Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft
File: OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft (raw, json)
Hash identifier: DlT+AYgeDFyLy5bJ+ukomlDR/mntdLYoDibElbBYEFQ=
Subject key identifier: F2:42:98:B5:7F:25:B3:EB:63:B5:D2:E4:A0:3C:D5:8E:7D:24:60:95
Authority key identifier: 38:66:F7:38:50:05:D5:BE:61:01:72:73:88:E1:B3:27:1F:64:4D:E4
Certificate issuer: /CN=3866f7385005d5be6101727388e1b3271f644de4
Certificate serial: 0197B63274015A27082156D5EB539E5FFBF4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OGb3OFAF1b5hAXJziOGzJx9kTeQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft
Manifest number: BA
Signing time: Sat 28 Jun 2025 11:00:49 +0000
Manifest this update: Sat 28 Jun 2025 11:00:49 +0000
Manifest next update: Sun 29 Jun 2025 11:00:49 +0000
Files and hashes: 1: OGb3OFAF1b5hAXJziOGzJx9kTeQ.crl (hash: 73dYoQu1eQ//JXZH950js7HVA3swftxuzf/bkLnYLMU=)
2: cvTvlJFXIrx4LNBKFN32BnQowu0.roa (hash: 2SQfqAvlePWceYDa/Gr4IqsSS7uQeMq3g8yyqM6DnK8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/OGb3OFAF1b5hAXJziOGzJx9kTeQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:32:74:01:5a:27:08:21:56:d5:eb:53:9e:5f:fb:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3866f7385005d5be6101727388e1b3271f644de4
Validity
Not Before: Jun 28 11:00:49 2025 GMT
Not After : Jun 29 11:00:49 2025 GMT
Subject: CN=f24298b57f25b3eb63b5d2e4a03cd58e7d246095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ee:da:4b:17:7e:b2:9f:64:f4:0a:f2:3a:83:
f1:7c:dc:83:3b:a2:87:fd:08:24:1e:3e:7a:67:c7:
43:6b:72:de:25:f6:86:74:a0:a0:88:71:8e:36:c7:
e1:7e:b0:c5:b2:02:e6:68:23:97:20:cd:a4:f5:b5:
03:26:1b:35:b0:01:90:36:30:b8:f1:43:f5:53:32:
e9:cd:6f:2c:7f:dd:03:7e:23:d0:ea:d5:ca:21:c5:
75:81:b9:c4:08:8c:1a:27:af:fa:d9:b3:85:36:07:
8c:09:95:22:7c:07:f6:d7:b9:08:c7:40:c2:2f:38:
8c:dc:73:6f:a5:a2:6d:b4:bb:47:28:54:c6:c0:b2:
48:f1:d7:92:c2:55:dd:9d:e8:67:12:48:e6:51:38:
33:07:46:8d:5f:c2:1e:7b:54:f2:f0:f9:36:b5:18:
fe:15:44:6a:2e:77:d3:3f:49:8c:35:b0:5a:17:2e:
0f:31:e7:b2:8c:65:98:73:67:aa:da:92:b5:5b:c0:
69:20:6c:51:f6:17:a2:ed:6c:99:54:88:1a:b7:1a:
14:93:61:2d:e6:9f:73:e2:c5:4c:cf:b7:36:5a:0d:
88:c5:9a:50:ff:83:84:29:c3:b9:93:c3:88:b8:1a:
06:52:28:cf:cd:1a:47:26:06:b7:ed:64:e0:d0:40:
49:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:42:98:B5:7F:25:B3:EB:63:B5:D2:E4:A0:3C:D5:8E:7D:24:60:95
X509v3 Authority Key Identifier:
keyid:38:66:F7:38:50:05:D5:BE:61:01:72:73:88:E1:B3:27:1F:64:4D:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGb3OFAF1b5hAXJziOGzJx9kTeQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:c4:7a:1f:eb:3e:01:80:13:14:cb:3c:c0:31:a6:3d:d0:bd:
