Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/5fd273-f3a9-4755-b23a-3bbd887d05c2/1/Oqnpgy7SXeeMPOBQEggmEGYoH1E.mft
File: Oqnpgy7SXeeMPOBQEggmEGYoH1E.mft (raw, json)
Hash identifier: 5JSi1+KBUhaM3w8pUMNK4e8RJfYWfsEd2t6EcvB0Nng=
Subject key identifier: 64:4A:10:A1:DC:B5:CC:D0:C8:26:F5:F6:78:62:27:92:D4:65:11:15
Authority key identifier: 3A:A9:E9:83:2E:D2:5D:E7:8C:3C:E0:50:12:08:26:10:66:28:1F:51
Certificate issuer: /CN=3aa9e9832ed25de78c3ce0501208261066281f51
Certificate serial: 019A0DB8D6876BB8B6EAF0612D09640A4C6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oqnpgy7SXeeMPOBQEggmEGYoH1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/5fd273-f3a9-4755-b23a-3bbd887d05c2/1/Oqnpgy7SXeeMPOBQEggmEGYoH1E.mft
Manifest number: 1133
Signing time: Wed 22 Oct 2025 21:00:08 +0000
Manifest this update: Wed 22 Oct 2025 21:00:08 +0000
Manifest next update: Thu 23 Oct 2025 21:00:08 +0000
Files and hashes: 1: Oqnpgy7SXeeMPOBQEggmEGYoH1E.crl (hash: /HlHk29Wg0p1dLleuwSu8/q3xxFBbhseg6GTU0Lcf5Q=)
2: aWYIXcaJkiVxLLibbCxl3jRBEqg.roa (hash: is1rfoaga6D1caCReE6B6u2V3E2PMjX4LQvHyaYSnhI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/5fd273-f3a9-4755-b23a-3bbd887d05c2/1/Oqnpgy7SXeeMPOBQEggmEGYoH1E.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/5fd273-f3a9-4755-b23a-3bbd887d05c2/1/Oqnpgy7SXeeMPOBQEggmEGYoH1E.mft
rsync://rpki.ripe.net/repository/DEFAULT/Oqnpgy7SXeeMPOBQEggmEGYoH1E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 21:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0d:b8:d6:87:6b:b8:b6:ea:f0:61:2d:09:64:0a:4c:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aa9e9832ed25de78c3ce0501208261066281f51
Validity
Not Before: Oct 22 21:00:08 2025 GMT
Not After : Oct 23 21:00:08 2025 GMT
Subject: CN=644a10a1dcb5ccd0c826f5f678622792d4651115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f1:ce:5f:f2:38:fe:71:dd:27:55:6d:6e:0e:
97:1c:2b:58:9f:46:53:1b:7b:4b:2c:2a:6b:1c:49:
96:24:95:a7:a7:1a:b1:1d:1d:3c:1e:21:73:2d:28:
9b:e7:41:6e:5f:2e:62:ef:de:b6:cb:b6:43:91:6b:
c0:f2:9d:d6:56:ba:28:5d:ef:6d:f7:a3:5d:dd:e5:
84:2b:c6:f1:07:cd:9a:2c:11:c5:5e:3c:ba:93:ae:
7f:38:d4:47:47:b3:89:64:db:02:b6:b6:62:f5:03:
3a:04:e7:89:af:ef:7f:da:67:b6:96:7f:59:ce:b5:
be:6c:93:47:31:c6:9e:f7:03:13:38:fd:60:24:61:
e5:85:64:de:72:42:4d:00:ce:56:f1:98:75:0d:73:
dd:5c:ff:09:4f:73:40:07:fa:ef:0f:36:25:a2:e7:
d9:73:de:ad:c3:a7:e8:25:cf:22:36:4a:83:03:fc:
06:f6:55:63:cc:a7:6c:48:25:a1:84:0d:23:75:e2:
d2:e2:e1:48:75:fc:d9:ae:0c:16:b9:99:d0:4a:8c:
57:f1:51:66:ea:29:ad:4c:3e:6d:26:6e:59:7e:9e:
68:1e:af:db:93:37:76:3b:4e:47:6f:95:fe:00:39:
b2:85:51:98:9c:53:7f:c8:39:29:2c:84:1e:95:ca:
26:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:4A:10:A1:DC:B5:CC:D0:C8:26:F5:F6:78:62:27:92:D4:65:11:15
X509v3 Authority Key Identifier:
keyid:3A:A9:E9:83:2E:D2:5D:E7:8C:3C:E0:50:12:08:26:10:66:28:1F:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oqnpgy7SXeeMPOBQEggmEGYoH1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/5fd273-f3a9-4755-b23a-3bbd887d05c2/1/Oqnpgy7SXeeMPOBQEggmEGYoH1E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/5fd273-f3a9-4755-b23a-3bbd887d05c2/1/Oqnpgy7SXeeMPOBQEggmEGYoH1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:34:fa:94:9e:8f:d5:86:94:fa:78:9d:57:55:27:1a:f4:46:
43:0e:fd:d7:ac:7e:76:e9:0c:5c:31:d9:1e:bd:5d:2a:34:59:
a2:9d:32:0e:f1:23:60:14:2b:de:c8:b3:65:e6:8a:68:98:9a:
3d:62:c3:57:1a:12:ba:f2:9d:1c:fd:ff:4c:0f:cb:11:57:38:
a8:c5:9c:78:50:6f:2b:0d:bd:d5:c4:5b:b0:65:37:1c:72:da:
75:e8:f5:44:32:c3:1b:6c:7e:ca:b9:13:a2:8d:9f:a0:27:f2:
a0:48:e9:0c:b9:41:83:ad:8d:4a:3d:d0:e4:ea:1a:56:83:9f:
08:0e:98:51:d3:95:09:96:20:57:ca:13:ef:7c:b0:18:5e:56:
a6:92:4d:3c:8a:3e:57:58:b9:31:27:08:5d:04:79:34:b2:68:
ed:ce:6e:66:48:2a:e3:c2:c6:26:46:ee:72:91:43:cd:a8:ac:
ef:24:aa:b6:33:8b:7a:3d:aa:d2:2c:a1:84:55:0f:af:fc:38:
af:c6:f8:58:80:50:07:6e:39:46:05:da:9e:8a:79:95:fb:df:
3e:25:00:b1:47:bb:d6:c5:2d:46:13:d5:31:28:44:0e:c2:58:
fc:b9:a8:18:a3:fa:a6:c2:52:14:85:f3:68:42:cb:4f:11:94:
de:24:48:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoNuNaHa7i26vBhLQlkCkxrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYTllOTgzMmVkMjVkZTc4YzNjZTA1MDEyMDgyNjEwNjYy
ODFmNTEwHhcNMjUxMDIyMjEwMDA4WhcNMjUxMDIzMjEwMDA4WjAzMTEwLwYDVQQD
Eyg2NDRhMTBhMWRjYjVjY2QwYzgyNmY1ZjY3ODYyMjc5MmQ0NjUxMTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fHOX/I4/nHdJ1Vtbg6XHCtYn0ZT
G3tLLCprHEmWJJWnpxqxHR08HiFzLSib50FuXy5i7962y7ZDkWvA8p3WVrooXe9t
96Nd3eWEK8bxB82aLBHFXjy6k65/ONRHR7OJZNsCtrZi9QM6BOeJr+9/2me2ln9Z
zrW+bJNHMcae9wMTOP1gJGHlhWTeckJNAM5W8Zh1DXPdXP8JT3NAB/rvDzYloufZ
c96tw6foJc8iNkqDA/wG9lVjzKdsSCWhhA0jdeLS4uFIdfzZrgwWuZnQSoxX8VFm
6imtTD5tJm5Zfp5oHq/bkzd2O05Hb5X+ADmyhVGYnFN/yDkpLIQelcomOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGRKEKHctczQyCb19nhiJ5LUZREVMB8GA1UdIwQY
MBaAFDqp6YMu0l3njDzgUBIIJhBmKB9RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3FucGd5N1NYZWVNUE9CUUVnZ21FR1lvSDFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy81ZmQyNzMtZjNhOS00NzU1LWIyM2Et
M2JiZDg4N2QwNWMyLzEvT3FucGd5N1NYZWVNUE9CUUVnZ21FR1lvSDFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy81ZmQyNzMtZjNhOS00NzU1LWIyM2EtM2JiZDg4N2QwNWMy
LzEvT3FucGd5N1NYZWVNUE9CUUVnZ21FR1lvSDFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANzT6lJ6P
1YaU+nidV1UnGvRGQw7916x+dukMXDHZHr1dKjRZop0yDvEjYBQr3sizZeaKaJia
PWLDVxoSuvKdHP3/TA/LEVc4qMWceFBvKw291cRbsGU3HHLadej1RDLDG2x+yrkT
oo2foCfyoEjpDLlBg62NSj3Q5OoaVoOfCA6YUdOVCZYgV8oT73ywGF5WppJNPIo+
V1i5MScIXQR5NLJo7c5uZkgq48LGJkbucpFDzais7ySqtjOLej2q0iyhhFUPr/w4
r8b4WIBQB245RgXanop5lfvfPiUAsUe71sUtRhPVMShEDsJY/LmoGKP6psJSFIXz
aELLTxGU3iRIjQ==
-----END CERTIFICATE-----
Generated at Thu Oct 23 05:10:13 2025 by rpki-client