Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/81e5a5-ac39-43c1-872f-98dfc2ee6e0c/1/ocG-CYGk51dsVi9vCeZcF8GA48o.mft
File: ocG-CYGk51dsVi9vCeZcF8GA48o.mft (raw, json)
Hash identifier: sLo6UHzV5sxS6pHa4m/TNrS1PqlYy8yqvw42iMIzNOY=
Subject key identifier: 1C:15:20:55:C5:29:A8:4D:9A:80:75:63:2B:E6:88:B3:84:1E:2E:87
Authority key identifier: A1:C1:BE:09:81:A4:E7:57:6C:56:2F:6F:09:E6:5C:17:C1:80:E3:CA
Certificate issuer: /CN=a1c1be0981a4e7576c562f6f09e65c17c180e3ca
Certificate serial: 019A714A0150AFA156259E0F4A3B67EE2A29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ocG-CYGk51dsVi9vCeZcF8GA48o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/81e5a5-ac39-43c1-872f-98dfc2ee6e0c/1/ocG-CYGk51dsVi9vCeZcF8GA48o.mft
Manifest number: 1721
Signing time: Tue 11 Nov 2025 05:01:06 +0000
Manifest this update: Tue 11 Nov 2025 05:01:06 +0000
Manifest next update: Wed 12 Nov 2025 05:01:06 +0000
Files and hashes: 1: Nmiqzb5OKDKFPEDZ9AhOwfzW5jQ.roa (hash: 16HSNwP1Wfx8pQJ0EjO/70dnXDCvO8XmFYI9/xms5GY=)
2: ocG-CYGk51dsVi9vCeZcF8GA48o.crl (hash: Dgbkc5d1udHS0xnzCBFxLlR7KXGD9nqeQjMsOmUieQE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/81e5a5-ac39-43c1-872f-98dfc2ee6e0c/1/ocG-CYGk51dsVi9vCeZcF8GA48o.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/81e5a5-ac39-43c1-872f-98dfc2ee6e0c/1/ocG-CYGk51dsVi9vCeZcF8GA48o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ocG-CYGk51dsVi9vCeZcF8GA48o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:4a:01:50:af:a1:56:25:9e:0f:4a:3b:67:ee:2a:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1c1be0981a4e7576c562f6f09e65c17c180e3ca
Validity
Not Before: Nov 11 05:01:06 2025 GMT
Not After : Nov 12 05:01:06 2025 GMT
Subject: CN=1c152055c529a84d9a8075632be688b3841e2e87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0d:7a:c3:b5:4f:9f:bb:b4:75:08:14:04:0b:
0c:a3:fe:33:78:2e:76:92:4b:3a:e4:34:5d:e0:28:
33:f3:02:52:6d:a6:bc:56:e6:76:67:72:5c:64:63:
76:1c:14:6c:c8:99:1c:42:b0:bb:51:ac:6e:3e:e2:
44:01:7e:eb:d5:03:4d:93:b8:dc:8e:e6:8d:be:c5:
15:04:b5:35:36:ac:c7:5e:2c:0f:77:8e:b2:05:db:
8c:6c:38:28:41:94:54:91:86:2e:26:a8:c6:de:67:
d9:0f:8a:38:ab:f4:be:ee:a1:54:34:1f:4d:d0:2d:
b6:fd:b1:96:b8:14:96:95:13:84:0a:a3:d2:86:7a:
2b:58:bf:3e:af:84:a9:91:80:06:f9:38:c0:6b:e5:
bd:32:14:a5:6f:8b:a6:f4:80:9c:32:5b:93:4a:53:
56:6a:db:85:96:13:ed:88:5f:62:3a:26:09:7e:15:
81:37:36:05:47:b6:6e:eb:17:03:1f:cc:02:c0:7e:
f5:62:3a:ff:4d:ee:fc:95:b3:d1:81:74:96:73:31:
24:c2:6a:81:3a:67:1e:3f:c8:c7:a4:dd:78:84:c4:
03:4f:24:af:c7:1b:dd:94:df:32:59:f4:a1:e2:1a:
8e:59:ca:02:3d:44:9a:f9:4a:5b:6a:9a:3b:dd:b4:
3e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:15:20:55:C5:29:A8:4D:9A:80:75:63:2B:E6:88:B3:84:1E:2E:87
X509v3 Authority Key Identifier:
keyid:A1:C1:BE:09:81:A4:E7:57:6C:56:2F:6F:09:E6:5C:17:C1:80:E3:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ocG-CYGk51dsVi9vCeZcF8GA48o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/81e5a5-ac39-43c1-872f-98dfc2ee6e0c/1/ocG-CYGk51dsVi9vCeZcF8GA48o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/81e5a5-ac39-43c1-872f-98dfc2ee6e0c/1/ocG-CYGk51dsVi9vCeZcF8GA48o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:f5:91:82:98:9b:ff:a8:61:3c:ea:fd:3b:9a:a8:92:6e:9f:
27:a1:13:1f:71:42:b0:cb:89:57:f1:28:64:02:20:4c:90:5a:
0b:f2:ef:b4:e9:40:4c:4a:f7:c4:d4:32:00:36:61:21:03:f7:
0f:d3:b6:98:84:d3:b3:de:9f:c7:b6:25:d8:0b:22:43:60:94:
4f:22:92:fa:46:39:9c:d7:53:f0:3c:ea:cb:e7:70:d2:57:73:
b0:9b:dc:6e:ac:a6:67:f9:bc:88:0d:a8:42:ca:23:95:f4:f1:
60:24:97:ac:32:1b:d1:e3:1c:7b:e4:d0:50:f6:9d:8e:66:ac:
06:7c:7c:9b:18:68:d4:aa:d7:e0:77:d6:b1:c1:6a:67:4c:45:
93:2b:61:5b:af:83:be:3e:92:8b:19:53:96:3e:bb:fb:da:38:
38:57:ae:8c:30:87:81:fe:2c:5f:2f:8d:dd:3d:cd:e4:46:99:
eb:f9:0d:f9:e4:47:2c:64:1d:9c:04:d5:33:dd:56:25:9e:71:
24:f3:e8:a7:25:be:3c:30:7a:cb:f8:d0:c3:19:84:07:c5:25:
31:e1:36:39:32:fb:35:f2:8a:63:05:a7:77:3b:27:0f:73:9b:
10:e0:d9:dc:71:ae:34:3d:23:ae:d5:89:fa:14:0c:7e:74:13:
8a:0a:89:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSgFQr6FWJZ4PSjtn7iopMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYzFiZTA5ODFhNGU3NTc2YzU2MmY2ZjA5ZTY1YzE3YzE4
MGUzY2EwHhcNMjUxMTExMDUwMTA2WhcNMjUxMTEyMDUwMTA2WjAzMTEwLwYDVQQD
EygxYzE1MjA1NWM1MjlhODRkOWE4MDc1NjMyYmU2ODhiMzg0MWUyZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0g16w7VPn7u0dQgUBAsMo/4zeC52
kks65DRd4Cgz8wJSbaa8VuZ2Z3JcZGN2HBRsyJkcQrC7UaxuPuJEAX7r1QNNk7jc
juaNvsUVBLU1NqzHXiwPd46yBduMbDgoQZRUkYYuJqjG3mfZD4o4q/S+7qFUNB9N
0C22/bGWuBSWlROECqPShnorWL8+r4SpkYAG+TjAa+W9MhSlb4um9ICcMluTSlNW
atuFlhPtiF9iOiYJfhWBNzYFR7Zu6xcDH8wCwH71Yjr/Te78lbPRgXSWczEkwmqB
OmceP8jHpN14hMQDTySvxxvdlN8yWfSh4hqOWcoCPUSa+Upbapo73bQ+iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBwVIFXFKahNmoB1YyvmiLOEHi6HMB8GA1UdIwQY
MBaAFKHBvgmBpOdXbFYvbwnmXBfBgOPKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2NHLUNZR2s1MWRzVmk5dkNlWmNGOEdBNDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84MWU1YTUtYWMzOS00M2MxLTg3MmYt
OThkZmMyZWU2ZTBjLzEvb2NHLUNZR2s1MWRzVmk5dkNlWmNGOEdBNDhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84MWU1YTUtYWMzOS00M2MxLTg3MmYtOThkZmMyZWU2ZTBj
LzEvb2NHLUNZR2s1MWRzVmk5dkNlWmNGOEdBNDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOvWRgpib
/6hhPOr9O5qokm6fJ6ETH3FCsMuJV/EoZAIgTJBaC/LvtOlATEr3xNQyADZhIQP3
D9O2mITTs96fx7Yl2AsiQ2CUTyKS+kY5nNdT8Dzqy+dw0ldzsJvcbqymZ/m8iA2o
QsojlfTxYCSXrDIb0eMce+TQUPadjmasBnx8mxho1KrX4HfWscFqZ0xFkythW6+D
vj6SixlTlj67+9o4OFeujDCHgf4sXy+N3T3N5EaZ6/kN+eRHLGQdnATVM91WJZ5x
JPPopyW+PDB6y/jQwxmEB8UlMeE2OTL7NfKKYwWndzsnD3ObEODZ3HGuND0jrtWJ
+hQMfnQTigqJAQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:04:13 2025 by rpki-client