Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft
File: Os5p2XnZoNxneVEGweVayhVHCH8.mft (raw, json)
Hash identifier: nMhxB0UUG+fxFO1KqRaTPmPXtnpfQr4LkJlbi7kNcbI=
Subject key identifier: 82:BA:61:B4:F3:E8:E9:93:47:E0:08:AB:5A:C5:6B:A4:2A:AB:42:9A
Authority key identifier: 3A:CE:69:D9:79:D9:A0:DC:67:79:51:06:C1:E5:5A:CA:15:47:08:7F
Certificate issuer: /CN=3ace69d979d9a0dc67795106c1e55aca1547087f
Certificate serial: 019A725CDD7A0E65F40DF259284C42BC33CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Os5p2XnZoNxneVEGweVayhVHCH8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft
Manifest number: 1719
Signing time: Tue 11 Nov 2025 10:01:19 +0000
Manifest this update: Tue 11 Nov 2025 10:01:19 +0000
Manifest next update: Wed 12 Nov 2025 10:01:19 +0000
Files and hashes: 1: Os5p2XnZoNxneVEGweVayhVHCH8.crl (hash: 9laJur5WG3whVPI1i7S1xHwbZLJppAdKwPkyX3QxcaQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Os5p2XnZoNxneVEGweVayhVHCH8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:dd:7a:0e:65:f4:0d:f2:59:28:4c:42:bc:33:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ace69d979d9a0dc67795106c1e55aca1547087f
Validity
Not Before: Nov 11 10:01:19 2025 GMT
Not After : Nov 12 10:01:19 2025 GMT
Subject: CN=82ba61b4f3e8e99347e008ab5ac56ba42aab429a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:74:2e:19:05:c4:04:9d:dd:50:35:f0:d0:1d:
d6:ae:cc:73:78:d2:99:f7:b4:ff:8f:a4:46:b7:1b:
a1:e3:19:54:89:70:ca:e5:36:b9:6d:39:43:f8:8b:
bc:c8:34:60:32:7c:8e:6e:d0:d6:2c:3c:fa:51:24:
39:fc:57:20:90:f9:6f:65:9a:33:68:65:1c:2a:b5:
93:8c:80:78:d8:23:25:25:d0:4f:f0:c3:9a:8c:45:
cb:99:ab:30:61:79:7b:79:71:a2:4a:02:ec:c1:6f:
9d:18:9e:c2:da:be:21:8a:b2:1a:d9:3f:bd:56:6d:
0f:d0:9b:7b:e6:5a:4e:7f:c9:81:bd:be:4b:8e:61:
e0:89:fd:e3:29:4c:1f:a3:ea:e3:22:7b:00:4c:56:
fd:75:7d:f4:27:65:7f:b7:67:6f:4c:54:81:38:db:
7c:e0:60:8b:4c:0e:b5:f2:e7:b2:26:7d:80:c1:b1:
7a:3c:1f:f7:fd:7e:a1:6b:d6:0e:b4:80:4a:23:88:
d1:37:97:19:7d:be:62:71:7a:82:a1:c8:3c:d1:3c:
04:9b:85:50:39:75:71:d7:81:4d:0e:b9:25:54:d5:
99:df:75:af:1e:72:14:f1:ad:7c:93:8e:4d:eb:30:
dd:49:20:b3:5d:12:5e:3e:db:6c:64:7a:08:e1:87:
9e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:BA:61:B4:F3:E8:E9:93:47:E0:08:AB:5A:C5:6B:A4:2A:AB:42:9A
X509v3 Authority Key Identifier:
keyid:3A:CE:69:D9:79:D9:A0:DC:67:79:51:06:C1:E5:5A:CA:15:47:08:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Os5p2XnZoNxneVEGweVayhVHCH8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:b1:08:47:7f:2d:58:90:fc:60:3c:2a:7e:83:85:e1:4c:62:
d3:8d:ee:75:8a:09:27:8e:a8:aa:6e:ca:a3:af:11:ee:0a:54:
fd:f5:dc:e5:26:95:22:f0:b0:e8:9f:fa:d8:35:30:7b:8a:22:
ee:77:49:92:4e:d3:62:36:a9:d8:20:cc:79:69:d5:ed:5c:b9:
12:17:e2:cd:8a:9d:9e:b0:03:16:ff:2c:28:27:e6:aa:e0:dc:
23:6e:91:4f:f5:8a:57:ee:7a:db:04:b9:aa:14:da:31:dd:c9:
fe:0e:bc:f2:8c:e7:33:3a:96:07:87:0b:9a:bb:76:8e:3f:e2:
ad:94:7f:13:68:18:2f:9e:02:b3:0e:e5:9e:d9:ea:68:57:25:
ad:42:40:a5:b4:a3:17:93:20:25:70:20:31:da:1d:b4:cf:36:
17:f8:6f:3e:35:79:89:e9:a5:b7:80:a2:6e:8f:07:dd:fd:b3:
7b:c7:8b:c6:79:fb:fa:ab:bb:b9:02:3b:cf:e0:0a:37:84:58:
02:05:1a:a2:4f:bb:4e:07:f6:27:18:53:9e:0a:c5:08:13:8e:
4d:ca:bf:93:2f:26:a9:0d:12:8f:3c:bf:60:73:18:9e:3f:ca:
49:1c:d2:66:af:ef:a8:3c:89:c6:c0:06:7a:15:ec:d1:11:e2:
2d:1c:42:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXN16DmX0DfJZKExCvDPMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2U2OWQ5NzlkOWEwZGM2Nzc5NTEwNmMxZTU1YWNhMTU0
NzA4N2YwHhcNMjUxMTExMTAwMTE5WhcNMjUxMTEyMTAwMTE5WjAzMTEwLwYDVQQD
Eyg4MmJhNjFiNGYzZThlOTkzNDdlMDA4YWI1YWM1NmJhNDJhYWI0MjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3QuGQXEBJ3dUDXw0B3WrsxzeNKZ
97T/j6RGtxuh4xlUiXDK5Ta5bTlD+Iu8yDRgMnyObtDWLDz6USQ5/FcgkPlvZZoz
aGUcKrWTjIB42CMlJdBP8MOajEXLmaswYXl7eXGiSgLswW+dGJ7C2r4hirIa2T+9
Vm0P0Jt75lpOf8mBvb5LjmHgif3jKUwfo+rjInsATFb9dX30J2V/t2dvTFSBONt8
4GCLTA618ueyJn2AwbF6PB/3/X6ha9YOtIBKI4jRN5cZfb5icXqCocg80TwEm4VQ
OXVx14FNDrklVNWZ33WvHnIU8a18k45N6zDdSSCzXRJePttsZHoI4YeekwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIK6YbTz6OmTR+AIq1rFa6Qqq0KaMB8GA1UdIwQY
MBaAFDrOadl52aDcZ3lRBsHlWsoVRwh/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3M1cDJYblpvTnhuZVZFR3dlVmF5aFZIQ0g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9hZmQ5OWYtZGY1NS00ZTk3LTg4NmEt
YTk3NzVhYThkODEyLzEvT3M1cDJYblpvTnhuZVZFR3dlVmF5aFZIQ0g4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9hZmQ5OWYtZGY1NS00ZTk3LTg4NmEtYTk3NzVhYThkODEy
LzEvT3M1cDJYblpvTnhuZVZFR3dlVmF5aFZIQ0g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnbEIR38t
WJD8YDwqfoOF4Uxi043udYoJJ46oqm7Ko68R7gpU/fXc5SaVIvCw6J/62DUwe4oi
7ndJkk7TYjap2CDMeWnV7Vy5EhfizYqdnrADFv8sKCfmquDcI26RT/WKV+562wS5
qhTaMd3J/g688oznMzqWB4cLmrt2jj/irZR/E2gYL54Csw7lntnqaFclrUJApbSj
F5MgJXAgMdodtM82F/hvPjV5iemlt4Cibo8H3f2ze8eLxnn7+qu7uQI7z+AKN4RY
AgUaok+7Tgf2JxhTngrFCBOOTcq/ky8mqQ0Sjzy/YHMYnj/KSRzSZq/vqDyJxsAG
ehXs0RHiLRxCjw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:53:41 2025 by rpki-client