Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
File: OSG38e7pDZnilCGKk4dTweotwmc.mft (raw, json)
Hash identifier: 2N7lXUO/bApnXC34xbF+oEQQ7zMbI/D1qawos34jtYw=
Subject key identifier: F7:F0:4A:42:8E:78:7E:E7:CF:81:E3:32:33:1A:53:E2:51:74:C3:22
Authority key identifier: 39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
Certificate issuer: /CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Certificate serial: 0197B5C48D5DE8F5D4F1D6A5823F81AD6673
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
Manifest number: 1543
Signing time: Sat 28 Jun 2025 09:00:46 +0000
Manifest this update: Sat 28 Jun 2025 09:00:46 +0000
Manifest next update: Sun 29 Jun 2025 09:00:46 +0000
Files and hashes: 1: OSG38e7pDZnilCGKk4dTweotwmc.crl (hash: Eh4klCJJloEhrWhv7anjRkUbKZrlS44yUoYf9JsoG0g=)
2: oHES2kIQSwcnceUnSAnzOBK0UoA.roa (hash: R0HeMmAONLyIzPgR+arZikegwIRj9xGz1jODUH2wdeA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 09:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b5:c4:8d:5d:e8:f5:d4:f1:d6:a5:82:3f:81:ad:66:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Validity
Not Before: Jun 28 09:00:46 2025 GMT
Not After : Jun 29 09:00:46 2025 GMT
Subject: CN=f7f04a428e787ee7cf81e332331a53e25174c322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:99:34:13:90:fd:cb:e7:26:37:fa:f0:ba:1c:
4c:15:ac:94:e6:54:62:f1:b4:e8:7e:ad:80:07:0b:
fb:3d:2f:3f:4f:e7:46:c7:ec:40:8b:ab:fb:08:ac:
af:52:21:97:e9:9a:3b:41:38:fa:dc:7b:6c:8b:2e:
91:5a:56:a1:1b:43:dc:03:5f:7d:61:54:13:01:f0:
62:12:21:45:1b:48:b6:f7:66:5f:1e:ed:81:8c:3e:
81:24:77:0b:6f:06:59:b9:d3:ed:a7:3d:93:5e:dd:
77:a0:74:d6:1e:29:76:c4:63:c4:15:15:11:f9:74:
24:40:fc:9c:07:38:94:cf:25:71:42:35:a5:d0:09:
a2:7e:33:1f:e8:36:84:26:50:b7:61:92:52:7b:27:
84:e0:98:40:87:95:17:e0:9b:09:2d:50:27:4e:30:
88:a7:aa:1e:c4:f7:5a:59:fa:f2:72:76:dc:a2:93:
16:ed:5c:e6:83:05:2b:3a:66:f2:a9:1b:34:b0:72:
d4:cf:3d:b9:87:cd:33:34:b8:54:7f:1d:1e:37:5a:
e3:91:1a:13:8f:ec:ed:bf:64:eb:54:26:c3:24:00:
a2:5f:bc:0c:dc:dc:e7:7d:aa:af:78:06:c9:de:81:
13:f8:d9:68:9f:bb:3a:5d:82:e9:92:22:2d:26:f6:
42:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:F0:4A:42:8E:78:7E:E7:CF:81:E3:32:33:1A:53:E2:51:74:C3:22
X509v3 Authority Key Identifier:
keyid:39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:3d:16:ca:3b:cd:59:5a:47:70:32:f6:69:4a:37:52:ce:db:
fc:cc:b6:0d:c5:98:ac:68:76:24:55:03:ee:41:6d:9b:eb:44:
1c:7c:66:0e:3d:b8:a7:5d:c8:c0:ba:ea:b5:0b:17:42:75:dc:
8a:67:f4:a0:8c:6b:31:1a:97:c9:14:01:4c:a2:a6:fa:32:5a:
9b:47:48:91:e3:5c:f6:58:72:e9:88:83:b0:96:f5:e2:a7:d8:
19:ec:0f:19:57:75:0c:c9:39:03:1e:2c:c0:c9:ad:57:63:3f:
0d:aa:99:46:b2:73:05:63:e1:3d:b4:cb:4b:12:b4:9d:15:69:
3c:59:4d:3f:9d:ba:8d:33:aa:ef:47:8d:9d:bb:c3:68:54:12:
cd:13:ec:e2:ba:d5:2c:b5:32:1d:74:43:59:78:cc:58:a7:29:
96:d8:d8:5f:8b:4d:52:e8:05:94:65:8a:bd:52:83:f7:52:b7:
36:fc:de:2c:3b:91:12:66:b9:a4:aa:a6:d3:d8:7e:32:70:4f:
e9:31:2c:b4:cf:de:45:79:22:e8:5a:64:04:12:f3:88:12:58:
b4:77:1e:b3:be:8f:10:65:d9:84:1f:7a:4f:b0:e1:02:1a:3b:
82:9a:43:ab:b7:02:9a:8e:5b:8c:00:9e:a8:a1:16:e6:17:20:
84:4f:ae:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1xI1d6PXU8dalgj+BrWZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MjFiN2YxZWVlOTBkOTllMjk0MjE4YTkzODc1M2MxZWEy
ZGMyNjcwHhcNMjUwNjI4MDkwMDQ2WhcNMjUwNjI5MDkwMDQ2WjAzMTEwLwYDVQQD
EyhmN2YwNGE0MjhlNzg3ZWU3Y2Y4MWUzMzIzMzFhNTNlMjUxNzRjMzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZk0E5D9y+cmN/rwuhxMFayU5lRi
8bTofq2ABwv7PS8/T+dGx+xAi6v7CKyvUiGX6Zo7QTj63Htsiy6RWlahG0PcA199
YVQTAfBiEiFFG0i292ZfHu2BjD6BJHcLbwZZudPtpz2TXt13oHTWHil2xGPEFRUR
+XQkQPycBziUzyVxQjWl0AmifjMf6DaEJlC3YZJSeyeE4JhAh5UX4JsJLVAnTjCI
p6oexPdaWfrycnbcopMW7VzmgwUrOmbyqRs0sHLUzz25h80zNLhUfx0eN1rjkRoT
j+ztv2TrVCbDJACiX7wM3NznfaqveAbJ3oET+Nlon7s6XYLpkiItJvZCoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPfwSkKOeH7nz4HjMjMaU+JRdMMiMB8GA1UdIwQY
MBaAFDkht/Hu6Q2Z4pQhipOHU8HqLcJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgt
MjQ0MWUxMGY2ZjhmLzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgtMjQ0MWUxMGY2Zjhm
LzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANz0WyjvN
WVpHcDL2aUo3Us7b/My2DcWYrGh2JFUD7kFtm+tEHHxmDj24p13IwLrqtQsXQnXc
imf0oIxrMRqXyRQBTKKm+jJam0dIkeNc9lhy6YiDsJb14qfYGewPGVd1DMk5Ax4s
wMmtV2M/DaqZRrJzBWPhPbTLSxK0nRVpPFlNP526jTOq70eNnbvDaFQSzRPs4rrV
LLUyHXRDWXjMWKcpltjYX4tNUugFlGWKvVKD91K3NvzeLDuREma5pKqm09h+MnBP
6TEstM/eRXki6FpkBBLziBJYtHces76PEGXZhB96T7DhAho7gppDq7cCmo5bjACe
qKEW5hcghE+urg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 18:54:02 2025 by rpki-client