Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.mft
File: OuAJYkeoxU5d6MGw2vEFSuyMxFA.mft (raw, json)
Hash identifier: DUNWY4XlmBcy5Msur1H3kqSi2ueh3ErWf7NeXfXZeYI=
Subject key identifier: 99:38:EF:DA:71:65:A2:08:73:A2:88:8E:00:F5:ED:C8:8E:AD:64:9A
Authority key identifier: 3A:E0:09:62:47:A8:C5:4E:5D:E8:C1:B0:DA:F1:05:4A:EC:8C:C4:50
Certificate issuer: /CN=3ae0096247a8c54e5de8c1b0daf1054aec8cc450
Certificate serial: 0198D5F11D39AFE3643DC8E89144CADAFA12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OuAJYkeoxU5d6MGw2vEFSuyMxFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.mft
Manifest number: 1648
Signing time: Sat 23 Aug 2025 08:00:05 +0000
Manifest this update: Sat 23 Aug 2025 08:00:05 +0000
Manifest next update: Sun 24 Aug 2025 08:00:05 +0000
Files and hashes: 1: 8b8hGUt6rzi1dlifxra-q3rgP6w.roa (hash: KASE+0wVItpUVcgXdu/CScsiZaEIchQxerFmFT5uHpo=)
2: OuAJYkeoxU5d6MGw2vEFSuyMxFA.crl (hash: S30UfCStOBbb/ygY1Ge+Rs8Jg08EJVrt1lGTTNn1COw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OuAJYkeoxU5d6MGw2vEFSuyMxFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:f1:1d:39:af:e3:64:3d:c8:e8:91:44:ca:da:fa:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ae0096247a8c54e5de8c1b0daf1054aec8cc450
Validity
Not Before: Aug 23 08:00:05 2025 GMT
Not After : Aug 24 08:00:05 2025 GMT
Subject: CN=9938efda7165a20873a2888e00f5edc88ead649a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a3:25:9e:2a:99:77:6c:2b:b4:76:15:9b:a6:
d1:06:46:09:c4:7d:9a:6f:6f:47:6f:bd:3a:7f:b0:
8a:ee:86:c5:5a:10:47:31:30:1a:a9:3e:ca:1a:bd:
46:cc:4d:ae:8e:1d:bb:77:25:b0:f9:ca:cc:bd:d9:
ae:30:ca:c0:e6:80:e3:44:72:af:6c:4f:f5:4c:4e:
bd:80:3b:ee:a4:4b:51:85:4c:26:f0:b1:72:97:2b:
04:05:7e:3b:2e:a6:ee:92:a7:24:bd:10:48:0b:8b:
d3:8c:72:00:ff:73:0b:99:5b:95:65:cc:f6:07:fc:
e8:1e:76:38:1a:7b:18:11:9f:1b:24:d4:0f:09:75:
4a:35:e3:22:3f:25:c2:5a:08:d3:4b:ac:34:a8:d1:
ec:4a:85:92:0f:f0:19:f5:23:86:f2:ae:2a:6a:9a:
7e:7d:10:9e:a5:eb:09:f5:f8:01:6d:92:aa:25:e4:
83:e9:32:9a:03:9f:55:9c:92:c0:f1:15:b5:47:8b:
92:e2:9f:15:1d:7f:f0:ff:f4:d6:2d:5b:e5:0d:4f:
82:b1:d4:85:d5:66:2c:9a:57:15:8c:62:08:e9:98:
2c:73:17:56:ae:dd:cc:a9:b8:00:a9:b1:05:98:ea:
22:45:44:a8:cc:c4:53:66:cf:2d:02:3c:70:1d:5b:
a4:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:38:EF:DA:71:65:A2:08:73:A2:88:8E:00:F5:ED:C8:8E:AD:64:9A
X509v3 Authority Key Identifier:
keyid:3A:E0:09:62:47:A8:C5:4E:5D:E8:C1:B0:DA:F1:05:4A:EC:8C:C4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OuAJYkeoxU5d6MGw2vEFSuyMxFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:90:e3:96:ba:bc:59:93:c3:e1:d1:f9:ef:cb:07:35:9d:44:
