Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft
File: OUjkpbK65iNUmZE9y-wE38pTHpA.mft (raw, json)
Hash identifier: hskJJYd7+/1UC+5ch2XlMU1PQpUY8gS4nyP4ylPXPlE=
Subject key identifier: 1F:26:24:D2:53:5D:51:29:51:8F:40:7B:48:F1:9C:68:F2:E9:30:01
Authority key identifier: 39:48:E4:A5:B2:BA:E6:23:54:99:91:3D:CB:EC:04:DF:CA:53:1E:90
Certificate issuer: /CN=3948e4a5b2bae6235499913dcbec04dfca531e90
Certificate serial: 019A725CDD55DF25BA10AADA0DA9F4EB9C77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OUjkpbK65iNUmZE9y-wE38pTHpA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft
Manifest number: 15F1
Signing time: Tue 11 Nov 2025 10:01:19 +0000
Manifest this update: Tue 11 Nov 2025 10:01:19 +0000
Manifest next update: Wed 12 Nov 2025 10:01:19 +0000
Files and hashes: 1: OUjkpbK65iNUmZE9y-wE38pTHpA.crl (hash: sutpsh5ZKt3SfR87eqrBFaGhItBzXt3wowgZuZgYSgk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OUjkpbK65iNUmZE9y-wE38pTHpA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:dd:55:df:25:ba:10:aa:da:0d:a9:f4:eb:9c:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3948e4a5b2bae6235499913dcbec04dfca531e90
Validity
Not Before: Nov 11 10:01:19 2025 GMT
Not After : Nov 12 10:01:19 2025 GMT
Subject: CN=1f2624d2535d5129518f407b48f19c68f2e93001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:93:b4:84:f7:3e:3a:57:e5:f9:b9:9b:5e:d6:
f7:7e:de:5b:16:63:f9:22:79:cd:ff:53:59:1e:da:
c3:45:4a:43:b5:60:9b:ff:db:fe:00:25:46:62:8a:
9c:84:3f:50:03:1b:a9:37:c6:4a:5c:04:d4:5b:dc:
d1:d9:f2:83:26:49:ce:93:cc:da:93:eb:f4:a9:ff:
5e:d9:fa:c5:a3:f3:83:12:2d:0b:9f:33:8d:f8:6b:
2f:c1:f6:79:06:43:f9:ea:63:db:66:11:a1:20:b0:
af:9c:e5:1a:c1:33:f6:54:5f:03:2d:18:24:79:42:
3b:25:f5:92:97:e3:0e:22:fb:86:00:41:fb:04:87:
79:82:44:b5:f1:f5:2e:70:a3:9b:20:62:e6:95:d3:
26:78:81:e2:05:06:8f:e8:e9:16:98:a3:c6:74:22:
2f:30:fd:3e:cc:27:48:b0:83:c6:71:74:8d:9d:1a:
13:2d:09:ca:41:4d:76:70:30:8f:5c:27:26:31:bb:
5a:97:02:62:27:15:4a:9c:26:5e:75:5e:69:c4:cc:
ec:55:85:40:91:02:aa:f3:48:59:1d:d8:0c:6a:85:
18:62:ca:22:d2:a2:7d:d7:ae:b7:9e:8e:b1:65:a2:
d5:fd:6b:49:e9:3f:07:2a:92:6a:e7:d3:fe:78:d3:
b1:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:26:24:D2:53:5D:51:29:51:8F:40:7B:48:F1:9C:68:F2:E9:30:01
X509v3 Authority Key Identifier:
keyid:39:48:E4:A5:B2:BA:E6:23:54:99:91:3D:CB:EC:04:DF:CA:53:1E:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OUjkpbK65iNUmZE9y-wE38pTHpA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:f4:06:45:c0:91:cd:bc:e1:e1:ee:45:d5:60:f8:16:3d:bb:
38:9a:17:74:97:2c:f0:ad:af:a0:c1:a5:db:00:32:43:4a:c1:
21:35:fb:7f:4b:00:0c:11:08:0a:aa:13:0d:b7:16:70:79:2a:
0e:1d:57:b6:3d:01:47:4a:ba:be:32:85:93:8e:3d:9b:47:5f:
df:0a:a2:77:ff:cc:03:df:a3:bf:00:b1:47:18:05:bd:a3:8b:
cb:e0:85:ab:29:66:07:1a:c6:77:d3:db:25:71:8c:29:26:ab:
3f:2a:b5:74:59:60:63:71:cc:35:2c:e3:2d:3b:57:b4:be:d2:
a0:58:de:48:7f:0c:78:2d:9a:7e:52:e6:69:94:a9:d0:03:53:
5d:46:ea:91:46:47:ee:a2:04:b8:c5:43:5d:9d:99:e0:79:e0:
38:f1:fd:4f:f6:2b:d3:18:9c:e1:b3:e6:9c:3a:83:4c:80:b0:
6e:73:ce:38:cc:14:74:69:24:9d:67:bd:ad:29:8f:8d:fc:77:
4a:bb:c0:18:7f:cb:77:b5:e0:4e:99:39:3d:c6:a3:2a:c8:14:
5a:38:2a:06:74:cf:49:2f:e1:a9:6f:f5:76:30:80:22:37:42:
b5:40:53:df:37:e0:0d:b2:36:fa:84:73:ba:2e:b7:3f:7a:70:
a4:e4:bc:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXN1V3yW6EKraDan065x3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NDhlNGE1YjJiYWU2MjM1NDk5OTEzZGNiZWMwNGRmY2E1
MzFlOTAwHhcNMjUxMTExMTAwMTE5WhcNMjUxMTEyMTAwMTE5WjAzMTEwLwYDVQQD
EygxZjI2MjRkMjUzNWQ1MTI5NTE4ZjQwN2I0OGYxOWM2OGYyZTkzMDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZO0hPc+Olfl+bmbXtb3ft5bFmP5
InnN/1NZHtrDRUpDtWCb/9v+ACVGYoqchD9QAxupN8ZKXATUW9zR2fKDJknOk8za
k+v0qf9e2frFo/ODEi0LnzON+GsvwfZ5BkP56mPbZhGhILCvnOUawTP2VF8DLRgk
eUI7JfWSl+MOIvuGAEH7BId5gkS18fUucKObIGLmldMmeIHiBQaP6OkWmKPGdCIv
MP0+zCdIsIPGcXSNnRoTLQnKQU12cDCPXCcmMbtalwJiJxVKnCZedV5pxMzsVYVA
kQKq80hZHdgMaoUYYsoi0qJ91663no6xZaLV/WtJ6T8HKpJq59P+eNOxpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB8mJNJTXVEpUY9Ae0jxnGjy6TABMB8GA1UdIwQY
MBaAFDlI5KWyuuYjVJmRPcvsBN/KUx6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1Vqa3BiSzY1aU5VbVpFOXktd0UzOHBUSHBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9iMWMzZjMtN2E0MC00MzJjLWI0MWUt
ZjY1MGU1MDdhNzZkLzEvT1Vqa3BiSzY1aU5VbVpFOXktd0UzOHBUSHBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9iMWMzZjMtN2E0MC00MzJjLWI0MWUtZjY1MGU1MDdhNzZk
LzEvT1Vqa3BiSzY1aU5VbVpFOXktd0UzOHBUSHBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjfQGRcCR
zbzh4e5F1WD4Fj27OJoXdJcs8K2voMGl2wAyQ0rBITX7f0sADBEICqoTDbcWcHkq
Dh1Xtj0BR0q6vjKFk449m0df3wqid//MA9+jvwCxRxgFvaOLy+CFqylmBxrGd9Pb
JXGMKSarPyq1dFlgY3HMNSzjLTtXtL7SoFjeSH8MeC2aflLmaZSp0ANTXUbqkUZH
7qIEuMVDXZ2Z4HngOPH9T/Yr0xic4bPmnDqDTICwbnPOOMwUdGkknWe9rSmPjfx3
SrvAGH/Ld7XgTpk5PcajKsgUWjgqBnTPSS/hqW/1djCAIjdCtUBT3zfgDbI2+oRz
ui63P3pwpOS89w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:17:43 2025 by rpki-client