Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
File: o3U2my1LsuLe3maGRTE-NE5vHMA.mft (raw, json)
Hash identifier: vLZnv4UbGMJPiKbpzI7bRWf2ET3vcNgHOp4g9Tsk6Nw=
Subject key identifier: E4:FE:FF:8D:1A:91:34:30:05:1D:47:91:AF:BE:29:CA:47:08:2D:8D
Authority key identifier: A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
Certificate issuer: /CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Certificate serial: 019A4DE189E2BDC84FD0BFD93A4B244EEEF5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
Manifest number: 1710
Signing time: Tue 04 Nov 2025 08:00:17 +0000
Manifest this update: Tue 04 Nov 2025 08:00:17 +0000
Manifest next update: Wed 05 Nov 2025 08:00:17 +0000
Files and hashes: 1: DyAD9klcag15NhnplKEMXi8dKqg.roa (hash: Zvr5j/JLyl2kQb4eL63NQCTsndBLbuYPjEiWULmfej8=)
2: o3U2my1LsuLe3maGRTE-NE5vHMA.crl (hash: qvbzhnLJdZlrfC6fDc5XSeCb10VsdQTU4Eew14XLfN0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:89:e2:bd:c8:4f:d0:bf:d9:3a:4b:24:4e:ee:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Validity
Not Before: Nov 4 08:00:17 2025 GMT
Not After : Nov 5 08:00:17 2025 GMT
Subject: CN=e4feff8d1a913430051d4791afbe29ca47082d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:09:04:ef:65:a7:a3:e6:62:51:43:6c:a7:48:
cc:a6:d7:d1:75:81:10:45:7f:11:c0:6e:27:90:59:
a5:6f:8a:ca:ad:c6:d8:ed:99:40:82:72:7d:0e:b7:
d9:c9:d8:7a:34:17:23:a5:f7:37:6f:d3:7d:b4:60:
c3:d6:74:2a:35:2f:15:a8:0d:d9:bb:54:a9:05:f6:
db:a4:93:24:de:5e:22:4f:bd:31:38:91:74:da:cf:
73:32:8d:a3:3e:cc:df:cc:30:8b:ed:bb:24:3b:76:
d9:96:97:17:8c:38:0c:50:42:0f:99:9b:86:7a:06:
43:9f:8d:8c:42:e6:7e:3f:8b:a5:87:94:7e:c0:6e:
5d:76:eb:52:84:ff:d0:a0:02:37:5b:06:b7:2d:b7:
99:20:c1:8b:71:e2:d7:a9:24:35:44:b1:d0:07:e1:
d3:7e:99:95:7f:d3:65:e7:bf:82:ad:a0:88:9c:67:
44:b7:65:cb:65:40:f4:df:fe:ce:e1:41:fa:7f:29:
91:c8:3f:b7:67:1f:4f:12:37:61:35:f3:72:88:83:
b7:9a:80:33:49:6a:f1:d0:1b:34:45:dc:46:61:06:
bc:fd:0f:16:db:d0:12:31:d7:41:63:54:66:79:e8:
f4:a1:fb:93:7c:77:51:1f:0f:ba:2c:30:e3:ce:c6:
66:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:FE:FF:8D:1A:91:34:30:05:1D:47:91:AF:BE:29:CA:47:08:2D:8D
X509v3 Authority Key Identifier:
keyid:A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3c:68:11:27:3a:34:93:fc:6c:b1:8d:30:02:8a:6d:29:56:83:
92:74:82:2a:b1:8f:84:d0:a2:da:e4:8b:72:e5:00:be:0e:fe:
76:37:a4:d7:70:90:a4:ba:a0:fc:97:6c:41:24:42:4a:83:77:
eb:5a:ec:ce:c3:87:60:fa:8d:c7:19:94:73:7c:71:72:89:95:
77:61:56:22:e4:ca:7f:61:fa:b1:07:f4:99:0e:4d:b7:d8:05:
a5:45:ec:03:19:26:6a:eb:25:c0:c3:c9:9f:1d:ca:e0:2d:f6:
12:ff:19:86:eb:b6:88:c1:e0:b6:0a:1c:04:a7:f8:ce:02:49:
ae:28:16:62:58:ba:64:15:fb:0f:c6:06:64:55:80:3e:09:68:
0b:d1:cc:53:e9:24:fc:5b:f9:20:19:0a:78:6b:ee:16:a5:81:
dc:11:13:ad:d4:d2:a4:10:9e:d7:ae:12:d2:60:ab:2c:25:a9:
ca:e4:14:1b:f0:1c:9b:08:58:59:fe:b1:d7:ce:5e:f7:5f:a4:
3c:68:6f:63:c8:7a:38:26:7d:ea:db:f5:45:cf:0a:d2:bf:46:
32:e6:3a:b5:d8:55:71:26:93:f0:3f:6b:3a:e0:44:16:cf:21:
c7:12:7a:74:96:ef:3d:cf:f5:02:7c:86:fb:aa:e8:0b:da:17:
2f:75:af:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4YnivchP0L/ZOkskTu71MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzUzNjliMmQ0YmIyZTJkZWRlNjY4NjQ1MzEzZTM0NGU2
ZjFjYzAwHhcNMjUxMTA0MDgwMDE3WhcNMjUxMTA1MDgwMDE3WjAzMTEwLwYDVQQD
EyhlNGZlZmY4ZDFhOTEzNDMwMDUxZDQ3OTFhZmJlMjljYTQ3MDgyZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAkE72Wno+ZiUUNsp0jMptfRdYEQ
RX8RwG4nkFmlb4rKrcbY7ZlAgnJ9DrfZydh6NBcjpfc3b9N9tGDD1nQqNS8VqA3Z
u1SpBfbbpJMk3l4iT70xOJF02s9zMo2jPszfzDCL7bskO3bZlpcXjDgMUEIPmZuG
egZDn42MQuZ+P4ulh5R+wG5ddutShP/QoAI3Wwa3LbeZIMGLceLXqSQ1RLHQB+HT
fpmVf9Nl57+CraCInGdEt2XLZUD03/7O4UH6fymRyD+3Zx9PEjdhNfNyiIO3moAz
SWrx0Bs0RdxGYQa8/Q8W29ASMddBY1Rmeej0ofuTfHdRHw+6LDDjzsZmIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOT+/40akTQwBR1Hka++KcpHCC2NMB8GA1UdIwQY
MBaAFKN1NpstS7Li3t5mhkUxPjRObxzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQt
MjhiZWM3Yjk5OTI5LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQtMjhiZWM3Yjk5OTI5
LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPGgRJzo0
k/xssY0wAoptKVaDknSCKrGPhNCi2uSLcuUAvg7+djek13CQpLqg/JdsQSRCSoN3
61rszsOHYPqNxxmUc3xxcomVd2FWIuTKf2H6sQf0mQ5Nt9gFpUXsAxkmauslwMPJ
nx3K4C32Ev8Zhuu2iMHgtgocBKf4zgJJrigWYli6ZBX7D8YGZFWAPgloC9HMU+kk
/Fv5IBkKeGvuFqWB3BETrdTSpBCe164S0mCrLCWpyuQUG/AcmwhYWf6x185e91+k
PGhvY8h6OCZ96tv1Rc8K0r9GMuY6tdhVcSaT8D9rOuBEFs8hxxJ6dJbvPc/1AnyG
+6roC9oXL3WvJQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:55:07 2025 by rpki-client