Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
File: 1OKXHl2BaclArwINsCe-2tiZFZA.mft (raw, json)
Hash identifier: +zdg0jnYmlQHBbeJuX/DBIa1kOGo19fQ38xkQp2lpNg=
Subject key identifier: 5B:19:E2:15:DC:DB:3A:5C:E3:63:92:67:99:34:B2:A4:B0:EC:D2:73
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial: 0198D515D8895C05A1C09C5FC711DF2E6EDE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
Manifest number: 164D
Signing time: Sat 23 Aug 2025 04:00:35 +0000
Manifest this update: Sat 23 Aug 2025 04:00:35 +0000
Manifest next update: Sun 24 Aug 2025 04:00:35 +0000
Files and hashes: 1: 1OKXHl2BaclArwINsCe-2tiZFZA.crl (hash: Gsz2xPAo52t2C5W4xpSFUSXX2KIgvXMIoVjF/D/evDA=)
2: JSqJ02JsxZMyq1FZ1Ds1WnAXfzM.roa (hash: FrjQUqzgc9bbbA26gpxWpuyB85Zjnu+GzKv9yBO8vww=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 04:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:15:d8:89:5c:05:a1:c0:9c:5f:c7:11:df:2e:6e:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
Validity
Not Before: Aug 23 04:00:35 2025 GMT
Not After : Aug 24 04:00:35 2025 GMT
Subject: CN=5b19e215dcdb3a5ce36392679934b2a4b0ecd273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:12:3f:5e:d9:63:59:99:cd:c2:8c:8d:c2:bd:
d3:58:98:ce:72:f0:b1:f6:63:de:bc:61:b4:ea:fe:
c3:f3:3e:fc:fd:b3:ae:cc:e1:cc:39:e9:10:a1:69:
69:28:f5:d9:a6:83:49:8d:6b:b1:b7:68:5c:a8:12:
cd:fb:96:97:ab:a7:bf:b6:d0:d0:22:46:8b:52:17:
f5:61:6f:51:76:62:ce:6e:0f:91:2f:60:a5:a8:12:
e3:98:77:81:05:a6:65:c2:ee:93:87:92:e8:e5:f8:
0d:05:b6:52:ff:b4:49:ec:d2:1b:50:66:8f:c9:1c:
ad:f8:39:26:6c:25:b2:5b:ef:52:fe:0e:9b:60:76:
d8:c2:e8:8b:26:8b:6f:a0:32:1b:cf:d7:68:58:31:
dd:f4:82:4a:b1:08:b6:4b:5d:b1:46:0d:90:02:8b:
10:3a:f8:0c:fc:14:77:b4:fd:4c:99:2a:d4:54:c1:
cd:1a:af:9a:39:b8:30:00:18:01:05:43:7f:8f:c3:
e4:a6:96:4d:40:35:aa:e4:42:52:d1:57:7f:93:72:
77:c4:ff:91:3c:d3:65:df:1a:ef:d9:d4:32:4b:01:
09:9e:16:97:a0:b4:b5:e8:03:42:bd:ea:d4:74:f7:
44:18:ae:90:fa:8c:ac:f5:f8:f1:5e:c1:1b:02:c7:
3b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:19:E2:15:DC:DB:3A:5C:E3:63:92:67:99:34:B2:A4:B0:EC:D2:73
X509v3 Authority Key Identifier:
keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:cf:b2:b5:bc:4b:fc:29:16:62:28:9c:0a:d8:15:01:11:59:
f7:4a:db:ef:30:17:50:87:54:cd:b6:8e:af:28:83:f5:8f:87:
25:59:b7:47:0e:7c:93:f6:f4:01:52:53:39:e1:d4:ba:e3:3b:
be:6e:e2:6f:36:03:30:e4:fa:43:bc:4a:ae:be:e4:7c:01:a7:
85:d8:11:25:7e:8f:21:cd:9a:04:ca:3b:ed:90:65:8c:c3:3a:
be:3f:25:68:56:a8:33:85:9f:12:cc:ff:58:4e:14:68:20:ed:
c8:82:50:27:81:55:57:29:d7:cc:ed:d8:3f:1c:c4:a6:91:fa:
ca:4d:b5:64:3b:e5:df:34:9a:40:22:74:d1:fa:32:cc:8c:88:
bc:5d:f9:59:07:cd:3b:69:f6:0b:13:11:ad:17:85:41:5e:d9:
d5:2f:b4:8d:07:81:c9:e5:89:27:85:cf:90:18:01:2b:9c:41:
35:60:08:66:23:48:a3:5c:6c:c4:80:46:2e:3e:fa:57:8c:a8:
1a:ec:da:e2:2d:61:77:b6:48:2b:85:c8:46:37:fa:f3:22:59:
b5:a3:e9:bc:d1:b1:0d:48:15:ed:be:f0:63:cc:bf:68:0d:ba:
8f:76:f3:e8:c9:8c:aa:9e:c4:72:97:8f:c7:93:b0:b4:34:0a:
1c:dc:50:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFdiJXAWhwJxfxxHfLm7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5
OTE1OTAwHhcNMjUwODIzMDQwMDM1WhcNMjUwODI0MDQwMDM1WjAzMTEwLwYDVQQD
Eyg1YjE5ZTIxNWRjZGIzYTVjZTM2MzkyNjc5OTM0YjJhNGIwZWNkMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxI/XtljWZnNwoyNwr3TWJjOcvCx
9mPevGG06v7D8z78/bOuzOHMOekQoWlpKPXZpoNJjWuxt2hcqBLN+5aXq6e/ttDQ
IkaLUhf1YW9RdmLObg+RL2ClqBLjmHeBBaZlwu6Th5Lo5fgNBbZS/7RJ7NIbUGaP
yRyt+DkmbCWyW+9S/g6bYHbYwuiLJotvoDIbz9doWDHd9IJKsQi2S12xRg2QAosQ
OvgM/BR3tP1MmSrUVMHNGq+aObgwABgBBUN/j8PkppZNQDWq5EJS0Vd/k3J3xP+R
PNNl3xrv2dQySwEJnhaXoLS16ANCverUdPdEGK6Q+oys9fjxXsEbAsc75wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFsZ4hXc2zpc42OSZ5k0sqSw7NJzMB8GA1UdIwQY
MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt
MTg5NDkwZDYwZWE2LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2
LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoM+ytbxL
/CkWYiicCtgVARFZ90rb7zAXUIdUzbaOryiD9Y+HJVm3Rw58k/b0AVJTOeHUuuM7
vm7ibzYDMOT6Q7xKrr7kfAGnhdgRJX6PIc2aBMo77ZBljMM6vj8laFaoM4WfEsz/
WE4UaCDtyIJQJ4FVVynXzO3YPxzEppH6yk21ZDvl3zSaQCJ00foyzIyIvF35WQfN
O2n2CxMRrReFQV7Z1S+0jQeByeWJJ4XPkBgBK5xBNWAIZiNIo1xsxIBGLj76V4yo
Guza4i1hd7ZIK4XIRjf68yJZtaPpvNGxDUgV7b7wY8y/aA26j3bz6MmMqp7EcpeP
x5OwtDQKHNxQ9A==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:49:46 2025 by rpki-client