Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4cf814-79b5-4786-ac51-3190795e863b/1/o2bzW6xhoKv3HRjWsQY9XJM6JKs.mft
File: o2bzW6xhoKv3HRjWsQY9XJM6JKs.mft (raw, json)
Hash identifier: vL76OYIRX5+zqNKZ1iRUYhq7T4G6FFB1NCK3e9+jSz8=
Subject key identifier: 0F:B9:A0:6F:A6:B2:93:DB:02:91:B1:A0:6C:95:B3:84:65:DC:BD:6D
Authority key identifier: A3:66:F3:5B:AC:61:A0:AB:F7:1D:18:D6:B1:06:3D:5C:93:3A:24:AB
Certificate issuer: /CN=a366f35bac61a0abf71d18d6b1063d5c933a24ab
Certificate serial: 019A71B7E3616CF6CF61651506A8680BA31C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2bzW6xhoKv3HRjWsQY9XJM6JKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/4cf814-79b5-4786-ac51-3190795e863b/1/o2bzW6xhoKv3HRjWsQY9XJM6JKs.mft
Manifest number: 1711
Signing time: Tue 11 Nov 2025 07:01:07 +0000
Manifest this update: Tue 11 Nov 2025 07:01:07 +0000
Manifest next update: Wed 12 Nov 2025 07:01:07 +0000
Files and hashes: 1: JQFRevUesYnGzWy86if_lRLWdpc.roa (hash: t3BYwJZyAAH5HRBi+AIKc99FxTLmFzwx0nZw4AplB88=)
2: o2bzW6xhoKv3HRjWsQY9XJM6JKs.crl (hash: 1xd9es/n++sULEARGDCR/934s33VHrhOjtotgOx5pAI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/4cf814-79b5-4786-ac51-3190795e863b/1/o2bzW6xhoKv3HRjWsQY9XJM6JKs.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/4cf814-79b5-4786-ac51-3190795e863b/1/o2bzW6xhoKv3HRjWsQY9XJM6JKs.mft
rsync://rpki.ripe.net/repository/DEFAULT/o2bzW6xhoKv3HRjWsQY9XJM6JKs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:e3:61:6c:f6:cf:61:65:15:06:a8:68:0b:a3:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a366f35bac61a0abf71d18d6b1063d5c933a24ab
Validity
Not Before: Nov 11 07:01:07 2025 GMT
Not After : Nov 12 07:01:07 2025 GMT
Subject: CN=0fb9a06fa6b293db0291b1a06c95b38465dcbd6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:26:67:ab:01:eb:08:7d:ac:c0:c1:79:48:34:
e7:8c:23:d1:85:22:ec:e9:8e:6b:14:1d:3a:15:00:
f0:d1:91:3d:63:db:28:d8:87:52:57:ae:e1:ec:cc:
e8:3f:90:cf:c5:b3:44:79:a9:ae:25:54:72:ac:f0:
34:8d:9c:8a:65:5a:e2:2b:ad:ba:b7:2b:e1:09:2a:
63:2b:69:aa:cf:75:05:5b:45:74:84:45:76:7c:15:
35:a8:dc:fe:93:1f:71:1e:06:03:3a:d0:ec:b6:c4:
c6:6d:b5:2a:f6:9f:2d:93:50:6b:6f:bb:6c:3d:3b:
44:5c:07:eb:74:65:73:dd:d5:ae:ae:7b:ea:81:c3:
76:09:3b:35:64:34:a1:46:35:97:ec:7f:98:e6:be:
e6:f8:b6:cd:23:28:1b:66:84:73:c7:db:b4:5c:e4:
8b:4f:19:42:63:e6:c0:c7:a9:db:9b:78:8b:89:cc:
f0:44:b7:d2:73:be:97:d4:7d:9d:a7:57:76:56:b3:
a4:86:bd:13:a4:ae:8a:2d:79:1c:ff:7d:ff:4a:56:
01:d7:6c:fd:39:59:0c:3c:3a:34:b0:ef:99:cd:d2:
84:05:69:dc:f7:7f:37:a9:95:bd:d1:8d:28:ea:c4:
a6:0a:c0:6b:85:97:cb:b8:40:2e:da:3c:4a:0e:8d:
43:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:B9:A0:6F:A6:B2:93:DB:02:91:B1:A0:6C:95:B3:84:65:DC:BD:6D
X509v3 Authority Key Identifier:
