Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.mft
File: oFa0I4Othizmo3StLKbTbCVNx7E.mft (raw, json)
Hash identifier: ti7tuv7TKQuXRVWEjMjaBS4CYwFRlmLmuXPLSxRgf5g=
Subject key identifier: E3:BA:FD:D1:F0:CF:67:85:DC:0C:F0:02:52:65:0D:75:69:47:FD:DA
Authority key identifier: A0:56:B4:23:83:AD:86:2C:E6:A3:74:AD:2C:A6:D3:6C:25:4D:C7:B1
Certificate issuer: /CN=a056b42383ad862ce6a374ad2ca6d36c254dc7b1
Certificate serial: 0197B7B338B82053B677258558148FF29C79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oFa0I4Othizmo3StLKbTbCVNx7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.mft
Manifest number: 14DA
Signing time: Sat 28 Jun 2025 18:01:05 +0000
Manifest this update: Sat 28 Jun 2025 18:01:05 +0000
Manifest next update: Sun 29 Jun 2025 18:01:05 +0000
Files and hashes: 1: 4GMh7fIw13Bz3DUcceuO2FBtK6M.roa (hash: E9IDQ7QjcqjZJIn5bDeaHNVCqS2wv2WqYXLU0FEPSXU=)
2: XJGEpCzB4loh5ef0k98ZvXtkA5A.roa (hash: ln2eCgW4Lb0/Z2WnRMYRLGIC+qtaz3YxPhhlJZ12csI=)
3: oFa0I4Othizmo3StLKbTbCVNx7E.crl (hash: J/fiLJtd2J1Q5ksTlJLBK0giEhfKXG8XdBdye1EF3bk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/oFa0I4Othizmo3StLKbTbCVNx7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:b3:38:b8:20:53:b6:77:25:85:58:14:8f:f2:9c:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a056b42383ad862ce6a374ad2ca6d36c254dc7b1
Validity
Not Before: Jun 28 18:01:05 2025 GMT
Not After : Jun 29 18:01:05 2025 GMT
Subject: CN=e3bafdd1f0cf6785dc0cf00252650d756947fdda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:59:04:8f:9d:c2:d3:aa:02:e1:f2:ea:76:94:
90:bc:21:15:f3:be:13:9d:96:a4:b9:d9:6f:d3:e2:
c7:f6:48:84:c9:a2:c9:d1:68:89:f2:0b:6f:c0:06:
45:1b:fb:12:ce:39:1e:ba:71:76:24:d9:a1:64:92:
eb:a3:0e:f5:4d:2f:97:3e:32:b5:00:be:05:e1:fb:
ab:ea:37:14:74:50:eb:6d:2f:28:b8:f6:30:3d:ed:
98:64:a1:db:b6:18:1f:f7:62:5d:23:4e:3f:37:17:
37:e4:f3:85:4c:74:9d:e8:c7:a6:9e:6a:bd:11:a2:
91:19:8e:6d:46:1c:76:87:61:dc:62:eb:a9:75:6c:
7f:63:96:82:b3:2d:01:91:81:d0:c2:e4:08:86:5a:
66:e8:60:2d:58:16:e1:8e:71:31:7b:7d:e0:9d:42:
bd:59:bb:95:c6:c2:c4:ab:8b:22:16:e2:dd:bd:b9:
70:2e:47:90:c5:0c:ca:30:fc:6c:ec:5b:76:55:f9:
f9:32:1a:25:b5:f9:89:d2:f7:a3:db:ce:dd:ec:79:
90:fa:54:6c:c6:b1:00:96:22:72:23:b6:ab:fe:26:
a5:99:10:bb:17:c2:4a:01:02:f8:47:33:2f:f2:24:
21:81:44:e3:47:49:1f:20:3f:71:15:30:a0:f9:87:
dd:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:BA:FD:D1:F0:CF:67:85:DC:0C:F0:02:52:65:0D:75:69:47:FD:DA
X509v3 Authority Key Identifier:
