Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.mft
File: OuAJYkeoxU5d6MGw2vEFSuyMxFA.mft (raw, json)
Hash identifier: EPqIIdR42hLHId3himsgOjacQJ+ojTAo8FF1h/18bvE=
Subject key identifier: A0:14:C1:7D:0F:D4:A9:BD:4F:7B:6B:02:15:84:9A:4E:EB:C1:34:48
Authority key identifier: 3A:E0:09:62:47:A8:C5:4E:5D:E8:C1:B0:DA:F1:05:4A:EC:8C:C4:50
Certificate issuer: /CN=3ae0096247a8c54e5de8c1b0daf1054aec8cc450
Certificate serial: 0197B6325E7BD1D22EBD8AC4361F3289F67A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OuAJYkeoxU5d6MGw2vEFSuyMxFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.mft
Manifest number: 15B3
Signing time: Sat 28 Jun 2025 11:00:43 +0000
Manifest this update: Sat 28 Jun 2025 11:00:43 +0000
Manifest next update: Sun 29 Jun 2025 11:00:43 +0000
Files and hashes: 1: 8b8hGUt6rzi1dlifxra-q3rgP6w.roa (hash: KASE+0wVItpUVcgXdu/CScsiZaEIchQxerFmFT5uHpo=)
2: OuAJYkeoxU5d6MGw2vEFSuyMxFA.crl (hash: 36Di4UTcvcORatNBgMKabkX6xuQdvCv67g1e+uUZDvY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OuAJYkeoxU5d6MGw2vEFSuyMxFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:32:5e:7b:d1:d2:2e:bd:8a:c4:36:1f:32:89:f6:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ae0096247a8c54e5de8c1b0daf1054aec8cc450
Validity
Not Before: Jun 28 11:00:43 2025 GMT
Not After : Jun 29 11:00:43 2025 GMT
Subject: CN=a014c17d0fd4a9bd4f7b6b0215849a4eebc13448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:51:54:74:dd:a6:54:a7:9f:ea:c0:f5:aa:48:
ce:29:bb:87:50:77:f9:eb:26:8c:fe:7b:f6:61:49:
24:90:06:13:f7:ce:43:85:3c:f1:db:f5:86:90:ab:
41:20:97:6e:fa:e1:15:f1:8f:b3:f8:75:65:ff:36:
16:cd:64:1b:a6:31:49:66:ea:c6:6b:6d:7f:38:7c:
2f:51:dd:7f:13:b2:f7:d8:a9:2d:80:87:62:44:07:
a3:a1:36:31:c6:e5:cb:9b:79:37:59:30:31:ba:75:
18:b4:a7:cd:73:71:aa:1f:6a:e6:34:4d:09:8a:0a:
78:42:00:45:1f:1e:59:2c:a3:86:df:5c:55:21:1f:
b8:5a:c6:8f:b0:b0:85:0c:34:74:8f:e0:1e:0e:c5:
47:00:00:87:df:d5:6d:77:03:f3:41:d7:b6:a9:de:
5f:6f:fe:6b:a2:6a:e6:72:a5:c2:a6:38:ba:51:29:
4a:31:78:7e:17:ea:bf:5c:fa:c8:ca:bd:fa:b5:74:
1e:d1:16:35:4a:4f:f4:19:9b:53:bc:4d:0a:49:50:
24:ea:00:4b:da:ed:d0:65:66:e0:f7:45:ec:1a:ed:
bd:5d:56:42:04:99:ef:09:54:93:05:e5:74:90:27:
da:b6:34:c0:c5:49:0c:e5:9d:33:00:7e:fd:da:a6:
b9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:14:C1:7D:0F:D4:A9:BD:4F:7B:6B:02:15:84:9A:4E:EB:C1:34:48
X509v3 Authority Key Identifier:
keyid:3A:E0:09:62:47:A8:C5:4E:5D:E8:C1:B0:DA:F1:05:4A:EC:8C:C4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OuAJYkeoxU5d6MGw2vEFSuyMxFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:4d:7d:80:67:01:af:dc:0f:09:87:8a:9f:6b:53:67:d7:01:
