Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
File: OSG38e7pDZnilCGKk4dTweotwmc.mft (raw, json)
Hash identifier: fQIvONj7nbZzFK0/XjEpraxtrJXyP3hPkD+W+t4y6a4=
Subject key identifier: 5A:7C:99:84:7C:50:FF:18:48:0F:06:9B:B0:DB:0F:56:57:84:AA:E6
Authority key identifier: 39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
Certificate issuer: /CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Certificate serial: 01974B8D4698ECB1100FF269DCCE3BBAD4E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
Manifest number: 150C
Signing time: Sat 07 Jun 2025 18:00:39 +0000
Manifest this update: Sat 07 Jun 2025 18:00:39 +0000
Manifest next update: Sun 08 Jun 2025 18:00:39 +0000
Files and hashes: 1: OSG38e7pDZnilCGKk4dTweotwmc.crl (hash: tXAqRH2O8rVN/5scWdh58A4mGR+nnYphZ2tmTdO4qhs=)
2: oHES2kIQSwcnceUnSAnzOBK0UoA.roa (hash: R0HeMmAONLyIzPgR+arZikegwIRj9xGz1jODUH2wdeA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4b:8d:46:98:ec:b1:10:0f:f2:69:dc:ce:3b:ba:d4:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Validity
Not Before: Jun 7 18:00:39 2025 GMT
Not After : Jun 8 18:00:39 2025 GMT
Subject: CN=5a7c99847c50ff18480f069bb0db0f565784aae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8d:79:76:b4:b1:fb:ed:20:0d:85:e0:2c:78:
47:86:41:c7:ed:84:1a:d5:c6:22:f8:3a:1d:9b:e6:
c5:22:4b:5b:9b:3f:86:a5:4c:51:40:a8:22:e2:73:
f9:94:a7:5c:46:d5:e0:09:93:9c:79:68:15:5b:f0:
bd:ec:f0:53:9d:92:75:47:ee:fd:27:86:c6:99:05:
da:2c:fd:6e:8a:e2:e7:f6:fa:e9:b9:db:38:f5:a2:
75:73:b1:fb:71:35:81:da:30:f9:c4:c4:a8:92:45:
70:66:34:c3:47:cb:10:d3:ae:5d:08:6f:c9:bd:fe:
50:e6:3a:5f:35:9a:33:9b:b8:3d:1e:04:c8:f6:45:
48:4d:96:cf:11:9f:38:b2:06:e8:cf:25:58:66:aa:
3e:dc:ab:47:4c:fb:5d:f6:c0:c8:d8:5e:be:4e:dc:
b8:74:9e:42:77:3d:46:78:2a:bf:45:55:59:5b:78:
bb:be:83:fc:0a:0f:0a:2b:74:92:70:81:61:83:aa:
c5:28:b7:55:3e:29:f1:69:30:8a:a4:25:4e:24:fb:
c7:c1:6e:74:e7:e4:0d:d5:91:33:2e:05:57:82:bc:
61:73:98:7e:7f:7b:f9:f2:6c:e5:8c:0c:f7:16:d4:
2c:1d:3b:82:d1:95:49:f1:c6:22:d7:ef:e1:4c:ae:
5b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:7C:99:84:7C:50:FF:18:48:0F:06:9B:B0:DB:0F:56:57:84:AA:E6
X509v3 Authority Key Identifier:
keyid:39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:4a:17:4f:b6:5e:08:a6:49:87:19:00:47:d3:69:1a:8a:4f:
c8:9c:26:c0:57:32:39:53:07:73:77:bf:84:28:ee:df:ed:32:
ae:cc:b9:f6:3f:2a:8b:8e:6e:de:03:03:ef:77:f1:59:ab:1c:
3e:57:6a:dc:d8:6c:42:ba:a4:29:e7:d5:a7:02:3e:3d:f9:e8:
f3:16:b1:96:69:33:24:62:61:c0:d8:f6:8c:9c:cb:e8:35:55:
8b:79:2c:e6:76:88:0a:5a:37:c9:1a:f7:78:97:1a:d1:dc:48:
89:a2:dc:4b:22:77:f2:1b:c8:bc:6f:e7:82:1d:29:67:f9:9f:
b1:0b:b8:58:0d:57:6d:ec:6a:c7:0a:34:4c:e0:47:9c:5a:26:
f7:a2:8d:20:54:68:42:9c:d1:05:c6:21:21:5d:72:99:31:68:
79:65:f2:94:dc:f6:31:02:c1:3c:9a:58:a6:16:52:b4:8f:17:
76:ef:c6:0f:22:c9:29:b3:45:80:82:f5:52:41:c2:87:16:60:
e0:f1:98:88:0a:6d:46:0b:76:85:e7:60:59:18:27:d6:18:39:
b8:8c:37:8a:54:78:b1:e2:37:e3:89:06:d4:86:c6:a9:70:bf:
26:c8:0f:6c:d2:9d:79:e0:9e:e9:b7:1a:68:34:3f:c7:08:99:
70:16:59:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLjUaY7LEQD/Jp3M47utTmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MjFiN2YxZWVlOTBkOTllMjk0MjE4YTkzODc1M2MxZWEy
ZGMyNjcwHhcNMjUwNjA3MTgwMDM5WhcNMjUwNjA4MTgwMDM5WjAzMTEwLwYDVQQD
Eyg1YTdjOTk4NDdjNTBmZjE4NDgwZjA2OWJiMGRiMGY1NjU3ODRhYWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnY15drSx++0gDYXgLHhHhkHH7YQa
1cYi+Dodm+bFIktbmz+GpUxRQKgi4nP5lKdcRtXgCZOceWgVW/C97PBTnZJ1R+79
J4bGmQXaLP1uiuLn9vrpuds49aJ1c7H7cTWB2jD5xMSokkVwZjTDR8sQ065dCG/J
vf5Q5jpfNZozm7g9HgTI9kVITZbPEZ84sgbozyVYZqo+3KtHTPtd9sDI2F6+Tty4
dJ5Cdz1GeCq/RVVZW3i7voP8Cg8KK3SScIFhg6rFKLdVPinxaTCKpCVOJPvHwW50
5+QN1ZEzLgVXgrxhc5h+f3v58mzljAz3FtQsHTuC0ZVJ8cYi1+/hTK5bMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFp8mYR8UP8YSA8Gm7DbD1ZXhKrmMB8GA1UdIwQY
MBaAFDkht/Hu6Q2Z4pQhipOHU8HqLcJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgt
MjQ0MWUxMGY2ZjhmLzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgtMjQ0MWUxMGY2Zjhm
LzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANUoXT7Ze
CKZJhxkAR9NpGopPyJwmwFcyOVMHc3e/hCju3+0yrsy59j8qi45u3gMD73fxWasc
Pldq3NhsQrqkKefVpwI+Pfno8xaxlmkzJGJhwNj2jJzL6DVVi3ks5naIClo3yRr3
eJca0dxIiaLcSyJ38hvIvG/ngh0pZ/mfsQu4WA1Xbexqxwo0TOBHnFom96KNIFRo
QpzRBcYhIV1ymTFoeWXylNz2MQLBPJpYphZStI8Xdu/GDyLJKbNFgIL1UkHChxZg
4PGYiAptRgt2hedgWRgn1hg5uIw3ilR4seI344kG1IbGqXC/JsgPbNKdeeCe6bca
aDQ/xwiZcBZZwQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:55:40 2025 by rpki-client