Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
File: OSG38e7pDZnilCGKk4dTweotwmc.mft (raw, json)
Hash identifier: og9dG7ILtX26vPFIlz9xVOaf4lNY5dWeeFBt43lKMDM=
Subject key identifier: 9F:7B:BB:55:1D:1B:C3:5C:27:00:E1:07:9A:24:34:F5:64:A9:69:AE
Authority key identifier: 39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
Certificate issuer: /CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Certificate serial: 019A00DA6B64603F2AA786C542EA947AF4A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
Manifest number: 1673
Signing time: Mon 20 Oct 2025 09:01:45 +0000
Manifest this update: Mon 20 Oct 2025 09:01:45 +0000
Manifest next update: Tue 21 Oct 2025 09:01:45 +0000
Files and hashes: 1: OSG38e7pDZnilCGKk4dTweotwmc.crl (hash: 1/gv5LJFy+X9NDWkZISLzr7vWW2hbsYI0o8m2mOTVGU=)
2: oHES2kIQSwcnceUnSAnzOBK0UoA.roa (hash: R0HeMmAONLyIzPgR+arZikegwIRj9xGz1jODUH2wdeA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:da:6b:64:60:3f:2a:a7:86:c5:42:ea:94:7a:f4:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Validity
Not Before: Oct 20 09:01:45 2025 GMT
Not After : Oct 21 09:01:45 2025 GMT
Subject: CN=9f7bbb551d1bc35c2700e1079a2434f564a969ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fa:0f:a5:c2:e3:7e:f6:ef:53:74:7d:a5:22:
5a:5c:ce:36:d3:99:02:9e:3d:f8:e8:87:07:bb:df:
1a:e7:18:d1:5b:58:d7:fa:9d:b7:6f:e1:ad:28:68:
56:e3:59:4e:52:6a:80:b9:b3:26:62:a4:1c:87:8c:
d7:80:a7:8c:b9:03:4f:39:fe:ec:22:8a:d4:7f:6a:
2e:a1:7e:03:b6:68:76:42:72:bc:bb:b6:0c:db:fc:
9e:e3:30:de:fe:c0:be:be:21:c1:7e:78:6d:19:d5:
c1:24:7e:79:eb:e7:8f:97:b9:23:ec:9e:a9:c5:6a:
58:7f:0e:22:93:06:c2:57:c1:31:13:8f:99:54:7d:
4a:f0:7c:40:a6:2e:0a:7f:c3:86:4e:75:f8:fa:13:
7a:02:18:f7:a2:59:1c:65:af:ad:2f:53:4b:09:09:
d0:e3:53:1b:bc:69:d5:36:09:f4:f2:11:27:96:94:
55:76:e4:10:eb:c5:b0:bd:e5:8f:79:6e:55:57:5e:
d0:be:d2:24:0d:8e:79:f4:46:25:ac:ae:8f:6c:92:
26:2d:83:9f:f5:27:4a:e7:94:9b:34:26:d2:0d:54:
65:f7:34:ec:cb:46:8a:68:23:e8:2f:63:10:f9:1e:
ec:9d:20:86:bb:a5:7f:11:2a:1d:cd:15:49:b1:c6:
3a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:7B:BB:55:1D:1B:C3:5C:27:00:E1:07:9A:24:34:F5:64:A9:69:AE
X509v3 Authority Key Identifier:
keyid:39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:4b:d4:cd:8f:4e:e3:b1:83:4f:83:d7:a6:ce:11:e2:3a:8a:
10:af:5c:e6:54:69:db:7b:10:45:c4:9b:48:2d:c6:99:b2:37:
77:66:12:4a:72:b6:b7:3d:bc:fd:33:b8:a2:fb:34:5f:fd:ac:
77:c6:98:d5:9c:2b:3e:8c:e7:d7:9b:40:a6:17:d1:54:f1:6d:
51:65:43:26:a0:95:f3:88:3e:85:90:cf:a8:bd:a2:cb:12:76:
a5:fb:c5:75:61:a3:2a:34:bf:d7:4b:0c:38:90:d3:67:ad:64:
01:ae:f9:96:b6:69:a1:6b:d9:86:fe:39:b1:fc:fe:62:1c:90:
34:9c:cf:d4:bc:ad:3c:2a:66:32:1a:51:2b:43:af:a0:e6:00:
cd:b5:aa:93:79:51:83:5c:b0:b6:1b:0d:26:b4:7a:0f:89:c4:
94:9c:ba:2b:19:88:d6:e3:cd:04:63:b7:49:ca:9a:ce:aa:41:
6a:e3:47:5e:24:7b:79:c0:2c:54:e3:5b:1c:ee:49:37:b9:27:
75:92:a6:e6:86:2b:47:8d:af:ab:f6:4e:f8:f7:91:3a:59:0c:
3f:51:6d:10:25:d3:99:ad:3c:af:32:17:f0:11:cc:ec:50:3c:
3d:67:79:7c:14:1d:fb:14:99:8b:92:69:59:ff:fc:a5:07:d3:
4b:70:d7:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoA2mtkYD8qp4bFQuqUevSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MjFiN2YxZWVlOTBkOTllMjk0MjE4YTkzODc1M2MxZWEy
ZGMyNjcwHhcNMjUxMDIwMDkwMTQ1WhcNMjUxMDIxMDkwMTQ1WjAzMTEwLwYDVQQD
Eyg5ZjdiYmI1NTFkMWJjMzVjMjcwMGUxMDc5YTI0MzRmNTY0YTk2OWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfoPpcLjfvbvU3R9pSJaXM4205kC
nj346IcHu98a5xjRW1jX+p23b+GtKGhW41lOUmqAubMmYqQch4zXgKeMuQNPOf7s
IorUf2ouoX4Dtmh2QnK8u7YM2/ye4zDe/sC+viHBfnhtGdXBJH556+ePl7kj7J6p
xWpYfw4ikwbCV8ExE4+ZVH1K8HxApi4Kf8OGTnX4+hN6Ahj3olkcZa+tL1NLCQnQ
41MbvGnVNgn08hEnlpRVduQQ68WwveWPeW5VV17QvtIkDY559EYlrK6PbJImLYOf
9SdK55SbNCbSDVRl9zTsy0aKaCPoL2MQ+R7snSCGu6V/ESodzRVJscY6sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ97u1UdG8NcJwDhB5okNPVkqWmuMB8GA1UdIwQY
MBaAFDkht/Hu6Q2Z4pQhipOHU8HqLcJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgt
MjQ0MWUxMGY2ZjhmLzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgtMjQ0MWUxMGY2Zjhm
LzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcUvUzY9O
47GDT4PXps4R4jqKEK9c5lRp23sQRcSbSC3GmbI3d2YSSnK2tz28/TO4ovs0X/2s
d8aY1ZwrPozn15tAphfRVPFtUWVDJqCV84g+hZDPqL2iyxJ2pfvFdWGjKjS/10sM
OJDTZ61kAa75lrZpoWvZhv45sfz+YhyQNJzP1LytPCpmMhpRK0OvoOYAzbWqk3lR
g1ywthsNJrR6D4nElJy6KxmI1uPNBGO3ScqazqpBauNHXiR7ecAsVONbHO5JN7kn
dZKm5oYrR42vq/ZO+PeROlkMP1FtECXTma08rzIX8BHM7FA8PWd5fBQd+xSZi5Jp
Wf/8pQfTS3DXQA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:46:51 2025 by rpki-client