
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
File: o3U2my1LsuLe3maGRTE-NE5vHMA.mft (raw, json)
Hash identifier: SIu+4st52q+zfxpBA0zp+cxMfcv5JbRzxspGJxHfNZw=
Subject key identifier: 65:5A:FF:CF:98:AB:1F:1F:5C:48:27:65:79:09:5C:F7:A0:FC:B0:D1
Authority key identifier: A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
Certificate issuer: /CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Certificate serial: 019754FE92514C5841D2890D49D73759A85A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
Manifest number: 1586
Signing time: Mon 09 Jun 2025 14:00:59 +0000
Manifest this update: Mon 09 Jun 2025 14:00:59 +0000
Manifest next update: Tue 10 Jun 2025 14:00:59 +0000
Files and hashes: 1: DyAD9klcag15NhnplKEMXi8dKqg.roa (hash: Zvr5j/JLyl2kQb4eL63NQCTsndBLbuYPjEiWULmfej8=)
2: o3U2my1LsuLe3maGRTE-NE5vHMA.crl (hash: AWVWaajWhkd+SVzCcpRI/cZM4WGowQh0C3aKxqxLsmw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:54:fe:92:51:4c:58:41:d2:89:0d:49:d7:37:59:a8:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Validity
Not Before: Jun 9 14:00:59 2025 GMT
Not After : Jun 10 14:00:59 2025 GMT
Subject: CN=655affcf98ab1f1f5c48276579095cf7a0fcb0d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ee:1e:62:4c:69:77:0b:bf:fe:78:64:83:4e:
61:26:05:89:1b:7d:04:c6:87:1c:65:2b:6d:0a:80:
19:21:65:6b:05:6d:6a:d8:cb:2d:74:e9:d1:6a:89:
c3:22:70:f2:aa:4e:e5:07:e3:ba:a5:ec:2a:46:97:
71:7e:9f:3e:3e:15:16:0c:b0:3e:29:05:bc:ab:e6:
02:1e:c6:83:63:db:55:97:31:bc:64:b7:09:31:49:
0c:b8:f7:3c:38:4a:32:12:99:59:b6:f8:a0:e7:db:
4d:6a:19:d7:ed:44:c8:d4:33:24:6c:ee:60:ce:53:
0d:f3:82:79:1a:a4:fc:f0:9a:6c:e1:61:fb:18:b9:
d6:8f:5e:4a:4d:8b:ed:b3:46:17:db:f2:10:b6:af:
c5:f9:79:65:e1:27:1c:07:ce:50:4e:82:98:14:5d:
d0:57:e5:05:a5:25:38:ab:ab:4f:20:f7:5b:67:cb:
0b:26:2a:05:38:eb:bf:d2:68:8b:2d:c9:e5:65:0f:
91:08:24:eb:25:bd:e4:62:a2:46:b5:e7:d6:03:aa:
3a:17:22:bf:29:a7:46:c1:c1:be:4d:7e:27:a2:75:
f8:56:95:04:6c:b2:85:77:2c:45:bb:ac:8f:ec:fb:
51:72:db:84:c1:8a:87:1a:b5:50:dc:c0:57:66:52:
35:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:5A:FF:CF:98:AB:1F:1F:5C:48:27:65:79:09:5C:F7:A0:FC:B0:D1
X509v3 Authority Key Identifier:
keyid:A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c7:96:9c:34:3d:cd:84:05:11:a3:77:b5:45:88:98:a7:6c:f4:
64:1d:89:a6:78:c1:3f:e4:5d:d6:8a:9c:e0:34:6d:21:75:60:
18:81:6a:3f:66:eb:f9:95:99:e8:43:48:0c:8d:49:6b:9e:96:
70:ab:b7:1f:9c:d2:6c:70:af:92:94:8f:ca:45:cd:af:48:68:
eb:84:d2:b4:03:b4:34:0e:e0:78:9e:4b:f2:77:4c:5c:50:be:
4a:59:b9:43:19:aa:25:d3:a4:f8:bc:c2:4f:18:ee:71:4b:24:
33:57:8f:73:a1:7a:83:54:bb:26:bf:99:81:92:cc:ed:dd:76:
76:3b:5f:c8:9b:fa:c3:bc:21:32:94:47:c7:78:22:84:db:00:
68:64:f7:ab:a6:62:b9:30:2d:7a:86:8c:02:c7:5d:77:ff:fa:
64:75:72:f1:02:7b:aa:b7:c4:df:26:01:1f:c7:47:f4:4b:85:
de:b1:a0:fb:d6:49:14:af:06:95:8b:cf:8e:50:f8:f3:a2:42:
9f:1b:74:59:50:fa:fb:e1:8d:11:c8:1f:69:82:30:ce:35:4e:
63:9b:f6:17:80:2b:1f:bd:95:1e:16:cd:a2:e3:3b:7d:7c:04:
16:ff:1f:de:a0:18:73:fb:c5:1c:0f:99:a8:c8:a8:a8:c9:9e:
c2:e6:9d:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdU/pJRTFhB0okNSdc3WahaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzUzNjliMmQ0YmIyZTJkZWRlNjY4NjQ1MzEzZTM0NGU2
ZjFjYzAwHhcNMjUwNjA5MTQwMDU5WhcNMjUwNjEwMTQwMDU5WjAzMTEwLwYDVQQD
Eyg2NTVhZmZjZjk4YWIxZjFmNWM0ODI3NjU3OTA5NWNmN2EwZmNiMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwu4eYkxpdwu//nhkg05hJgWJG30E
xoccZSttCoAZIWVrBW1q2MstdOnRaonDInDyqk7lB+O6pewqRpdxfp8+PhUWDLA+
KQW8q+YCHsaDY9tVlzG8ZLcJMUkMuPc8OEoyEplZtvig59tNahnX7UTI1DMkbO5g
zlMN84J5GqT88Jps4WH7GLnWj15KTYvts0YX2/IQtq/F+Xll4SccB85QToKYFF3Q
V+UFpSU4q6tPIPdbZ8sLJioFOOu/0miLLcnlZQ+RCCTrJb3kYqJGtefWA6o6FyK/
KadGwcG+TX4nonX4VpUEbLKFdyxFu6yP7PtRctuEwYqHGrVQ3MBXZlI1ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVa/8+Yqx8fXEgnZXkJXPeg/LDRMB8GA1UdIwQY
MBaAFKN1NpstS7Li3t5mhkUxPjRObxzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQt
MjhiZWM3Yjk5OTI5LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQtMjhiZWM3Yjk5OTI5
LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAx5acND3N
hAURo3e1RYiYp2z0ZB2JpnjBP+Rd1oqc4DRtIXVgGIFqP2br+ZWZ6ENIDI1Ja56W
cKu3H5zSbHCvkpSPykXNr0ho64TStAO0NA7geJ5L8ndMXFC+Slm5QxmqJdOk+LzC
TxjucUskM1ePc6F6g1S7Jr+ZgZLM7d12djtfyJv6w7whMpRHx3gihNsAaGT3q6Zi
uTAteoaMAsddd//6ZHVy8QJ7qrfE3yYBH8dH9EuF3rGg+9ZJFK8GlYvPjlD486JC
nxt0WVD6++GNEcgfaYIwzjVOY5v2F4ArH72VHhbNouM7fXwEFv8f3qAYc/vFHA+Z
qMioqMmewuadvw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 01:09:32 2025 by rpki-client