Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/394d07-05cc-4f72-bd46-289696cc99b9/1/o8-bZGUWkotdBsKoGestvA_pkgo.mft
File: o8-bZGUWkotdBsKoGestvA_pkgo.mft (raw, json)
Hash identifier: B5W3t/pR/rzvkZdWj/i8ncXL/9UM8wtPtNCgGqbRT5E=
Subject key identifier: 64:2D:89:D2:5A:62:F5:B1:E2:72:26:B6:9C:DF:7C:7D:D4:66:CD:16
Authority key identifier: A3:CF:9B:64:65:16:92:8B:5D:06:C2:A8:19:EB:2D:BC:0F:E9:92:0A
Certificate issuer: /CN=a3cf9b646516928b5d06c2a819eb2dbc0fe9920a
Certificate serial: 0198277E2E0DF50A7C1C6584C96B3CBBCF21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o8-bZGUWkotdBsKoGestvA_pkgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/394d07-05cc-4f72-bd46-289696cc99b9/1/o8-bZGUWkotdBsKoGestvA_pkgo.mft
Manifest number: 42
Signing time: Sun 20 Jul 2025 11:00:37 +0000
Manifest this update: Sun 20 Jul 2025 11:00:37 +0000
Manifest next update: Mon 21 Jul 2025 11:00:37 +0000
Files and hashes: 1: X-QlQ7J2mkMQ7aCqISeZm-0GPp8.roa (hash: tcckn5v078MeQtwYD02YyKajWXUMPOWsBI1IguOQcTI=)
2: o8-bZGUWkotdBsKoGestvA_pkgo.crl (hash: zduN03i0OqE7/HdxzOPO+6KGjNU9yd0YhQJi9Zpwgzo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/394d07-05cc-4f72-bd46-289696cc99b9/1/o8-bZGUWkotdBsKoGestvA_pkgo.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/394d07-05cc-4f72-bd46-289696cc99b9/1/o8-bZGUWkotdBsKoGestvA_pkgo.mft
rsync://rpki.ripe.net/repository/DEFAULT/o8-bZGUWkotdBsKoGestvA_pkgo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 11:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:27:7e:2e:0d:f5:0a:7c:1c:65:84:c9:6b:3c:bb:cf:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3cf9b646516928b5d06c2a819eb2dbc0fe9920a
Validity
Not Before: Jul 20 11:00:37 2025 GMT
Not After : Jul 21 11:00:37 2025 GMT
Subject: CN=642d89d25a62f5b1e27226b69cdf7c7dd466cd16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:98:6e:df:f0:d5:6b:c7:11:03:8a:72:c5:ad:
e8:6e:35:fb:aa:48:6a:e5:8f:6d:be:07:be:fa:e0:
69:c4:d0:e1:0a:3d:3e:fb:52:4d:e6:39:78:9e:9f:
ef:23:fa:68:7f:61:1c:66:3c:90:62:f4:21:0f:71:
13:db:f5:93:9a:45:fb:d0:bb:c2:4d:9c:29:72:65:
03:b5:b1:6c:00:89:d6:ba:ce:77:f3:ec:45:51:50:
cc:fe:aa:5e:15:38:00:2d:45:4b:b1:0e:e1:52:ec:
ee:c2:a2:7a:eb:e3:c0:ff:f5:47:29:1d:e5:96:0a:
dc:71:aa:a2:73:7a:57:7a:35:35:ed:99:9f:4d:3e:
eb:26:28:47:2c:7b:e1:8a:76:92:6b:f1:1c:8d:1d:
55:22:96:f7:87:6e:35:b9:bc:47:40:5d:fa:e6:f1:
db:0d:26:77:5a:18:7b:ce:88:06:d8:de:6b:c7:87:
a6:57:73:a8:e2:c1:f0:21:f8:45:05:8c:36:b5:6e:
c5:c4:9d:63:63:11:12:e6:24:d7:77:5d:1a:b3:23:
15:36:6f:8f:f5:ca:56:b9:1a:33:ac:5e:74:55:7d:
4c:84:32:2b:8d:79:d2:97:21:8f:74:22:65:29:d9:
73:4b:4b:d9:97:d2:ae:c9:1d:f9:e2:8e:08:b7:4b:
9a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:2D:89:D2:5A:62:F5:B1:E2:72:26:B6:9C:DF:7C:7D:D4:66:CD:16
X509v3 Authority Key Identifier:
keyid:A3:CF:9B:64:65:16:92:8B:5D:06:C2:A8:19:EB:2D:BC:0F:E9:92:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8-bZGUWkotdBsKoGestvA_pkgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/394d07-05cc-4f72-bd46-289696cc99b9/1/o8-bZGUWkotdBsKoGestvA_pkgo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/394d07-05cc-4f72-bd46-289696cc99b9/1/o8-bZGUWkotdBsKoGestvA_pkgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:4c:1b:ed:39:ce:83:3b:c6:d7:81:41:9f:7e:fb:c9:fe:75:
ca:ba:fb:bf:c8:d4:13:e3:16:6b:db:56:93:0e:38:44:d8:61:
f4:27:3f:9b:f4:75:e0:1f:b8:40:7c:06:5a:e9:68:4c:4e:04:
6a:a0:36:5c:13:16:b7:78:dd:e2:f5:5a:4a:9b:d7:9b:75:09:
36:fe:b4:8f:7c:2b:4b:e8:8c:5b:3e:7f:2a:42:3b:b7:37:46:
56:30:13:f3:de:7c:19:5b:d4:87:e0:11:71:23:97:37:b9:ef:
30:e7:af:e7:95:21:30:7c:74:dd:5e:70:3a:4c:17:5d:34:3a:
d9:c4:1b:b6:fb:9d:4f:9c:4e:9e:87:e5:59:c8:44:41:f7:a8:
45:cc:02:7b:86:f8:8d:88:be:8c:a9:f8:07:74:20:ba:a3:c9:
6e:ad:5d:37:02:7f:19:3f:e4:9b:b3:cd:22:7b:42:fb:22:1f:
4e:4c:60:97:29:f8:13:7e:30:e5:f5:23:ad:3f:1b:87:f7:36:
f0:de:fa:d6:10:65:f7:74:10:5a:f7:63:4b:5e:f0:c5:3c:14:
d3:d5:d1:0b:8d:c4:a1:2e:cf:36:58:57:14:f1:b0:57:03:eb:
7b:c7:17:a8:c5:fd:89:95:7c:f6:bf:85:05:22:6e:59:1d:15:
69:ff:aa:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZgnfi4N9Qp8HGWEyWs8u88hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzY2Y5YjY0NjUxNjkyOGI1ZDA2YzJhODE5ZWIyZGJjMGZl
OTkyMGEwHhcNMjUwNzIwMTEwMDM3WhcNMjUwNzIxMTEwMDM3WjAzMTEwLwYDVQQD
Eyg2NDJkODlkMjVhNjJmNWIxZTI3MjI2YjY5Y2RmN2M3ZGQ0NjZjZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhphu3/DVa8cRA4pyxa3objX7qkhq
5Y9tvge++uBpxNDhCj0++1JN5jl4np/vI/pof2EcZjyQYvQhD3ET2/WTmkX70LvC
TZwpcmUDtbFsAInWus538+xFUVDM/qpeFTgALUVLsQ7hUuzuwqJ66+PA//VHKR3l
lgrccaqic3pXejU17ZmfTT7rJihHLHvhinaSa/EcjR1VIpb3h241ubxHQF365vHb
DSZ3Whh7zogG2N5rx4emV3Oo4sHwIfhFBYw2tW7FxJ1jYxES5iTXd10asyMVNm+P
9cpWuRozrF50VX1MhDIrjXnSlyGPdCJlKdlzS0vZl9KuyR354o4It0ua1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGQtidJaYvWx4nImtpzffH3UZs0WMB8GA1UdIwQY
MBaAFKPPm2RlFpKLXQbCqBnrLbwP6ZIKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzgtYlpHVVdrb3RkQnNLb0dlc3R2QV9wa2dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zOTRkMDctMDVjYy00ZjcyLWJkNDYt
Mjg5Njk2Y2M5OWI5LzEvbzgtYlpHVVdrb3RkQnNLb0dlc3R2QV9wa2dvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zOTRkMDctMDVjYy00ZjcyLWJkNDYtMjg5Njk2Y2M5OWI5
LzEvbzgtYlpHVVdrb3RkQnNLb0dlc3R2QV9wa2dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIUwb7TnO
gzvG14FBn377yf51yrr7v8jUE+MWa9tWkw44RNhh9Cc/m/R14B+4QHwGWuloTE4E
aqA2XBMWt3jd4vVaSpvXm3UJNv60j3wrS+iMWz5/KkI7tzdGVjAT8958GVvUh+AR
cSOXN7nvMOev55UhMHx03V5wOkwXXTQ62cQbtvudT5xOnoflWchEQfeoRcwCe4b4
jYi+jKn4B3QguqPJbq1dNwJ/GT/km7PNIntC+yIfTkxglyn4E34w5fUjrT8bh/c2
8N761hBl93QQWvdjS17wxTwU09XRC43EoS7PNlhXFPGwVwPre8cXqMX9iZV89r+F
BSJuWR0Vaf+q4g==
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:27:15 2025 by rpki-client