Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
File: a0P3ovQ2ixel4DXOS9km-KFC1os.mft (raw, json)
Hash identifier: XU2KpbuEJDqm6KBVaOC3q3pfRUV0UsoANdxsOLNRhUs=
Subject key identifier: 8C:36:D4:50:B1:7D:B6:EC:70:B0:3E:32:7B:2B:85:17:38:E9:27:48
Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Certificate serial: 0197B632C8BD06D82D206FA4547D79AEAB88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
Manifest number: 15B3
Signing time: Sat 28 Jun 2025 11:01:10 +0000
Manifest this update: Sat 28 Jun 2025 11:01:10 +0000
Manifest next update: Sun 29 Jun 2025 11:01:10 +0000
Files and hashes: 1: MRvoKs_tNg3-xTMgCbueoBg-yMU.roa (hash: lEsMSNpmyZrLO0pVpESTwzarMUanf5zfZ6XbX+ha5s8=)
2: a0P3ovQ2ixel4DXOS9km-KFC1os.crl (hash: PAI0/4ac58by6TzL33MwKB0oFnZIr8thwHPJuJ+J8Jg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:32:c8:bd:06:d8:2d:20:6f:a4:54:7d:79:ae:ab:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Validity
Not Before: Jun 28 11:01:10 2025 GMT
Not After : Jun 29 11:01:10 2025 GMT
Subject: CN=8c36d450b17db6ec70b03e327b2b851738e92748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7b:76:53:31:db:83:74:e4:5f:ca:6d:80:ed:
58:cf:75:33:51:d5:ec:ce:6c:5f:7a:0f:52:46:ef:
a8:b1:95:8a:19:7e:da:c0:4d:42:c0:86:b2:90:83:
42:cd:29:de:a0:de:02:b8:d1:dd:1e:40:7d:2e:36:
24:65:79:c7:07:15:66:db:14:a6:f2:22:3d:d5:0c:
9f:f3:df:e3:0e:c8:23:7b:b8:1a:1d:6e:55:f2:25:
49:16:aa:da:c4:db:1a:72:d8:6f:f7:ef:54:1e:7c:
27:0f:27:f0:10:25:24:80:d0:85:4a:aa:31:0e:6c:
2f:7b:95:a2:27:ea:13:12:3d:d1:84:be:a5:bf:bc:
ac:7d:56:87:fe:26:ae:eb:06:9e:10:29:f6:b1:d0:
5c:10:b9:ef:f5:3e:d5:04:9b:2f:24:98:1e:20:e0:
19:8f:ff:3f:44:ed:db:08:a5:00:de:6e:15:35:54:
22:6c:d7:1d:43:d3:16:da:ef:4f:63:5c:df:ab:41:
32:6f:70:25:1c:c2:30:4d:d3:2b:21:76:5b:b5:5c:
e3:3c:df:5e:df:e2:cc:3e:f5:6f:1f:00:6c:2f:03:
e0:cf:2f:20:0d:32:7b:2b:ba:e9:8c:c3:26:fd:8b:
21:9c:42:88:74:4b:c6:f8:43:f0:6f:37:d1:80:ab:
2f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:36:D4:50:B1:7D:B6:EC:70:B0:3E:32:7B:2B:85:17:38:E9:27:48
X509v3 Authority Key Identifier:
keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:81:e8:4a:27:e6:74:8a:55:fc:a1:8e:54:bc:c0:0d:f6:86:
a0:91:82:59:ce:21:89:9c:a9:b8:78:fb:c5:b2:e4:45:1d:61:
e2:0f:44:cd:ac:5f:d7:45:cd:6c:90:9d:87:96:32:ee:77:4c:
87:6f:00:22:d5:02:4a:06:0f:ef:6a:72:0f:e7:90:a8:cb:4e:
4a:14:56:1e:7a:c3:80:b6:4e:4c:2f:9f:51:e4:a2:b4:32:aa:
9c:b3:d5:e2:c5:f5:13:b7:f6:45:b2:4d:d5:6b:4b:4d:36:1e:
f9:94:a2:c7:6d:51:89:52:0c:82:63:35:57:fd:a4:bb:4e:b5:
84:79:69:ce:ff:f4:da:9c:17:f5:dc:42:79:a7:e1:38:bd:76:
5d:70:eb:a9:88:d0:80:a7:2f:a9:69:61:a3:ed:fd:ad:e9:91:
8a:cb:69:42:21:92:a3:a5:22:47:5f:8d:82:ac:04:bb:2d:df:
ea:52:3f:02:5b:1f:e8:86:7b:1b:44:d9:8e:c1:d5:e4:78:eb:
3b:7d:94:7a:76:ac:84:39:93:72:c8:30:9e:82:8e:7d:d6:57:
ec:9f:db:77:b8:c2:e5:be:0e:2a:ee:1b:b7:56:73:de:44:44:
6a:bb:29:cf:aa:50:0c:14:a1:0d:54:e5:e3:79:ba:8e:5a:02:
cc:d4:49:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2Msi9BtgtIG+kVH15rquIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0
MmQ2OGIwHhcNMjUwNjI4MTEwMTEwWhcNMjUwNjI5MTEwMTEwWjAzMTEwLwYDVQQD
Eyg4YzM2ZDQ1MGIxN2RiNmVjNzBiMDNlMzI3YjJiODUxNzM4ZTkyNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnt2UzHbg3TkX8ptgO1Yz3UzUdXs
zmxfeg9SRu+osZWKGX7awE1CwIaykINCzSneoN4CuNHdHkB9LjYkZXnHBxVm2xSm
8iI91Qyf89/jDsgje7gaHW5V8iVJFqraxNsacthv9+9UHnwnDyfwECUkgNCFSqox
Dmwve5WiJ+oTEj3RhL6lv7ysfVaH/iau6waeECn2sdBcELnv9T7VBJsvJJgeIOAZ
j/8/RO3bCKUA3m4VNVQibNcdQ9MW2u9PY1zfq0Eyb3AlHMIwTdMrIXZbtVzjPN9e
3+LMPvVvHwBsLwPgzy8gDTJ7K7rpjMMm/YshnEKIdEvG+EPwbzfRgKsvDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIw21FCxfbbscLA+MnsrhRc46SdIMB8GA1UdIwQY
MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt
MzViMDMxMzZkZDAzLzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz
LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA4HoSifm
dIpV/KGOVLzADfaGoJGCWc4hiZypuHj7xbLkRR1h4g9Ezaxf10XNbJCdh5Yy7ndM
h28AItUCSgYP72pyD+eQqMtOShRWHnrDgLZOTC+fUeSitDKqnLPV4sX1E7f2RbJN
1WtLTTYe+ZSix21RiVIMgmM1V/2ku061hHlpzv/02pwX9dxCeafhOL12XXDrqYjQ
gKcvqWlho+39remRistpQiGSo6UiR1+NgqwEuy3f6lI/Alsf6IZ7G0TZjsHV5Hjr
O32UenashDmTcsgwnoKOfdZX7J/bd7jC5b4OKu4bt1Zz3kREarspz6pQDBShDVTl
43m6jloCzNRJHg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 19:49:49 2025 by rpki-client