Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.mft
File: O95jhoTGRf7dYA7TxQzfMQsRbT4.mft (raw, json)
Hash identifier: wRXv4PzcyVGxVaPtJ7YZwQW/6DyqHuyI9rjyCh+Lzx8=
Subject key identifier: E9:CF:69:FB:71:D4:7B:08:71:96:E4:85:8E:7D:B6:7B:26:D0:E6:C2
Authority key identifier: 3B:DE:63:86:84:C6:45:FE:DD:60:0E:D3:C5:0C:DF:31:0B:11:6D:3E
Certificate issuer: /CN=3bde638684c645fedd600ed3c50cdf310b116d3e
Certificate serial: 019A7113138ACEBE44DA9E44E5E2D41A1285
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.mft
Manifest number: 123C
Signing time: Tue 11 Nov 2025 04:01:06 +0000
Manifest this update: Tue 11 Nov 2025 04:01:06 +0000
Manifest next update: Wed 12 Nov 2025 04:01:06 +0000
Files and hashes: 1: O95jhoTGRf7dYA7TxQzfMQsRbT4.crl (hash: Z9HTfcE0LN5eRwuPEfVLMaP9CvsHD4aRvhXg4wSyTZg=)
2: RzF4b3sIXe3DzFdXYIh4DACfNyQ.roa (hash: NzaYQenLUpyVGKDKds+F+mtyj0Y2xs4JaXrSTsoxdK0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.mft
rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:13:8a:ce:be:44:da:9e:44:e5:e2:d4:1a:12:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bde638684c645fedd600ed3c50cdf310b116d3e
Validity
Not Before: Nov 11 04:01:06 2025 GMT
Not After : Nov 12 04:01:06 2025 GMT
Subject: CN=e9cf69fb71d47b087196e4858e7db67b26d0e6c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d3:fa:73:13:0b:c8:93:ee:45:b9:57:44:e3:
2d:03:1d:ec:e9:40:50:c6:04:58:fb:af:86:74:90:
20:aa:39:67:d6:95:db:ef:ab:03:40:08:40:4d:3d:
50:c1:7c:0e:8c:51:a8:ff:dc:57:80:54:3a:6b:44:
dd:5d:3b:a1:91:d1:61:b8:76:39:0e:19:6d:51:65:
e6:f0:e1:2e:77:fd:36:87:9b:6c:28:fb:0b:5a:1f:
34:69:5b:25:a1:86:74:1b:19:78:77:05:c6:96:03:
84:20:18:e7:1e:ba:88:5b:18:d3:74:33:0c:24:54:
93:ca:c6:42:9d:a1:9e:2f:30:15:ce:a3:5b:f6:5e:
c0:bc:ce:6e:c3:40:81:e5:f0:e9:46:65:58:41:6c:
de:f0:8d:b9:d7:01:a5:31:73:45:ba:6b:5e:3a:d0:
b1:71:57:75:e1:40:50:05:74:40:e7:6f:30:8d:30:
ae:1f:be:be:72:50:b1:ca:6f:e9:33:86:d2:52:00:
ad:85:4e:59:8d:7f:f4:0a:b8:64:a7:b5:92:22:76:
1a:2d:43:29:e1:f6:87:05:bf:14:59:ca:d1:c5:31:
93:d9:6f:17:33:18:d1:7f:30:94:78:c1:18:2e:70:
5f:0a:3b:2f:ef:43:1d:a1:76:ed:dd:54:b1:e5:5c:
94:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:CF:69:FB:71:D4:7B:08:71:96:E4:85:8E:7D:B6:7B:26:D0:E6:C2
X509v3 Authority Key Identifier:
keyid:3B:DE:63:86:84:C6:45:FE:DD:60:0E:D3:C5:0C:DF:31:0B:11:6D:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:9f:48:20:4c:af:d2:b0:44:7a:56:33:15:37:b0:d1:fb:c8:
3f:e1:36:7c:5f:1b:19:68:2c:9e:f7:fb:b4:c8:f2:4f:04:00:
81:4e:12:3e:f6:ea:86:b5:33:a9:6d:e1:37:74:e5:58:4f:ed:
37:ff:9c:56:4d:06:13:e5:4f:1d:a6:86:35:34:86:49:54:f3:
75:af:ec:4b:d1:71:01:02:6f:27:b6:0a:a5:8b:4d:2f:73:cc:
61:ee:7b:8a:3a:f2:55:0b:83:7a:3c:2d:d9:e3:1e:a6:38:07:
8d:fa:82:77:f7:6e:ba:d0:d0:d0:41:df:96:52:2b:da:80:b4:
1e:fb:ed:ef:87:eb:f7:b8:3e:dd:6b:9e:03:fc:d2:81:35:4f:
c8:d8:47:37:9c:c7:aa:03:6f:99:e4:53:e0:a3:87:e6:56:b5:
45:54:78:05:1e:3a:4f:7f:4f:1a:18:79:6b:43:02:c2:8f:44:
32:57:0b:9c:dc:82:9d:99:0e:ef:06:d5:93:16:d2:b4:2a:82:
9d:90:62:60:23:80:7c:e6:b1:38:ce:08:03:1d:7f:7b:10:18:
e4:95:e8:37:af:89:6e:9c:78:5e:7d:57:18:97:2c:15:05:d2:
6a:a0:b1:a3:ec:14:79:3e:df:d5:1e:dd:56:a3:da:27:04:9c:
09:4c:7f:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxExOKzr5E2p5E5eLUGhKFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZGU2Mzg2ODRjNjQ1ZmVkZDYwMGVkM2M1MGNkZjMxMGIx
MTZkM2UwHhcNMjUxMTExMDQwMTA2WhcNMjUxMTEyMDQwMTA2WjAzMTEwLwYDVQQD
EyhlOWNmNjlmYjcxZDQ3YjA4NzE5NmU0ODU4ZTdkYjY3YjI2ZDBlNmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9P6cxMLyJPuRblXROMtAx3s6UBQ
xgRY+6+GdJAgqjln1pXb76sDQAhATT1QwXwOjFGo/9xXgFQ6a0TdXTuhkdFhuHY5
DhltUWXm8OEud/02h5tsKPsLWh80aVsloYZ0Gxl4dwXGlgOEIBjnHrqIWxjTdDMM
JFSTysZCnaGeLzAVzqNb9l7AvM5uw0CB5fDpRmVYQWze8I251wGlMXNFumteOtCx
cVd14UBQBXRA528wjTCuH76+clCxym/pM4bSUgCthU5ZjX/0Crhkp7WSInYaLUMp
4faHBb8UWcrRxTGT2W8XMxjRfzCUeMEYLnBfCjsv70MdoXbt3VSx5VyU+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOnPaftx1HsIcZbkhY59tnsm0ObCMB8GA1UdIwQY
MBaAFDveY4aExkX+3WAO08UM3zELEW0+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82MmIxNWQtZWU1MC00NTBiLThlMmQt
MDk3YjA1MTBkM2UyLzEvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82MmIxNWQtZWU1MC00NTBiLThlMmQtMDk3YjA1MTBkM2Uy
LzEvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWJ9IIEyv
0rBEelYzFTew0fvIP+E2fF8bGWgsnvf7tMjyTwQAgU4SPvbqhrUzqW3hN3TlWE/t
N/+cVk0GE+VPHaaGNTSGSVTzda/sS9FxAQJvJ7YKpYtNL3PMYe57ijryVQuDejwt
2eMepjgHjfqCd/duutDQ0EHfllIr2oC0Hvvt74fr97g+3WueA/zSgTVPyNhHN5zH
qgNvmeRT4KOH5la1RVR4BR46T39PGhh5a0MCwo9EMlcLnNyCnZkO7wbVkxbStCqC
nZBiYCOAfOaxOM4IAx1/exAY5JXoN6+Jbpx4Xn1XGJcsFQXSaqCxo+wUeT7f1R7d
VqPaJwScCUx/wg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:41:44 2025 by rpki-client