33:f1:5b:5b:ac:07:12:d6:a6:ee:ed:c1:47:a8:cc:63:54:0e:
b7:92:50:99:0f:6a:dd:11:96:74:a9:1d:9a:c7:98:a0:a8:5a:
5a:74:d4:20:64:ec:87:37:ab:ee:f3:a6:47:06:b9:f9:99:29:
ed:38:13:96:a7:01:31:8c:02:25:7a:9b:82:f5:1d:96:4e:fb:
97:6e:88:7e:11:db:78:f2:6a:35:10:83:27:4a:f3:f5:98:dc:
da:25:d9:ec:49:c8:3a:70:c2:89:a5:ec:95:78:ba:b4:c5:5d:
d0:27:e6:0f:00:e6:51:ce:b2:45:cc:83:71:14:94:15:da:ca:
88:21:d9:52:1c:4d:20:af:3b:a9:e8:80:e9:90:1c:f3:35:6e:
0d:97:a8:89:e4:fb:28:e9:b6:80:68:68:da:ef:c8:dc:66:60:
f8:3c:dc:33:60:f1:f6:46:7e:a3:4b:7e:5c:4d:ab:e0:df:aa:
36:a9:70:a0:ca:40:10:29:31:05:2f:bb:b5:fe:71:9f:b3:4c:
e5:19:65:c7:88:59:47:fb:84:b1:fa:d5:a5:b2:7b:04:c3:90:
8d:ff:59:5d:42:1e:26:a3:e2:f1:0b:f3:71:1e:0f:c1:37:ec:
c2:1f:8b:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8R05r+NkPcjokUTK2voSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZTAwOTYyNDdhOGM1NGU1ZGU4YzFiMGRhZjEwNTRhZWM4
Y2M0NTAwHhcNMjUwODIzMDgwMDA1WhcNMjUwODI0MDgwMDA1WjAzMTEwLwYDVQQD
Eyg5OTM4ZWZkYTcxNjVhMjA4NzNhMjg4OGUwMGY1ZWRjODhlYWQ2NDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKMlniqZd2wrtHYVm6bRBkYJxH2a
b29Hb706f7CK7obFWhBHMTAaqT7KGr1GzE2ujh27dyWw+crMvdmuMMrA5oDjRHKv
bE/1TE69gDvupEtRhUwm8LFylysEBX47LqbukqckvRBIC4vTjHIA/3MLmVuVZcz2
B/zoHnY4GnsYEZ8bJNQPCXVKNeMiPyXCWgjTS6w0qNHsSoWSD/AZ9SOG8q4qapp+
fRCepesJ9fgBbZKqJeSD6TKaA59VnJLA8RW1R4uS4p8VHX/w//TWLVvlDU+CsdSF
1WYsmlcVjGII6ZgscxdWrt3MqbgAqbEFmOoiRUSozMRTZs8tAjxwHVuk7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJk479pxZaIIc6KIjgD17ciOrWSaMB8GA1UdIwQY
MBaAFDrgCWJHqMVOXejBsNrxBUrsjMRQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3VBSllrZW94VTVkNk1HdzJ2RUZTdXlNeEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wYWE0OTQtOTMwOC00N2VlLWE4MDgt
Yjk3MjIxNDQ1MTNmLzEvT3VBSllrZW94VTVkNk1HdzJ2RUZTdXlNeEZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wYWE0OTQtOTMwOC00N2VlLWE4MDgtYjk3MjIxNDQ1MTNm
LzEvT3VBSllrZW94VTVkNk1HdzJ2RUZTdXlNeEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZpDjlrq8
WZPD4dH578sHNZ1EM/FbW6wHEtam7u3BR6jMY1QOt5JQmQ9q3RGWdKkdmseYoKha
WnTUIGTshzer7vOmRwa5+Zkp7TgTlqcBMYwCJXqbgvUdlk77l26IfhHbePJqNRCD
J0rz9Zjc2iXZ7EnIOnDCiaXslXi6tMVd0CfmDwDmUc6yRcyDcRSUFdrKiCHZUhxN
IK87qeiA6ZAc8zVuDZeoieT7KOm2gGho2u/I3GZg+DzcM2Dx9kZ+o0t+XE2r4N+q
NqlwoMpAECkxBS+7tf5xn7NM5Rllx4hZR/uEsfrVpbJ7BMOQjf9ZXUIeJqPi8Qvz
cR4PwTfswh+Lxg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:44:16 2025 by rpki-client