1f:30:5b:78:be:70:fe:11:ce:52:67:55:26:48:c3:20:ec:61:
cb:b2:f1:cc:45:3a:a3:a4:d7:c1:ad:fc:fc:0c:e1:99:ba:96:
5d:8a:f3:35:0e:90:a8:04:70:7d:94:c6:30:88:87:9a:10:0c:
86:7f:f6:37:e5:1a:cd:54:6d:5a:28:4d:c4:f2:5a:4f:8e:03:
ce:01:59:83:50:9e:a0:f9:f0:6d:c3:71:9a:8e:ac:a4:11:43:
3f:ae:76:0f:44:e4:fd:ee:83:67:97:91:03:86:94:d7:4b:dc:
51:c6:9f:c6:c1:c3:6d:2f:69:97:c4:f5:95:00:d6:a5:76:22:
4d:d5:da:48:98:9d:c6:d8:54:c0:f0:af:54:be:89:7d:0d:e4:
4d:1e:8e:32:8c:34:94:83:19:48:33:0a:50:7f:da:81:85:66:
c9:4c:82:aa:6f:fc:c1:3c:e4:28:6f:c1:f4:74:37:90:f0:9d:
09:8c:8f:fe:27:d7:79:02:b1:e3:e0:f1:35:21:60:b4:02:34:
c4:0d:c4:a9:af:ff:45:95:4a:ae:c5:1a:69:a3:d6:01:68:47:
fa:52:33:46:81:6d:f6:2c:b7:fa:2b:22:43:f9:86:8b:03:9a:
c3:60:ac:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2Ml570dIuvYrENh8yifZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZTAwOTYyNDdhOGM1NGU1ZGU4YzFiMGRhZjEwNTRhZWM4
Y2M0NTAwHhcNMjUwNjI4MTEwMDQzWhcNMjUwNjI5MTEwMDQzWjAzMTEwLwYDVQQD
EyhhMDE0YzE3ZDBmZDRhOWJkNGY3YjZiMDIxNTg0OWE0ZWViYzEzNDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FFUdN2mVKef6sD1qkjOKbuHUHf5
6yaM/nv2YUkkkAYT985DhTzx2/WGkKtBIJdu+uEV8Y+z+HVl/zYWzWQbpjFJZurG
a21/OHwvUd1/E7L32KktgIdiRAejoTYxxuXLm3k3WTAxunUYtKfNc3GqH2rmNE0J
igp4QgBFHx5ZLKOG31xVIR+4WsaPsLCFDDR0j+AeDsVHAACH39VtdwPzQde2qd5f
b/5romrmcqXCpji6USlKMXh+F+q/XPrIyr36tXQe0RY1Sk/0GZtTvE0KSVAk6gBL
2u3QZWbg90XsGu29XVZCBJnvCVSTBeV0kCfatjTAxUkM5Z0zAH792qa5pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAUwX0P1Km9T3trAhWEmk7rwTRIMB8GA1UdIwQY
MBaAFDrgCWJHqMVOXejBsNrxBUrsjMRQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3VBSllrZW94VTVkNk1HdzJ2RUZTdXlNeEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wYWE0OTQtOTMwOC00N2VlLWE4MDgt
Yjk3MjIxNDQ1MTNmLzEvT3VBSllrZW94VTVkNk1HdzJ2RUZTdXlNeEZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wYWE0OTQtOTMwOC00N2VlLWE4MDgtYjk3MjIxNDQ1MTNm
LzEvT3VBSllrZW94VTVkNk1HdzJ2RUZTdXlNeEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ019gGcB
r9wPCYeKn2tTZ9cBHzBbeL5w/hHOUmdVJkjDIOxhy7LxzEU6o6TXwa38/AzhmbqW
XYrzNQ6QqARwfZTGMIiHmhAMhn/2N+UazVRtWihNxPJaT44DzgFZg1CeoPnwbcNx
mo6spBFDP652D0Tk/e6DZ5eRA4aU10vcUcafxsHDbS9pl8T1lQDWpXYiTdXaSJid
xthUwPCvVL6JfQ3kTR6OMow0lIMZSDMKUH/agYVmyUyCqm/8wTzkKG/B9HQ3kPCd
CYyP/ifXeQKx4+DxNSFgtAI0xA3Eqa//RZVKrsUaaaPWAWhH+lIzRoFt9iy3+isi
Q/mGiwOaw2CsfA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:12:06 2025 by rpki-client