Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.mft
File: OBXtD6YgyAGqqabxT2WW1-yXUKE.mft (raw, json)
Hash identifier: LcPWS9bkqkZZukjWpVUL2vCKH2yV6ESAhr1vZyIpuR4=
Subject key identifier: 42:2D:2B:45:CA:00:8A:00:9F:A8:34:A1:A8:A9:F1:3A:35:1A:5D:9A
Authority key identifier: 38:15:ED:0F:A6:20:C8:01:AA:A9:A6:F1:4F:65:96:D7:EC:97:50:A1
Certificate issuer: /CN=3815ed0fa620c801aaa9a6f14f6596d7ec9750a1
Certificate serial: 019A288B4BC483E5CF4E5E97F2EC45FDFAA9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OBXtD6YgyAGqqabxT2WW1-yXUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.mft
Manifest number: 16FB
Signing time: Tue 28 Oct 2025 02:00:08 +0000
Manifest this update: Tue 28 Oct 2025 02:00:08 +0000
Manifest next update: Wed 29 Oct 2025 02:00:08 +0000
Files and hashes: 1: OBXtD6YgyAGqqabxT2WW1-yXUKE.crl (hash: DXSGV0nqIszTyfnmDmRkoV5PAMLbU5SYXihLkZgPCCI=)
2: u-w9Flj7fkevQpf-dpXISzIby2Y.roa (hash: +ftWzfsK6bMqWx5+3ThvbgDjBdiFZmrC2eI3EPi2YVc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OBXtD6YgyAGqqabxT2WW1-yXUKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:28:8b:4b:c4:83:e5:cf:4e:5e:97:f2:ec:45:fd:fa:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3815ed0fa620c801aaa9a6f14f6596d7ec9750a1
Validity
Not Before: Oct 28 02:00:08 2025 GMT
Not After : Oct 29 02:00:08 2025 GMT
Subject: CN=422d2b45ca008a009fa834a1a8a9f13a351a5d9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5b:ec:a8:d2:39:c1:0c:aa:cd:12:ba:ed:fc:
8a:d9:2a:ad:8d:fa:13:5e:43:6c:30:ce:3a:d4:53:
a2:05:d9:03:d8:7f:4a:33:33:ec:9f:a5:ef:3e:a7:
7a:49:80:9a:02:e5:06:38:70:3f:83:34:84:f5:47:
4d:6a:cf:98:e6:d5:40:e2:87:b1:61:6f:6c:6f:be:
94:55:79:2a:d9:b7:da:a9:e6:08:f3:05:ba:c1:76:
c1:5b:3a:b3:c4:34:30:ce:3a:d0:6d:08:cc:cf:43:
9a:88:e6:cf:0e:2d:27:02:02:9e:91:6d:24:29:31:
5f:89:4e:8b:e0:1e:9a:75:d6:3e:d9:c1:42:c3:ab:
a8:ff:b7:86:90:b5:e6:84:e2:1e:fb:15:f1:93:78:
25:5c:82:ff:85:51:f4:2e:fb:74:de:9d:da:96:27:
53:c4:f2:0e:f1:22:a1:9c:e2:b0:2b:a8:96:b0:1e:
33:83:e7:50:a3:c8:7e:39:a5:dc:98:ae:7a:b1:54:
f4:2a:7d:a1:fa:23:7c:ca:53:4a:61:e0:fb:9b:22:
e7:63:b7:d8:6a:b2:67:7f:50:c1:bb:29:72:6a:53:
43:fe:a8:2c:bb:6b:32:55:3a:ec:36:e2:32:60:03:
d2:af:ac:dd:7a:88:31:45:ee:d8:8b:99:6d:7f:48:
c8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:2D:2B:45:CA:00:8A:00:9F:A8:34:A1:A8:A9:F1:3A:35:1A:5D:9A
X509v3 Authority Key Identifier:
keyid:38:15:ED:0F:A6:20:C8:01:AA:A9:A6:F1:4F:65:96:D7:EC:97:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBXtD6YgyAGqqabxT2WW1-yXUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:02:5c:09:83:d5:f6:29:6b:99:e0:68:2b:e1:d6:8a:a7:66:
60:bb:c5:00:c4:04:a7:7a:b4:bf:de:ab:32:c2:8b:cf:c9:f9:
b0:44:51:f3:35:23:ae:55:af:9b:4d:6e:16:6a:fb:dd:2b:c5:
69:3c:4b:c8:1a:29:11:9e:da:6e:65:e6:49:a3:ce:9d:45:c7:
b4:0a:b2:ce:c2:b4:54:ef:30:d0:d9:de:dc:1d:40:a9:20:f5:
c4:d4:2a:9b:6f:09:02:9a:46:9f:29:22:05:29:c8:c7:59:6e:
04:d2:e8:7a:e6:ea:57:81:fc:ec:f2:7f:bf:2d:77:3b:1f:c1:
7a:1d:43:6c:88:04:50:63:c7:3a:26:43:de:19:01:1d:73:3d:
0b:66:c2:54:05:92:54:94:09:c0:c3:7d:1e:d7:f5:d3:cf:42:
a5:9b:4e:09:5b:85:b3:5b:73:4d:b3:53:f4:0b:67:51:1e:3b:
e1:39:45:57:3f:13:1e:ee:73:9b:e5:9c:d5:3a:e9:5e:bb:76:
c1:a0:93:12:e4:5e:52:e4:8b:00:27:03:1d:a6:d5:62:8d:30:
91:f1:8f:35:ba:69:ce:fd:05:d4:1f:a1:a0:b6:c0:2e:08:f1:
9f:49:fc:f3:e8:2e:4c:e3:1d:9e:57:3d:7d:0e:d4:0e:29:6d:
f9:87:b5:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZooi0vEg+XPTl6X8uxF/fqpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MTVlZDBmYTYyMGM4MDFhYWE5YTZmMTRmNjU5NmQ3ZWM5
NzUwYTEwHhcNMjUxMDI4MDIwMDA4WhcNMjUxMDI5MDIwMDA4WjAzMTEwLwYDVQQD
Eyg0MjJkMmI0NWNhMDA4YTAwOWZhODM0YTFhOGE5ZjEzYTM1MWE1ZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFvsqNI5wQyqzRK67fyK2SqtjfoT
XkNsMM461FOiBdkD2H9KMzPsn6XvPqd6SYCaAuUGOHA/gzSE9UdNas+Y5tVA4oex
YW9sb76UVXkq2bfaqeYI8wW6wXbBWzqzxDQwzjrQbQjMz0OaiObPDi0nAgKekW0k
KTFfiU6L4B6addY+2cFCw6uo/7eGkLXmhOIe+xXxk3glXIL/hVH0Lvt03p3alidT
xPIO8SKhnOKwK6iWsB4zg+dQo8h+OaXcmK56sVT0Kn2h+iN8ylNKYeD7myLnY7fY
arJnf1DBuylyalND/qgsu2syVTrsNuIyYAPSr6zdeogxRe7Yi5ltf0jIjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEItK0XKAIoAn6g0oaip8To1Gl2aMB8GA1UdIwQY
MBaAFDgV7Q+mIMgBqqmm8U9lltfsl1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0JYdEQ2WWd5QUdxcWFieFQyV1cxLXlYVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8zMmRhNDAtMGNiZi00MjQ0LWIxYTQt
ZjM1YTQ0NTYzNWNhLzEvT0JYdEQ2WWd5QUdxcWFieFQyV1cxLXlYVUtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8zMmRhNDAtMGNiZi00MjQ0LWIxYTQtZjM1YTQ0NTYzNWNh
LzEvT0JYdEQ2WWd5QUdxcWFieFQyV1cxLXlYVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcAJcCYPV
9ilrmeBoK+HWiqdmYLvFAMQEp3q0v96rMsKLz8n5sERR8zUjrlWvm01uFmr73SvF
aTxLyBopEZ7abmXmSaPOnUXHtAqyzsK0VO8w0Nne3B1AqSD1xNQqm28JAppGnyki
BSnIx1luBNLoeubqV4H87PJ/vy13Ox/Beh1DbIgEUGPHOiZD3hkBHXM9C2bCVAWS
VJQJwMN9Htf1089CpZtOCVuFs1tzTbNT9AtnUR474TlFVz8THu5zm+Wc1TrpXrt2
waCTEuReUuSLACcDHabVYo0wkfGPNbppzv0F1B+hoLbALgjxn0n88+guTOMdnlc9
fQ7UDilt+Ye1WQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 10:54:20 2025 by rpki-client