Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/12df2d-94f1-4d10-94a4-1f8368801fdc/1/OBS2SN1XQgJcPdpeqmZJH_2y5dk.mft
File: OBS2SN1XQgJcPdpeqmZJH_2y5dk.mft (raw, json)
Hash identifier: g6427ENH1lmOnRhgVPF9mEl7Yh3n86uFjPH8LEZHLug=
Subject key identifier: 9A:28:60:D5:EE:F9:7E:BD:39:C0:9A:11:7C:F1:47:10:42:EF:7F:98
Authority key identifier: 38:14:B6:48:DD:57:42:02:5C:3D:DA:5E:AA:66:49:1F:FD:B2:E5:D9
Certificate issuer: /CN=3814b648dd5742025c3dda5eaa66491ffdb2e5d9
Certificate serial: 019A71B8DDDBB3E6B4A22D691F76BD01EC7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OBS2SN1XQgJcPdpeqmZJH_2y5dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/12df2d-94f1-4d10-94a4-1f8368801fdc/1/OBS2SN1XQgJcPdpeqmZJH_2y5dk.mft
Manifest number: 0DFE
Signing time: Tue 11 Nov 2025 07:02:12 +0000
Manifest this update: Tue 11 Nov 2025 07:02:12 +0000
Manifest next update: Wed 12 Nov 2025 07:02:12 +0000
Files and hashes: 1: OBS2SN1XQgJcPdpeqmZJH_2y5dk.crl (hash: Hj0MPXAxyA7GnOuMaKMoipijgQMDSzQ28J5iwKM4GLk=)
2: b85MZ4WinFf_UE0cBlcSvifgg7I.roa (hash: uJf/EeGTiSuFi2jO3q5f34ZIMuvCCFqx997bjLZrpdM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/12df2d-94f1-4d10-94a4-1f8368801fdc/1/OBS2SN1XQgJcPdpeqmZJH_2y5dk.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/12df2d-94f1-4d10-94a4-1f8368801fdc/1/OBS2SN1XQgJcPdpeqmZJH_2y5dk.mft
rsync://rpki.ripe.net/repository/DEFAULT/OBS2SN1XQgJcPdpeqmZJH_2y5dk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:dd:db:b3:e6:b4:a2:2d:69:1f:76:bd:01:ec:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3814b648dd5742025c3dda5eaa66491ffdb2e5d9
Validity
Not Before: Nov 11 07:02:12 2025 GMT
Not After : Nov 12 07:02:12 2025 GMT
Subject: CN=9a2860d5eef97ebd39c09a117cf1471042ef7f98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:59:f3:36:88:1a:b6:d4:44:2e:fa:b5:2c:b5:
92:18:e4:de:a8:64:11:49:ba:5a:40:ab:6e:f6:f1:
cd:b9:36:22:d8:1c:04:47:68:23:55:59:76:a1:d5:
2e:bb:be:aa:e3:be:2c:f2:10:c0:6c:b8:76:a1:b0:
1f:83:6d:de:6b:0e:08:8f:3f:a1:a5:f8:9e:ca:95:
8e:6d:11:6d:3a:45:df:9d:49:e7:03:6a:41:53:3f:
a0:6e:f5:88:93:a4:2a:37:d7:30:69:eb:36:f7:fe:
9f:41:15:8e:1b:01:a8:3e:c8:2f:2f:1a:83:6c:d1:
8c:88:35:83:70:e7:30:9e:a6:70:d1:20:3c:ad:f5:
a7:df:75:55:a7:10:e9:49:ba:64:c9:37:1b:4e:db:
d8:3e:bc:e8:b4:58:b9:8f:b3:41:52:3a:d4:13:08:
2d:35:8b:7c:8f:09:cb:1e:31:6d:dd:e7:19:55:4f:
5f:89:b2:48:7c:ba:c9:b6:56:84:29:6f:e8:fc:4e:
03:c4:96:4b:c4:38:aa:60:e8:5d:be:bd:cf:ca:f3:
f2:4a:32:a6:5c:fb:b9:08:28:c7:38:67:73:ad:aa:
35:30:63:0c:c3:4c:8b:cf:76:1a:99:a2:8b:0c:dc:
aa:f2:dd:7a:80:8f:26:97:97:d9:d2:cb:d5:95:44:
6f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:28:60:D5:EE:F9:7E:BD:39:C0:9A:11:7C:F1:47:10:42:EF:7F:98
X509v3 Authority Key Identifier:
keyid:38:14:B6:48:DD:57:42:02:5C:3D:DA:5E:AA:66:49:1F:FD:B2:E5:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBS2SN1XQgJcPdpeqmZJH_2y5dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/12df2d-94f1-4d10-94a4-1f8368801fdc/1/OBS2SN1XQgJcPdpeqmZJH_2y5dk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/12df2d-94f1-4d10-94a4-1f8368801fdc/1/OBS2SN1XQgJcPdpeqmZJH_2y5dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
54:2f:fb:28:28:a5:4c:dd:6c:49:d7:08:42:f6:ae:03:8a:9b:
c3:6e:58:02:e0:ee:86:31:f7:59:eb:3c:46:17:a6:56:c7:cd:
9f:3e:3b:7f:1d:17:27:69:18:bd:2c:dc:70:ef:ec:b7:4d:ee:
cd:86:15:aa:39:6b:07:fc:2b:b7:de:60:ee:e7:dc:42:82:00:
f3:96:e9:3f:ee:0f:c8:55:a8:aa:67:8a:4a:57:8e:18:0f:8a:
b1:6e:00:f8:71:d5:7b:1e:c2:72:71:4a:17:e6:0e:ff:83:65:
81:55:c5:7e:76:81:24:45:7b:a5:3d:05:7f:f3:31:8c:23:69:
7f:8e:fd:3d:9f:c4:c4:80:b6:dd:36:8b:2e:0d:06:d1:82:9a:
8b:2b:9e:2f:5b:ef:91:0c:59:c1:06:f3:dc:3d:44:d7:2c:2b:
58:77:77:27:da:9b:02:82:ae:23:ea:d6:82:cd:db:dc:4e:fb:
3c:98:94:98:7b:28:90:9c:ce:e0:84:44:91:b1:f3:e5:22:7c:
c9:8c:ee:57:95:2a:e4:b2:6b:2b:39:e1:4c:d4:19:3b:f6:25:
e5:de:21:25:ec:ea:a1:a4:ad:fa:03:a5:38:fa:03:b0:f9:9d:
9a:77:d4:60:06:44:c0:1c:ae:88:d7:9a:d0:fb:6c:7b:12:bb:
26:5d:3d:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuN3bs+a0oi1pH3a9Aex6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MTRiNjQ4ZGQ1NzQyMDI1YzNkZGE1ZWFhNjY0OTFmZmRi
MmU1ZDkwHhcNMjUxMTExMDcwMjEyWhcNMjUxMTEyMDcwMjEyWjAzMTEwLwYDVQQD
Eyg5YTI4NjBkNWVlZjk3ZWJkMzljMDlhMTE3Y2YxNDcxMDQyZWY3Zjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklnzNogattRELvq1LLWSGOTeqGQR
SbpaQKtu9vHNuTYi2BwER2gjVVl2odUuu76q474s8hDAbLh2obAfg23eaw4Ijz+h
pfieypWObRFtOkXfnUnnA2pBUz+gbvWIk6QqN9cwaes29/6fQRWOGwGoPsgvLxqD
bNGMiDWDcOcwnqZw0SA8rfWn33VVpxDpSbpkyTcbTtvYPrzotFi5j7NBUjrUEwgt
NYt8jwnLHjFt3ecZVU9fibJIfLrJtlaEKW/o/E4DxJZLxDiqYOhdvr3PyvPySjKm
XPu5CCjHOGdzrao1MGMMw0yLz3YamaKLDNyq8t16gI8ml5fZ0svVlURvawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJooYNXu+X69OcCaEXzxRxBC73+YMB8GA1UdIwQY
MBaAFDgUtkjdV0ICXD3aXqpmSR/9suXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0JTMlNOMVhRZ0pjUGRwZXFtWkpIXzJ5NWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8xMmRmMmQtOTRmMS00ZDEwLTk0YTQt
MWY4MzY4ODAxZmRjLzEvT0JTMlNOMVhRZ0pjUGRwZXFtWkpIXzJ5NWRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8xMmRmMmQtOTRmMS00ZDEwLTk0YTQtMWY4MzY4ODAxZmRj
LzEvT0JTMlNOMVhRZ0pjUGRwZXFtWkpIXzJ5NWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVC/7KCil
TN1sSdcIQvauA4qbw25YAuDuhjH3Wes8RhemVsfNnz47fx0XJ2kYvSzccO/st03u
zYYVqjlrB/wrt95g7ufcQoIA85bpP+4PyFWoqmeKSleOGA+KsW4A+HHVex7CcnFK
F+YO/4NlgVXFfnaBJEV7pT0Ff/MxjCNpf479PZ/ExIC23TaLLg0G0YKaiyueL1vv
kQxZwQbz3D1E1ywrWHd3J9qbAoKuI+rWgs3b3E77PJiUmHsokJzO4IREkbHz5SJ8
yYzuV5Uq5LJrKznhTNQZO/Yl5d4hJezqoaSt+gOlOPoDsPmdmnfUYAZEwByuiNea
0PtsexK7Jl09Ig==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:27:20 2025 by rpki-client