Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
File: o3U2my1LsuLe3maGRTE-NE5vHMA.mft (raw, json)
Hash identifier: ArWr55MYBXG5kKYWnamgo78hBgC5XmLKZZJAs13Q+rc=
Subject key identifier: 18:48:46:D1:7F:D1:62:23:44:A8:F8:9C:CD:29:61:62:6B:E5:4C:4B
Authority key identifier: A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
Certificate issuer: /CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Certificate serial: 019758DAE7FD3C93E71811A529FBAE296090
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
Manifest number: 1588
Signing time: Tue 10 Jun 2025 08:00:30 +0000
Manifest this update: Tue 10 Jun 2025 08:00:30 +0000
Manifest next update: Wed 11 Jun 2025 08:00:30 +0000
Files and hashes: 1: DyAD9klcag15NhnplKEMXi8dKqg.roa (hash: Zvr5j/JLyl2kQb4eL63NQCTsndBLbuYPjEiWULmfej8=)
2: o3U2my1LsuLe3maGRTE-NE5vHMA.crl (hash: gH+oNzOvN25tTPQ5HzVA1WzmLU9YrJHgIXhfg8XBEW0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 08:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:58:da:e7:fd:3c:93:e7:18:11:a5:29:fb:ae:29:60:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Validity
Not Before: Jun 10 08:00:30 2025 GMT
Not After : Jun 11 08:00:30 2025 GMT
Subject: CN=184846d17fd1622344a8f89ccd2961626be54c4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ae:e3:fc:d3:67:04:e1:18:ab:2b:32:43:17:
c1:0c:8d:86:a3:68:50:74:be:00:90:77:ad:0e:23:
cb:54:67:14:e7:33:92:59:1d:ef:09:83:e6:19:86:
0e:27:95:9f:48:96:d3:55:f1:e4:42:dd:54:18:07:
e2:4e:81:db:fb:7b:2c:f5:0f:34:a1:5b:92:f9:42:
a5:fe:7a:e5:2d:70:a7:42:eb:ac:ed:a7:4e:4c:4e:
2d:41:3e:fb:1c:c6:cc:13:b6:3a:2f:59:d4:c7:3c:
6e:3e:cc:34:71:78:69:c6:35:7c:81:b6:8c:51:2e:
38:7f:66:9a:63:61:54:8e:a9:19:b2:14:6b:e0:91:
d0:1a:da:16:ba:9a:cb:6f:f9:59:af:d3:1b:4a:e0:
65:4f:03:11:c0:2d:3f:4a:ac:9e:47:ee:2d:2f:bc:
e3:5e:2b:a5:02:a7:a6:58:25:f8:b9:a1:ed:76:83:
db:49:47:c7:41:47:ba:a2:fc:f2:77:b6:81:76:4d:
f1:bc:69:16:a3:b1:3b:5f:07:9f:6e:08:a2:35:4e:
e8:03:0d:e1:31:87:b6:94:6f:c6:6d:f3:69:dc:36:
17:d2:ac:f2:34:53:6e:7b:3e:0f:4b:24:71:1b:37:
ce:21:ed:d5:15:a0:82:65:55:29:e7:cc:b8:86:af:
75:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:48:46:D1:7F:D1:62:23:44:A8:F8:9C:CD:29:61:62:6B:E5:4C:4B
X509v3 Authority Key Identifier:
keyid:A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:b4:a3:01:66:d7:b8:ce:97:d4:f4:22:54:e9:49:bc:f6:a0:
dc:e2:5f:76:dc:99:90:6b:72:32:8a:e9:45:82:4a:82:e3:ae:
05:f5:45:3f:b0:67:a1:bc:d4:a8:2b:7e:9e:1b:cc:54:c7:0d:
bf:72:4a:95:ee:da:49:e5:50:61:3e:fb:2b:f9:73:c5:0d:85:
ed:e6:da:ee:1c:2a:54:90:fa:b8:1a:8c:4d:13:bd:b6:1d:a8:
17:7f:b3:ec:46:09:c7:67:e3:fc:15:82:52:88:86:9b:bd:be:
ae:fa:f4:aa:10:d0:2a:66:a0:46:2a:76:83:66:d5:b8:26:46:
30:2f:36:6b:e7:51:8f:78:d6:2e:d9:b8:82:79:71:68:d4:de:
d3:63:6a:50:52:fc:e3:75:5c:b7:af:a4:85:e9:61:6e:29:d8:
d3:f6:4f:76:61:b5:8c:cb:c3:f1:1f:b1:7c:9a:d9:33:cd:d4:
8f:58:b7:a3:aa:f0:02:fd:61:9d:59:a6:3f:3a:85:88:f0:8c:
cd:dd:24:85:9d:18:85:bc:10:f8:2e:e6:4a:7a:f3:4a:ed:1b:
fb:07:52:bd:5d:0d:2c:3e:68:78:87:75:9f:90:4f:ec:0a:23:
db:02:8b:1f:94:19:3a:d2:12:da:47:4f:56:ef:58:81:d9:20:
08:f2:be:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdY2uf9PJPnGBGlKfuuKWCQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzUzNjliMmQ0YmIyZTJkZWRlNjY4NjQ1MzEzZTM0NGU2
ZjFjYzAwHhcNMjUwNjEwMDgwMDMwWhcNMjUwNjExMDgwMDMwWjAzMTEwLwYDVQQD
EygxODQ4NDZkMTdmZDE2MjIzNDRhOGY4OWNjZDI5NjE2MjZiZTU0YzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyK7j/NNnBOEYqysyQxfBDI2Go2hQ
dL4AkHetDiPLVGcU5zOSWR3vCYPmGYYOJ5WfSJbTVfHkQt1UGAfiToHb+3ss9Q80
oVuS+UKl/nrlLXCnQuus7adOTE4tQT77HMbME7Y6L1nUxzxuPsw0cXhpxjV8gbaM
US44f2aaY2FUjqkZshRr4JHQGtoWuprLb/lZr9MbSuBlTwMRwC0/SqyeR+4tL7zj
XiulAqemWCX4uaHtdoPbSUfHQUe6ovzyd7aBdk3xvGkWo7E7XwefbgiiNU7oAw3h
MYe2lG/GbfNp3DYX0qzyNFNuez4PSyRxGzfOIe3VFaCCZVUp58y4hq91JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBhIRtF/0WIjRKj4nM0pYWJr5UxLMB8GA1UdIwQY
MBaAFKN1NpstS7Li3t5mhkUxPjRObxzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQt
MjhiZWM3Yjk5OTI5LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQtMjhiZWM3Yjk5OTI5
LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdrSjAWbX
uM6X1PQiVOlJvPag3OJfdtyZkGtyMorpRYJKguOuBfVFP7BnobzUqCt+nhvMVMcN
v3JKle7aSeVQYT77K/lzxQ2F7eba7hwqVJD6uBqMTRO9th2oF3+z7EYJx2fj/BWC
UoiGm72+rvr0qhDQKmagRip2g2bVuCZGMC82a+dRj3jWLtm4gnlxaNTe02NqUFL8
43Vct6+khelhbinY0/ZPdmG1jMvD8R+xfJrZM83Uj1i3o6rwAv1hnVmmPzqFiPCM
zd0khZ0YhbwQ+C7mSnrzSu0b+wdSvV0NLD5oeId1n5BP7Aoj2wKLH5QZOtIS2kdP
Vu9YgdkgCPK+uQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 12:49:49 2025 by rpki-client