Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft
File: OzdnJSANjYwAzw91FK8l_zYjEPA.mft (raw, json)
Hash identifier: hzg+HHsKMe+LQQ/5yP6/tZrC/cf4PH1JV2ikYPbjcMo=
Subject key identifier: 06:C9:3A:82:3F:DC:B5:48:D3:56:55:13:0A:61:3F:D3:FE:E2:2F:12
Authority key identifier: 3B:37:67:25:20:0D:8D:8C:00:CF:0F:75:14:AF:25:FF:36:23:10:F0
Certificate issuer: /CN=3b376725200d8d8c00cf0f7514af25ff362310f0
Certificate serial: 019A71B86E853A15134E590F7A5B067698FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OzdnJSANjYwAzw91FK8l_zYjEPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 07:01:43 +0000
Manifest this update: Tue 11 Nov 2025 07:01:43 +0000
Manifest next update: Wed 12 Nov 2025 07:01:43 +0000
Files and hashes: 1: OzdnJSANjYwAzw91FK8l_zYjEPA.crl (hash: faEgBHM/+IKHWHlRyxg/EQ2iuZ3WuYiKEQ2YFOD1FtU=)
2: mY9DqP6sBYRDAuWwviu5NNB6lIA.roa (hash: Jpwfq6zWzFUKhEKM7+C1EDuHC9fqQSYeca6cvS8lEYo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OzdnJSANjYwAzw91FK8l_zYjEPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:6e:85:3a:15:13:4e:59:0f:7a:5b:06:76:98:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b376725200d8d8c00cf0f7514af25ff362310f0
Validity
Not Before: Nov 11 07:01:43 2025 GMT
Not After : Nov 12 07:01:43 2025 GMT
Subject: CN=06c93a823fdcb548d35655130a613fd3fee22f12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:75:0a:a9:a7:ec:79:5a:53:1a:e5:01:e5:28:
99:d2:21:3a:d3:fc:d5:69:bf:44:d8:cd:cc:2d:9c:
e3:c7:83:3d:5e:8a:0f:39:a5:17:54:e1:32:40:b6:
9b:a0:c2:2e:d0:cf:52:3e:bc:27:8f:7d:0e:e7:cb:
83:9a:12:9c:1d:14:ae:2f:d1:73:90:c6:18:4d:ff:
84:a6:74:60:f4:25:47:5c:17:87:27:ea:8d:31:5a:
85:03:0d:71:96:d6:c0:2d:5a:33:e6:89:de:5d:a9:
25:c9:9a:f7:cf:03:2d:f1:1e:e2:6b:b6:c8:4d:f8:
d8:29:66:ba:53:62:9a:01:33:6b:49:d4:34:da:f2:
db:39:d1:79:b7:0f:ed:a8:c8:5e:a9:a9:d4:2a:9b:
07:8f:f3:45:87:0d:34:0e:27:4a:2e:84:19:62:10:
85:80:d7:65:a7:1a:a3:fe:d7:a3:e2:7e:5b:07:23:
95:2e:63:ce:f1:72:c8:c2:2f:b9:5d:72:39:5d:aa:
d6:96:04:a9:1d:4f:73:df:cf:24:20:e0:56:10:b5:
f6:3e:f2:97:26:80:e3:67:c8:dc:04:86:f8:71:e1:
b9:8b:41:12:fa:22:b5:1e:9f:86:a0:dc:4e:23:6a:
aa:83:47:f3:f2:15:54:ed:ec:f8:af:06:cb:f2:71:
35:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C9:3A:82:3F:DC:B5:48:D3:56:55:13:0A:61:3F:D3:FE:E2:2F:12
X509v3 Authority Key Identifier:
keyid:3B:37:67:25:20:0D:8D:8C:00:CF:0F:75:14:AF:25:FF:36:23:10:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OzdnJSANjYwAzw91FK8l_zYjEPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:b4:4a:76:c9:2d:ec:b7:eb:f7:fc:26:e2:e3:c2:00:fb:08:
f8:c7:67:f5:1e:b2:cf:d8:88:62:c9:40:2f:50:5b:e3:b2:42:
47:d3:37:19:f4:b0:b7:bc:08:51:68:21:0c:0d:f3:1e:4e:24:
56:d6:3c:1d:a0:16:89:bc:ce:33:2c:1f:13:dc:5e:01:e2:c2:
62:2d:4c:68:e3:50:01:de:2b:43:b7:bb:5e:c3:19:fb:29:d9:
00:aa:95:49:7b:75:3e:60:83:42:41:02:b9:49:81:e3:19:9a:
c3:c9:49:d3:b8:91:a0:df:4a:25:5b:f8:16:e8:7f:a6:86:e6:
95:63:77:53:9b:61:14:4b:05:1e:44:67:38:9f:b2:98:32:36:
07:f5:f3:94:62:fa:45:8e:6f:00:72:1f:37:98:1d:83:c3:7d:
d5:46:91:55:63:e7:38:b6:3c:8d:58:67:d3:e8:d0:72:08:8c:
e3:c3:bc:28:09:f9:fd:5d:e8:bd:67:8c:b6:1d:dd:3d:d6:87:
7d:5d:d5:db:63:20:58:3a:e7:32:a8:c6:14:6d:41:c8:df:d8:
9e:55:15:63:ed:15:e8:a8:a8:8b:f3:a5:54:51:d1:15:52:7f:
31:05:bd:46:ed:a8:3c:7f:99:a1:6a:0a:ff:ce:23:3c:2a:cd:
cf:ce:3a:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuG6FOhUTTlkPelsGdpj6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMzc2NzI1MjAwZDhkOGMwMGNmMGY3NTE0YWYyNWZmMzYy
MzEwZjAwHhcNMjUxMTExMDcwMTQzWhcNMjUxMTEyMDcwMTQzWjAzMTEwLwYDVQQD
EygwNmM5M2E4MjNmZGNiNTQ4ZDM1NjU1MTMwYTYxM2ZkM2ZlZTIyZjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3UKqafseVpTGuUB5SiZ0iE60/zV
ab9E2M3MLZzjx4M9XooPOaUXVOEyQLaboMIu0M9SPrwnj30O58uDmhKcHRSuL9Fz
kMYYTf+EpnRg9CVHXBeHJ+qNMVqFAw1xltbALVoz5oneXaklyZr3zwMt8R7ia7bI
TfjYKWa6U2KaATNrSdQ02vLbOdF5tw/tqMheqanUKpsHj/NFhw00DidKLoQZYhCF
gNdlpxqj/tej4n5bByOVLmPO8XLIwi+5XXI5XarWlgSpHU9z388kIOBWELX2PvKX
JoDjZ8jcBIb4ceG5i0ES+iK1Hp+GoNxOI2qqg0fz8hVU7ez4rwbL8nE1cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAbJOoI/3LVI01ZVEwphP9P+4i8SMB8GA1UdIwQY
MBaAFDs3ZyUgDY2MAM8PdRSvJf82IxDwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3pkbkpTQU5qWXdBenc5MUZLOGxfellqRVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9lNTRhNjMtMzZiNC00Njg0LTkxNTkt
MjkyMDk4ZGEyZTM5LzEvT3pkbkpTQU5qWXdBenc5MUZLOGxfellqRVBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9lNTRhNjMtMzZiNC00Njg0LTkxNTktMjkyMDk4ZGEyZTM5
LzEvT3pkbkpTQU5qWXdBenc5MUZLOGxfellqRVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR7RKdskt
7Lfr9/wm4uPCAPsI+Mdn9R6yz9iIYslAL1Bb47JCR9M3GfSwt7wIUWghDA3zHk4k
VtY8HaAWibzOMywfE9xeAeLCYi1MaONQAd4rQ7e7XsMZ+ynZAKqVSXt1PmCDQkEC
uUmB4xmaw8lJ07iRoN9KJVv4Fuh/pobmlWN3U5thFEsFHkRnOJ+ymDI2B/XzlGL6
RY5vAHIfN5gdg8N91UaRVWPnOLY8jVhn0+jQcgiM48O8KAn5/V3ovWeMth3dPdaH
fV3V22MgWDrnMqjGFG1ByN/YnlUVY+0V6Kioi/OlVFHRFVJ/MQW9Ru2oPH+ZoWoK
/84jPCrNz846CA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:42:53 2025 by rpki-client