Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
File: O5keroXFJmJwwx30GBqgerLge1Q.mft (raw, json)
Hash identifier: L9nIgGEL6L3LLPlVtudcFiWdWtrC5K0EiLv77kOirDc=
Subject key identifier: A5:6F:95:64:02:D0:0B:D7:86:5D:DF:46:AD:11:ED:42:B5:37:BE:A5
Authority key identifier: 3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54
Certificate issuer: /CN=3b991eae85c5266270c31df4181aa07ab2e07b54
Certificate serial: 019A71B7A46B804EFD41775683C187F9D7F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
Manifest number: 08B0
Signing time: Tue 11 Nov 2025 07:00:51 +0000
Manifest this update: Tue 11 Nov 2025 07:00:51 +0000
Manifest next update: Wed 12 Nov 2025 07:00:51 +0000
Files and hashes: 1: O5keroXFJmJwwx30GBqgerLge1Q.crl (hash: emheLwf1wzy/sx7a5kE9FDYm2DeNtVbN0BmRri3yhIQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:a4:6b:80:4e:fd:41:77:56:83:c1:87:f9:d7:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b991eae85c5266270c31df4181aa07ab2e07b54
Validity
Not Before: Nov 11 07:00:51 2025 GMT
Not After : Nov 12 07:00:51 2025 GMT
Subject: CN=a56f956402d00bd7865ddf46ad11ed42b537bea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:7f:67:07:bc:10:8b:da:20:ec:9c:41:45:83:
73:e6:a0:e7:cd:03:4e:ec:70:4e:36:2f:d9:5f:b9:
85:e0:cb:91:71:96:9f:01:32:c9:c8:dc:2b:ef:b1:
9f:05:2f:9c:ed:ce:2d:8b:b5:e4:28:3b:b0:63:d0:
6d:7d:ed:9c:58:ed:09:23:b2:67:86:64:46:c7:32:
7e:38:9a:7b:b7:cf:f1:a0:25:81:72:a8:11:b0:8d:
19:6d:e7:55:38:7a:a6:da:c7:5e:4c:a3:17:c7:6a:
1f:58:d4:52:de:88:90:57:0c:ac:3c:80:6c:21:10:
49:cf:59:43:5d:a0:98:af:85:07:0f:7c:43:58:44:
5c:04:85:ed:b2:b6:09:06:05:43:de:2c:dc:56:7d:
7f:a2:89:e0:6f:ee:42:53:5d:e6:9b:10:69:0b:1a:
5a:57:bc:6b:6c:d8:50:84:3f:7d:b0:37:b3:1d:4a:
d1:7a:e8:50:f1:a1:3f:0b:45:96:d2:32:09:f9:86:
19:af:94:63:61:e7:a2:c3:b4:02:a0:8d:46:0d:53:
46:55:ea:a6:43:34:12:a8:13:69:25:0f:6a:25:5f:
84:3f:77:c6:a9:7d:b5:6d:73:63:05:4d:07:13:da:
95:9d:3c:49:ee:2e:1f:2a:94:dc:f8:b9:f2:31:47:
cc:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:6F:95:64:02:D0:0B:D7:86:5D:DF:46:AD:11:ED:42:B5:37:BE:A5
X509v3 Authority Key Identifier:
keyid:3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:9c:47:21:cd:83:73:c5:29:19:69:69:70:c4:3a:dc:63:6f:
66:51:26:7d:65:09:f3:dd:23:4e:31:ac:20:5d:ab:d6:6a:58:
f0:59:46:af:00:f8:78:0e:27:1e:0e:67:9f:c1:2a:f4:9d:35:
9f:d5:96:85:a8:be:f3:e4:dd:8f:35:f4:64:4c:83:05:c2:95:
e9:7d:fe:4b:76:53:dd:c5:c2:0a:d1:ba:2a:af:c7:8e:1c:8f:
07:01:eb:5a:41:62:8c:56:6a:e9:5d:29:47:f5:a5:07:ca:d2:
78:49:a0:45:57:93:6c:52:bc:82:3f:b1:3f:10:70:27:ce:35:
e8:3c:aa:ce:cb:23:c4:30:7c:6f:d3:89:ea:ee:0b:9a:0d:c8:
51:eb:28:cf:fe:44:88:78:0f:d8:c3:bf:46:00:0c:f6:8b:ac:
23:68:cb:95:b6:ad:6e:b3:50:a6:12:63:94:14:eb:e3:23:92:
39:a1:21:80:9f:b4:67:1d:09:44:c2:3f:55:fc:4c:9c:1a:0f:
6a:2e:c2:3e:44:f0:3d:33:73:31:66:ec:96:24:d2:42:98:b2:
d7:84:c1:38:b2:70:0b:b3:03:e3:84:bc:23:7e:0a:14:dd:4f:
63:8b:b7:c5:53:39:83:c2:10:01:6a:0c:33:2a:70:b0:a8:3a:
47:95:f4:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt6RrgE79QXdWg8GH+dfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOTkxZWFlODVjNTI2NjI3MGMzMWRmNDE4MWFhMDdhYjJl
MDdiNTQwHhcNMjUxMTExMDcwMDUxWhcNMjUxMTEyMDcwMDUxWjAzMTEwLwYDVQQD
EyhhNTZmOTU2NDAyZDAwYmQ3ODY1ZGRmNDZhZDExZWQ0MmI1MzdiZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5X9nB7wQi9og7JxBRYNz5qDnzQNO
7HBONi/ZX7mF4MuRcZafATLJyNwr77GfBS+c7c4ti7XkKDuwY9Btfe2cWO0JI7Jn
hmRGxzJ+OJp7t8/xoCWBcqgRsI0ZbedVOHqm2sdeTKMXx2ofWNRS3oiQVwysPIBs
IRBJz1lDXaCYr4UHD3xDWERcBIXtsrYJBgVD3izcVn1/oongb+5CU13mmxBpCxpa
V7xrbNhQhD99sDezHUrReuhQ8aE/C0WW0jIJ+YYZr5RjYeeiw7QCoI1GDVNGVeqm
QzQSqBNpJQ9qJV+EP3fGqX21bXNjBU0HE9qVnTxJ7i4fKpTc+LnyMUfMeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKVvlWQC0AvXhl3fRq0R7UK1N76lMB8GA1UdIwQY
MBaAFDuZHq6FxSZicMMd9BgaoHqy4HtUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDkt
ZTc5N2IyZDgyYjM5LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDktZTc5N2IyZDgyYjM5
LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArpxHIc2D
c8UpGWlpcMQ63GNvZlEmfWUJ890jTjGsIF2r1mpY8FlGrwD4eA4nHg5nn8Eq9J01
n9WWhai+8+TdjzX0ZEyDBcKV6X3+S3ZT3cXCCtG6Kq/HjhyPBwHrWkFijFZq6V0p
R/WlB8rSeEmgRVeTbFK8gj+xPxBwJ8416DyqzssjxDB8b9OJ6u4Lmg3IUesoz/5E
iHgP2MO/RgAM9ousI2jLlbatbrNQphJjlBTr4yOSOaEhgJ+0Zx0JRMI/VfxMnBoP
ai7CPkTwPTNzMWbsliTSQpiy14TBOLJwC7MD44S8I34KFN1PY4u3xVM5g8IQAWoM
MypwsKg6R5X0Kw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:19:31 2025 by rpki-client