Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft
File: OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft (raw, json)
Hash identifier: FNlS/HK2kXIYhpa0Fo97TrrS4kGs3pidu8XWtzynPgQ=
Subject key identifier: 41:BE:7C:16:C9:AA:13:B8:3F:6A:13:0C:8F:06:4B:4C:3F:5A:91:CA
Authority key identifier: 38:53:AF:50:14:49:9B:2F:B5:CD:2C:1E:68:A2:4F:F8:25:6D:0D:0D
Certificate issuer: /CN=3853af5014499b2fb5cd2c1e68a24ff8256d0d0d
Certificate serial: 019A730133DF76E1740C544EE29CDF86DF6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFOvUBRJmy-1zSweaKJP-CVtDQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft
Manifest number: 13BC
Signing time: Tue 11 Nov 2025 13:00:49 +0000
Manifest this update: Tue 11 Nov 2025 13:00:49 +0000
Manifest next update: Wed 12 Nov 2025 13:00:49 +0000
Files and hashes: 1: OFOvUBRJmy-1zSweaKJP-CVtDQ0.crl (hash: XkQk4qq9UgBlnYtd0B8xuK7iizvLQDyx6KDMh4lWKQ8=)
2: PQhWLSkGUa_VMVGVuYBQSUZ_P_A.roa (hash: 3kRwsyvbLLbFqSNU/EJCsmBYkp3oO56TR7kGsRhAuv4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OFOvUBRJmy-1zSweaKJP-CVtDQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:33:df:76:e1:74:0c:54:4e:e2:9c:df:86:df:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3853af5014499b2fb5cd2c1e68a24ff8256d0d0d
Validity
Not Before: Nov 11 13:00:49 2025 GMT
Not After : Nov 12 13:00:49 2025 GMT
Subject: CN=41be7c16c9aa13b83f6a130c8f064b4c3f5a91ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e5:de:5b:b1:08:cf:49:11:32:48:19:fc:0b:
3b:ed:51:7a:36:1f:bd:f2:c3:7c:ff:03:c5:1c:1b:
5a:52:be:7b:20:a9:85:40:20:61:fd:01:76:02:bd:
bb:df:5e:2c:89:b9:1c:7e:49:87:dc:83:bf:4e:70:
e7:08:c5:df:95:05:cb:ca:81:25:5f:f4:c3:9b:79:
42:31:40:08:79:14:49:05:99:95:ef:e1:53:3b:90:
cb:04:70:09:5a:fc:92:c1:72:a4:05:71:44:73:bf:
dd:2c:45:4f:43:1c:9c:71:3c:b0:34:14:53:03:f9:
7b:85:72:74:e5:b3:bc:52:02:6e:9f:fd:6d:22:54:
47:a7:26:ab:4e:a0:cb:40:e9:e8:28:55:fc:15:6a:
22:1e:72:7b:de:31:c5:24:8d:c3:3e:cb:19:45:ed:
d0:8e:3d:a1:66:13:e0:a0:13:cc:76:dc:d4:40:4c:
f0:62:07:5e:aa:65:e9:cd:57:b4:c6:bf:44:c9:9e:
db:0f:4c:34:42:d5:e4:50:cc:b9:5c:f0:01:8e:80:
48:d2:be:7a:9e:eb:79:63:02:55:d1:de:fd:fe:a0:
2e:09:42:d0:30:02:d5:a9:23:f2:02:c9:5b:9e:45:
df:eb:fb:f8:c6:ec:45:d4:34:67:36:66:ee:e6:82:
1a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:BE:7C:16:C9:AA:13:B8:3F:6A:13:0C:8F:06:4B:4C:3F:5A:91:CA
X509v3 Authority Key Identifier:
keyid:38:53:AF:50:14:49:9B:2F:B5:CD:2C:1E:68:A2:4F:F8:25:6D:0D:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFOvUBRJmy-1zSweaKJP-CVtDQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:5a:0a:8c:09:0d:62:75:57:c2:b8:b6:c8:ef:37:9c:4e:f6:
