Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
File: OFt-lPpg22hRcc8TabHO-24g8zQ.mft (raw, json)
Hash identifier: zG/V1OBA2auL3fNnvyO0Aa1NLq+fzXT2fdor9JXYXqc=
Subject key identifier: 4F:14:41:23:2F:A2:75:D7:BA:14:9E:E3:98:03:5C:AF:7B:1C:23:9E
Authority key identifier: 38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34
Certificate issuer: /CN=385b7e94fa60db685171cf1369b1cefb6e20f334
Certificate serial: 019A71B98C201B69D9582140F70B72043FD3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
Manifest number: 0672
Signing time: Tue 11 Nov 2025 07:02:56 +0000
Manifest this update: Tue 11 Nov 2025 07:02:56 +0000
Manifest next update: Wed 12 Nov 2025 07:02:56 +0000
Files and hashes: 1: OFt-lPpg22hRcc8TabHO-24g8zQ.crl (hash: iJZ8yldUfbs3jP44o25biEmrzcNbuMgoBb1BSsHpVvc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:8c:20:1b:69:d9:58:21:40:f7:0b:72:04:3f:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385b7e94fa60db685171cf1369b1cefb6e20f334
Validity
Not Before: Nov 11 07:02:56 2025 GMT
Not After : Nov 12 07:02:56 2025 GMT
Subject: CN=4f1441232fa275d7ba149ee398035caf7b1c239e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bb:94:b0:67:7f:91:18:6a:b8:f2:4a:52:1e:
06:27:a6:67:8f:39:bb:1e:ae:71:58:40:90:5a:a5:
7d:63:44:1f:df:94:c5:84:ad:d7:10:c2:2c:63:65:
6a:e8:dc:51:67:39:2a:85:9d:99:c5:99:11:9e:03:
4d:11:5a:51:8c:ec:74:c6:79:c5:eb:1d:81:1c:b9:
7b:7a:d8:26:66:55:0e:37:b5:d3:c5:6d:a4:66:c8:
64:ba:39:7a:ce:ee:06:0d:68:cd:66:6c:af:fa:9f:
e8:3a:bf:5a:2b:19:ad:64:61:a1:89:8c:81:da:28:
0c:83:34:f2:93:e5:e2:2c:0d:77:86:f8:a8:19:73:
b0:80:77:25:5e:69:43:5d:f5:f1:4b:35:9f:0d:e0:
28:fe:6c:99:38:b9:a7:ab:72:44:39:1a:40:20:e7:
12:6f:3a:05:f5:aa:0d:73:bf:4e:08:79:cc:b8:fe:
a8:d6:4e:da:5d:44:ec:e3:7c:f2:18:c0:02:a2:2e:
4e:8b:bc:60:d3:f9:8e:6b:53:95:3f:36:7b:8a:33:
e5:cd:99:38:2e:07:8f:bf:bb:a7:3c:36:4f:1f:07:
ab:76:34:aa:62:dc:4b:92:33:06:23:6f:f0:e3:36:
34:4d:29:41:ba:a7:0b:e0:94:10:cf:98:87:0a:bb:
e1:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:14:41:23:2F:A2:75:D7:BA:14:9E:E3:98:03:5C:AF:7B:1C:23:9E
X509v3 Authority Key Identifier:
keyid:38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:61:bd:e0:44:70:57:1c:cd:a4:b6:d8:ab:b5:b4:0b:53:81:
3b:39:b6:cc:61:ef:da:d6:eb:38:3d:36:f4:41:83:3b:64:50:
45:a1:eb:87:c2:9f:ac:c3:60:23:a8:fa:04:cc:9c:55:21:49:
2d:21:00:41:2b:62:ae:26:dc:1f:af:e4:09:63:f4:fe:b0:8a:
4b:8a:e3:e1:5c:c1:bf:c2:53:16:af:7b:4a:32:5f:bf:b8:59:
70:47:a7:6a:f7:03:82:4b:4e:12:c6:6a:fc:d8:02:66:38:36:
5f:12:4f:af:7a:19:74:d9:fc:52:bd:02:4e:4e:36:db:dc:ce:
96:bb:50:55:72:f5:83:ca:94:3d:5f:67:d0:48:a3:4b:cf:ea:
f1:3e:b6:2d:06:61:e9:4a:05:c0:05:36:39:97:3c:b9:38:52:
ec:06:c2:06:98:13:15:f7:5b:3a:89:03:ee:a4:87:b0:bf:f2:
ab:27:97:dc:79:84:14:57:5f:0a:78:b8:dc:2d:74:48:df:9d:
3a:33:1a:cc:67:df:ae:6e:d0:75:fd:49:95:93:0d:eb:a4:78:
05:cf:41:6a:f8:eb:96:d1:1c:79:04:2b:6d:45:c8:e8:65:51:
88:41:2b:9d:63:7d:04:6e:60:7c:89:c3:1d:4f:88:ab:42:f9:
a0:0f:62:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuYwgG2nZWCFA9wtyBD/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NWI3ZTk0ZmE2MGRiNjg1MTcxY2YxMzY5YjFjZWZiNmUy
MGYzMzQwHhcNMjUxMTExMDcwMjU2WhcNMjUxMTEyMDcwMjU2WjAzMTEwLwYDVQQD
Eyg0ZjE0NDEyMzJmYTI3NWQ3YmExNDllZTM5ODAzNWNhZjdiMWMyMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwruUsGd/kRhquPJKUh4GJ6Znjzm7
Hq5xWECQWqV9Y0Qf35TFhK3XEMIsY2Vq6NxRZzkqhZ2ZxZkRngNNEVpRjOx0xnnF
6x2BHLl7etgmZlUON7XTxW2kZshkujl6zu4GDWjNZmyv+p/oOr9aKxmtZGGhiYyB
2igMgzTyk+XiLA13hvioGXOwgHclXmlDXfXxSzWfDeAo/myZOLmnq3JEORpAIOcS
bzoF9aoNc79OCHnMuP6o1k7aXUTs43zyGMACoi5Oi7xg0/mOa1OVPzZ7ijPlzZk4
LgePv7unPDZPHwerdjSqYtxLkjMGI2/w4zY0TSlBuqcL4JQQz5iHCrvhIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE8UQSMvonXXuhSe45gDXK97HCOeMB8GA1UdIwQY
MBaAFDhbfpT6YNtoUXHPE2mxzvtuIPM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEt
YzNiNDZhYzlmMjZkLzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEtYzNiNDZhYzlmMjZk
LzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN2G94ERw
VxzNpLbYq7W0C1OBOzm2zGHv2tbrOD029EGDO2RQRaHrh8KfrMNgI6j6BMycVSFJ
LSEAQStiribcH6/kCWP0/rCKS4rj4VzBv8JTFq97SjJfv7hZcEenavcDgktOEsZq
/NgCZjg2XxJPr3oZdNn8Ur0CTk4229zOlrtQVXL1g8qUPV9n0EijS8/q8T62LQZh
6UoFwAU2OZc8uThS7AbCBpgTFfdbOokD7qSHsL/yqyeX3HmEFFdfCni43C10SN+d
OjMazGffrm7Qdf1JlZMN66R4Bc9BavjrltEceQQrbUXI6GVRiEErnWN9BG5gfInD
HU+Iq0L5oA9imw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:47 2025 by rpki-client