Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/cbec33-0325-41e7-8266-79a7eaa7ae58/1/oJ1luSb910PaW0c9NBhf4QGwWig.mft
File: oJ1luSb910PaW0c9NBhf4QGwWig.mft (raw, json)
Hash identifier: X6WCoZhxx86rIfmZZdz3gjH4sFvjHOEE1oAvEIJu7+A=
Subject key identifier: A2:5A:58:1D:C4:B8:A0:B0:1D:1B:DF:3E:1D:27:01:59:3A:1B:8F:46
Authority key identifier: A0:9D:65:B9:26:FD:D7:43:DA:5B:47:3D:34:18:5F:E1:01:B0:5A:28
Certificate issuer: /CN=a09d65b926fdd743da5b473d34185fe101b05a28
Certificate serial: 019A7149E45DC12D5C8CDC71F4EF016D5687
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oJ1luSb910PaW0c9NBhf4QGwWig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/cbec33-0325-41e7-8266-79a7eaa7ae58/1/oJ1luSb910PaW0c9NBhf4QGwWig.mft
Manifest number: 1721
Signing time: Tue 11 Nov 2025 05:00:59 +0000
Manifest this update: Tue 11 Nov 2025 05:00:59 +0000
Manifest next update: Wed 12 Nov 2025 05:00:59 +0000
Files and hashes: 1: lhjGJIifChZhyO0SU9NNpxfAaP0.roa (hash: nX/uaYhIBdSKJHgpMLgtjy0tDRvricoltizd7F7VYTI=)
2: oJ1luSb910PaW0c9NBhf4QGwWig.crl (hash: M8tc069XFSWcDOFZdT5KMOamqtcR21LrEdeYQ1ID4M8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/cbec33-0325-41e7-8266-79a7eaa7ae58/1/oJ1luSb910PaW0c9NBhf4QGwWig.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/cbec33-0325-41e7-8266-79a7eaa7ae58/1/oJ1luSb910PaW0c9NBhf4QGwWig.mft
rsync://rpki.ripe.net/repository/DEFAULT/oJ1luSb910PaW0c9NBhf4QGwWig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:e4:5d:c1:2d:5c:8c:dc:71:f4:ef:01:6d:56:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a09d65b926fdd743da5b473d34185fe101b05a28
Validity
Not Before: Nov 11 05:00:59 2025 GMT
Not After : Nov 12 05:00:59 2025 GMT
Subject: CN=a25a581dc4b8a0b01d1bdf3e1d2701593a1b8f46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:7b:e7:39:2f:5a:cf:e3:76:5f:18:ac:8d:0b:
ab:cd:85:74:51:c9:db:b5:4b:5c:b0:bc:bf:5f:d7:
e2:2a:80:34:f0:1d:8e:15:a1:e4:4b:4a:83:46:33:
cc:fd:25:b2:77:72:9f:01:40:56:21:43:22:14:fe:
22:0b:24:49:82:56:ca:01:75:0a:8e:f8:b9:c0:a5:
6b:f8:85:33:8b:30:d5:2c:28:f6:18:d0:4a:cd:38:
5d:1d:58:44:97:0d:b0:2f:b9:cd:93:a7:55:40:36:
87:ba:ba:5e:e5:6a:dd:72:0b:e4:b5:7d:8d:d9:72:
8d:6f:a4:b7:bd:90:af:9b:b2:02:77:27:c9:bd:9e:
f7:50:aa:79:11:80:79:62:d8:38:16:a7:87:88:53:
57:c8:44:9b:32:44:8e:48:83:9f:3c:10:13:c7:31:
83:9f:69:1e:bc:b9:6c:84:8f:87:d4:eb:8a:02:04:
7c:4f:ad:36:f2:4d:c5:e0:ff:b6:8a:cc:98:ec:f3:
73:91:9c:df:36:fe:df:8d:79:17:1e:ca:e9:29:b2:
ed:63:01:7b:65:c0:b0:52:9c:6a:d0:d7:88:01:41:
94:c4:ff:ed:4c:f2:81:f2:90:ac:64:65:df:7e:65:
d2:22:4d:79:9b:46:45:e4:b8:54:8f:84:b5:e2:66:
99:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:5A:58:1D:C4:B8:A0:B0:1D:1B:DF:3E:1D:27:01:59:3A:1B:8F:46
X509v3 Authority Key Identifier:
keyid:A0:9D:65:B9:26:FD:D7:43:DA:5B:47:3D:34:18:5F:E1:01:B0:5A:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJ1luSb910PaW0c9NBhf4QGwWig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/cbec33-0325-41e7-8266-79a7eaa7ae58/1/oJ1luSb910PaW0c9NBhf4QGwWig.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/cbec33-0325-41e7-8266-79a7eaa7ae58/1/oJ1luSb910PaW0c9NBhf4QGwWig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b1:29:d4:e1:44:a6:88:d5:fe:53:1e:67:b8:0a:05:0a:d3:ca:
57:54:2d:07:97:e3:4d:3f:8f:25:3d:45:bc:ef:71:48:7e:40:
cf:3c:22:2d:fc:86:f3:3d:bc:d7:29:9b:bb:56:9e:6c:22:1d:
42:42:62:57:2c:56:c8:85:c4:29:12:81:8a:e5:0f:03:fa:1d:
04:d1:02:83:de:36:39:c0:ad:f5:1f:3c:11:5a:1b:dd:d0:8d:
54:e5:63:a4:a9:9d:55:e1:df:bc:96:98:89:14:9a:61:65:96:
fe:23:a9:76:1f:45:34:11:52:97:6e:71:4d:4a:a9:71:a4:90:
7b:07:ab:37:d7:67:59:3a:11:94:30:63:be:2b:0d:25:13:52:
ae:01:ca:51:c1:7b:1c:59:5d:62:d3:14:3e:c9:c2:d7:ff:1a:
59:7f:6b:b5:ed:c6:5f:7a:a3:15:e5:d8:ab:39:b6:22:29:d5:
22:35:4c:30:f8:8c:1f:ff:1c:16:60:70:55:6d:67:8c:df:ea:
9d:b4:34:b9:20:6c:d3:2b:67:17:39:aa:84:65:ad:92:34:90:
a8:a2:8a:b9:86:58:33:0b:07:e7:49:45:fa:99:e2:58:ae:78:
3b:f6:3b:49:d2:74:ca:d5:25:1c:98:ba:db:cd:0d:cc:80:6e:
bd:07:9c:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSeRdwS1cjNxx9O8BbVaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOWQ2NWI5MjZmZGQ3NDNkYTViNDczZDM0MTg1ZmUxMDFi
MDVhMjgwHhcNMjUxMTExMDUwMDU5WhcNMjUxMTEyMDUwMDU5WjAzMTEwLwYDVQQD
EyhhMjVhNTgxZGM0YjhhMGIwMWQxYmRmM2UxZDI3MDE1OTNhMWI4ZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9HvnOS9az+N2XxisjQurzYV0Ucnb
tUtcsLy/X9fiKoA08B2OFaHkS0qDRjPM/SWyd3KfAUBWIUMiFP4iCyRJglbKAXUK
jvi5wKVr+IUzizDVLCj2GNBKzThdHVhElw2wL7nNk6dVQDaHurpe5WrdcgvktX2N
2XKNb6S3vZCvm7ICdyfJvZ73UKp5EYB5Ytg4FqeHiFNXyESbMkSOSIOfPBATxzGD
n2kevLlshI+H1OuKAgR8T6028k3F4P+2isyY7PNzkZzfNv7fjXkXHsrpKbLtYwF7
ZcCwUpxq0NeIAUGUxP/tTPKB8pCsZGXffmXSIk15m0ZF5LhUj4S14maZJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKJaWB3EuKCwHRvfPh0nAVk6G49GMB8GA1UdIwQY
MBaAFKCdZbkm/ddD2ltHPTQYX+EBsFooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0oxbHVTYjkxMFBhVzBjOU5CaGY0UUd3V2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9jYmVjMzMtMDMyNS00MWU3LTgyNjYt
NzlhN2VhYTdhZTU4LzEvb0oxbHVTYjkxMFBhVzBjOU5CaGY0UUd3V2lnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9jYmVjMzMtMDMyNS00MWU3LTgyNjYtNzlhN2VhYTdhZTU4
LzEvb0oxbHVTYjkxMFBhVzBjOU5CaGY0UUd3V2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsSnU4USm
iNX+Ux5nuAoFCtPKV1QtB5fjTT+PJT1FvO9xSH5AzzwiLfyG8z281ymbu1aebCId
QkJiVyxWyIXEKRKBiuUPA/odBNECg942OcCt9R88EVob3dCNVOVjpKmdVeHfvJaY
iRSaYWWW/iOpdh9FNBFSl25xTUqpcaSQewerN9dnWToRlDBjvisNJRNSrgHKUcF7
HFldYtMUPsnC1/8aWX9rte3GX3qjFeXYqzm2IinVIjVMMPiMH/8cFmBwVW1njN/q
nbQ0uSBs0ytnFzmqhGWtkjSQqKKKuYZYMwsH50lF+pniWK54O/Y7SdJ0ytUlHJi6
280NzIBuvQec9A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:44:25 2025 by rpki-client