Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
File: o3U2my1LsuLe3maGRTE-NE5vHMA.mft (raw, json)
Hash identifier: 67Pj44FCEL/NUDKyD6Ui931XNYYw7oFC+WsNI1j7Jv4=
Subject key identifier: D3:E2:93:09:26:07:EC:CF:89:35:06:25:96:93:74:67:09:62:EA:F1
Authority key identifier: A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
Certificate issuer: /CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Certificate serial: 0197609454EA686C9642DC9792A0322CB0C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
Manifest number: 158C
Signing time: Wed 11 Jun 2025 20:00:23 +0000
Manifest this update: Wed 11 Jun 2025 20:00:23 +0000
Manifest next update: Thu 12 Jun 2025 20:00:23 +0000
Files and hashes: 1: DyAD9klcag15NhnplKEMXi8dKqg.roa (hash: Zvr5j/JLyl2kQb4eL63NQCTsndBLbuYPjEiWULmfej8=)
2: o3U2my1LsuLe3maGRTE-NE5vHMA.crl (hash: snxLymP1NO9hv1V6ymj2py8/iVqUIyrSQoMWXp/Mu8Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Jun 2025 20:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:60:94:54:ea:68:6c:96:42:dc:97:92:a0:32:2c:b0:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Validity
Not Before: Jun 11 20:00:23 2025 GMT
Not After : Jun 12 20:00:23 2025 GMT
Subject: CN=d3e293092607eccf89350625969374670962eaf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:64:08:e1:a0:e8:6c:8b:cb:0b:3e:5c:04:76:
65:80:fe:45:8a:ae:2f:69:40:4e:5d:01:b9:75:b5:
50:e3:a0:ba:f1:59:70:ff:68:9d:6c:6c:f0:c0:b5:
b4:ea:94:1e:24:f9:73:df:c5:14:74:61:8a:c2:1f:
86:d8:42:93:d5:fd:96:27:19:6e:c9:1c:34:75:6f:
1f:b5:c9:1e:89:fb:87:07:a3:5f:41:36:b1:0a:12:
8b:24:33:3e:7f:2b:10:53:a8:70:1c:ed:14:41:fe:
62:84:9f:58:16:26:2b:60:28:5e:31:60:e1:0f:e1:
93:8e:da:7b:cd:50:09:14:ef:b0:25:73:24:a3:6d:
72:05:70:74:33:b9:94:32:f8:54:6c:e8:1c:63:91:
28:5e:1c:2b:5c:30:29:fb:16:b6:c3:ff:ba:0e:4f:
db:29:0d:57:f6:0d:43:09:b8:77:d9:f7:f7:93:b6:
b4:f6:99:ad:34:96:a6:c2:1a:d7:9a:6a:0d:21:7d:
bb:83:56:dc:fc:3d:4f:f3:8d:3b:03:55:ff:fe:51:
ad:67:5b:f2:f2:a5:02:8d:a3:3e:77:48:0a:71:7a:
9a:0a:94:01:6c:0a:e7:77:0a:95:b3:1f:b2:e3:8a:
1c:a5:f3:c4:21:fe:65:f7:46:08:47:11:6c:3f:7b:
85:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E2:93:09:26:07:EC:CF:89:35:06:25:96:93:74:67:09:62:EA:F1
X509v3 Authority Key Identifier:
keyid:A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:39:00:56:57:b7:3d:9c:c1:48:9e:04:eb:fd:9a:42:75:a5:
02:6b:7d:0a:5e:29:75:5d:c6:33:4d:3b:96:d8:86:0a:8e:05:
aa:72:88:62:1a:45:dc:07:2b:4f:a9:ce:b0:94:06:27:76:bb:
81:3b:7b:89:87:41:d1:02:18:62:a1:19:aa:f5:48:22:93:0d:
7e:af:b2:90:13:81:09:45:e4:5a:4b:a9:65:61:dc:85:a8:c1:
fc:98:c8:45:64:1f:18:a2:0b:7e:c4:27:3f:c7:4e:17:94:ca:
2c:1b:81:2f:ec:1b:51:a3:0f:98:b7:8a:a9:80:97:ad:dd:73:
89:73:37:f5:91:4d:46:de:82:42:ab:57:50:d1:9c:92:07:42:
f6:12:88:ff:8b:46:fc:22:ba:dd:eb:1a:61:c3:4f:0a:15:72:
17:7d:44:44:83:4f:3a:0d:98:31:56:1e:63:27:88:b2:b2:e8:
11:7f:74:6f:33:ae:e1:e8:57:b0:01:92:1b:f5:de:12:32:50:
40:53:86:41:0b:4b:c2:a8:28:70:51:1f:1c:80:50:df:b9:af:
30:77:bc:07:4b:15:f9:fb:2d:2c:d5:4d:5f:ba:81:b6:93:ec:
b1:00:e3:69:7f:9c:7e:3c:54:f4:09:29:72:f4:64:8e:22:93:
18:b3:91:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdglFTqaGyWQtyXkqAyLLDJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzUzNjliMmQ0YmIyZTJkZWRlNjY4NjQ1MzEzZTM0NGU2
ZjFjYzAwHhcNMjUwNjExMjAwMDIzWhcNMjUwNjEyMjAwMDIzWjAzMTEwLwYDVQQD
EyhkM2UyOTMwOTI2MDdlY2NmODkzNTA2MjU5NjkzNzQ2NzA5NjJlYWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GQI4aDobIvLCz5cBHZlgP5Fiq4v
aUBOXQG5dbVQ46C68Vlw/2idbGzwwLW06pQeJPlz38UUdGGKwh+G2EKT1f2WJxlu
yRw0dW8ftckeifuHB6NfQTaxChKLJDM+fysQU6hwHO0UQf5ihJ9YFiYrYCheMWDh
D+GTjtp7zVAJFO+wJXMko21yBXB0M7mUMvhUbOgcY5EoXhwrXDAp+xa2w/+6Dk/b
KQ1X9g1DCbh32ff3k7a09pmtNJamwhrXmmoNIX27g1bc/D1P8407A1X//lGtZ1vy
8qUCjaM+d0gKcXqaCpQBbArndwqVsx+y44ocpfPEIf5l90YIRxFsP3uF2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNPikwkmB+zPiTUGJZaTdGcJYurxMB8GA1UdIwQY
MBaAFKN1NpstS7Li3t5mhkUxPjRObxzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQt
MjhiZWM3Yjk5OTI5LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQtMjhiZWM3Yjk5OTI5
LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaTkAVle3
PZzBSJ4E6/2aQnWlAmt9Cl4pdV3GM007ltiGCo4FqnKIYhpF3AcrT6nOsJQGJ3a7
gTt7iYdB0QIYYqEZqvVIIpMNfq+ykBOBCUXkWkupZWHchajB/JjIRWQfGKILfsQn
P8dOF5TKLBuBL+wbUaMPmLeKqYCXrd1ziXM39ZFNRt6CQqtXUNGckgdC9hKI/4tG
/CK63esaYcNPChVyF31ERINPOg2YMVYeYyeIsrLoEX90bzOu4ehXsAGSG/XeEjJQ
QFOGQQtLwqgocFEfHIBQ37mvMHe8B0sV+fstLNVNX7qBtpPssQDjaX+cfjxU9Akp
cvRkjiKTGLORww==
-----END CERTIFICATE-----
Generated at Thu Jun 12 03:51:08 2025 by rpki-client