Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
File: otCM3GpDDvDaiCmRcla2rY0KNvk.mft (raw, json)
Hash identifier: H9/0156Jn8HowL47BaFs+tWcg439PH3gMDEHD8+HWxY=
Subject key identifier: 42:89:72:93:56:1C:1C:F7:E8:37:4D:CE:D2:77:92:B7:A6:DB:80:78
Authority key identifier: A2:D0:8C:DC:6A:43:0E:F0:DA:88:29:91:72:56:B6:AD:8D:0A:36:F9
Certificate issuer: /CN=a2d08cdc6a430ef0da8829917256b6ad8d0a36f9
Certificate serial: 0197BA7D3986391575C7F491C142C358A046
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
Manifest number: 07DA
Signing time: Sun 29 Jun 2025 07:00:58 +0000
Manifest this update: Sun 29 Jun 2025 07:00:58 +0000
Manifest next update: Mon 30 Jun 2025 07:00:58 +0000
Files and hashes: 1: otCM3GpDDvDaiCmRcla2rY0KNvk.crl (hash: sfaRswnoVi+ABFox1cMFlRWpcF9xWZrO+XfH87ceN5U=)
2: uWHHQqBwsm-RgF6BGlPrCIiU5u8.roa (hash: c70DUe86Dscr+BOk1RbQf+gmFBszpSvbzYy8111R1f4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ba:7d:39:86:39:15:75:c7:f4:91:c1:42:c3:58:a0:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d08cdc6a430ef0da8829917256b6ad8d0a36f9
Validity
Not Before: Jun 29 07:00:58 2025 GMT
Not After : Jun 30 07:00:58 2025 GMT
Subject: CN=42897293561c1cf7e8374dced27792b7a6db8078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:83:51:42:d2:c9:07:91:31:b3:b6:50:f2:85:
88:b6:46:42:9d:91:f3:64:e5:91:50:63:53:8e:1e:
84:0c:d3:5e:0a:e7:70:99:96:83:bf:08:88:d4:c3:
d9:af:3a:96:3a:6f:49:fe:86:77:19:84:8c:ea:c7:
bc:7f:66:c6:63:73:6b:32:ff:3f:e2:a4:a0:0e:f3:
d3:02:05:9b:e6:82:44:ef:c0:1c:8f:3a:88:a3:b1:
62:ef:45:4a:58:6e:f9:af:4e:dd:ac:d5:d3:89:fa:
d2:16:6f:1d:48:0c:65:b1:23:aa:47:67:8d:0b:ed:
74:17:bf:05:88:5b:a6:0c:41:7b:1f:b6:88:cc:ae:
b2:4d:04:c8:f1:cf:61:c9:d1:a2:7a:2f:f7:13:1c:
01:92:d1:02:02:7a:01:e8:4a:42:11:30:b1:3a:1e:
da:4b:e3:c1:20:4e:1f:34:39:5f:79:6c:e3:d2:b7:
46:91:fb:4a:50:aa:f7:3e:43:97:e3:49:f0:44:ca:
a0:b4:51:2d:95:f2:52:7c:92:a5:50:4b:8a:da:3e:
a1:ca:4a:ca:42:a7:00:c7:40:b7:89:01:2e:5e:b9:
c6:45:97:ad:e2:6a:68:47:e1:d7:e3:87:79:6d:65:
b7:11:b1:42:55:15:a3:46:0d:06:35:4b:a2:bf:f4:
81:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:89:72:93:56:1C:1C:F7:E8:37:4D:CE:D2:77:92:B7:A6:DB:80:78
X509v3 Authority Key Identifier:
keyid:A2:D0:8C:DC:6A:43:0E:F0:DA:88:29:91:72:56:B6:AD:8D:0A:36:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:52:da:0d:99:1c:ce:d6:62:c2:0d:3e:4c:c7:1e:ee:90:29:
