Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
File: OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft (raw, json)
Hash identifier: fxTWlTSVt0dhwclipzb950cJ8gh5Rwo9XhoQ6qK7C2A=
Subject key identifier: C2:D2:E3:1F:D1:AB:0D:E8:89:7A:64:28:D7:2E:5D:EE:BF:62:4D:F4
Authority key identifier: 3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82
Certificate issuer: /CN=3a6b084426d9de0b10e0141d1de43c7629c19682
Certificate serial: 019A70A512BD31C27AC77D5E86901297ED4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
Manifest number: 0DD2
Signing time: Tue 11 Nov 2025 02:00:57 +0000
Manifest this update: Tue 11 Nov 2025 02:00:57 +0000
Manifest next update: Wed 12 Nov 2025 02:00:57 +0000
Files and hashes: 1: OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl (hash: zKMsnCCWb7zcw+k/SSxW2kgYbA5WLTlLM4v9FYMRMto=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a5:12:bd:31:c2:7a:c7:7d:5e:86:90:12:97:ed:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a6b084426d9de0b10e0141d1de43c7629c19682
Validity
Not Before: Nov 11 02:00:57 2025 GMT
Not After : Nov 12 02:00:57 2025 GMT
Subject: CN=c2d2e31fd1ab0de8897a6428d72e5deebf624df4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:52:46:25:53:b6:de:4c:35:64:23:f2:ab:ff:
e6:72:11:50:e5:88:b0:47:e7:eb:ca:e7:f7:c3:db:
dc:6a:d6:eb:f1:f8:83:91:fc:9f:8a:a4:2b:d4:de:
bd:bb:8b:b7:ad:6a:0b:34:a1:f2:6b:26:6e:87:3d:
98:9f:e4:8b:81:bd:df:e0:2e:6a:7c:b3:a9:14:83:
2a:e5:a6:ea:ea:ad:0b:a3:57:7e:6a:bf:3d:9d:65:
ed:8a:39:49:4c:76:93:3a:e2:c0:90:eb:c9:b2:26:
71:5b:0e:7c:57:1c:55:24:d0:fc:f5:67:38:be:4d:
16:13:65:22:18:43:01:dd:01:ae:82:6f:03:4f:ab:
e3:5b:ce:00:57:be:51:56:e7:8e:c8:f1:68:4c:85:
4a:ea:bf:f5:5a:cb:c1:f5:7b:75:05:ff:dd:b1:23:
26:f4:58:92:e8:25:4e:8f:61:98:3d:61:11:60:84:
94:2e:71:85:59:85:92:e4:47:11:52:bb:bd:0d:a9:
9b:73:b3:f6:4c:56:01:79:84:f9:b2:dd:62:05:c0:
7e:b1:fe:66:68:d3:e5:1e:e3:ac:32:87:02:13:65:
17:6e:d0:dd:8c:88:58:94:35:af:ec:21:da:19:99:
20:cc:12:08:d0:0b:54:c8:43:de:2c:be:e9:6f:8e:
4c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:D2:E3:1F:D1:AB:0D:E8:89:7A:64:28:D7:2E:5D:EE:BF:62:4D:F4
X509v3 Authority Key Identifier:
keyid:3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b7:7c:a3:07:f8:a4:0b:b0:25:59:ee:e9:52:9b:07:37:32:01:
93:cc:4c:3a:e9:02:6a:da:2a:d9:d8:73:9b:f2:49:04:d5:c7:
cd:b8:02:22:31:2a:30:43:47:4b:e3:dd:00:8a:79:19:ec:3b:
bc:2a:28:40:8d:44:ea:63:e8:78:5b:68:b0:b3:30:8e:eb:b1:
95:58:d4:83:ba:7f:50:fd:f7:5c:5e:8c:86:54:74:2c:6d:1f:
27:23:05:10:90:af:11:e8:43:70:e5:ca:e4:85:04:a2:e2:14:
d6:20:f5:6c:4c:3d:81:5c:04:00:a9:a8:0f:ad:7c:f6:7b:4a:
39:14:85:ee:9a:e0:ac:44:0a:94:a3:42:5a:79:b0:53:f0:0f:
94:d4:e8:75:27:b4:60:a9:0d:63:3a:e4:ad:b3:f0:42:9f:34:
15:30:22:a2:01:cc:73:18:cd:e1:ff:41:42:44:8d:d6:b8:5b:
90:04:21:9e:85:1d:ce:e6:03:7d:16:a6:8d:4f:2b:8c:4a:e9:
48:1a:7c:31:60:76:40:9d:93:12:e9:e3:35:60:81:7f:b1:42:
86:3b:69:e1:f5:97:fd:c2:1f:21:b7:bc:44:48:41:c3:b8:a9:
dc:bc:7a:e6:02:87:04:25:f5:31:0c:58:a2:62:c8:71:81:fd:
cf:80:d8:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpRK9McJ6x31ehpASl+1OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNmIwODQ0MjZkOWRlMGIxMGUwMTQxZDFkZTQzYzc2Mjlj
MTk2ODIwHhcNMjUxMTExMDIwMDU3WhcNMjUxMTEyMDIwMDU3WjAzMTEwLwYDVQQD
EyhjMmQyZTMxZmQxYWIwZGU4ODk3YTY0MjhkNzJlNWRlZWJmNjI0ZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglJGJVO23kw1ZCPyq//mchFQ5Yiw
R+fryuf3w9vcatbr8fiDkfyfiqQr1N69u4u3rWoLNKHyayZuhz2Yn+SLgb3f4C5q
fLOpFIMq5abq6q0Lo1d+ar89nWXtijlJTHaTOuLAkOvJsiZxWw58VxxVJND89Wc4
vk0WE2UiGEMB3QGugm8DT6vjW84AV75RVueOyPFoTIVK6r/1WsvB9Xt1Bf/dsSMm
9FiS6CVOj2GYPWERYISULnGFWYWS5EcRUru9Dambc7P2TFYBeYT5st1iBcB+sf5m
aNPlHuOsMocCE2UXbtDdjIhYlDWv7CHaGZkgzBII0AtUyEPeLL7pb45MBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMLS4x/Rqw3oiXpkKNcuXe6/Yk30MB8GA1UdIwQY
MBaAFDprCEQm2d4LEOAUHR3kPHYpwZaCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2Ut
MzA1YjdjZWViNzk2LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2UtMzA1YjdjZWViNzk2
LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt3yjB/ik
C7AlWe7pUpsHNzIBk8xMOukCatoq2dhzm/JJBNXHzbgCIjEqMENHS+PdAIp5Gew7
vCooQI1E6mPoeFtosLMwjuuxlVjUg7p/UP33XF6MhlR0LG0fJyMFEJCvEehDcOXK
5IUEouIU1iD1bEw9gVwEAKmoD6189ntKORSF7prgrEQKlKNCWnmwU/APlNTodSe0
YKkNYzrkrbPwQp80FTAiogHMcxjN4f9BQkSN1rhbkAQhnoUdzuYDfRamjU8rjErp
SBp8MWB2QJ2TEunjNWCBf7FChjtp4fWX/cIfIbe8REhBw7ip3Lx65gKHBCX1MQxY
omLIcYH9z4DYrA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:46:13 2025 by rpki-client