
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/35bb21-2239-4f77-a7fa-55de65a2ea3b/1/o3sePvrqidz80cjpfA6beAxhRl0.mft
File: o3sePvrqidz80cjpfA6beAxhRl0.mft (raw, json)
Hash identifier: R0FRMTt19fJnyT52MQ1Py/Tc1LYFcYnxCizONC+02O8=
Subject key identifier: A2:C3:9B:5A:F3:78:FB:4B:F4:29:2A:B9:15:4C:EC:EE:81:06:C0:6C
Authority key identifier: A3:7B:1E:3E:FA:EA:89:DC:FC:D1:C8:E9:7C:0E:9B:78:0C:61:46:5D
Certificate issuer: /CN=a37b1e3efaea89dcfcd1c8e97c0e9b780c61465d
Certificate serial: 019873E4009B8703C37375343A7D2742C952
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3sePvrqidz80cjpfA6beAxhRl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/35bb21-2239-4f77-a7fa-55de65a2ea3b/1/o3sePvrqidz80cjpfA6beAxhRl0.mft
Manifest number: 0C9E
Signing time: Mon 04 Aug 2025 07:02:58 +0000
Manifest this update: Mon 04 Aug 2025 07:02:58 +0000
Manifest next update: Tue 05 Aug 2025 07:02:58 +0000
Files and hashes: 1: o3sePvrqidz80cjpfA6beAxhRl0.crl (hash: 2gexrIpKfIo0USZJdQ+l+2eO/fGvSKC1xNW12LynfTE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/35bb21-2239-4f77-a7fa-55de65a2ea3b/1/o3sePvrqidz80cjpfA6beAxhRl0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/35bb21-2239-4f77-a7fa-55de65a2ea3b/1/o3sePvrqidz80cjpfA6beAxhRl0.mft
rsync://rpki.ripe.net/repository/DEFAULT/o3sePvrqidz80cjpfA6beAxhRl0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:73:e4:00:9b:87:03:c3:73:75:34:3a:7d:27:42:c9:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a37b1e3efaea89dcfcd1c8e97c0e9b780c61465d
Validity
Not Before: Aug 4 07:02:58 2025 GMT
Not After : Aug 5 07:02:58 2025 GMT
Subject: CN=a2c39b5af378fb4bf4292ab9154cecee8106c06c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9f:8a:15:6b:91:9b:68:b0:4c:39:a6:4c:2c:
3b:ca:4a:c7:b0:6f:71:f0:20:ed:a0:e5:08:2e:62:
5c:e3:9d:38:74:00:00:d4:47:b0:73:6a:fb:d1:07:
d6:f5:1c:2b:9d:a4:f7:22:d2:40:b6:e0:0b:74:9b:
26:aa:e4:e8:d0:53:58:43:1d:58:ac:2f:94:92:f5:
39:aa:16:9e:46:69:9a:0f:14:7f:68:65:56:fe:6f:
91:a0:fa:05:91:1b:72:38:21:81:37:5a:d3:58:48:
0c:b6:c3:b6:15:39:2c:e2:17:6f:7a:b0:c2:54:57:
fb:76:7a:60:61:9b:50:fa:66:fd:30:79:ff:c4:39:
2a:e9:97:39:42:4e:6c:c4:1a:95:ac:5e:07:5a:42:
61:74:07:7a:fb:1d:11:80:86:e0:dd:2a:42:ff:af:
d4:92:1a:e6:5d:1d:4e:5b:a3:1b:32:3f:cd:35:aa:
08:ce:a7:6c:26:c5:d8:ff:cd:04:d9:b3:67:e2:b7:
69:be:64:2c:f5:42:17:b0:98:a4:2e:8c:14:78:44:
e9:7b:7c:37:c4:6f:7f:88:aa:53:d4:2a:ab:fa:96:
31:8c:ae:31:71:8e:9e:05:c0:c9:08:2d:51:fb:44:
c4:dd:2b:ff:bf:65:b5:97:3c:eb:73:c1:10:d4:82:
7f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:C3:9B:5A:F3:78:FB:4B:F4:29:2A:B9:15:4C:EC:EE:81:06:C0:6C
X509v3 Authority Key Identifier:
