Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft
File: OXsxr3cA59mVkO39nVhKG1A46tc.mft (raw, json)
Hash identifier: RmKtT9J86dIE5NEPlrCU5bZix7i19EMVOP+g4npWJic=
Subject key identifier: 96:45:76:7B:61:28:28:0B:52:F6:68:E4:7A:FF:73:21:FD:A3:16:61
Authority key identifier: 39:7B:31:AF:77:00:E7:D9:95:90:ED:FD:9D:58:4A:1B:50:38:EA:D7
Certificate issuer: /CN=397b31af7700e7d99590edfd9d584a1b5038ead7
Certificate serial: 019882795B6EBC4C43E97DBA36D8C25C7670
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXsxr3cA59mVkO39nVhKG1A46tc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft
Manifest number: D3
Signing time: Thu 07 Aug 2025 03:00:47 +0000
Manifest this update: Thu 07 Aug 2025 03:00:47 +0000
Manifest next update: Fri 08 Aug 2025 03:00:47 +0000
Files and hashes: 1: OXsxr3cA59mVkO39nVhKG1A46tc.crl (hash: Lur/ewtZsDTIo867TuK8bjNl3O/6gCxHuaDHo41fMmQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OXsxr3cA59mVkO39nVhKG1A46tc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 23:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:82:79:5b:6e:bc:4c:43:e9:7d:ba:36:d8:c2:5c:76:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=397b31af7700e7d99590edfd9d584a1b5038ead7
Validity
Not Before: Aug 7 03:00:47 2025 GMT
Not After : Aug 8 03:00:47 2025 GMT
Subject: CN=9645767b6128280b52f668e47aff7321fda31661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:11:d7:08:fc:3a:0e:b9:d2:ae:4c:de:5e:cc:
a1:9f:b2:6c:5d:8e:5e:6b:ac:59:d3:c4:fa:31:d2:
cb:55:83:6e:39:49:e0:02:d5:1e:41:c6:d9:a2:e4:
da:b6:9e:25:29:04:5e:08:0f:82:c4:59:9c:0b:70:
6a:5e:b0:20:73:f8:69:04:08:ab:2e:ef:cf:1d:6b:
5c:ff:19:69:92:04:58:fe:4d:7c:d3:aa:bc:9a:a1:
6f:5f:f8:e4:50:d1:fe:dc:86:b5:5b:c4:41:45:ff:
a3:5c:ef:4c:47:76:2b:b4:ae:8d:07:2e:99:51:58:
60:36:a2:77:b5:16:95:1b:bd:2d:75:cd:78:aa:55:
32:db:13:78:fb:66:31:07:1d:ff:55:9f:fa:f7:83:
d3:dd:6b:9d:36:7a:6c:61:08:e6:44:39:b1:9d:0e:
bf:51:18:6c:95:bb:59:03:99:f2:09:c2:e4:c5:11:
42:d2:32:f7:30:c1:f1:6f:8d:6a:fd:8c:17:eb:46:
f1:d1:98:4c:5d:48:a7:c9:69:a9:24:91:99:69:a9:
63:09:1c:b9:db:11:28:5c:67:c0:86:76:11:9d:c1:
7d:87:10:6f:8f:81:60:0e:fd:53:ac:0b:9c:54:74:
af:e5:0e:78:33:28:1f:ca:ef:4e:ec:a1:51:fe:7d:
f6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:45:76:7B:61:28:28:0B:52:F6:68:E4:7A:FF:73:21:FD:A3:16:61
X509v3 Authority Key Identifier:
keyid:39:7B:31:AF:77:00:E7:D9:95:90:ED:FD:9D:58:4A:1B:50:38:EA:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXsxr3cA59mVkO39nVhKG1A46tc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:fa:42:2b:7b:5f:ce:ce:56:1e:da:0b:25:1f:83:03:3d:e4:
78:5f:0c:aa:e9:bf:14:53:58:95:a9:44:91:41:9a:24:ae:3d:
d5:b6:b7:b3:2e:2a:2a:9f:92:2e:90:8a:1b:14:02:8a:4b:dd:
92:18:79:69:13:6d:e2:53:9a:66:d4:b2:ce:e8:10:c5:47:fc:
89:df:60:23:bb:a3:d0:0d:22:8d:4b:6b:9d:ae:98:d4:b3:77:
f6:9e:97:92:84:3b:26:62:76:5b:83:82:82:9e:1e:77:60:e7:
bb:5d:d6:1a:8a:80:60:3e:33:87:32:45:4b:4e:e8:53:25:a8:
68:31:96:69:74:a7:28:91:6b:17:b0:20:db:2b:76:b7:3b:80:
73:2b:bc:8d:c8:bc:44:c7:41:ba:bf:ee:bf:6f:78:34:61:78:
b2:d3:ac:54:64:f3:c3:b8:27:b9:a1:a0:5e:bd:db:10:0e:52:
1a:05:b8:00:84:64:3e:8e:b1:6d:04:14:25:7f:bb:b7:b0:02:
48:30:fb:bd:59:4f:b2:b0:d6:79:47:25:e7:7f:b0:35:14:85:
ee:aa:3a:94:d8:50:8a:56:2b:db:43:a5:48:97:59:cf:34:d8:
69:84:2f:79:01:6c:aa:cd:12:56:b3:ad:02:92:ec:f8:c2:e7:
2f:5d:05:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiCeVtuvExD6X26NtjCXHZwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5N2IzMWFmNzcwMGU3ZDk5NTkwZWRmZDlkNTg0YTFiNTAz
OGVhZDcwHhcNMjUwODA3MDMwMDQ3WhcNMjUwODA4MDMwMDQ3WjAzMTEwLwYDVQQD
Eyg5NjQ1NzY3YjYxMjgyODBiNTJmNjY4ZTQ3YWZmNzMyMWZkYTMxNjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBHXCPw6DrnSrkzeXsyhn7JsXY5e
a6xZ08T6MdLLVYNuOUngAtUeQcbZouTatp4lKQReCA+CxFmcC3BqXrAgc/hpBAir
Lu/PHWtc/xlpkgRY/k1806q8mqFvX/jkUNH+3Ia1W8RBRf+jXO9MR3YrtK6NBy6Z
UVhgNqJ3tRaVG70tdc14qlUy2xN4+2YxBx3/VZ/694PT3WudNnpsYQjmRDmxnQ6/
URhslbtZA5nyCcLkxRFC0jL3MMHxb41q/YwX60bx0ZhMXUinyWmpJJGZaaljCRy5
2xEoXGfAhnYRncF9hxBvj4FgDv1TrAucVHSv5Q54Mygfyu9O7KFR/n32owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJZFdnthKCgLUvZo5Hr/cyH9oxZhMB8GA1UdIwQY
MBaAFDl7Ma93AOfZlZDt/Z1YShtQOOrXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hzeHIzY0E1OW1Wa08zOW5WaEtHMUE0NnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8wZDlkM2ItZDc5MC00YWU4LWEyM2Qt
YjIwMmUwNWFjODRhLzEvT1hzeHIzY0E1OW1Wa08zOW5WaEtHMUE0NnRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8wZDlkM2ItZDc5MC00YWU4LWEyM2QtYjIwMmUwNWFjODRh
LzEvT1hzeHIzY0E1OW1Wa08zOW5WaEtHMUE0NnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK/pCK3tf
zs5WHtoLJR+DAz3keF8Mqum/FFNYlalEkUGaJK491ba3sy4qKp+SLpCKGxQCikvd
khh5aRNt4lOaZtSyzugQxUf8id9gI7uj0A0ijUtrna6Y1LN39p6XkoQ7JmJ2W4OC
gp4ed2Dnu13WGoqAYD4zhzJFS07oUyWoaDGWaXSnKJFrF7Ag2yt2tzuAcyu8jci8
RMdBur/uv294NGF4stOsVGTzw7gnuaGgXr3bEA5SGgW4AIRkPo6xbQQUJX+7t7AC
SDD7vVlPsrDWeUcl53+wNRSF7qo6lNhQilYr20OlSJdZzzTYaYQveQFsqs0SVrOt
ApLs+MLnL10Fog==
-----END CERTIFICATE-----
Generated at Thu Aug 7 07:25:27 2025 by rpki-client