Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft
File: O-lZPSkOAlAninOzE1UDKTJ71Yk.mft (raw, json)
Hash identifier: MN1Opm6zjMGJrnYAlPOYGLKF08s0YZC/GLF4nPZzLwQ=
Subject key identifier: A1:31:DA:16:02:12:96:42:42:BA:62:E1:35:6C:94:6E:50:57:10:3A
Authority key identifier: 3B:E9:59:3D:29:0E:02:50:27:8A:73:B3:13:55:03:29:32:7B:D5:89
Certificate issuer: /CN=3be9593d290e0250278a73b313550329327bd589
Certificate serial: 0197692A0F0F976ECFB4A5791673F38B56A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-lZPSkOAlAninOzE1UDKTJ71Yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft
Manifest number: 158E
Signing time: Fri 13 Jun 2025 12:00:53 +0000
Manifest this update: Fri 13 Jun 2025 12:00:53 +0000
Manifest next update: Sat 14 Jun 2025 12:00:53 +0000
Files and hashes: 1: O-lZPSkOAlAninOzE1UDKTJ71Yk.crl (hash: 7yzN65MJpA1N5WGN4mcwGAXQBHHqj88NfSVegw/QSLc=)
2: bxRO7kfiXfIBzrwx6__-lx4GD-Q.roa (hash: Yl6am4vWUQXhAPFuVgrQF79QPPtS7MoD02zbAbTLBHQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O-lZPSkOAlAninOzE1UDKTJ71Yk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 12:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:69:2a:0f:0f:97:6e:cf:b4:a5:79:16:73:f3:8b:56:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3be9593d290e0250278a73b313550329327bd589
Validity
Not Before: Jun 13 12:00:53 2025 GMT
Not After : Jun 14 12:00:53 2025 GMT
Subject: CN=a131da160212964242ba62e1356c946e5057103a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ce:26:a0:16:86:03:2e:18:0b:de:82:cf:cb:
7b:53:29:4a:c0:d9:6e:69:d8:a1:c2:5a:fe:0b:84:
db:d9:4d:10:36:fd:ed:fd:83:c8:c3:3e:76:8c:d2:
7b:dc:36:f1:f7:25:4d:55:61:63:92:70:ab:f3:5b:
9e:6b:c8:ea:a4:af:52:ee:71:42:fb:a5:81:27:3f:
af:31:2b:cc:46:68:da:c7:fd:a4:14:d7:51:0a:c9:
11:99:48:00:31:11:3a:f2:f7:15:21:bd:50:d3:8d:
56:08:5f:9c:b8:bb:91:a5:dc:32:f8:b4:65:45:8f:
6f:a5:cd:7b:f2:23:dc:86:eb:3a:64:d2:29:bd:63:
9f:73:a8:53:af:00:c8:e1:b0:6d:0d:f8:4a:1e:93:
18:8b:20:e6:50:80:b1:62:cd:81:d6:99:01:ff:a0:
9f:81:4c:4a:0e:11:a6:c9:2e:fe:26:4c:fc:a9:a5:
5f:51:25:c9:5c:b4:f5:ab:00:fb:a3:28:bb:71:07:
37:4f:a7:1f:16:b9:de:7a:6d:d4:c9:a1:3b:49:cd:
97:fc:52:e4:50:43:53:cf:58:7a:e1:8b:18:54:54:
68:1c:4d:17:c2:f0:3a:f2:2f:aa:bd:9e:38:14:df:
6e:8f:65:ca:93:80:cb:77:6e:f6:86:20:00:8f:11:
92:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:31:DA:16:02:12:96:42:42:BA:62:E1:35:6C:94:6E:50:57:10:3A
X509v3 Authority Key Identifier:
keyid:3B:E9:59:3D:29:0E:02:50:27:8A:73:B3:13:55:03:29:32:7B:D5:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-lZPSkOAlAninOzE1UDKTJ71Yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:0e:99:4f:09:19:7a:00:df:0b:85:72:07:fb:3e:f5:ad:cf:
8c:ff:40:dc:62:63:23:40:12:8e:ef:9d:51:5b:db:3c:ee:4b:
2d:38:68:91:c6:84:d5:e2:42:d5:c1:02:51:86:90:19:0c:85:
50:76:d3:38:14:a3:a4:2a:fd:87:96:53:6d:cc:79:26:e8:e5:
8d:fc:58:ac:30:6c:e9:e4:26:5c:cf:22:6c:3e:c4:34:dc:ad:
77:63:86:b4:6d:f7:0f:10:ae:88:26:c8:51:4a:5e:42:9e:08:
4a:b8:f9:72:51:3d:bd:3a:2b:29:44:31:0c:1f:70:2e:f4:78:
37:85:c7:0c:b3:d4:84:55:08:81:39:c8:fd:e1:9d:7f:ba:c6:
6c:a0:25:02:dc:2a:5f:08:0a:24:60:24:ec:02:21:25:ed:e7:
47:1a:ae:4b:52:53:d4:1e:a7:7b:fa:4e:0b:ec:7a:37:a6:91:
56:85:51:18:b0:a0:a9:eb:aa:8c:d6:21:29:1b:9c:2e:9f:4c:
e7:a9:20:ec:a0:f9:b2:47:c4:a7:b4:e0:31:b5:47:07:75:f2:
e2:7b:87:f7:55:6c:ff:22:17:fe:8d:cf:c3:a9:f2:78:54:ce:
bc:a4:6a:03:1e:ee:70:b6:d2:8d:54:fd:38:5b:ca:4b:97:fd:
57:fa:92:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpKg8Pl27PtKV5FnPzi1akMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZTk1OTNkMjkwZTAyNTAyNzhhNzNiMzEzNTUwMzI5MzI3
YmQ1ODkwHhcNMjUwNjEzMTIwMDUzWhcNMjUwNjE0MTIwMDUzWjAzMTEwLwYDVQQD
EyhhMTMxZGExNjAyMTI5NjQyNDJiYTYyZTEzNTZjOTQ2ZTUwNTcxMDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs84moBaGAy4YC96Cz8t7UylKwNlu
adihwlr+C4Tb2U0QNv3t/YPIwz52jNJ73Dbx9yVNVWFjknCr81uea8jqpK9S7nFC
+6WBJz+vMSvMRmjax/2kFNdRCskRmUgAMRE68vcVIb1Q041WCF+cuLuRpdwy+LRl
RY9vpc178iPchus6ZNIpvWOfc6hTrwDI4bBtDfhKHpMYiyDmUICxYs2B1pkB/6Cf
gUxKDhGmyS7+Jkz8qaVfUSXJXLT1qwD7oyi7cQc3T6cfFrneem3UyaE7Sc2X/FLk
UENTz1h64YsYVFRoHE0XwvA68i+qvZ44FN9uj2XKk4DLd272hiAAjxGSoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKEx2hYCEpZCQrpi4TVslG5QVxA6MB8GA1UdIwQY
MBaAFDvpWT0pDgJQJ4pzsxNVAykye9WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy1sWlBTa09BbEFuaW5PekUxVURLVEo3MVlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS83NDRhNmUtZjNhMi00MGRkLWEwMmUt
NGVhYjA2MGYxNWZhLzEvTy1sWlBTa09BbEFuaW5PekUxVURLVEo3MVlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS83NDRhNmUtZjNhMi00MGRkLWEwMmUtNGVhYjA2MGYxNWZh
LzEvTy1sWlBTa09BbEFuaW5PekUxVURLVEo3MVlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlQ6ZTwkZ
egDfC4VyB/s+9a3PjP9A3GJjI0ASju+dUVvbPO5LLThokcaE1eJC1cECUYaQGQyF
UHbTOBSjpCr9h5ZTbcx5JujljfxYrDBs6eQmXM8ibD7ENNytd2OGtG33DxCuiCbI
UUpeQp4ISrj5clE9vTorKUQxDB9wLvR4N4XHDLPUhFUIgTnI/eGdf7rGbKAlAtwq
XwgKJGAk7AIhJe3nRxquS1JT1B6ne/pOC+x6N6aRVoVRGLCgqeuqjNYhKRucLp9M
56kg7KD5skfEp7TgMbVHB3Xy4nuH91Vs/yIX/o3Pw6nyeFTOvKRqAx7ucLbSjVT9
OFvKS5f9V/qSfw==
-----END CERTIFICATE-----
Generated at Fri Jun 13 19:15:36 2025 by rpki-client