Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/d9e87b-450a-4152-a242-d6910b21ab42/1/oTRxtQAqTrZJYSXPWHN_Deutrns.mft
File: oTRxtQAqTrZJYSXPWHN_Deutrns.mft (raw, json)
Hash identifier: /KNZf3gfEKjUowDfoaQQrIxTHRRwZRML9r6w6arqzG0=
Subject key identifier: 4D:67:2D:89:5C:1C:EE:6C:82:14:5D:56:97:6B:43:86:C6:85:A2:AB
Authority key identifier: A1:34:71:B5:00:2A:4E:B6:49:61:25:CF:58:73:7F:0D:EB:AD:AE:7B
Certificate issuer: /CN=a13471b5002a4eb6496125cf58737f0debadae7b
Certificate serial: 019A71B78EADF35D75F667C4BF9F86C0887A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oTRxtQAqTrZJYSXPWHN_Deutrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/d9e87b-450a-4152-a242-d6910b21ab42/1/oTRxtQAqTrZJYSXPWHN_Deutrns.mft
Manifest number: 06A4
Signing time: Tue 11 Nov 2025 07:00:46 +0000
Manifest this update: Tue 11 Nov 2025 07:00:46 +0000
Manifest next update: Wed 12 Nov 2025 07:00:46 +0000
Files and hashes: 1: oFklvX9KlU1NM_bVTSTtZ1s8fa8.roa (hash: 4FiRkOjDg+qr7WljZjcDh3AhahDm0psFF2Z877w08JM=)
2: oTRxtQAqTrZJYSXPWHN_Deutrns.crl (hash: JFQD6vkQ/kzezJWljEKN0OmmeLWGVHgsFNtx1ScIkSg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/d9e87b-450a-4152-a242-d6910b21ab42/1/oTRxtQAqTrZJYSXPWHN_Deutrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/d9e87b-450a-4152-a242-d6910b21ab42/1/oTRxtQAqTrZJYSXPWHN_Deutrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/oTRxtQAqTrZJYSXPWHN_Deutrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:8e:ad:f3:5d:75:f6:67:c4:bf:9f:86:c0:88:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a13471b5002a4eb6496125cf58737f0debadae7b
Validity
Not Before: Nov 11 07:00:46 2025 GMT
Not After : Nov 12 07:00:46 2025 GMT
Subject: CN=4d672d895c1cee6c82145d56976b4386c685a2ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:60:4d:f8:80:c3:37:63:1b:c1:0e:03:ce:f2:
b9:be:2c:71:f0:3f:13:f4:f2:2d:44:d3:7d:bf:a5:
c2:8a:3c:53:74:c2:b0:a6:03:f7:d6:36:80:8e:5d:
f3:2d:b7:ce:e3:1b:9d:44:e8:6c:17:28:6b:15:dd:
d1:3f:81:e7:4c:62:97:34:3e:17:b8:0f:a5:bd:ee:
0a:6b:6e:1e:df:d3:e8:65:a2:3f:fa:f8:4c:5d:64:
0a:27:40:32:02:22:dc:ff:bf:c1:b2:db:7f:d1:f8:
5b:56:22:d7:01:c1:14:d6:ba:a8:71:3c:82:b1:98:
30:be:8a:16:0a:37:a8:2f:93:1b:18:48:d8:ad:34:
0d:71:ce:46:ba:50:a4:8b:9d:38:5b:60:d5:ad:de:
8a:b2:01:ad:d1:af:6d:73:31:ae:d4:81:92:c3:b7:
2c:35:70:3c:66:27:df:7f:48:97:d9:3e:54:14:78:
d7:ff:1c:47:6a:51:27:5e:84:9a:6e:96:c6:f4:24:
63:c4:87:15:6d:51:57:86:4b:3f:cd:f8:57:17:3c:
40:7c:48:41:0f:fd:4e:44:b5:7b:9b:25:b9:f0:27:
21:49:77:71:6f:a7:d3:bb:3a:2f:29:f9:a5:1d:65:
7d:cf:05:99:01:a4:2e:a2:4b:64:8d:95:09:aa:f6:
17:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:67:2D:89:5C:1C:EE:6C:82:14:5D:56:97:6B:43:86:C6:85:A2:AB
X509v3 Authority Key Identifier:
keyid:A1:34:71:B5:00:2A:4E:B6:49:61:25:CF:58:73:7F:0D:EB:AD:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTRxtQAqTrZJYSXPWHN_Deutrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d9e87b-450a-4152-a242-d6910b21ab42/1/oTRxtQAqTrZJYSXPWHN_Deutrns.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d9e87b-450a-4152-a242-d6910b21ab42/1/oTRxtQAqTrZJYSXPWHN_Deutrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:2d:00:fd:94:e7:3d:5d:7d:ba:68:09:e7:85:fc:9e:28:23:
9a:1c:3d:d7:3a:f9:d1:fb:72:37:4a:54:f1:f0:a7:12:a4:e4:
f0:4c:8c:19:1a:22:4f:29:43:7a:39:77:11:e2:34:01:28:7a:
69:0a:09:19:b9:fe:d6:36:85:82:e8:5a:b3:a7:d5:ab:86:f8:
bb:e2:aa:ac:a3:ce:12:d0:58:9c:55:9b:c4:24:ac:a0:06:92:
38:30:ab:ec:ed:59:ac:52:34:03:40:03:f1:91:8b:c6:2b:ea:
1d:49:f9:f3:6e:9c:5b:75:53:79:cc:ce:d4:07:82:bf:96:81:
87:a5:2a:3c:ec:2c:13:4b:54:89:c8:7d:e4:aa:c0:e2:78:87:
20:ec:2f:36:d3:7d:e3:0c:d7:01:33:55:55:ce:99:24:41:c4:
f0:24:ec:4d:4c:8e:17:58:3d:56:cb:1c:eb:d7:c3:c3:44:ae:
12:13:82:1b:3d:b9:38:e8:bd:c7:cc:e8:de:07:0e:cb:2c:54:
a4:75:65:7e:44:22:b6:95:19:0f:50:56:1b:45:41:06:e1:9e:
38:14:a6:40:e7:b1:ef:7b:c8:57:b3:52:1c:40:77:8e:4e:5d:
b4:57:ff:c3:9d:c4:d3:9f:82:2a:a2:83:20:4c:58:f2:9f:f7:
d6:dc:dd:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt46t81119mfEv5+GwIh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMzQ3MWI1MDAyYTRlYjY0OTYxMjVjZjU4NzM3ZjBkZWJh
ZGFlN2IwHhcNMjUxMTExMDcwMDQ2WhcNMjUxMTEyMDcwMDQ2WjAzMTEwLwYDVQQD
Eyg0ZDY3MmQ4OTVjMWNlZTZjODIxNDVkNTY5NzZiNDM4NmM2ODVhMmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2BN+IDDN2MbwQ4DzvK5vixx8D8T
9PItRNN9v6XCijxTdMKwpgP31jaAjl3zLbfO4xudROhsFyhrFd3RP4HnTGKXND4X
uA+lve4Ka24e39PoZaI/+vhMXWQKJ0AyAiLc/7/Bstt/0fhbViLXAcEU1rqocTyC
sZgwvooWCjeoL5MbGEjYrTQNcc5GulCki504W2DVrd6KsgGt0a9tczGu1IGSw7cs
NXA8Zifff0iX2T5UFHjX/xxHalEnXoSabpbG9CRjxIcVbVFXhks/zfhXFzxAfEhB
D/1ORLV7myW58CchSXdxb6fTuzovKfmlHWV9zwWZAaQuoktkjZUJqvYXMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE1nLYlcHO5sghRdVpdrQ4bGhaKrMB8GA1UdIwQY
MBaAFKE0cbUAKk62SWElz1hzfw3rra57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1RSeHRRQXFUclpKWVNYUFdITl9EZXV0cm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9kOWU4N2ItNDUwYS00MTUyLWEyNDIt
ZDY5MTBiMjFhYjQyLzEvb1RSeHRRQXFUclpKWVNYUFdITl9EZXV0cm5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9kOWU4N2ItNDUwYS00MTUyLWEyNDItZDY5MTBiMjFhYjQy
LzEvb1RSeHRRQXFUclpKWVNYUFdITl9EZXV0cm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgy0A/ZTn
PV19umgJ54X8nigjmhw91zr50ftyN0pU8fCnEqTk8EyMGRoiTylDejl3EeI0ASh6
aQoJGbn+1jaFguhas6fVq4b4u+KqrKPOEtBYnFWbxCSsoAaSODCr7O1ZrFI0A0AD
8ZGLxivqHUn5826cW3VTeczO1AeCv5aBh6UqPOwsE0tUich95KrA4niHIOwvNtN9
4wzXATNVVc6ZJEHE8CTsTUyOF1g9Vssc69fDw0SuEhOCGz25OOi9x8zo3gcOyyxU
pHVlfkQitpUZD1BWG0VBBuGeOBSmQOex73vIV7NSHEB3jk5dtFf/w53E05+CKqKD
IExY8p/31tzdTQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:42:07 2025 by rpki-client