tDZokREc7symtY
GUmonOWSFEQRn53nY2VdQhn/crJGptYr+8VhRwKxWwMyt9IbKU7T9b82ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPT3maZbv/+8I/nFFK7JV44VIbFFMB8GA1UdIwQY
MBaAFKDZIuL+JL0s2nk6Kq3BM2JQDNmxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05raTR2NGt2U3phZVRvcXJjRXpZbEFNMmJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9kNGZjNGMtNDgxNS00ZTU2LWJmNzMt
NGE2YWNlMjZiOTcyLzEvb05raTR2NGt2U3phZVRvcXJjRXpZbEFNMmJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9kNGZjNGMtNDgxNS00ZTU2LWJmNzMtNGE2YWNlMjZiOTcy
LzEvb05raTR2NGt2U3phZVRvcXJjRXpZbEFNMmJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXYQRTuvr
n12YKQxAn4j3lqpMGUUh9KhUm7DRVfVcpsbhaCDT0oGoOpuKxXFJtw9VPb4L5ZZG
EcEq2tpi04hzYL7E9e/pRSm5ghqq24S939kqwdYmkP4V4++d2FcY4vsqltGRGWdh
y+bWsurDZ7qHCjylfsLaIBRATolZzo4YkdxLFllH6hZSo+5D9gzCgKz+zjEvMBep
FeMfIHmiMbNWuDd711B+tLGf9K7QTiy7YsT3+49xWoNOWzDlCQRMOrR4vCLJ07UQ
vcSo1yBHQwZ8wi5XD0We9CYB+TUxiwXCLgU7gYSGzFSILPOkUyLuLUAH3Ze63+VV
CJ2G3vPa7WIS6w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:50:49 2025 by rpki-client