Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
File: OSG38e7pDZnilCGKk4dTweotwmc.mft (raw, json)
Hash identifier: p44A4Q65rG5j5Q7PFT1I6AJQ2CK2q12ibVUy0TA4XAk=
Subject key identifier: 47:F4:07:DA:4E:BA:1F:A0:5A:4F:1D:2C:A3:68:93:0E:8B:F5:F8:B3
Authority key identifier: 39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
Certificate issuer: /CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Certificate serial: 0198D583A67F8A8DAFD4A049ED8000371F8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
Manifest number: 15D8
Signing time: Sat 23 Aug 2025 06:00:31 +0000
Manifest this update: Sat 23 Aug 2025 06:00:31 +0000
Manifest next update: Sun 24 Aug 2025 06:00:31 +0000
Files and hashes: 1: OSG38e7pDZnilCGKk4dTweotwmc.crl (hash: Fd2gPm0DCrwewtXLaFOW2BY8VDtf5GruQPZ9xR9wfl0=)
2: oHES2kIQSwcnceUnSAnzOBK0UoA.roa (hash: R0HeMmAONLyIzPgR+arZikegwIRj9xGz1jODUH2wdeA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:83:a6:7f:8a:8d:af:d4:a0:49:ed:80:00:37:1f:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Validity
Not Before: Aug 23 06:00:31 2025 GMT
Not After : Aug 24 06:00:31 2025 GMT
Subject: CN=47f407da4eba1fa05a4f1d2ca368930e8bf5f8b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b6:4e:de:93:fa:96:b3:16:25:fd:80:9a:9a:
82:7f:25:ac:c4:dc:14:ba:96:42:ab:fb:e9:cc:c5:
2e:86:cc:85:b0:d5:65:32:e5:f2:09:1e:ea:25:20:
af:ce:de:09:c7:7e:7f:1f:64:b4:c7:e6:f3:fe:91:
c1:df:c0:b3:de:d3:fc:0d:b1:1a:01:7a:9f:5c:a6:
d5:1c:e6:a2:32:a4:a6:cb:86:b6:f8:b1:e3:3d:49:
80:58:6f:e6:86:41:2d:de:04:38:c5:fd:d2:38:d0:
6e:86:14:16:68:69:64:64:ff:08:11:05:e9:c0:65:
88:24:49:a9:0f:de:4f:c2:6a:00:fb:e8:69:5e:aa:
ca:d4:66:4c:ac:d0:08:06:3e:a5:8a:07:c1:33:b2:
5b:37:e3:d7:72:1c:47:ac:d1:e9:9e:02:94:d2:80:
e6:50:c1:dd:ef:ce:f2:ca:c9:39:14:37:cc:29:c4:
13:7c:c3:f6:b9:91:26:b1:6f:b2:c1:c0:4d:69:61:
c7:d9:27:49:80:c2:cb:33:6b:14:c9:7e:93:34:42:
a0:fb:bb:7e:d7:3b:c1:21:28:b8:2e:d2:0c:a9:87:
15:9c:3d:29:cd:a3:f5:22:3a:a7:2b:61:cf:e4:c2:
9a:da:dd:66:4d:c8:ca:51:85:de:9b:c7:7d:5c:5c:
4e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:F4:07:DA:4E:BA:1F:A0:5A:4F:1D:2C:A3:68:93:0E:8B:F5:F8:B3
X509v3 Authority Key Identifier:
keyid:39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b4:10:4d:0d:85:4f:f4:5d:90:95:ba:5d:c0:30:86:8b:a8:26:
bd:02:6e:f3:9f:a7:ea:be:be:32:60:99:ba:4c:fe:e1:a5:9f:
32:7f:aa:eb:6f:40:24:52:25:77:dd:ca:1d:48:f6:98:e9:ec:
1e:cc:bd:ff:8a:1b:d2:a1:7a:1e:f0:c0:8d:6d:97:75:eb:b8:
e2:f8:0c:6d:a8:fe:e0:d6:15:db:70:fc:62:50:89:36:df:6b:
51:b7:01:dd:9b:1d:1a:c9:83:53:85:8c:d0:82:bd:46:f6:30:
40:13:6a:7b:54:ca:ab:be:95:21:c8:d8:03:07:2f:12:77:86:
69:b1:55:ae:81:29:83:2b:e9:67:18:e1:64:19:67:70:85:f6:
0e:78:8d:5b:60:88:9f:df:51:24:d7:86:a0:5b:45:06:c2:bc:
c8:4a:8a:66:3d:6b:24:3b:97:17:a7:7e:e5:c4:be:17:1c:b1:
1e:7d:76:a2:8e:9a:07:96:6b:f8:a6:f3:77:cb:bf:75:7d:87:
10:7e:8e:a3:e6:6d:49:f6:f9:b0:45:2e:1d:53:dc:d1:1f:0e:
17:b8:5a:bc:3c:21:c1:97:8b:ae:43:5c:78:6c:66:66:0e:d1:
96:fe:85:cd:76:41:66:9d:9a:b8:67:32:79:e8:e0:80:fd:f9:
09:0c:f5:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg6Z/io2v1KBJ7YAANx+PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MjFiN2YxZWVlOTBkOTllMjk0MjE4YTkzODc1M2MxZWEy
ZGMyNjcwHhcNMjUwODIzMDYwMDMxWhcNMjUwODI0MDYwMDMxWjAzMTEwLwYDVQQD
Eyg0N2Y0MDdkYTRlYmExZmEwNWE0ZjFkMmNhMzY4OTMwZThiZjVmOGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLZO3pP6lrMWJf2AmpqCfyWsxNwU
upZCq/vpzMUuhsyFsNVlMuXyCR7qJSCvzt4Jx35/H2S0x+bz/pHB38Cz3tP8DbEa
AXqfXKbVHOaiMqSmy4a2+LHjPUmAWG/mhkEt3gQ4xf3SONBuhhQWaGlkZP8IEQXp
wGWIJEmpD95PwmoA++hpXqrK1GZMrNAIBj6ligfBM7JbN+PXchxHrNHpngKU0oDm
UMHd787yysk5FDfMKcQTfMP2uZEmsW+ywcBNaWHH2SdJgMLLM2sUyX6TNEKg+7t+
1zvBISi4LtIMqYcVnD0pzaP1IjqnK2HP5MKa2t1mTcjKUYXem8d9XFxOIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEf0B9pOuh+gWk8dLKNokw6L9fizMB8GA1UdIwQY
MBaAFDkht/Hu6Q2Z4pQhipOHU8HqLcJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgt
MjQ0MWUxMGY2ZjhmLzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgtMjQ0MWUxMGY2Zjhm
LzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtBBNDYVP
9F2QlbpdwDCGi6gmvQJu85+n6r6+MmCZukz+4aWfMn+q629AJFIld93KHUj2mOns
Hsy9/4ob0qF6HvDAjW2Xdeu44vgMbaj+4NYV23D8YlCJNt9rUbcB3ZsdGsmDU4WM
0IK9RvYwQBNqe1TKq76VIcjYAwcvEneGabFVroEpgyvpZxjhZBlncIX2DniNW2CI
n99RJNeGoFtFBsK8yEqKZj1rJDuXF6d+5cS+FxyxHn12oo6aB5Zr+Kbzd8u/dX2H
EH6Oo+ZtSfb5sEUuHVPc0R8OF7havDwhwZeLrkNceGxmZg7Rlv6FzXZBZp2auGcy
eejggP35CQz1XQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:26:32 2025 by rpki-client