Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
File: 2O6Q00LYZepn8rDS-3TAOfg-Skg.mft (raw, json)
Hash identifier: 20tmyzF1msLBIBm8gu4ZbS673uq41mf3eJPzMMBK60I=
Subject key identifier: 63:F5:27:BA:99:78:D8:41:E3:F4:3F:E5:A6:29:7C:38:66:76:1E:61
Authority key identifier: D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
Certificate issuer: /CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Certificate serial: 01991809B2AD73F66C156A4E8D4786097502
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
Manifest number: 038E
Signing time: Fri 05 Sep 2025 04:01:52 +0000
Manifest this update: Fri 05 Sep 2025 04:01:52 +0000
Manifest next update: Sat 06 Sep 2025 04:01:52 +0000
Files and hashes: 1: 1vvIkvJGRy621vVPsoLS7KLp9WQ.roa (hash: AaLmkGEE5WFi/MsCmNoVGVjYg2GotUKYwJ8yvjW+a60=)
2: 2O6Q00LYZepn8rDS-3TAOfg-Skg.crl (hash: sIhPVMzGscpBWljcTzuxeyQOLhWs0C0M3vXbK25MqbA=)
3: KLjjQzFk9GYkvqPEoe40SA-mXbg.roa (hash: 2jEymy+mMO9pWyCpodUhIwEZFiuwLfDEfoelvtg+xqA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 04:01:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:18:09:b2:ad:73:f6:6c:15:6a:4e:8d:47:86:09:75:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Validity
Not Before: Sep 5 04:01:52 2025 GMT
Not After : Sep 6 04:01:52 2025 GMT
Subject: CN=63f527ba9978d841e3f43fe5a6297c3866761e61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:29:46:e8:80:8c:9d:c5:9e:0a:3a:2b:5c:18:
4d:37:c6:58:5a:00:5c:9f:37:06:cd:e0:5f:53:e0:
13:8c:f4:e8:8c:23:45:65:6b:e0:36:df:ea:e6:ec:
7d:22:da:12:24:27:c5:b6:06:be:07:12:21:d6:25:
74:6c:ab:7b:67:49:a2:88:b7:84:86:41:66:58:ab:
f2:d2:c1:4b:8c:f6:5f:b4:1a:6c:0b:73:47:11:ec:
e8:00:df:70:d2:de:9b:40:f7:b9:37:a2:51:f1:f8:
e1:d0:94:f8:96:be:df:c3:4f:65:1c:bf:19:fe:e7:
3c:1d:12:d1:23:78:01:f1:1e:fe:c5:bf:c8:74:5e:
18:7c:e5:25:53:c6:9a:b8:a0:35:ee:bd:4b:4c:eb:
4d:f0:9d:51:42:ac:d0:e4:20:5e:2c:7a:a7:63:0e:
0f:49:ec:bb:31:57:df:59:9e:0a:65:bc:fe:b4:11:
3c:14:4e:9b:5c:34:be:b7:0a:b0:ce:69:07:6b:f0:
d0:a9:70:48:9c:01:33:f9:05:d7:00:66:94:7e:3f:
92:b1:49:81:ce:9a:fa:be:4f:11:6a:79:7c:2a:52:
00:d4:78:96:aa:e8:c4:b6:26:c9:23:db:5d:9e:47:
2f:3f:b1:76:ac:4e:db:ff:1e:fd:08:38:9a:d4:12:
ea:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:F5:27:BA:99:78:D8:41:E3:F4:3F:E5:A6:29:7C:38:66:76:1E:61
X509v3 Authority Key Identifier:
keyid:D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a7:1e:77:3d:89:75:02:d3:86:dd:27:3a:a0:24:ca:63:c7:7a:
85:0e:ff:e5:ed:46:3e:2d:f3:aa:b0:7d:01:39:87:07:24:1f:
5a:2f:75:06:a8:00:38:5b:ba:91:d1:3f:b0:50:50:77:7b:57:
58:6b:89:23:28:df:7a:34:3b:8f:ac:f5:65:9c:1a:a6:28:c8:
87:10:bb:f5:10:08:ed:ef:c0:ec:71:a9:b7:5c:5d:43:3f:f4:
94:22:d6:15:dc:2d:d8:6f:9d:6c:f7:04:8f:e6:0b:14:0c:f6:
23:1b:4f:32:89:31:35:c2:86:23:b5:92:62:87:f3:68:65:2a:
20:13:49:b0:0a:83:5d:6b:77:ff:b6:28:12:ec:d0:61:b8:dd:
6a:c0:c1:0e:10:59:2c:f6:73:a7:00:ea:de:57:6c:9f:99:f7:
1b:60:51:06:6e:21:fb:1e:d9:80:23:12:65:30:67:22:7b:b1:
ae:5d:40:a7:5e:99:a2:cd:8d:73:80:8d:bd:fc:d3:d3:73:07:
9b:78:44:c9:21:f8:37:51:22:9b:e0:cb:90:fb:c2:8d:98:5a:
74:ae:78:da:69:cd:7c:74:80:43:28:2e:31:f6:a6:5c:cf:2d:
df:bd:16:f5:db:fd:af:61:33:c1:23:55:ab:be:f7:68:ec:9f:
6c:8e:7f:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCbKtc/ZsFWpOjUeGCXUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWU5MGQzNDJkODY1ZWE2N2YyYjBkMmZiNzRjMDM5Zjgz
ZTRhNDgwHhcNMjUwOTA1MDQwMTUyWhcNMjUwOTA2MDQwMTUyWjAzMTEwLwYDVQQD
Eyg2M2Y1MjdiYTk5NzhkODQxZTNmNDNmZTVhNjI5N2MzODY2NzYxZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9ylG6ICMncWeCjorXBhNN8ZYWgBc
nzcGzeBfU+ATjPTojCNFZWvgNt/q5ux9ItoSJCfFtga+BxIh1iV0bKt7Z0miiLeE
hkFmWKvy0sFLjPZftBpsC3NHEezoAN9w0t6bQPe5N6JR8fjh0JT4lr7fw09lHL8Z
/uc8HRLRI3gB8R7+xb/IdF4YfOUlU8aauKA17r1LTOtN8J1RQqzQ5CBeLHqnYw4P
Sey7MVffWZ4KZbz+tBE8FE6bXDS+twqwzmkHa/DQqXBInAEz+QXXAGaUfj+SsUmB
zpr6vk8Ranl8KlIA1HiWqujEtibJI9tdnkcvP7F2rE7b/x79CDia1BLqJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGP1J7qZeNhB4/Q/5aYpfDhmdh5hMB8GA1UdIwQY
MBaAFNjukNNC2GXqZ/Kw0vt0wDn4PkpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2Zjkt
NTEwNTI1YzQ3NDRjLzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2ZjktNTEwNTI1YzQ3NDRj
LzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApx53PYl1
AtOG3Sc6oCTKY8d6hQ7/5e1GPi3zqrB9ATmHByQfWi91BqgAOFu6kdE/sFBQd3tX
WGuJIyjfejQ7j6z1ZZwapijIhxC79RAI7e/A7HGpt1xdQz/0lCLWFdwt2G+dbPcE
j+YLFAz2IxtPMokxNcKGI7WSYofzaGUqIBNJsAqDXWt3/7YoEuzQYbjdasDBDhBZ
LPZzpwDq3ldsn5n3G2BRBm4h+x7ZgCMSZTBnInuxrl1Ap16Zos2Nc4CNvfzT03MH
m3hEySH4N1Eim+DLkPvCjZhadK542mnNfHSAQyguMfamXM8t370W9dv9r2EzwSNV
q773aOyfbI5/Ww==
-----END CERTIFICATE-----
Generated at Fri Sep 5 11:33:06 2025 by rpki-client