Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
File: o3U2my1LsuLe3maGRTE-NE5vHMA.mft (raw, json)
Hash identifier: 10Ea4V2NbjnTZBvV4iGPy7o439aol7IU5CGHT5T9aPE=
Subject key identifier: 84:B0:87:11:6A:C8:EC:CF:4D:2C:D2:59:20:95:54:4C:05:CC:69:82
Authority key identifier: A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
Certificate issuer: /CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Certificate serial: 01996435C52B8D703B53506BB61ECDA4C519
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
Manifest number: 1697
Signing time: Fri 19 Sep 2025 23:01:09 +0000
Manifest this update: Fri 19 Sep 2025 23:01:09 +0000
Manifest next update: Sat 20 Sep 2025 23:01:09 +0000
Files and hashes: 1: DyAD9klcag15NhnplKEMXi8dKqg.roa (hash: Zvr5j/JLyl2kQb4eL63NQCTsndBLbuYPjEiWULmfej8=)
2: o3U2my1LsuLe3maGRTE-NE5vHMA.crl (hash: j9wGbEyDfjhSCFEd7Xbb1QlP1xkee72FogYyVnBrzSg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 23:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:64:35:c5:2b:8d:70:3b:53:50:6b:b6:1e:cd:a4:c5:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Validity
Not Before: Sep 19 23:01:09 2025 GMT
Not After : Sep 20 23:01:09 2025 GMT
Subject: CN=84b087116ac8eccf4d2cd2592095544c05cc6982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d2:6f:af:a4:e4:43:d5:d9:5f:79:0a:c5:74:
71:9d:b7:99:b7:80:ba:f9:8f:49:de:45:82:e6:af:
0d:b4:84:be:33:9d:0a:b0:c2:87:1b:7f:d7:c4:43:
02:0e:d3:f7:34:4f:30:49:41:a4:30:87:65:4f:a3:
a0:95:b2:ff:58:ea:92:c4:77:be:88:70:56:ae:f2:
2c:fa:a4:df:37:d6:35:32:4b:ef:93:f6:61:7a:7a:
17:4e:c6:ce:36:e9:0e:c6:30:03:02:5a:10:59:63:
29:bd:c6:2b:69:2f:9b:63:b3:2d:8a:87:e0:26:0d:
97:04:78:35:8b:a4:ae:42:f2:87:fc:5d:fb:d4:6b:
70:79:c4:f9:44:55:5d:68:06:e8:69:ed:36:3c:af:
8b:87:b6:3d:45:c5:0f:ee:73:87:37:7b:c8:44:23:
e5:ec:4d:6f:df:53:e4:66:a4:d1:c4:c1:94:d9:33:
6f:dc:d0:e0:9d:6a:e2:e8:f3:60:13:15:0f:11:f1:
9c:ec:07:6c:05:92:5b:66:10:e7:4e:f6:e7:ed:bb:
7c:06:a9:98:e2:f3:a1:6c:9e:c3:60:5d:1d:2d:a1:
88:7c:ef:08:a1:4e:02:d9:57:e2:6a:23:20:be:98:
13:f9:7e:6c:c0:d1:48:72:3d:04:42:12:4f:b5:95:
e0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B0:87:11:6A:C8:EC:CF:4D:2C:D2:59:20:95:54:4C:05:CC:69:82
X509v3 Authority Key Identifier:
keyid:A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:65:1f:23:f6:1d:a3:f0:ef:b5:03:45:a9:d1:c4:92:f0:e0:
2a:c6:a9:e5:35:6c:37:a8:48:c7:ae:77:fd:dd:49:fc:f7:75:
9e:05:d0:75:cb:8c:b6:e4:2d:97:ee:54:e9:09:61:ee:37:35:
67:e3:23:25:6c:4e:51:38:cf:13:4b:da:c1:30:70:98:9c:cb:
20:e2:c2:b2:33:b2:5c:5b:71:5a:c3:13:01:12:9b:4d:66:87:
2a:98:a1:8b:4d:e7:19:99:77:67:ff:0c:cd:7a:3f:21:92:07:
f0:20:fe:dd:16:7b:8a:1b:05:35:5e:4b:79:c8:21:7d:67:93:
dd:81:99:85:bf:1a:a1:ad:d2:88:1e:c4:af:07:32:ad:b5:20:
16:ec:64:2c:aa:c8:e3:e4:83:bc:94:a5:67:d3:6b:3d:cd:86:
f3:af:33:41:31:82:0d:f9:59:98:bd:f1:47:96:2c:9b:e2:d1:
02:15:da:16:fe:df:7b:d3:17:5d:ba:4e:df:e6:73:7b:fd:5d:
66:dd:d4:c4:bb:72:b1:1a:de:23:df:46:e9:24:1c:e1:e4:dc:
e1:18:8a:4b:3f:3b:f3:ff:fa:5c:bb:42:b5:e8:be:d5:8e:94:
47:20:e9:8d:d9:25:07:fc:bb:f1:08:e8:bf:d0:c5:c3:9a:90:
0a:cf:77:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZlkNcUrjXA7U1Brth7NpMUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzUzNjliMmQ0YmIyZTJkZWRlNjY4NjQ1MzEzZTM0NGU2
ZjFjYzAwHhcNMjUwOTE5MjMwMTA5WhcNMjUwOTIwMjMwMTA5WjAzMTEwLwYDVQQD
Eyg4NGIwODcxMTZhYzhlY2NmNGQyY2QyNTkyMDk1NTQ0YzA1Y2M2OTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNJvr6TkQ9XZX3kKxXRxnbeZt4C6
+Y9J3kWC5q8NtIS+M50KsMKHG3/XxEMCDtP3NE8wSUGkMIdlT6OglbL/WOqSxHe+
iHBWrvIs+qTfN9Y1Mkvvk/ZhenoXTsbONukOxjADAloQWWMpvcYraS+bY7Mtiofg
Jg2XBHg1i6SuQvKH/F371GtwecT5RFVdaAboae02PK+Lh7Y9RcUP7nOHN3vIRCPl
7E1v31PkZqTRxMGU2TNv3NDgnWri6PNgExUPEfGc7AdsBZJbZhDnTvbn7bt8BqmY
4vOhbJ7DYF0dLaGIfO8IoU4C2VfiaiMgvpgT+X5swNFIcj0EQhJPtZXgOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFISwhxFqyOzPTSzSWSCVVEwFzGmCMB8GA1UdIwQY
MBaAFKN1NpstS7Li3t5mhkUxPjRObxzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQt
MjhiZWM3Yjk5OTI5LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQtMjhiZWM3Yjk5OTI5
LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbWUfI/Yd
o/DvtQNFqdHEkvDgKsap5TVsN6hIx653/d1J/Pd1ngXQdcuMtuQtl+5U6Qlh7jc1
Z+MjJWxOUTjPE0vawTBwmJzLIOLCsjOyXFtxWsMTARKbTWaHKpihi03nGZl3Z/8M
zXo/IZIH8CD+3RZ7ihsFNV5LecghfWeT3YGZhb8aoa3SiB7ErwcyrbUgFuxkLKrI
4+SDvJSlZ9NrPc2G868zQTGCDflZmL3xR5Ysm+LRAhXaFv7fe9MXXbpO3+Zze/1d
Zt3UxLtysRreI99G6SQc4eTc4RiKSz878//6XLtCtei+1Y6URyDpjdklB/y78Qjo
v9DFw5qQCs93Cg==
-----END CERTIFICATE-----
Generated at Sat Sep 20 05:45:31 2025 by rpki-client