Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
File: OSG38e7pDZnilCGKk4dTweotwmc.mft (raw, json)
Hash identifier: MP8tq442+RefwtP/xks5d/TQwCbp18OVJ/xeSouogJQ=
Subject key identifier: 8A:E1:D8:0D:39:8B:73:04:CE:59:17:77:2A:9F:7C:B0:C1:38:4A:4E
Authority key identifier: 39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
Certificate issuer: /CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Certificate serial: 019A70DC5F7AEB056D29FF614E9109BA6C3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
Manifest number: 16AD
Signing time: Tue 11 Nov 2025 03:01:21 +0000
Manifest this update: Tue 11 Nov 2025 03:01:21 +0000
Manifest next update: Wed 12 Nov 2025 03:01:21 +0000
Files and hashes: 1: OSG38e7pDZnilCGKk4dTweotwmc.crl (hash: Kwgh1Z+VUpJXMppV03/6a7lgaLrTY0OyrRHp3rxFVyM=)
2: oHES2kIQSwcnceUnSAnzOBK0UoA.roa (hash: R0HeMmAONLyIzPgR+arZikegwIRj9xGz1jODUH2wdeA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:5f:7a:eb:05:6d:29:ff:61:4e:91:09:ba:6c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Validity
Not Before: Nov 11 03:01:21 2025 GMT
Not After : Nov 12 03:01:21 2025 GMT
Subject: CN=8ae1d80d398b7304ce5917772a9f7cb0c1384a4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8b:7d:29:27:ae:97:13:a2:59:9c:ba:b4:5c:
a8:63:ec:66:a4:f9:a6:c5:3c:52:98:c2:42:09:2d:
45:f9:af:78:5a:05:b4:e4:61:42:70:72:ae:e3:7d:
9c:17:6d:d0:74:3e:f8:58:b2:ab:ec:1e:21:c7:bd:
83:27:25:4f:f1:62:b1:37:07:09:48:d0:6c:53:b4:
d9:75:b7:c7:10:67:fb:1b:0f:ba:68:6e:17:9b:f4:
ad:eb:42:83:19:31:74:ef:d1:75:5f:18:c8:a0:f8:
79:65:ec:78:68:b7:72:de:bd:72:62:3e:39:1a:dc:
47:ce:8d:4a:86:e3:d1:82:37:ce:b5:d9:89:48:89:
a0:2e:0a:d8:76:98:60:23:b8:3c:39:0e:88:cd:2e:
7f:fb:28:65:60:62:3e:7f:15:01:1b:e1:87:07:dd:
86:d2:1e:9b:20:98:11:df:4b:11:e9:6b:68:9c:a3:
f4:ef:32:d2:5a:ad:fe:5f:83:14:32:70:18:e7:77:
06:73:59:fa:6c:bd:9a:15:7d:3d:2c:10:67:0d:2b:
4b:66:c9:42:5c:8b:a1:9d:87:b5:8c:42:28:82:70:
9c:a0:d8:f9:35:46:57:48:23:cd:d4:94:c7:33:0c:
0f:68:bf:61:6a:67:85:f1:03:51:e3:a5:cc:63:02:
e8:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:E1:D8:0D:39:8B:73:04:CE:59:17:77:2A:9F:7C:B0:C1:38:4A:4E
X509v3 Authority Key Identifier:
keyid:39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:bd:71:24:a9:83:4c:93:47:6e:35:fb:83:db:8d:dc:dc:22:
c0:f8:fa:7a:3a:9b:0b:ed:c4:81:24:ce:ba:46:93:84:76:22:
e5:46:a9:c6:c9:d5:7c:d6:54:58:d2:4c:db:17:53:4c:25:98:
87:5a:f9:5d:5f:a9:93:4e:ac:2d:39:07:5e:47:f4:d0:b0:bf:
7b:9c:fc:0d:1a:e3:81:a7:9b:94:e7:4d:02:cd:66:76:3f:d5:
3d:00:39:57:2e:68:29:54:2e:25:08:cd:7d:ef:ec:9a:f6:dc:
7c:c5:c7:54:6f:26:37:60:58:84:31:fb:99:9e:9b:e7:1d:16:
48:0a:75:20:6c:06:b1:08:36:e3:59:b2:62:fa:c3:2d:e3:bd:
f8:8d:09:16:9a:57:d7:03:65:28:fd:69:07:c5:c0:3e:86:b6:
22:8d:c7:c8:59:c2:89:0f:df:56:07:c8:7b:0f:92:0a:9a:d3:
50:14:07:7c:42:1c:47:7e:f5:10:a9:fd:90:2c:e5:f8:a1:27:
2e:2e:8f:eb:af:85:1a:c8:2c:df:9b:6e:e1:05:82:e8:91:02:
8f:76:ed:28:43:f6:e5:52:56:0c:65:7a:14:3c:ca:ae:05:4a:
75:f4:d7:6f:1a:5a:03:5c:db:34:fe:05:94:0b:e9:26:0e:e8:
ac:88:ff:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3F966wVtKf9hTpEJumw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MjFiN2YxZWVlOTBkOTllMjk0MjE4YTkzODc1M2MxZWEy
ZGMyNjcwHhcNMjUxMTExMDMwMTIxWhcNMjUxMTEyMDMwMTIxWjAzMTEwLwYDVQQD
Eyg4YWUxZDgwZDM5OGI3MzA0Y2U1OTE3NzcyYTlmN2NiMGMxMzg0YTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0It9KSeulxOiWZy6tFyoY+xmpPmm
xTxSmMJCCS1F+a94WgW05GFCcHKu432cF23QdD74WLKr7B4hx72DJyVP8WKxNwcJ
SNBsU7TZdbfHEGf7Gw+6aG4Xm/St60KDGTF079F1XxjIoPh5Zex4aLdy3r1yYj45
GtxHzo1KhuPRgjfOtdmJSImgLgrYdphgI7g8OQ6IzS5/+yhlYGI+fxUBG+GHB92G
0h6bIJgR30sR6WtonKP07zLSWq3+X4MUMnAY53cGc1n6bL2aFX09LBBnDStLZslC
XIuhnYe1jEIognCcoNj5NUZXSCPN1JTHMwwPaL9hameF8QNR46XMYwLohwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIrh2A05i3MEzlkXdyqffLDBOEpOMB8GA1UdIwQY
MBaAFDkht/Hu6Q2Z4pQhipOHU8HqLcJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgt
MjQ0MWUxMGY2ZjhmLzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgtMjQ0MWUxMGY2Zjhm
LzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP71xJKmD
TJNHbjX7g9uN3NwiwPj6ejqbC+3EgSTOukaThHYi5UapxsnVfNZUWNJM2xdTTCWY
h1r5XV+pk06sLTkHXkf00LC/e5z8DRrjgaeblOdNAs1mdj/VPQA5Vy5oKVQuJQjN
fe/smvbcfMXHVG8mN2BYhDH7mZ6b5x0WSAp1IGwGsQg241myYvrDLeO9+I0JFppX
1wNlKP1pB8XAPoa2Io3HyFnCiQ/fVgfIew+SCprTUBQHfEIcR371EKn9kCzl+KEn
Li6P66+FGsgs35tu4QWC6JECj3btKEP25VJWDGV6FDzKrgVKdfTXbxpaA1zbNP4F
lAvpJg7orIj/rw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:39:05 2025 by rpki-client