cc:01:35:05:67:7d:dc:11:f9:45:0c:c0:3a:49:7c:43:9c:c8:
70:9c:7c:5c:89:e3:79:93:1d:95:3b:fc:04:7e:46:38:f6:26:
84:dc:e8:49:71:1d:97:27:9d:e2:48:f5:40:ef:a0:47:5f:70:
e4:d5:ea:0d:2a:a9:73:bc:ca:fe:0b:ed:2c:f6:0f:52:f7:80:
6a:84:16:fb:3a:b7:43:99:4f:8a:95:73:2e:d5:22:be:d8:ec:
06:09:64:39:7a:e4:c2:59:02:bf:24:37:01:ba:dc:e1:47:44:
b5:b1:59:e7:73:06:da:3c:03:b4:c5:4e:01:5b:f6:f7:58:5b:
d7:8c:dc:29:08:11:26:14:65:43:0f:07:82:87:14:e5:17:6b:
17:c8:42:e6:89:61:33:c5:53:d7:9d:fb:e1:05:59:1d:02:3e:
7b:b2:b1:a0:27:5d:9a:42:18:c5:c5:cf:0b:5f:3d:ba:da:7d:
71:7b:90:05:1a:98:0f:cb:b6:3d:86:0b:a9:26:7f:17:b9:76:
ec:7e:a5:c3:b6:9d:33:79:a5:3d:95:b9:2d:78:52:34:0c:b7:
33:af:ba:7a:ff:98:06:16:62:87:f3:2c:b0:73:f0:cd:d3:2e:
82:5d:4b:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6fTmGORV1x/SRwULDWKBGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDA4Y2RjNmE0MzBlZjBkYTg4Mjk5MTcyNTZiNmFkOGQw
YTM2ZjkwHhcNMjUwNjI5MDcwMDU4WhcNMjUwNjMwMDcwMDU4WjAzMTEwLwYDVQQD
Eyg0Mjg5NzI5MzU2MWMxY2Y3ZTgzNzRkY2VkMjc3OTJiN2E2ZGI4MDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyINRQtLJB5Exs7ZQ8oWItkZCnZHz
ZOWRUGNTjh6EDNNeCudwmZaDvwiI1MPZrzqWOm9J/oZ3GYSM6se8f2bGY3NrMv8/
4qSgDvPTAgWb5oJE78AcjzqIo7Fi70VKWG75r07drNXTifrSFm8dSAxlsSOqR2eN
C+10F78FiFumDEF7H7aIzK6yTQTI8c9hydGiei/3ExwBktECAnoB6EpCETCxOh7a
S+PBIE4fNDlfeWzj0rdGkftKUKr3PkOX40nwRMqgtFEtlfJSfJKlUEuK2j6hykrK
QqcAx0C3iQEuXrnGRZet4mpoR+HX44d5bWW3EbFCVRWjRg0GNUuiv/SB2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKJcpNWHBz36DdNztJ3krem24B4MB8GA1UdIwQY
MBaAFKLQjNxqQw7w2ogpkXJWtq2NCjb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9iYzE5Y2MtMGY1My00ZDEwLWFmOTMt
ZGMwMWExOWIyODU2LzEvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9iYzE5Y2MtMGY1My00ZDEwLWFmOTMtZGMwMWExOWIyODU2
LzEvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl1LaDZkc
ztZiwg0+TMce7pApzAE1BWd93BH5RQzAOkl8Q5zIcJx8XInjeZMdlTv8BH5GOPYm
hNzoSXEdlyed4kj1QO+gR19w5NXqDSqpc7zK/gvtLPYPUveAaoQW+zq3Q5lPipVz
LtUivtjsBglkOXrkwlkCvyQ3Abrc4UdEtbFZ53MG2jwDtMVOAVv291hb14zcKQgR
JhRlQw8HgocU5RdrF8hC5olhM8VT15374QVZHQI+e7KxoCddmkIYxcXPC189utp9
cXuQBRqYD8u2PYYLqSZ/F7l27H6lw7adM3mlPZW5LXhSNAy3M6+6ev+YBhZih/Ms
sHPwzdMugl1LVg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 14:20:05 2025 by rpki-client