35:04:df:d9:f3:2a:e8:cc:8d:21:9c:0f:5f:83:6c:2f:aa:ca:
98:d6:9e:c4:66:ec:f3:f3:6a:3d:3d:98:4d:70:19:62:23:6d:
2a:a9:da:07:32:70:cc:f2:08:0c:3d:02:ea:3d:bc:6e:a1:f0:
cb:3a:81:f2:5f:1a:f8:da:bf:60:0e:d0:00:86:87:db:08:a3:
c2:3b:ad:3b:e7:2a:89:80:ea:df:01:13:96:4f:29:c6:56:a0:
ba:4a:13:1b:22:e0:b9:54:aa:46:33:78:e6:73:87:d6:c4:2e:
34:d4:32:96:26:22:1e:ef:fe:d3:df:d7:75:b8:93:7e:e9:a1:
ad:3b:4c:57:75:ab:f7:b2:ad:92:1a:8a:f3:53:09:d5:46:06:
0f:40:90:e7:b0:05:eb:fa:a8:d3:80:76:01:23:f6:02:b9:c4:
c4:78:58:c1:01:95:58:f4:31:40:16:42:62:9f:32:41:79:3f:
0b:95:2c:e2:2f:7c:60:13:4e:2d:6f:54:72:37:79:7d:c0:fa:
2c:09:24:2b:ce:ec:5a:d3:58:9b:08:31:8e:4e:bc:90:c2:74:
82:ec:e1:83:11:e7:48:36:e2:19:1c:51:eb:0e:2c:19:8d:77:
4d:4e:69:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2MnQBWicIIVbV61OeX/v0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NjZmNzM4NTAwNWQ1YmU2MTAxNzI3Mzg4ZTFiMzI3MWY2
NDRkZTQwHhcNMjUwNjI4MTEwMDQ5WhcNMjUwNjI5MTEwMDQ5WjAzMTEwLwYDVQQD
EyhmMjQyOThiNTdmMjViM2ViNjNiNWQyZTRhMDNjZDU4ZTdkMjQ2MDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+7aSxd+sp9k9AryOoPxfNyDO6KH
/QgkHj56Z8dDa3LeJfaGdKCgiHGONsfhfrDFsgLmaCOXIM2k9bUDJhs1sAGQNjC4
8UP1UzLpzW8sf90DfiPQ6tXKIcV1gbnECIwaJ6/62bOFNgeMCZUifAf217kIx0DC
LziM3HNvpaJttLtHKFTGwLJI8deSwlXdnehnEkjmUTgzB0aNX8Iee1Ty8Pk2tRj+
FURqLnfTP0mMNbBaFy4PMeeyjGWYc2eq2pK1W8BpIGxR9hei7WyZVIgatxoUk2Et
5p9z4sVMz7c2Wg2IxZpQ/4OEKcO5k8OIuBoGUijPzRpHJga37WTg0EBJOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPJCmLV/JbPrY7XS5KA81Y59JGCVMB8GA1UdIwQY
MBaAFDhm9zhQBdW+YQFyc4jhsycfZE3kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0diM09GQUYxYjVoQVhKemlPR3pKeDlrVGVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iMDYxOTctNjhkMi00MjllLWFjZTUt
ZTAxNWJmM2YzM2Q3LzEvT0diM09GQUYxYjVoQVhKemlPR3pKeDlrVGVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iMDYxOTctNjhkMi00MjllLWFjZTUtZTAxNWJmM2YzM2Q3
LzEvT0diM09GQUYxYjVoQVhKemlPR3pKeDlrVGVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANcR6H+s+
AYATFMs8wDGmPdC9NQTf2fMq6MyNIZwPX4NsL6rKmNaexGbs8/NqPT2YTXAZYiNt
KqnaBzJwzPIIDD0C6j28bqHwyzqB8l8a+Nq/YA7QAIaH2wijwjutO+cqiYDq3wET
lk8pxlagukoTGyLguVSqRjN45nOH1sQuNNQyliYiHu/+09/XdbiTfumhrTtMV3Wr
97KtkhqK81MJ1UYGD0CQ57AF6/qo04B2ASP2ArnExHhYwQGVWPQxQBZCYp8yQXk/
C5Us4i98YBNOLW9Ucjd5fcD6LAkkK87sWtNYmwgxjk68kMJ0guzhgxHnSDbiGRxR
6w4sGY13TU5p8Q==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:14:32 2025 by rpki-client