Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
File: 3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft (raw, json)
Hash identifier: VcSXXypRcjpOuPne6mK9IfRVhVDQWwa541ostU3WURQ=
Subject key identifier: 3C:E4:A5:69:BA:88:25:BD:4F:E9:82:8E:3D:0B:1C:59:3A:83:F1:9D
Authority key identifier: DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6
Certificate issuer: /CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
Certificate serial: 01976A3D05F55962E1E4B9C9C582771EBF99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
Manifest number: 0E8F
Signing time: Fri 13 Jun 2025 17:01:13 +0000
Manifest this update: Fri 13 Jun 2025 17:01:13 +0000
Manifest next update: Sat 14 Jun 2025 17:01:13 +0000
Files and hashes: 1: 3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl (hash: 2DlGIoe5192NPA3apOjRS0up1YLzvFWiTpQPEVmEUqI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6a:3d:05:f5:59:62:e1:e4:b9:c9:c5:82:77:1e:bf:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
Validity
Not Before: Jun 13 17:01:13 2025 GMT
Not After : Jun 14 17:01:13 2025 GMT
Subject: CN=3ce4a569ba8825bd4fe9828e3d0b1c593a83f19d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ae:8a:8b:4e:ab:34:55:7f:90:85:b9:72:ee:
22:cf:08:91:f3:d0:2d:fb:d6:cb:92:ed:09:4e:4d:
c6:fe:f7:c1:18:41:c5:45:63:f0:bc:38:ca:5b:13:
95:98:4f:b4:a4:1a:eb:6d:df:33:cf:db:bd:7d:75:
11:80:72:6d:7d:71:c4:0a:48:aa:9e:32:20:80:07:
da:2e:00:cd:30:eb:0e:b5:a2:08:d3:48:d8:40:76:
d3:4c:9f:f6:79:de:af:b0:72:e4:b6:d8:73:99:fe:
20:0b:01:81:6c:e0:f0:33:fd:75:ab:11:30:00:1e:
91:b9:72:31:dd:95:e6:fe:16:0b:6b:0e:13:3c:1e:
cf:63:b0:5d:a4:0e:59:aa:4e:48:16:11:c7:9e:23:
0b:27:28:dc:2b:df:3c:d6:30:7d:bd:31:14:52:dc:
25:8b:db:01:58:d8:d6:a7:6f:2c:5c:5a:76:13:70:
65:5a:0a:c9:dd:50:dd:0b:b9:39:34:2d:ff:bc:13:
63:20:bb:af:3a:63:c2:96:11:55:77:f1:44:2e:71:
1d:df:20:bf:43:da:6c:28:35:69:17:ee:ed:51:08:
f1:32:47:89:b1:d5:e4:d9:fd:c7:76:46:fb:4b:e1:
b8:e3:e8:01:a8:ab:c1:a9:58:f8:0c:be:eb:f3:8b:
0e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E4:A5:69:BA:88:25:BD:4F:E9:82:8E:3D:0B:1C:59:3A:83:F1:9D
X509v3 Authority Key Identifier:
keyid:DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b8:58:58:eb:80:26:35:33:f3:4b:34:00:9f:4d:c9:80:b9:71:
c6:22:4d:80:96:d1:21:67:f9:6c:0c:7d:3f:87:35:8b:90:4e:
bb:62:97:28:1b:d7:80:02:ba:1c:ac:07:e1:3c:86:8a:ec:f9:
64:a1:2b:79:12:0e:40:31:ea:a6:b2:83:99:9f:20:e7:d9:1f:
19:e8:a7:6b:00:ac:e0:24:0a:3e:e4:dd:c3:df:f9:88:89:6a:
8c:b9:ee:29:91:54:f2:0c:69:3b:64:8c:bf:c3:84:d4:8a:0a:
f7:55:28:40:b3:f6:e5:f6:64:3a:a6:ee:46:72:10:0e:cd:76:
bd:e1:53:e6:c9:b6:80:ef:62:15:78:7f:0f:f2:f6:75:f0:77:
b9:f7:05:dd:9c:c3:77:16:b4:90:4d:ad:7f:0d:55:82:df:7d:
bd:0a:28:b0:64:df:f6:28:d4:8f:80:cf:26:e6:4e:ff:1d:fc:
d2:a4:db:17:3b:99:a8:27:30:ce:ca:dd:2d:50:71:30:ab:1f:
fa:15:95:1d:92:96:3c:ee:87:b0:4a:14:04:a0:58:15:3b:f9:
e4:28:30:ee:1f:f8:47:b6:06:82:61:b8:74:5b:1d:6f:40:bc:
e1:fb:6c:24:97:4d:94:02:eb:b8:0a:53:63:02:3d:8a:33:be:
e9:ea:ef:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqPQX1WWLh5LnJxYJ3Hr+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzNiZTM4N2FmNTUyOTcwY2Y2MmY2OTUxN2UzZjNjOWMx
MmQyZjYwHhcNMjUwNjEzMTcwMTEzWhcNMjUwNjE0MTcwMTEzWjAzMTEwLwYDVQQD
EygzY2U0YTU2OWJhODgyNWJkNGZlOTgyOGUzZDBiMWM1OTNhODNmMTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyK6Ki06rNFV/kIW5cu4izwiR89At
+9bLku0JTk3G/vfBGEHFRWPwvDjKWxOVmE+0pBrrbd8zz9u9fXURgHJtfXHECkiq
njIggAfaLgDNMOsOtaII00jYQHbTTJ/2ed6vsHLktthzmf4gCwGBbODwM/11qxEw
AB6RuXIx3ZXm/hYLaw4TPB7PY7BdpA5Zqk5IFhHHniMLJyjcK9881jB9vTEUUtwl
i9sBWNjWp28sXFp2E3BlWgrJ3VDdC7k5NC3/vBNjILuvOmPClhFVd/FELnEd3yC/
Q9psKDVpF+7tUQjxMkeJsdXk2f3Hdkb7S+G44+gBqKvBqVj4DL7r84sO9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzkpWm6iCW9T+mCjj0LHFk6g/GdMB8GA1UdIwQY
MBaAFNxzvjh69VKXDPYvaVF+PzycEtL2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUt
YzcxZjE3YWZjNzQ5LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUtYzcxZjE3YWZjNzQ5
LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuFhY64Am
NTPzSzQAn03JgLlxxiJNgJbRIWf5bAx9P4c1i5BOu2KXKBvXgAK6HKwH4TyGiuz5
ZKEreRIOQDHqprKDmZ8g59kfGeinawCs4CQKPuTdw9/5iIlqjLnuKZFU8gxpO2SM
v8OE1IoK91UoQLP25fZkOqbuRnIQDs12veFT5sm2gO9iFXh/D/L2dfB3ufcF3ZzD
dxa0kE2tfw1Vgt99vQoosGTf9ijUj4DPJuZO/x380qTbFzuZqCcwzsrdLVBxMKsf
+hWVHZKWPO6HsEoUBKBYFTv55Cgw7h/4R7YGgmG4dFsdb0C84ftsJJdNlALruApT
YwI9ijO+6ervFQ==
-----END CERTIFICATE-----
Generated at Fri Jun 13 20:55:37 2025 by rpki-client