Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft
File: oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft (raw, json)
Hash identifier: Qf7aHBn0/ZGXjQJ+F8i71xlpAIoK07s6CMitI8t9khg=
Subject key identifier: 86:A7:55:D7:CE:ED:D8:F9:9F:93:8B:62:49:7C:99:E0:A7:61:B0:C4
Authority key identifier: A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
Certificate issuer: /CN=a0a647dac729f47b06369c4c9741cf943953dc59
Certificate serial: 019A2C68534DD54B16FE10242B8082B9AC98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft
Manifest number: 0C5D
Signing time: Tue 28 Oct 2025 20:00:25 +0000
Manifest this update: Tue 28 Oct 2025 20:00:25 +0000
Manifest next update: Wed 29 Oct 2025 20:00:25 +0000
Files and hashes: 1: Y2_roQOUIthtVw1QejxD0nB1Z6Y.roa (hash: stNdekHqHd38daoAs6CHIS4mgM26Z52wdTv8J9OHtKw=)
2: oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl (hash: hVvbfV/sPwinZEXNVNURQHzwUuWX2Hz11jtzfOZTCRk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 14:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2c:68:53:4d:d5:4b:16:fe:10:24:2b:80:82:b9:ac:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a647dac729f47b06369c4c9741cf943953dc59
Validity
Not Before: Oct 28 20:00:25 2025 GMT
Not After : Oct 29 20:00:25 2025 GMT
Subject: CN=86a755d7ceedd8f99f938b62497c99e0a761b0c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:4d:e2:18:b0:31:68:9e:6e:42:55:f9:9f:4a:
fa:ab:55:2f:c8:bb:50:37:39:f1:11:66:37:5b:c9:
9c:88:b1:2f:54:38:b4:01:5b:88:1c:20:ea:8e:a5:
2a:42:c9:59:10:fc:49:da:72:50:73:31:d6:07:2c:
c0:6a:d4:a4:a7:cc:36:be:cc:d4:97:1b:e1:b0:d3:
c3:75:ec:cc:49:2e:fa:76:09:bb:d9:a3:6e:a8:9f:
e3:b1:cd:a4:76:7b:5a:e4:cd:4c:1f:86:da:6b:ae:
15:2f:68:63:41:a2:32:c1:ac:fa:af:d6:4c:74:d4:
8b:3f:dd:6a:be:a8:00:c5:43:ad:8b:f5:52:5b:53:
4e:e8:33:02:98:36:df:56:c1:bf:c5:10:af:7c:c1:
44:9f:3d:a2:dd:bc:33:63:31:06:98:bf:54:93:74:
67:9f:57:8f:dd:2e:13:d7:25:e5:87:64:e1:77:b9:
a6:ad:5f:19:4c:b3:13:ca:b1:50:4e:f7:66:2b:ed:
71:7a:b4:7e:db:bd:83:49:27:b7:c1:ff:ee:7f:29:
03:39:72:dd:8b:d1:95:75:02:2c:18:03:60:a6:51:
0a:ed:77:3f:e9:b0:46:d3:7b:28:f2:26:b3:a2:59:
bd:09:69:f4:fa:b2:97:c3:a1:db:39:13:d8:72:58:
bc:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A7:55:D7:CE:ED:D8:F9:9F:93:8B:62:49:7C:99:E0:A7:61:B0:C4
X509v3 Authority Key Identifier:
keyid:A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:6b:29:2d:4e:6d:7b:32:18:77:a2:42:e1:f3:8e:1b:9d:0f:
40:ce:27:ae:80:0d:1d:4c:5d:52:02:58:58:89:32:99:c6:36:
44:b9:08:48:f2:30:75:cb:ce:5e:eb:47:72:f2:43:30:80:6c:
39:20:94:cd:f1:31:11:b9:e6:ab:07:bf:da:34:b4:70:81:8b:
34:9e:45:71:09:34:50:50:fe:39:23:6b:54:ad:3a:99:a4:df:
a8:15:d2:f4:de:59:1b:1d:5b:fd:b3:22:7a:09:2c:dc:4f:cd:
d6:8d:03:1f:d8:c2:a0:d1:ef:eb:d1:72:74:1f:2a:19:bb:40:
72:a3:c9:28:18:e5:11:98:6c:f9:e8:02:f4:62:60:ca:b2:81:
f8:8b:e1:45:73:e9:7a:e3:de:03:4b:de:18:c9:22:2c:7b:b3:
6f:4d:61:fa:e8:69:83:b7:b0:68:4f:64:83:7e:56:76:3d:56:
f1:5a:12:8d:20:2d:50:ae:a7:2e:fc:5a:d4:bf:a5:a5:c7:4c:
47:a1:1b:ee:9c:77:29:f5:0a:31:5b:c1:30:13:74:f8:3f:7d:
c4:ff:2e:9f:08:dd:ad:79:7e:db:5f:3e:54:15:13:00:9b:73:
2a:d7:44:bc:11:d4:f1:ac:ad:44:60:5f:e5:6d:7e:52:b1:4f:
30:6e:f6:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZosaFNN1UsW/hAkK4CCuayYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY0N2RhYzcyOWY0N2IwNjM2OWM0Yzk3NDFjZjk0Mzk1
M2RjNTkwHhcNMjUxMDI4MjAwMDI1WhcNMjUxMDI5MjAwMDI1WjAzMTEwLwYDVQQD
Eyg4NmE3NTVkN2NlZWRkOGY5OWY5MzhiNjI0OTdjOTllMGE3NjFiMGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6U3iGLAxaJ5uQlX5n0r6q1UvyLtQ
NznxEWY3W8mciLEvVDi0AVuIHCDqjqUqQslZEPxJ2nJQczHWByzAatSkp8w2vszU
lxvhsNPDdezMSS76dgm72aNuqJ/jsc2kdnta5M1MH4baa64VL2hjQaIywaz6r9ZM
dNSLP91qvqgAxUOti/VSW1NO6DMCmDbfVsG/xRCvfMFEnz2i3bwzYzEGmL9Uk3Rn
n1eP3S4T1yXlh2Thd7mmrV8ZTLMTyrFQTvdmK+1xerR+272DSSe3wf/ufykDOXLd
i9GVdQIsGANgplEK7Xc/6bBG03so8iazolm9CWn0+rKXw6HbORPYcli8AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIanVdfO7dj5n5OLYkl8meCnYbDEMB8GA1UdIwQY
MBaAFKCmR9rHKfR7BjacTJdBz5Q5U9xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQt
ZmI2OTgzY2U5ZGZmLzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQtZmI2OTgzY2U5ZGZm
LzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHmspLU5t
ezIYd6JC4fOOG50PQM4nroANHUxdUgJYWIkymcY2RLkISPIwdcvOXutHcvJDMIBs
OSCUzfExEbnmqwe/2jS0cIGLNJ5FcQk0UFD+OSNrVK06maTfqBXS9N5ZGx1b/bMi
egks3E/N1o0DH9jCoNHv69FydB8qGbtAcqPJKBjlEZhs+egC9GJgyrKB+IvhRXPp
euPeA0veGMkiLHuzb01h+uhpg7ewaE9kg35Wdj1W8VoSjSAtUK6nLvxa1L+lpcdM
R6Eb7px3KfUKMVvBMBN0+D99xP8unwjdrXl+218+VBUTAJtzKtdEvBHU8aytRGBf
5W1+UrFPMG721A==
-----END CERTIFICATE-----
Generated at Tue Oct 28 21:26:25 2025 by rpki-client