keyid:A3:66:F3:5B:AC:61:A0:AB:F7:1D:18:D6:B1:06:3D:5C:93:3A:24:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2bzW6xhoKv3HRjWsQY9XJM6JKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4cf814-79b5-4786-ac51-3190795e863b/1/o2bzW6xhoKv3HRjWsQY9XJM6JKs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4cf814-79b5-4786-ac51-3190795e863b/1/o2bzW6xhoKv3HRjWsQY9XJM6JKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:1c:97:d0:33:55:ff:19:32:11:b9:c8:e7:4c:66:c2:bc:cc:
4c:25:6f:c3:08:98:c4:31:a1:c5:8e:ef:6e:8b:d5:94:2b:80:
77:cc:16:9d:2c:2b:a2:fb:2e:91:69:b3:c8:38:11:2d:31:98:
e0:8f:4f:ea:67:38:fd:5f:d3:b7:b9:39:21:7a:09:cc:f7:41:
bc:e1:89:9d:ee:de:04:b8:6b:55:86:e6:c1:0a:36:3c:71:32:
ef:d0:e4:39:f9:31:5b:65:55:d1:cb:90:8c:a6:97:0f:aa:81:
ff:9f:99:1b:61:c3:8d:f2:62:d7:6d:cb:9a:35:11:40:54:14:
23:f2:51:14:31:73:58:3e:fb:09:ab:2b:e3:b7:9b:f3:77:85:
43:77:75:a1:de:e7:2e:b6:82:fa:be:fc:de:41:c0:7a:ae:dc:
5f:5b:4f:74:ac:86:47:1b:37:2a:e9:cd:8b:8d:5a:9d:e5:b7:
69:56:8c:45:5b:d0:32:51:54:b1:fb:69:59:a6:09:69:da:bc:
f9:54:fa:49:12:72:a5:11:43:6e:bd:88:40:5f:b3:46:12:e9:
3d:f2:49:b8:8b:63:6d:41:27:0a:67:08:34:59:5c:93:19:6a:
c7:58:25:2b:79:95:75:7f:63:3d:be:bf:6e:91:ed:9a:61:0c:
cb:1a:0f:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+NhbPbPYWUVBqhoC6McMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjZmMzViYWM2MWEwYWJmNzFkMThkNmIxMDYzZDVjOTMz
YTI0YWIwHhcNMjUxMTExMDcwMTA3WhcNMjUxMTEyMDcwMTA3WjAzMTEwLwYDVQQD
EygwZmI5YTA2ZmE2YjI5M2RiMDI5MWIxYTA2Yzk1YjM4NDY1ZGNiZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSZnqwHrCH2swMF5SDTnjCPRhSLs
6Y5rFB06FQDw0ZE9Y9so2IdSV67h7MzoP5DPxbNEeamuJVRyrPA0jZyKZVriK626
tyvhCSpjK2mqz3UFW0V0hEV2fBU1qNz+kx9xHgYDOtDstsTGbbUq9p8tk1Brb7ts
PTtEXAfrdGVz3dWurnvqgcN2CTs1ZDShRjWX7H+Y5r7m+LbNIygbZoRzx9u0XOSL
TxlCY+bAx6nbm3iLiczwRLfSc76X1H2dp1d2VrOkhr0TpK6KLXkc/33/SlYB12z9
OVkMPDo0sO+ZzdKEBWnc9383qZW90Y0o6sSmCsBrhZfLuEAu2jxKDo1DnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+5oG+mspPbApGxoGyVs4Rl3L1tMB8GA1UdIwQY
MBaAFKNm81usYaCr9x0Y1rEGPVyTOiSrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJielc2eGhvS3YzSFJqV3NRWTlYSk02SktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80Y2Y4MTQtNzliNS00Nzg2LWFjNTEt
MzE5MDc5NWU4NjNiLzEvbzJielc2eGhvS3YzSFJqV3NRWTlYSk02SktzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80Y2Y4MTQtNzliNS00Nzg2LWFjNTEtMzE5MDc5NWU4NjNi
LzEvbzJielc2eGhvS3YzSFJqV3NRWTlYSk02SktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOxyX0DNV
/xkyEbnI50xmwrzMTCVvwwiYxDGhxY7vbovVlCuAd8wWnSwrovsukWmzyDgRLTGY
4I9P6mc4/V/Tt7k5IXoJzPdBvOGJne7eBLhrVYbmwQo2PHEy79DkOfkxW2VV0cuQ
jKaXD6qB/5+ZG2HDjfJi123LmjURQFQUI/JRFDFzWD77Casr47eb83eFQ3d1od7n
LraC+r783kHAeq7cX1tPdKyGRxs3KunNi41aneW3aVaMRVvQMlFUsftpWaYJadq8
+VT6SRJypRFDbr2IQF+zRhLpPfJJuItjbUEnCmcINFlckxlqx1glK3mVdX9jPb6/
bpHtmmEMyxoPgQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:07:15 2025 by rpki-client