Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.mft
File: ojIkxQF9NOzcKNDPNkQtZb754KA.mft (raw, json)
Hash identifier: 1/fsxSNLMo02pacuFYe9AnZzwJmbZ3jlZLp0XTxZgKs=
Subject key identifier: 35:0F:27:4A:E3:DD:62:3A:D2:EC:15:6E:10:62:B3:90:4A:54:14:98
Authority key identifier: A2:32:24:C5:01:7D:34:EC:DC:28:D0:CF:36:44:2D:65:BE:F9:E0:A0
Certificate issuer: /CN=a23224c5017d34ecdc28d0cf36442d65bef9e0a0
Certificate serial: 019A7149E08F9FD865BB9F6330355FE508E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.mft
Manifest number: 1728
Signing time: Tue 11 Nov 2025 05:00:58 +0000
Manifest this update: Tue 11 Nov 2025 05:00:58 +0000
Manifest next update: Wed 12 Nov 2025 05:00:58 +0000
Files and hashes: 1: bEhBHj_5ND7DPkcxJc-eHtfnjVE.roa (hash: q7DP36VzuoeI79R3/z9nukbV52RDnraBhFmpjcuFOJ0=)
2: fUWog8dQyKlZmDz3Jt4aoMe12ZM.roa (hash: m7C2vWzzKK+0unJuovK786RQ7kI+1mqtBwzlHAjE+E0=)
3: ojIkxQF9NOzcKNDPNkQtZb754KA.crl (hash: 0I8MkMTF9hNpaXMZMLl+VzyBOdCXVWbZyIOZJERRZBE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:e0:8f:9f:d8:65:bb:9f:63:30:35:5f:e5:08:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a23224c5017d34ecdc28d0cf36442d65bef9e0a0
Validity
Not Before: Nov 11 05:00:58 2025 GMT
Not After : Nov 12 05:00:58 2025 GMT
Subject: CN=350f274ae3dd623ad2ec156e1062b3904a541498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a2:5f:2d:b4:f1:06:cb:36:7b:bc:42:53:0e:
06:7c:30:7a:8c:69:d3:1b:18:35:b8:ed:bb:0d:1f:
a0:4b:75:55:18:d1:ad:ce:8a:6f:9e:2e:c1:56:cb:
ee:65:06:18:74:2c:f1:5a:46:ce:28:02:72:9f:79:
5e:b0:da:4c:1a:3a:a9:40:bb:93:e8:28:eb:58:cc:
3c:12:89:88:82:2e:5a:11:8b:39:e6:fe:22:15:5b:
de:a6:9b:85:54:0b:d0:54:dd:cf:72:f7:09:45:23:
50:d3:a2:0e:b1:5d:ea:ce:55:42:c8:77:c2:d6:75:
cb:e3:d3:78:3f:97:fb:df:20:0f:76:c8:1f:e5:06:
9a:22:75:1a:2a:16:5a:87:a4:34:93:7d:c9:30:10:
a0:3d:32:4a:11:ad:b1:48:61:b6:c3:87:c4:98:53:
25:53:6e:cb:59:99:f2:c2:42:bb:71:6a:35:8e:a5:
ac:b1:73:7e:6a:ee:c7:8e:e3:20:34:31:d9:bc:41:
ce:35:58:69:a5:dc:57:15:e6:81:82:58:81:23:98:
5c:8e:dc:70:f1:9a:74:cb:0b:00:6c:86:2c:26:38:
39:5c:5e:f0:49:23:6c:c6:f7:67:0a:2d:1b:cb:f5:
74:95:93:27:74:c9:31:ee:e3:d3:8b:a2:b0:fd:8b:
0a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:0F:27:4A:E3:DD:62:3A:D2:EC:15:6E:10:62:B3:90:4A:54:14:98
X509v3 Authority Key Identifier:
keyid:A2:32:24:C5:01:7D:34:EC:DC:28:D0:CF:36:44:2D:65:BE:F9:E0:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:8b:3d:49:f0:b9:b7:aa:f3:e5:40:3d:df:e2:df:37:f9:50:
e1:34:8c:a9:57:d6:d1:a1:a4:f2:f5:fa:47:62:df:c0:b3:19:
c5:6d:16:02:70:2c:82:a3:eb:c2:bb:3d:7c:29:f3:a7:c6:59:
4f:16:4f:d1:5b:3e:17:2f:89:c0:a6:1f:32:b5:db:37:28:14:
cb:1f:90:9b:96:7d:24:c0:8d:4e:6c:04:ab:c0:19:7e:45:d3:
b3:1f:e2:ad:90:c4:41:f0:e6:1b:8d:49:4c:82:75:0f:50:98:
2f:e2:a1:13:14:03:9a:90:15:b3:84:5c:37:00:bb:e9:9a:0e:
7b:4a:02:64:d0:b7:62:e5:61:fa:e6:3b:f6:77:88:41:cc:16:
55:5b:7a:1e:24:2a:ba:9a:df:c1:d9:38:df:24:c0:da:79:f2:
6e:24:e4:8a:ec:8c:4a:5b:1f:1d:14:18:4d:82:a2:cf:6d:23:
a2:a1:9e:7e:dd:9e:6b:63:a7:8c:9b:fc:87:47:93:e1:3f:2d:
0f:6b:c2:77:48:3d:a1:b2:6d:59:39:e5:79:63:9f:00:13:18:
17:fd:4f:f3:c8:1c:6d:93:df:d3:42:23:64:de:0a:8a:d8:7d:
e1:e6:de:a8:c6:bb:42:fc:6e:8b:95:e7:45:50:de:b7:2a:2b:
1a:5a:0a:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSeCPn9hlu59jMDVf5QjlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMzIyNGM1MDE3ZDM0ZWNkYzI4ZDBjZjM2NDQyZDY1YmVm
OWUwYTAwHhcNMjUxMTExMDUwMDU4WhcNMjUxMTEyMDUwMDU4WjAzMTEwLwYDVQQD
EygzNTBmMjc0YWUzZGQ2MjNhZDJlYzE1NmUxMDYyYjM5MDRhNTQxNDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6JfLbTxBss2e7xCUw4GfDB6jGnT
Gxg1uO27DR+gS3VVGNGtzopvni7BVsvuZQYYdCzxWkbOKAJyn3lesNpMGjqpQLuT
6CjrWMw8EomIgi5aEYs55v4iFVveppuFVAvQVN3PcvcJRSNQ06IOsV3qzlVCyHfC
1nXL49N4P5f73yAPdsgf5QaaInUaKhZah6Q0k33JMBCgPTJKEa2xSGG2w4fEmFMl
U27LWZnywkK7cWo1jqWssXN+au7HjuMgNDHZvEHONVhppdxXFeaBgliBI5hcjtxw
8Zp0ywsAbIYsJjg5XF7wSSNsxvdnCi0by/V0lZMndMkx7uPTi6Kw/YsKrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDUPJ0rj3WI60uwVbhBis5BKVBSYMB8GA1UdIwQY
MBaAFKIyJMUBfTTs3CjQzzZELWW++eCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjdkMTQtZDc1MS00NTczLTk5MTkt
ZmVjOGE4MGVkMjMzLzEvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjdkMTQtZDc1MS00NTczLTk5MTktZmVjOGE4MGVkMjMz
LzEvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFYs9SfC5
t6rz5UA93+LfN/lQ4TSMqVfW0aGk8vX6R2LfwLMZxW0WAnAsgqPrwrs9fCnzp8ZZ
TxZP0Vs+Fy+JwKYfMrXbNygUyx+Qm5Z9JMCNTmwEq8AZfkXTsx/irZDEQfDmG41J
TIJ1D1CYL+KhExQDmpAVs4RcNwC76ZoOe0oCZNC3YuVh+uY79neIQcwWVVt6HiQq
uprfwdk43yTA2nnybiTkiuyMSlsfHRQYTYKiz20joqGeft2ea2OnjJv8h0eT4T8t
D2vCd0g9obJtWTnleWOfABMYF/1P88gcbZPf00IjZN4Kith94ebeqMa7Qvxui5Xn
RVDetyorGloKaw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:40:28 2025 by rpki-client