keyid:A3:7B:1E:3E:FA:EA:89:DC:FC:D1:C8:E9:7C:0E:9B:78:0C:61:46:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3sePvrqidz80cjpfA6beAxhRl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/35bb21-2239-4f77-a7fa-55de65a2ea3b/1/o3sePvrqidz80cjpfA6beAxhRl0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/35bb21-2239-4f77-a7fa-55de65a2ea3b/1/o3sePvrqidz80cjpfA6beAxhRl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:f9:2d:00:84:2f:d7:d5:1a:94:fd:c0:c5:1e:f7:56:3b:d8:
f9:e7:c6:00:00:43:33:bd:d9:cb:f3:c6:38:2b:78:67:e2:c1:
5c:01:15:7f:59:bc:9d:98:86:4d:af:72:59:46:76:f1:d8:2a:
38:b3:16:08:85:63:ba:c1:0a:38:8a:17:23:83:f0:99:72:57:
2e:e8:c3:84:83:b8:86:e3:d6:48:b9:16:90:04:2c:20:e8:42:
94:b1:77:d8:ea:d4:e3:ea:db:0f:bb:8e:5f:25:82:b8:2e:05:
31:4e:61:d9:cb:26:4c:0a:e7:2a:01:f7:cb:fe:37:8d:35:8e:
a5:16:0b:7b:29:16:b1:b9:c3:93:e2:c2:61:ce:80:b5:7e:be:
0b:3f:b0:a2:b0:ca:5a:eb:c2:6c:2d:1a:a0:52:cb:75:cb:70:
0e:95:8a:7d:67:46:0e:c7:61:08:f1:8d:95:d7:bc:2e:d8:e0:
01:4c:88:aa:02:b9:6d:5e:e4:a5:92:ed:e6:93:25:bb:14:d8:
f2:3e:e7:14:82:09:62:98:99:ce:45:56:1d:10:15:6e:f9:9e:
53:ee:d1:77:b8:e1:46:e3:86:ad:ef:c5:8f:ad:60:38:97:18:
6f:99:f6:41:48:cd:bd:0e:c8:9a:54:27:8a:6d:d1:09:c8:ae:
0c:e1:be:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz5ACbhwPDc3U0On0nQslSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzN2IxZTNlZmFlYTg5ZGNmY2QxYzhlOTdjMGU5Yjc4MGM2
MTQ2NWQwHhcNMjUwODA0MDcwMjU4WhcNMjUwODA1MDcwMjU4WjAzMTEwLwYDVQQD
EyhhMmMzOWI1YWYzNzhmYjRiZjQyOTJhYjkxNTRjZWNlZTgxMDZjMDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2p+KFWuRm2iwTDmmTCw7ykrHsG9x
8CDtoOUILmJc4504dAAA1Eewc2r70QfW9RwrnaT3ItJAtuALdJsmquTo0FNYQx1Y
rC+UkvU5qhaeRmmaDxR/aGVW/m+RoPoFkRtyOCGBN1rTWEgMtsO2FTks4hdverDC
VFf7dnpgYZtQ+mb9MHn/xDkq6Zc5Qk5sxBqVrF4HWkJhdAd6+x0RgIbg3SpC/6/U
khrmXR1OW6MbMj/NNaoIzqdsJsXY/80E2bNn4rdpvmQs9UIXsJikLowUeETpe3w3
xG9/iKpT1Cqr+pYxjK4xcY6eBcDJCC1R+0TE3Sv/v2W1lzzrc8EQ1IJ/NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKLDm1rzePtL9CkquRVM7O6BBsBsMB8GA1UdIwQY
MBaAFKN7Hj766onc/NHI6XwOm3gMYUZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNzZVB2cnFpZHo4MGNqcGZBNmJlQXhoUmwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8zNWJiMjEtMjIzOS00Zjc3LWE3ZmEt
NTVkZTY1YTJlYTNiLzEvbzNzZVB2cnFpZHo4MGNqcGZBNmJlQXhoUmwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8zNWJiMjEtMjIzOS00Zjc3LWE3ZmEtNTVkZTY1YTJlYTNi
LzEvbzNzZVB2cnFpZHo4MGNqcGZBNmJlQXhoUmwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN/ktAIQv
19UalP3AxR73VjvY+efGAABDM73Zy/PGOCt4Z+LBXAEVf1m8nZiGTa9yWUZ28dgq
OLMWCIVjusEKOIoXI4PwmXJXLujDhIO4huPWSLkWkAQsIOhClLF32OrU4+rbD7uO
XyWCuC4FMU5h2csmTArnKgH3y/43jTWOpRYLeykWsbnDk+LCYc6AtX6+Cz+worDK
WuvCbC0aoFLLdctwDpWKfWdGDsdhCPGNlde8LtjgAUyIqgK5bV7kpZLt5pMluxTY
8j7nFIIJYpiZzkVWHRAVbvmeU+7Rd7jhRuOGre/Fj61gOJcYb5n2QUjNvQ7ImlQn
im3RCciuDOG+KQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:05:02 2025 by rpki-client