Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/odcYUzJOsGD7r8mIIzhgSZyWxTo.mft
File: odcYUzJOsGD7r8mIIzhgSZyWxTo.mft (raw, json)
Hash identifier: 2dgIKQYZiqF73AO7cGCpXtBufPAJxiTQd+j9WK4nP2g=
Subject key identifier: DA:A1:BC:6E:A0:12:6A:5A:8B:53:C3:F1:2A:52:D6:0E:7D:02:14:B0
Authority key identifier: A1:D7:18:53:32:4E:B0:60:FB:AF:C9:88:23:38:60:49:9C:96:C5:3A
Certificate issuer: /CN=a1d71853324eb060fbafc988233860499c96c53a
Certificate serial: 019A077FCEA4A538E17CBF478FA7C9B77E67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/odcYUzJOsGD7r8mIIzhgSZyWxTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/odcYUzJOsGD7r8mIIzhgSZyWxTo.mft
Manifest number: 13CC
Signing time: Tue 21 Oct 2025 16:00:07 +0000
Manifest this update: Tue 21 Oct 2025 16:00:07 +0000
Manifest next update: Wed 22 Oct 2025 16:00:07 +0000
Files and hashes: 1: 7F1fGgeaeQSGNxeZxHKehoCFDbE.roa (hash: G34mOFPeKp5+zztRKCCmLxDUMfqD5XJqmdch8xEkSoY=)
2: C8QSMz8GNoIQm4uSFWS26QwX4TU.roa (hash: NCS38C69vxkOze1iM8evBR20KFQKimFCiPTQOaoZSEg=)
3: XJPUj_synwIHQp7bRuj9018K67k.roa (hash: nLvY6PY+U32R2cW/5HWGZNjEV3iPA1E/ctSR2ZD+DlI=)
4: XZOzWNS9uSJXxdofEgbqQ-4LX8Q.roa (hash: +R0Sy7oAn0ABCK0E7oKA/ofkAMnGgDdtdmPnmJOjdTs=)
5: YCQuqCy9NuRyU0S6FabSa0c6NJs.roa (hash: z0MGBwlcQwzapOIPDSPyZ4kB4JdwESi59TmNtwz3tdw=)
6: luxlDaP5S8ObPuSdfGG5jYy9i5M.roa (hash: 77j6FmpQDyTfoFeeOD1e16nzr03VwpDOQuhMjxPM3Tg=)
7: odcYUzJOsGD7r8mIIzhgSZyWxTo.crl (hash: 7kujbKJ/GypLRIW4ipgOjxDwBWjGA+2TSvGb67O8iUo=)
8: v4n00KmIPMAeaXO1e4oehEUWYOs.roa (hash: 7qEK4cAhcKMrkHzInLLOjuudGbx99FNXFdW89sFY/Us=)
9: zQz3tWtapn8qKz4rYeWGGnS9boI.roa (hash: Oet1y32LyQ4if4pkKw3gO80qX4zMy1K2uegwxuTNvQs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/odcYUzJOsGD7r8mIIzhgSZyWxTo.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/odcYUzJOsGD7r8mIIzhgSZyWxTo.mft
rsync://rpki.ripe.net/repository/DEFAULT/odcYUzJOsGD7r8mIIzhgSZyWxTo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 14:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:07:7f:ce:a4:a5:38:e1:7c:bf:47:8f:a7:c9:b7:7e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1d71853324eb060fbafc988233860499c96c53a
Validity
Not Before: Oct 21 16:00:07 2025 GMT
Not After : Oct 22 16:00:07 2025 GMT
Subject: CN=daa1bc6ea0126a5a8b53c3f12a52d60e7d0214b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6f:15:49:12:7a:77:28:31:9f:8f:22:47:c2:
6f:29:8b:bb:19:f9:df:34:8e:2f:d9:6f:37:e3:0a:
07:9b:50:3f:5f:52:e4:57:f3:00:f2:d6:4a:4a:3c:
7a:e3:ac:76:3d:f8:e8:59:93:c9:86:9e:30:0a:6d:
21:8a:6e:b6:7c:66:18:09:9a:df:56:cf:55:ff:1b:
aa:27:ce:58:97:f5:17:6b:83:9c:3a:d5:7c:49:a7:
2f:13:90:09:7a:cc:06:3b:cc:ca:af:55:0d:ff:85:
1e:f6:c6:1c:51:09:f1:3a:ee:8d:9c:7f:2e:61:63:
45:89:72:83:f2:43:93:e6:df:01:c1:a4:ff:68:b0:
23:80:ff:12:13:f5:80:8f:a4:29:83:51:f1:d1:c7:
18:5a:b7:42:4a:41:2b:05:57:e9:a5:32:83:0d:ef:
e5:54:59:df:23:19:0a:6b:71:80:41:9f:f5:e6:52:
be:86:22:4a:66:76:ab:da:d0:76:7b:5f:70:23:45:
2c:1b:e8:8b:e3:8a:01:d0:66:a7:74:71:c7:8e:ce:
2e:83:17:f6:d5:c5:a0:05:75:95:b2:c4:89:59:54:
dd:e2:d0:09:84:50:27:bb:06:54:0c:34:3d:10:33:
b9:53:4a:05:cf:cc:2f:b4:18:b3:47:94:55:d7:8c:
e3:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A1:BC:6E:A0:12:6A:5A:8B:53:C3:F1:2A:52:D6:0E:7D:02:14:B0
X509v3 Authority Key Identifier:
keyid:A1:D7:18:53:32:4E:B0:60:FB:AF:C9:88:23:38:60:49:9C:96:C5:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/odcYUzJOsGD7r8mIIzhgSZyWxTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/odcYUzJOsGD7r8mIIzhgSZyWxTo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/odcYUzJOsGD7r8mIIzhgSZyWxTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:8d:5a:4b:45:f5:a0:47:0d:e5:6b:86:20:ab:56:b6:c2:fb:
e1:5e:dc:5e:13:3f:ad:cf:e6:5e:08:cd:ed:e5:84:d0:59:4c:
cb:c4:c8:93:fb:40:34:f4:9c:a8:ca:32:2b:04:3a:b3:e8:e2:
aa:75:ab:4d:8c:f2:ff:dc:53:fd:39:d4:3c:cd:f3:eb:08:4d:
ec:63:d1:97:5f:b2:e5:e3:a5:11:ef:25:b4:86:ad:ae:e3:29:
e7:37:3e:53:8b:a6:96:f6:fa:2e:df:ce:52:ad:04:3a:35:e8:
8f:60:7b:5c:f4:20:9c:7d:61:73:37:19:b2:4c:51:a2:be:a3:
74:c3:0a:0f:97:cb:1e:c0:a5:34:78:4a:f9:ea:48:08:ef:a3:
7c:ca:59:09:f9:e1:6d:67:de:fa:ea:39:dc:78:41:1e:46:8e:
08:46:cf:15:ef:32:b4:01:67:45:df:d7:26:00:88:1f:bf:ec:
1f:05:3f:00:36:f8:78:96:0b:a0:5c:36:43:59:83:d0:3b:8d:
22:69:cf:5e:fb:57:87:8e:ce:31:9d:d6:62:17:38:cf:8f:e7:
98:d5:2f:44:f6:4a:b1:af:32:23:ff:08:64:c5:0b:c9:f4:03:
ef:4d:1b:3b:96:6c:69:fd:5e:56:f0:de:17:cb:69:8e:e5:8e:
6a:7b:57:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoHf86kpTjhfL9Hj6fJt35nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZDcxODUzMzI0ZWIwNjBmYmFmYzk4ODIzMzg2MDQ5OWM5
NmM1M2EwHhcNMjUxMDIxMTYwMDA3WhcNMjUxMDIyMTYwMDA3WjAzMTEwLwYDVQQD
EyhkYWExYmM2ZWEwMTI2YTVhOGI1M2MzZjEyYTUyZDYwZTdkMDIxNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzW8VSRJ6dygxn48iR8JvKYu7Gfnf
NI4v2W834woHm1A/X1LkV/MA8tZKSjx646x2PfjoWZPJhp4wCm0him62fGYYCZrf
Vs9V/xuqJ85Yl/UXa4OcOtV8SacvE5AJeswGO8zKr1UN/4Ue9sYcUQnxOu6NnH8u
YWNFiXKD8kOT5t8BwaT/aLAjgP8SE/WAj6Qpg1Hx0ccYWrdCSkErBVfppTKDDe/l
VFnfIxkKa3GAQZ/15lK+hiJKZnar2tB2e19wI0UsG+iL44oB0GandHHHjs4ugxf2
1cWgBXWVssSJWVTd4tAJhFAnuwZUDDQ9EDO5U0oFz8wvtBizR5RV14zjbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNqhvG6gEmpai1PD8SpS1g59AhSwMB8GA1UdIwQY
MBaAFKHXGFMyTrBg+6/JiCM4YEmclsU6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2RjWVV6Sk9zR0Q3cjhtSUl6aGdTWnlXeFRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83NjU2ZGItOTRhNS00NWJlLTk0MzUt
NzA2MTM1NmJlZjFiLzEvb2RjWVV6Sk9zR0Q3cjhtSUl6aGdTWnlXeFRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83NjU2ZGItOTRhNS00NWJlLTk0MzUtNzA2MTM1NmJlZjFi
LzEvb2RjWVV6Sk9zR0Q3cjhtSUl6aGdTWnlXeFRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADY1aS0X1
oEcN5WuGIKtWtsL74V7cXhM/rc/mXgjN7eWE0FlMy8TIk/tANPScqMoyKwQ6s+ji
qnWrTYzy/9xT/TnUPM3z6whN7GPRl1+y5eOlEe8ltIatruMp5zc+U4umlvb6Lt/O
Uq0EOjXoj2B7XPQgnH1hczcZskxRor6jdMMKD5fLHsClNHhK+epICO+jfMpZCfnh
bWfe+uo53HhBHkaOCEbPFe8ytAFnRd/XJgCIH7/sHwU/ADb4eJYLoFw2Q1mD0DuN
ImnPXvtXh47OMZ3WYhc4z4/nmNUvRPZKsa8yI/8IZMULyfQD700bO5Zsaf1eVvDe
F8tpjuWOantXhA==
-----END CERTIFICATE-----
Generated at Tue Oct 21 22:50:41 2025 by rpki-client