Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
File: Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft (raw, json)
Hash identifier: azhWaBTOUQh0L8doRKIFYq+6eM4dQqtEvJE/KRp2ljs=
Subject key identifier: 84:38:F6:CE:91:7B:DF:9D:60:07:59:F9:7A:50:79:8C:C3:BF:0C:65
Authority key identifier: 3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20
Certificate issuer: /CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20
Certificate serial: 019A7149CF46077A87977EF5C2040763E33C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
Manifest number: 0865
Signing time: Tue 11 Nov 2025 05:00:53 +0000
Manifest this update: Tue 11 Nov 2025 05:00:53 +0000
Manifest next update: Wed 12 Nov 2025 05:00:53 +0000
Files and hashes: 1: M82sfYNUsyqK13nZZfstvwDd7Fs.roa (hash: Pwd9phO+f2VaYBcGPbgT8icjGcqdGdD4Q6fe+fixav0=)
2: Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl (hash: BHPP3gZhiI+7xLWnkkhwmWPj6xrNcnPpPV2s2FavzoA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:cf:46:07:7a:87:97:7e:f5:c2:04:07:63:e3:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20
Validity
Not Before: Nov 11 05:00:53 2025 GMT
Not After : Nov 12 05:00:53 2025 GMT
Subject: CN=8438f6ce917bdf9d600759f97a50798cc3bf0c65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:42:c6:87:24:4e:2c:69:2f:f1:5b:7a:00:9e:
ca:96:36:ad:84:21:a7:20:bd:32:4f:a5:71:ce:17:
9a:5d:0c:96:20:1d:94:64:3b:7d:8d:78:94:51:5a:
06:de:04:8f:28:97:f1:b9:52:ba:3b:ae:f0:c6:64:
6e:08:8f:24:c0:9d:9a:fd:c1:cb:71:d2:42:f8:ff:
b3:ab:85:fd:a8:9d:4d:87:82:78:c8:79:80:76:10:
5d:31:7e:f9:55:b3:d6:c5:e4:d2:b0:3d:65:f6:99:
32:e3:e0:f3:39:97:b8:18:12:28:7a:1d:71:81:ee:
14:4a:c8:a7:26:ab:55:df:c1:01:e0:6e:72:cb:b0:
d4:35:93:14:d7:b5:ce:fb:1f:15:d9:31:6b:ee:9e:
d0:dc:b9:3e:93:68:d9:76:94:35:3f:e6:22:03:ab:
21:51:72:bb:03:1b:ca:fd:e8:68:7f:43:ef:e3:0f:
a5:35:1c:f4:4c:79:6c:47:be:9c:73:9d:e8:18:ae:
e7:1d:24:d7:bc:14:0c:d2:85:58:0b:f8:bd:90:d6:
9b:db:3d:2a:2e:6b:49:c5:69:4c:56:17:4a:5c:de:
02:44:f9:d1:31:44:d1:58:57:46:d2:32:aa:75:be:
2b:c5:a9:95:a8:c9:7f:17:fc:42:03:35:87:dd:26:
b0:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:38:F6:CE:91:7B:DF:9D:60:07:59:F9:7A:50:79:8C:C3:BF:0C:65
X509v3 Authority Key Identifier:
keyid:3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:45:f1:7b:02:78:e9:e7:a9:f7:a7:17:11:41:9a:10:54:e8:
c7:bd:e9:4f:a0:82:2b:23:ab:71:91:07:92:62:fa:8c:62:43:
e2:ef:df:b9:54:96:86:2b:cc:b9:81:fa:34:6e:0e:c5:19:64:
8b:8c:17:9d:a4:bf:d0:e7:8c:9c:c5:c5:a4:0d:78:2c:dc:2d:
f1:01:4a:74:e1:1d:a9:20:fd:a1:09:e8:fc:7c:1a:f0:78:03:
49:4e:f0:b2:6d:d9:10:0f:a1:da:8f:c0:33:88:75:9d:6f:3f:
79:e1:4a:f0:0e:1a:04:3f:4f:a1:07:ef:94:13:b3:ef:76:c1:
41:fa:98:6b:e2:40:48:d7:f0:46:f2:ac:58:8f:b7:a0:36:97:
05:95:f5:3b:20:2e:a4:d7:d3:62:02:36:ec:d8:02:46:6f:2a:
ef:9a:94:22:30:41:cd:3e:dd:99:1c:4b:77:33:c1:4f:42:1e:
b4:57:8b:7c:21:5d:7e:16:b7:db:9f:e7:1b:3c:af:ef:69:11:
6e:02:9d:39:38:7e:76:c3:f1:c6:f6:ca:b4:42:f5:61:d0:f0:
3d:b5:02:5b:6f:3e:36:cc:ce:37:0b:4f:bb:24:9d:b6:b4:00:
b5:b4:6d:b6:e7:96:cd:7c:00:26:4a:b3:cc:2a:a4:82:85:58:
bb:0e:68:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSc9GB3qHl371wgQHY+M8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMTkzNWIzY2JjMjUyN2VhZjE2N2Q2OWIyMDc4ZDMzZTRj
NGRhMjAwHhcNMjUxMTExMDUwMDUzWhcNMjUxMTEyMDUwMDUzWjAzMTEwLwYDVQQD
Eyg4NDM4ZjZjZTkxN2JkZjlkNjAwNzU5Zjk3YTUwNzk4Y2MzYmYwYzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtELGhyROLGkv8Vt6AJ7KljathCGn
IL0yT6VxzheaXQyWIB2UZDt9jXiUUVoG3gSPKJfxuVK6O67wxmRuCI8kwJ2a/cHL
cdJC+P+zq4X9qJ1Nh4J4yHmAdhBdMX75VbPWxeTSsD1l9pky4+DzOZe4GBIoeh1x
ge4USsinJqtV38EB4G5yy7DUNZMU17XO+x8V2TFr7p7Q3Lk+k2jZdpQ1P+YiA6sh
UXK7AxvK/ehof0Pv4w+lNRz0THlsR76cc53oGK7nHSTXvBQM0oVYC/i9kNab2z0q
LmtJxWlMVhdKXN4CRPnRMUTRWFdG0jKqdb4rxamVqMl/F/xCAzWH3Saw4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQ49s6Re9+dYAdZ+XpQeYzDvwxlMB8GA1UdIwQY
MBaAFDoZNbPLwlJ+rxZ9abIHjTPkxNogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYt
YWJmODM3YWNlOGU0LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYtYWJmODM3YWNlOGU0
LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg0XxewJ4
6eep96cXEUGaEFTox73pT6CCKyOrcZEHkmL6jGJD4u/fuVSWhivMuYH6NG4OxRlk
i4wXnaS/0OeMnMXFpA14LNwt8QFKdOEdqSD9oQno/Hwa8HgDSU7wsm3ZEA+h2o/A
M4h1nW8/eeFK8A4aBD9PoQfvlBOz73bBQfqYa+JASNfwRvKsWI+3oDaXBZX1OyAu
pNfTYgI27NgCRm8q75qUIjBBzT7dmRxLdzPBT0IetFeLfCFdfha325/nGzyv72kR
bgKdOTh+dsPxxvbKtEL1YdDwPbUCW28+NszONwtPuySdtrQAtbRttueWzXwAJkqz
zCqkgoVYuw5oXQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:30 2025 by rpki-client