Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/18d035-3494-4ab7-a5cb-9f788fd27520/1/tD1On-OlSH0g8QABkWKRUPYo86E.mft
File: tD1On-OlSH0g8QABkWKRUPYo86E.mft (raw, json)
Hash identifier: /YgfdpZ/hPydnDQvJ8vVgh4fLo0cw6+1Aol45cajEGA=
Subject key identifier: 93:6F:20:04:5A:A3:E8:0E:85:59:B9:B3:25:32:7B:1D:70:E7:3F:7B
Authority key identifier: B4:3D:4E:9F:E3:A5:48:7D:20:F1:00:01:91:62:91:50:F6:28:F3:A1
Certificate issuer: /CN=b43d4e9fe3a5487d20f1000191629150f628f3a1
Certificate serial: 019A7293FF0F4D04C728D22BC8E5D33B5191
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tD1On-OlSH0g8QABkWKRUPYo86E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/18d035-3494-4ab7-a5cb-9f788fd27520/1/tD1On-OlSH0g8QABkWKRUPYo86E.mft
Manifest number: 0BF0
Signing time: Tue 11 Nov 2025 11:01:32 +0000
Manifest this update: Tue 11 Nov 2025 11:01:32 +0000
Manifest next update: Wed 12 Nov 2025 11:01:32 +0000
Files and hashes: 1: WJX8pUUgztAx5ziEUO7pdOPaYpY.roa (hash: Zv2hcAwndmbcI8AgNFSDMAAPE42QlNQ0rd+YTdhMpog=)
2: tD1On-OlSH0g8QABkWKRUPYo86E.crl (hash: Hm3RsdKI5LjeADov6KqyBMQd6DpkV056g85LyWTl5Eg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/18d035-3494-4ab7-a5cb-9f788fd27520/1/tD1On-OlSH0g8QABkWKRUPYo86E.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/18d035-3494-4ab7-a5cb-9f788fd27520/1/tD1On-OlSH0g8QABkWKRUPYo86E.mft
rsync://rpki.ripe.net/repository/DEFAULT/tD1On-OlSH0g8QABkWKRUPYo86E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:ff:0f:4d:04:c7:28:d2:2b:c8:e5:d3:3b:51:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b43d4e9fe3a5487d20f1000191629150f628f3a1
Validity
Not Before: Nov 11 11:01:32 2025 GMT
Not After : Nov 12 11:01:32 2025 GMT
Subject: CN=936f20045aa3e80e8559b9b325327b1d70e73f7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a9:2f:8f:13:5d:7f:81:51:7e:bb:7f:ee:61:
59:91:f6:a5:7a:43:ba:eb:96:ef:a1:6e:81:cd:7b:
bb:e1:e7:41:be:08:07:84:8e:63:14:e0:c2:a0:cc:
40:22:00:d2:a2:f9:34:27:ab:ed:0e:c4:41:45:93:
7d:c3:33:64:9d:54:4e:46:f0:c9:84:8b:91:39:47:
3a:4d:e7:e1:be:e3:bf:57:ae:01:ae:35:e6:42:83:
bb:90:f1:ae:90:36:ea:be:12:ab:60:42:4f:d3:7a:
3a:8f:11:e4:c7:bc:be:9b:62:ba:73:63:13:dd:c9:
be:78:8e:d7:49:5b:21:8c:79:b7:17:06:0e:93:16:
7f:87:4b:46:f9:86:4e:0d:75:0f:63:3c:6a:65:c5:
fb:11:ea:d0:f5:a0:65:24:45:0c:18:6a:02:15:bc:
e7:80:22:ad:1c:07:0f:ad:9d:f9:80:cc:7d:b6:51:
6f:5a:04:59:5d:36:29:36:28:03:45:eb:48:e8:65:
ad:15:a5:10:92:83:d1:e6:67:f2:5c:03:60:35:a3:
6b:05:0e:41:db:5e:7f:94:52:e7:28:59:9a:62:0b:
02:4f:98:20:d7:bd:26:ba:58:2a:d3:4d:44:d2:5d:
62:b2:43:48:b9:31:62:60:31:eb:0e:b3:44:eb:04:
25:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:6F:20:04:5A:A3:E8:0E:85:59:B9:B3:25:32:7B:1D:70:E7:3F:7B
X509v3 Authority Key Identifier:
keyid:B4:3D:4E:9F:E3:A5:48:7D:20:F1:00:01:91:62:91:50:F6:28:F3:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tD1On-OlSH0g8QABkWKRUPYo86E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/18d035-3494-4ab7-a5cb-9f788fd27520/1/tD1On-OlSH0g8QABkWKRUPYo86E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/18d035-3494-4ab7-a5cb-9f788fd27520/1/tD1On-OlSH0g8QABkWKRUPYo86E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:0c:62:df:ca:5a:5d:f7:d2:ab:c2:7c:19:10:54:f6:2e:24:
d7:ec:5c:79:99:91:37:3e:4f:c6:de:1d:8c:f8:97:08:3f:fd:
e7:c6:7b:ca:22:4b:ae:e2:25:0c:aa:e5:d4:77:47:4f:92:18:
0d:5b:86:30:ac:bb:13:f5:b6:b9:32:0d:33:12:99:5a:35:9d:
bf:55:38:ee:99:ac:1d:d9:00:04:27:95:aa:90:a9:ff:07:73:
70:1d:be:f9:5c:c1:76:e4:67:bd:87:72:df:71:84:3c:ec:2d:
ae:9c:3b:e3:e0:ec:a2:c2:1b:3d:1d:af:0b:25:12:fb:e2:09:
3d:4a:7a:26:5a:c7:38:37:db:d4:dd:94:a6:74:fd:f5:6d:76:
58:4b:d9:5d:1d:ca:5b:46:59:9d:d8:cb:b9:2c:c6:f0:1c:30:
eb:53:39:80:8f:eb:4a:0c:1a:3a:10:9a:c6:9e:f3:a5:18:fb:
8f:52:87:49:19:a9:58:42:3c:79:c3:53:93:d0:77:59:2f:20:
ad:11:95:22:35:4a:ac:68:0c:54:45:57:75:a7:0a:3f:e4:e5:
8e:d2:07:13:c6:e5:cd:fb:dc:20:38:60:4f:e7:a2:b3:b8:2a:
35:96:f8:fc:9c:f8:43:2b:41:3f:64:e7:dc:5a:df:f8:d4:97:
c8:36:66:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk/8PTQTHKNIryOXTO1GRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0M2Q0ZTlmZTNhNTQ4N2QyMGYxMDAwMTkxNjI5MTUwZjYy
OGYzYTEwHhcNMjUxMTExMTEwMTMyWhcNMjUxMTEyMTEwMTMyWjAzMTEwLwYDVQQD
Eyg5MzZmMjAwNDVhYTNlODBlODU1OWI5YjMyNTMyN2IxZDcwZTczZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKkvjxNdf4FRfrt/7mFZkfalekO6
65bvoW6BzXu74edBvggHhI5jFODCoMxAIgDSovk0J6vtDsRBRZN9wzNknVRORvDJ
hIuROUc6TefhvuO/V64BrjXmQoO7kPGukDbqvhKrYEJP03o6jxHkx7y+m2K6c2MT
3cm+eI7XSVshjHm3FwYOkxZ/h0tG+YZODXUPYzxqZcX7EerQ9aBlJEUMGGoCFbzn
gCKtHAcPrZ35gMx9tlFvWgRZXTYpNigDRetI6GWtFaUQkoPR5mfyXANgNaNrBQ5B
215/lFLnKFmaYgsCT5gg170mulgq001E0l1iskNIuTFiYDHrDrNE6wQlFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJNvIARao+gOhVm5syUyex1w5z97MB8GA1UdIwQY
MBaAFLQ9Tp/jpUh9IPEAAZFikVD2KPOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEQxT24tT2xTSDBnOFFBQmtXS1JVUFlvODZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8xOGQwMzUtMzQ5NC00YWI3LWE1Y2It
OWY3ODhmZDI3NTIwLzEvdEQxT24tT2xTSDBnOFFBQmtXS1JVUFlvODZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8xOGQwMzUtMzQ5NC00YWI3LWE1Y2ItOWY3ODhmZDI3NTIw
LzEvdEQxT24tT2xTSDBnOFFBQmtXS1JVUFlvODZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWAxi38pa
XffSq8J8GRBU9i4k1+xceZmRNz5Pxt4djPiXCD/958Z7yiJLruIlDKrl1HdHT5IY
DVuGMKy7E/W2uTINMxKZWjWdv1U47pmsHdkABCeVqpCp/wdzcB2++VzBduRnvYdy
33GEPOwtrpw74+DsosIbPR2vCyUS++IJPUp6JlrHODfb1N2UpnT99W12WEvZXR3K
W0ZZndjLuSzG8Bww61M5gI/rSgwaOhCaxp7zpRj7j1KHSRmpWEI8ecNTk9B3WS8g
rRGVIjVKrGgMVEVXdacKP+TljtIHE8blzfvcIDhgT+eis7gqNZb4/Jz4QytBP2Tn
3Frf+NSXyDZmFQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:36:40 2025 by rpki-client