Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
File: 1OKXHl2BaclArwINsCe-2tiZFZA.mft (raw, json)
Hash identifier: oSsYUTg2xlag/AMDzs63tq5s8Uvnf5k7N4vv5kUZHzI=
Subject key identifier: 35:54:FC:B6:BC:C6:5F:44:50:85:60:16:1C:9B:1C:65:47:8C:42:7B
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial: 0197B74530775EE32207722495642543B9FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
Manifest number: 15B9
Signing time: Sat 28 Jun 2025 16:00:54 +0000
Manifest this update: Sat 28 Jun 2025 16:00:54 +0000
Manifest next update: Sun 29 Jun 2025 16:00:54 +0000
Files and hashes: 1: 1OKXHl2BaclArwINsCe-2tiZFZA.crl (hash: CtmzTAdJd/9yPWs+uN5PULn58ZzZtNLAATn60Ldem9w=)
2: JSqJ02JsxZMyq1FZ1Ds1WnAXfzM.roa (hash: FrjQUqzgc9bbbA26gpxWpuyB85Zjnu+GzKv9yBO8vww=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:45:30:77:5e:e3:22:07:72:24:95:64:25:43:b9:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
Validity
Not Before: Jun 28 16:00:54 2025 GMT
Not After : Jun 29 16:00:54 2025 GMT
Subject: CN=3554fcb6bcc65f44508560161c9b1c65478c427b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f6:2c:c6:8d:ca:d2:38:12:f9:54:72:1d:31:
6c:1f:7d:17:af:bd:99:2b:e2:1c:58:e3:ab:8a:5f:
d1:0c:86:e1:a2:90:2e:fb:3a:55:b0:d2:dd:d0:0d:
b1:57:9f:c4:c6:db:a2:8a:b2:ec:bb:c8:51:95:16:
4f:96:29:51:ee:0e:6d:83:e3:59:67:be:e4:67:67:
1c:f2:88:20:ea:aa:5b:70:5c:cb:35:6f:d9:5d:84:
8c:85:41:fc:ef:9d:53:c0:5c:61:94:fd:32:44:c5:
58:d6:68:95:47:58:44:b6:99:9a:6e:b3:37:7f:fd:
4f:64:75:50:98:ce:da:1f:c4:d9:ba:fb:15:41:cc:
80:df:1f:3b:b1:a6:86:ad:0f:4d:a0:ce:b1:25:14:
50:90:fe:95:7e:56:6d:7f:46:73:d9:05:bf:11:72:
72:fa:f9:f8:47:91:53:51:f2:74:ac:5f:a9:a2:bd:
8a:df:8b:c9:61:84:b7:b6:e9:09:17:81:72:0c:c0:
80:42:13:6c:23:c5:e0:a9:89:33:40:bc:b3:69:e5:
be:e1:66:89:5e:2f:a5:cd:f5:7c:71:9a:38:8e:56:
f5:5d:73:7f:52:44:8b:06:87:52:fc:1a:83:97:fd:
a6:dd:14:54:9f:6d:7b:45:f8:db:7d:8f:d0:43:43:
37:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:54:FC:B6:BC:C6:5F:44:50:85:60:16:1C:9B:1C:65:47:8C:42:7B
X509v3 Authority Key Identifier:
keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:8e:d6:5d:21:e6:99:aa:1a:9c:1d:4f:b2:69:f0:bf:e4:34:
72:00:f7:94:e1:c2:21:ec:33:a2:95:c8:04:79:b3:07:ce:45:
87:30:94:75:28:22:f4:1c:44:54:95:c4:7d:2e:69:4f:fe:e2:
11:6e:3b:1e:f6:29:80:66:84:b7:cb:ed:d7:09:4e:39:7b:d9:
1b:af:dd:dc:5b:e5:5d:08:f8:4b:e5:1c:cf:14:3c:72:8f:18:
61:02:42:8a:a4:7e:e8:60:9a:b3:6e:18:f4:ad:86:3c:c2:7d:
08:b2:5d:8d:c8:99:f5:cf:ea:09:f1:1d:e7:71:28:3b:0f:fa:
87:b3:5f:f6:0b:c4:a1:af:7a:14:99:28:42:a6:cc:1c:d1:6b:
c2:84:e6:ba:8e:08:c9:78:16:7b:45:5d:ed:3d:06:a8:0c:41:
91:06:82:c5:5f:d9:87:a9:51:33:22:49:5e:57:c6:5e:54:00:
c9:ef:4d:82:f6:97:09:e2:c6:18:7a:74:fa:46:d2:16:35:fe:
5a:e0:43:15:cb:4a:63:f2:d5:14:13:23:a0:11:42:46:b9:e2:
da:cc:52:1e:07:d4:ac:b1:3d:ba:2b:07:8e:f2:bb:86:08:f7:
0d:7e:32:7b:70:b7:12:7c:df:47:41:85:c8:21:44:e2:7e:ff:
dd:ea:80:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RTB3XuMiB3IklWQlQ7n9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5
OTE1OTAwHhcNMjUwNjI4MTYwMDU0WhcNMjUwNjI5MTYwMDU0WjAzMTEwLwYDVQQD
EygzNTU0ZmNiNmJjYzY1ZjQ0NTA4NTYwMTYxYzliMWM2NTQ3OGM0MjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvYsxo3K0jgS+VRyHTFsH30Xr72Z
K+IcWOOril/RDIbhopAu+zpVsNLd0A2xV5/ExtuiirLsu8hRlRZPlilR7g5tg+NZ
Z77kZ2cc8ogg6qpbcFzLNW/ZXYSMhUH8751TwFxhlP0yRMVY1miVR1hEtpmabrM3
f/1PZHVQmM7aH8TZuvsVQcyA3x87saaGrQ9NoM6xJRRQkP6VflZtf0Zz2QW/EXJy
+vn4R5FTUfJ0rF+por2K34vJYYS3tukJF4FyDMCAQhNsI8XgqYkzQLyzaeW+4WaJ
Xi+lzfV8cZo4jlb1XXN/UkSLBodS/BqDl/2m3RRUn217RfjbfY/QQ0M38QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDVU/La8xl9EUIVgFhybHGVHjEJ7MB8GA1UdIwQY
MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt
MTg5NDkwZDYwZWE2LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2
LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG47WXSHm
maoanB1Psmnwv+Q0cgD3lOHCIewzopXIBHmzB85FhzCUdSgi9BxEVJXEfS5pT/7i
EW47HvYpgGaEt8vt1wlOOXvZG6/d3FvlXQj4S+UczxQ8co8YYQJCiqR+6GCas24Y
9K2GPMJ9CLJdjciZ9c/qCfEd53EoOw/6h7Nf9gvEoa96FJkoQqbMHNFrwoTmuo4I
yXgWe0Vd7T0GqAxBkQaCxV/Zh6lRMyJJXlfGXlQAye9NgvaXCeLGGHp0+kbSFjX+
WuBDFctKY/LVFBMjoBFCRrni2sxSHgfUrLE9uisHjvK7hgj3DX4ye3C3EnzfR0GF
yCFE4n7/3eqATw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 19:26:15 2025 by rpki-client