Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
File: 2O6Q00LYZepn8rDS-3TAOfg-Skg.mft (raw, json)
Hash identifier: QiN+A0NrFUmF6rQUCi8RiEBq60ejK+r4VBoswh3bEMs=
Subject key identifier: 3A:2F:CA:27:E3:D3:59:53:E8:66:B0:D6:43:57:C3:95:46:DA:CD:A0
Authority key identifier: D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
Certificate issuer: /CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Certificate serial: 0198D85160F25EBF716584763B349B30296C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
Manifest number: 036D
Signing time: Sat 23 Aug 2025 19:04:28 +0000
Manifest this update: Sat 23 Aug 2025 19:04:28 +0000
Manifest next update: Sun 24 Aug 2025 19:04:28 +0000
Files and hashes: 1: 1vvIkvJGRy621vVPsoLS7KLp9WQ.roa (hash: AaLmkGEE5WFi/MsCmNoVGVjYg2GotUKYwJ8yvjW+a60=)
2: 2O6Q00LYZepn8rDS-3TAOfg-Skg.crl (hash: +P10UTHib/SfPeQ0gqGUaN8luMFM/t7stqdPP4Ly/hc=)
3: KLjjQzFk9GYkvqPEoe40SA-mXbg.roa (hash: 2jEymy+mMO9pWyCpodUhIwEZFiuwLfDEfoelvtg+xqA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 17:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d8:51:60:f2:5e:bf:71:65:84:76:3b:34:9b:30:29:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Validity
Not Before: Aug 23 19:04:28 2025 GMT
Not After : Aug 24 19:04:28 2025 GMT
Subject: CN=3a2fca27e3d35953e866b0d64357c39546dacda0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:21:0c:ce:33:38:ce:de:e0:a3:55:cb:d3:f8:
84:a8:09:a5:40:b3:13:7d:72:86:49:7c:ec:0d:de:
63:a7:01:c8:06:80:da:83:73:c1:d0:83:1d:b4:5a:
3e:33:73:37:70:a9:d7:18:fa:6f:e4:c1:e5:d3:92:
94:9b:4f:56:b9:be:01:34:ec:11:b5:76:bf:15:10:
dd:45:a9:b0:90:5c:a0:55:42:16:39:8e:6e:ac:dc:
4f:fd:c9:18:81:d8:d8:74:e1:11:1d:14:80:7c:b1:
8b:e2:7f:6f:b7:69:ed:bc:bf:a1:04:eb:33:8a:d0:
5a:77:6d:1b:ae:9a:39:e0:5f:06:98:b3:8c:87:54:
8b:35:8b:48:d3:64:59:b2:3e:ab:37:51:e9:6e:1e:
4f:95:d6:ad:65:26:4a:8d:c1:1d:8e:96:51:ac:35:
fc:42:03:32:01:82:99:c3:eb:9a:55:c8:11:74:56:
35:f3:b3:50:46:b3:75:78:ef:70:53:a1:b0:5e:23:
de:0c:9e:b1:d9:76:47:9d:ee:23:58:a3:08:3d:12:
19:f8:3c:97:3d:26:73:e2:d2:23:ab:2b:50:63:b5:
c0:6e:ae:20:99:1b:d5:6b:17:82:69:d3:79:d2:18:
46:87:38:c2:f0:f2:04:9b:a0:35:1e:c8:8e:32:d2:
3d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2F:CA:27:E3:D3:59:53:E8:66:B0:D6:43:57:C3:95:46:DA:CD:A0
X509v3 Authority Key Identifier:
keyid:D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:69:4b:fc:f8:49:d9:52:c3:5a:57:3e:34:6f:d0:4b:34:f2:
a2:20:3c:74:9c:cd:b5:66:99:00:9a:f2:8f:fe:51:52:ee:15:
01:1b:25:61:f6:6a:11:b8:ae:d8:99:0a:9a:2c:f7:68:dc:13:
e4:81:34:52:d6:54:3d:5e:5a:a1:45:98:12:7d:f0:70:3f:0f:
19:98:94:0b:af:15:ff:fd:b1:af:46:58:4d:1e:c3:45:8f:3b:
80:52:9c:e3:f1:33:59:e0:c3:04:02:bc:b2:91:62:eb:1c:65:
7b:c7:ec:20:97:46:f1:f1:5d:50:01:f5:e6:97:9a:13:71:ce:
87:0c:3b:ee:3d:2d:07:fb:ca:d6:19:d6:79:eb:75:23:90:40:
e5:94:ff:02:55:9b:17:ce:37:cd:2b:3e:35:e2:4b:8d:16:67:
a8:60:e6:38:39:61:d5:da:da:89:2b:18:e7:a9:ec:68:2b:bf:
9a:c2:4b:02:ca:c5:b4:61:e8:2f:b5:48:36:1a:18:10:ce:c4:
98:f1:57:17:71:0e:78:bc:5b:94:3b:69:c4:a2:6d:cd:70:f6:
fb:b9:f8:2b:30:ba:2e:30:53:02:60:90:10:e3:90:3a:07:07:
f4:8a:3f:41:e8:6e:af:bc:8c:9d:83:25:11:d4:ef:36:02:3c:
77:28:c0:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYUWDyXr9xZYR2OzSbMClsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWU5MGQzNDJkODY1ZWE2N2YyYjBkMmZiNzRjMDM5Zjgz
ZTRhNDgwHhcNMjUwODIzMTkwNDI4WhcNMjUwODI0MTkwNDI4WjAzMTEwLwYDVQQD
EygzYTJmY2EyN2UzZDM1OTUzZTg2NmIwZDY0MzU3YzM5NTQ2ZGFjZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiEMzjM4zt7go1XL0/iEqAmlQLMT
fXKGSXzsDd5jpwHIBoDag3PB0IMdtFo+M3M3cKnXGPpv5MHl05KUm09Wub4BNOwR
tXa/FRDdRamwkFygVUIWOY5urNxP/ckYgdjYdOERHRSAfLGL4n9vt2ntvL+hBOsz
itBad20brpo54F8GmLOMh1SLNYtI02RZsj6rN1Hpbh5PldatZSZKjcEdjpZRrDX8
QgMyAYKZw+uaVcgRdFY187NQRrN1eO9wU6GwXiPeDJ6x2XZHne4jWKMIPRIZ+DyX
PSZz4tIjqytQY7XAbq4gmRvVaxeCadN50hhGhzjC8PIEm6A1HsiOMtI9lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDovyifj01lT6Gaw1kNXw5VG2s2gMB8GA1UdIwQY
MBaAFNjukNNC2GXqZ/Kw0vt0wDn4PkpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2Zjkt
NTEwNTI1YzQ3NDRjLzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2ZjktNTEwNTI1YzQ3NDRj
LzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFGlL/PhJ
2VLDWlc+NG/QSzTyoiA8dJzNtWaZAJryj/5RUu4VARslYfZqEbiu2JkKmiz3aNwT
5IE0UtZUPV5aoUWYEn3wcD8PGZiUC68V//2xr0ZYTR7DRY87gFKc4/EzWeDDBAK8
spFi6xxle8fsIJdG8fFdUAH15peaE3HOhww77j0tB/vK1hnWeet1I5BA5ZT/AlWb
F843zSs+NeJLjRZnqGDmODlh1draiSsY56nsaCu/msJLAsrFtGHoL7VINhoYEM7E
mPFXF3EOeLxblDtpxKJtzXD2+7n4KzC6LjBTAmCQEOOQOgcH9Io/Qehur7yMnYMl
EdTvNgI8dyjArw==
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:07:18 2025 by rpki-client