Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
File: o3U2my1LsuLe3maGRTE-NE5vHMA.mft (raw, json)
Hash identifier: MQAEwNOiQuNSRIeZTMLjpdiJVYNF89Wo1tTjOrGAD6k=
Subject key identifier: B8:B6:5B:97:52:6C:74:2C:8A:19:FF:CC:FD:9B:DE:5E:C4:0A:51:4F
Authority key identifier: A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
Certificate issuer: /CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Certificate serial: 01975CB7EFA227D980AC2E310C4B670C6541
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
Manifest number: 158A
Signing time: Wed 11 Jun 2025 02:00:47 +0000
Manifest this update: Wed 11 Jun 2025 02:00:47 +0000
Manifest next update: Thu 12 Jun 2025 02:00:47 +0000
Files and hashes: 1: DyAD9klcag15NhnplKEMXi8dKqg.roa (hash: Zvr5j/JLyl2kQb4eL63NQCTsndBLbuYPjEiWULmfej8=)
2: o3U2my1LsuLe3maGRTE-NE5vHMA.crl (hash: WJD5j2Ez/PdvwD+B1O/iX+BfrFmZKshHzTA6eefbdps=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Jun 2025 02:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5c:b7:ef:a2:27:d9:80:ac:2e:31:0c:4b:67:0c:65:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Validity
Not Before: Jun 11 02:00:47 2025 GMT
Not After : Jun 12 02:00:47 2025 GMT
Subject: CN=b8b65b97526c742c8a19ffccfd9bde5ec40a514f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:0b:b7:72:55:98:19:1d:28:64:d9:9f:63:5a:
26:00:71:3b:0a:76:38:d4:56:9d:c5:7f:81:9d:a4:
29:79:12:05:8e:97:d9:23:8e:d2:5a:d8:cc:0d:cd:
7c:26:78:a1:85:79:d0:de:7d:85:fe:1f:f5:01:e4:
8f:72:7a:42:8d:dd:19:b1:c5:a9:4c:35:f4:19:f3:
bf:b6:be:51:7e:8f:6b:21:4f:0a:f4:4f:02:96:18:
35:dd:e9:df:7c:99:99:54:bf:08:72:fc:31:07:19:
52:a8:31:e2:11:d5:d2:25:4e:e4:c9:81:59:5b:5a:
dc:f7:11:ba:e9:7a:2f:d7:7c:89:06:4b:bf:f3:a9:
ee:02:4e:93:b3:a7:df:d9:2c:88:ea:0a:08:86:7c:
82:0d:7c:49:e1:67:01:e8:33:14:b7:80:ff:4c:75:
85:25:1d:13:d8:a5:69:60:03:55:86:42:00:3f:6d:
0e:f6:2c:30:7f:d2:c9:b5:fe:86:a8:26:e7:55:81:
46:d4:28:c2:a7:c8:f0:fb:4c:a1:c4:25:da:ec:d2:
98:b6:8b:e1:bc:80:21:ff:81:c2:f0:67:54:ac:4d:
ad:a9:a1:ff:95:a4:88:32:47:5b:b9:16:fa:36:32:
02:84:2e:80:36:e1:21:45:a6:23:8f:70:17:2d:bd:
9e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B6:5B:97:52:6C:74:2C:8A:19:FF:CC:FD:9B:DE:5E:C4:0A:51:4F
X509v3 Authority Key Identifier:
keyid:A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:18:85:2d:71:95:a2:48:06:09:10:95:68:59:f5:55:33:e6:
1f:39:25:4b:c8:e1:cf:0f:eb:f8:b3:04:f3:7d:ac:76:c5:3d:
fc:5f:e2:70:f6:63:0a:28:dd:48:19:c8:d2:be:57:6d:09:d6:
6c:82:d7:a4:18:69:42:ad:7c:62:4b:94:f0:cc:83:04:64:b0:
4a:07:b7:f6:ad:57:49:08:e4:be:9c:68:22:68:12:94:d9:87:
1c:f8:00:f5:9f:80:3e:52:37:95:5b:0d:60:bf:f9:d6:55:80:
2a:af:eb:25:3a:9a:ea:1a:a8:1b:d2:09:d9:d3:c0:f9:00:e2:
88:2d:fe:a4:fd:74:95:cc:fc:82:70:1b:de:bd:ca:91:76:3a:
5b:e9:aa:3d:91:51:88:d5:09:f6:81:a3:ba:4a:d8:b6:a8:aa:
a1:0e:83:c0:52:47:68:18:8c:ba:a4:e2:2e:d4:ab:77:60:51:
98:46:0b:74:ce:ce:bb:13:37:ad:db:3e:d1:b4:55:22:8d:b5:
d3:a7:7d:49:ce:e2:47:7f:21:15:36:0c:2f:21:28:2d:be:4a:
40:bd:a0:2d:18:36:b1:4b:ad:8c:de:e4:08:89:93:8e:bf:c1:
c1:22:06:bd:e4:89:57:81:27:af:95:dc:9c:ae:49:39:2f:2b:
b6:64:73:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdct++iJ9mArC4xDEtnDGVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzUzNjliMmQ0YmIyZTJkZWRlNjY4NjQ1MzEzZTM0NGU2
ZjFjYzAwHhcNMjUwNjExMDIwMDQ3WhcNMjUwNjEyMDIwMDQ3WjAzMTEwLwYDVQQD
EyhiOGI2NWI5NzUyNmM3NDJjOGExOWZmY2NmZDliZGU1ZWM0MGE1MTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQu3clWYGR0oZNmfY1omAHE7CnY4
1FadxX+BnaQpeRIFjpfZI47SWtjMDc18JnihhXnQ3n2F/h/1AeSPcnpCjd0ZscWp
TDX0GfO/tr5Rfo9rIU8K9E8Clhg13enffJmZVL8IcvwxBxlSqDHiEdXSJU7kyYFZ
W1rc9xG66Xov13yJBku/86nuAk6Ts6ff2SyI6goIhnyCDXxJ4WcB6DMUt4D/THWF
JR0T2KVpYANVhkIAP20O9iwwf9LJtf6GqCbnVYFG1CjCp8jw+0yhxCXa7NKYtovh
vIAh/4HC8GdUrE2tqaH/laSIMkdbuRb6NjIChC6ANuEhRaYjj3AXLb2eCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLi2W5dSbHQsihn/zP2b3l7EClFPMB8GA1UdIwQY
MBaAFKN1NpstS7Li3t5mhkUxPjRObxzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQt
MjhiZWM3Yjk5OTI5LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQtMjhiZWM3Yjk5OTI5
LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfxiFLXGV
okgGCRCVaFn1VTPmHzklS8jhzw/r+LME832sdsU9/F/icPZjCijdSBnI0r5XbQnW
bILXpBhpQq18YkuU8MyDBGSwSge39q1XSQjkvpxoImgSlNmHHPgA9Z+APlI3lVsN
YL/51lWAKq/rJTqa6hqoG9IJ2dPA+QDiiC3+pP10lcz8gnAb3r3KkXY6W+mqPZFR
iNUJ9oGjukrYtqiqoQ6DwFJHaBiMuqTiLtSrd2BRmEYLdM7OuxM3rds+0bRVIo21
06d9Sc7iR38hFTYMLyEoLb5KQL2gLRg2sUutjN7kCImTjr/BwSIGveSJV4Enr5Xc
nK5JOS8rtmRzmg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:56:55 2025 by rpki-client