keyid:A0:56:B4:23:83:AD:86:2C:E6:A3:74:AD:2C:A6:D3:6C:25:4D:C7:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oFa0I4Othizmo3StLKbTbCVNx7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c2:2f:b3:56:5f:21:1a:19:6b:71:10:0f:00:dc:f8:78:2b:34:
bf:4b:33:06:18:84:2c:81:b0:68:59:19:3a:7f:b2:b1:95:5a:
9c:0b:fe:df:19:50:74:b1:6f:dd:b8:ca:3f:d2:76:86:0d:75:
64:56:2f:a6:24:64:82:b3:34:ff:6c:44:f7:b8:77:f5:bb:3d:
6b:54:48:ea:1d:5e:82:08:61:b1:cb:26:74:a6:0c:bf:14:70:
4f:ec:f3:87:eb:c3:62:04:6a:28:cc:ce:86:aa:15:5d:09:93:
f4:f0:5c:e2:db:9a:bc:d7:30:c6:85:20:69:91:a4:af:79:22:
d4:06:cf:02:d3:e2:5c:3f:2e:22:ef:06:c0:c2:96:9f:38:4c:
51:01:87:28:7f:c6:f4:0d:fc:dd:1d:cf:d2:9c:ae:26:b1:05:
8d:9a:89:82:a9:90:cd:bc:b5:33:29:31:c8:7f:a9:42:f7:1d:
97:7d:c7:ce:41:34:77:19:92:11:e1:5d:02:ae:62:c3:d0:64:
71:00:01:02:72:3e:7a:b2:7a:3b:7e:31:e4:eb:c4:81:1f:14:
99:5a:41:68:5d:4a:04:4f:6f:44:18:3d:3d:54:4d:53:29:fb:
ba:69:aa:22:1d:a5:89:ad:0e:eb:62:71:95:de:c9:51:62:34:
b7:90:44:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3szi4IFO2dyWFWBSP8px5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNTZiNDIzODNhZDg2MmNlNmEzNzRhZDJjYTZkMzZjMjU0
ZGM3YjEwHhcNMjUwNjI4MTgwMTA1WhcNMjUwNjI5MTgwMTA1WjAzMTEwLwYDVQQD
EyhlM2JhZmRkMWYwY2Y2Nzg1ZGMwY2YwMDI1MjY1MGQ3NTY5NDdmZGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1kEj53C06oC4fLqdpSQvCEV874T
nZakudlv0+LH9kiEyaLJ0WiJ8gtvwAZFG/sSzjkeunF2JNmhZJLrow71TS+XPjK1
AL4F4fur6jcUdFDrbS8ouPYwPe2YZKHbthgf92JdI04/Nxc35POFTHSd6Memnmq9
EaKRGY5tRhx2h2HcYuupdWx/Y5aCsy0BkYHQwuQIhlpm6GAtWBbhjnExe33gnUK9
WbuVxsLEq4siFuLdvblwLkeQxQzKMPxs7Ft2Vfn5MholtfmJ0vej287d7HmQ+lRs
xrEAliJyI7ar/ialmRC7F8JKAQL4RzMv8iQhgUTjR0kfID9xFTCg+Yfd+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOO6/dHwz2eF3AzwAlJlDXVpR/3aMB8GA1UdIwQY
MBaAFKBWtCODrYYs5qN0rSym02wlTcexMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0ZhMEk0T3RoaXptbzNTdExLYlRiQ1ZOeDdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8zZThkY2MtYTc2NC00NGJlLWI1MDct
OWIzZGQ0MTdjMzA4LzEvb0ZhMEk0T3RoaXptbzNTdExLYlRiQ1ZOeDdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8zZThkY2MtYTc2NC00NGJlLWI1MDctOWIzZGQ0MTdjMzA4
LzEvb0ZhMEk0T3RoaXptbzNTdExLYlRiQ1ZOeDdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwi+zVl8h
GhlrcRAPANz4eCs0v0szBhiELIGwaFkZOn+ysZVanAv+3xlQdLFv3bjKP9J2hg11
ZFYvpiRkgrM0/2xE97h39bs9a1RI6h1egghhscsmdKYMvxRwT+zzh+vDYgRqKMzO
hqoVXQmT9PBc4tuavNcwxoUgaZGkr3ki1AbPAtPiXD8uIu8GwMKWnzhMUQGHKH/G
9A383R3P0pyuJrEFjZqJgqmQzby1MykxyH+pQvcdl33HzkE0dxmSEeFdAq5iw9Bk
cQABAnI+erJ6O34x5OvEgR8UmVpBaF1KBE9vRBg9PVRNUyn7ummqIh2lia0O62Jx
ld7JUWI0t5BEwA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 22:20:47 2025 by rpki-client