3d:10:8d:63:63:9e:da:d2:8e:93:06:08:73:a7:52:a9:a8:43:
f1:6f:17:17:57:26:10:84:89:eb:29:48:45:f7:48:d0:14:24:
87:8a:cf:e8:a8:56:9c:b7:f4:c7:b9:87:6c:69:40:9c:60:16:
cd:24:1d:a6:e4:96:df:9a:bb:22:ff:77:43:d3:a2:eb:c6:8e:
b0:4e:f1:02:7d:96:e8:64:0b:31:d4:e4:44:8a:f0:27:d6:ca:
2b:dd:59:85:23:d0:20:21:9f:68:e7:95:1a:22:b1:fd:df:ed:
8f:5b:87:19:ba:bf:22:7a:e3:dc:33:fc:f0:9e:25:02:df:e5:
6a:11:ae:f8:b0:d7:37:b9:6d:39:45:0d:01:41:5e:e2:96:6b:
80:85:f1:66:31:8a:d6:aa:7c:f0:f3:fb:51:30:f2:c8:49:05:
98:04:1e:4d:83:cc:bc:4f:3c:d5:d1:31:16:ba:17:39:03:b6:
ec:92:40:83:2f:31:35:9f:11:81:b6:ad:07:27:c8:4c:a2:6e:
61:67:6f:cf:46:b4:7b:62:92:f9:51:29:d8:b0:09:1e:b4:72:
79:c2:0e:37:05:7c:47:e9:78:ed:d6:df:2d:0c:b7:c8:ed:67:
c6:13:4a:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzATPfduF0DFRO4pzfht9tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NTNhZjUwMTQ0OTliMmZiNWNkMmMxZTY4YTI0ZmY4MjU2
ZDBkMGQwHhcNMjUxMTExMTMwMDQ5WhcNMjUxMTEyMTMwMDQ5WjAzMTEwLwYDVQQD
Eyg0MWJlN2MxNmM5YWExM2I4M2Y2YTEzMGM4ZjA2NGI0YzNmNWE5MWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uXeW7EIz0kRMkgZ/As77VF6Nh+9
8sN8/wPFHBtaUr57IKmFQCBh/QF2Ar27314sibkcfkmH3IO/TnDnCMXflQXLyoEl
X/TDm3lCMUAIeRRJBZmV7+FTO5DLBHAJWvySwXKkBXFEc7/dLEVPQxyccTywNBRT
A/l7hXJ05bO8UgJun/1tIlRHpyarTqDLQOnoKFX8FWoiHnJ73jHFJI3DPssZRe3Q
jj2hZhPgoBPMdtzUQEzwYgdeqmXpzVe0xr9EyZ7bD0w0QtXkUMy5XPABjoBI0r56
nut5YwJV0d79/qAuCULQMALVqSPyAslbnkXf6/v4xuxF1DRnNmbu5oIaiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEG+fBbJqhO4P2oTDI8GS0w/WpHKMB8GA1UdIwQY
MBaAFDhTr1AUSZsvtc0sHmiiT/glbQ0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ZPdlVCUkpteS0xelN3ZWFLSlAtQ1Z0RFEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zMGNjNDEtOGFhYi00NDYzLTk5Zjgt
ZGNiNTZhY2I3NzdmLzEvT0ZPdlVCUkpteS0xelN3ZWFLSlAtQ1Z0RFEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zMGNjNDEtOGFhYi00NDYzLTk5ZjgtZGNiNTZhY2I3Nzdm
LzEvT0ZPdlVCUkpteS0xelN3ZWFLSlAtQ1Z0RFEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKFoKjAkN
YnVXwri2yO83nE72PRCNY2Oe2tKOkwYIc6dSqahD8W8XF1cmEISJ6ylIRfdI0BQk
h4rP6KhWnLf0x7mHbGlAnGAWzSQdpuSW35q7Iv93Q9Oi68aOsE7xAn2W6GQLMdTk
RIrwJ9bKK91ZhSPQICGfaOeVGiKx/d/tj1uHGbq/Inrj3DP88J4lAt/lahGu+LDX
N7ltOUUNAUFe4pZrgIXxZjGK1qp88PP7UTDyyEkFmAQeTYPMvE881dExFroXOQO2
7JJAgy8xNZ8RgbatByfITKJuYWdvz0a0e2KS+VEp2LAJHrRyecIONwV8R+l47dbf
LQy3yO1nxhNKiA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:14:00 2025 by rpki-client