Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
File: OpL12TZ1K68tDfcTKZSZzs-p9I0.mft (raw, json)
Hash identifier: /MJs6Ys2YaheNdpgfnfje5M92iF92jtq5+tqmD2aOvs=
Subject key identifier: B6:6C:FD:A3:67:AC:B9:C8:80:30:A1:A1:70:29:F1:36:BB:9F:0F:50
Authority key identifier: 3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
Certificate issuer: /CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Certificate serial: 019A4A3BD27531F9D1A7F6AA6BB723C4AB94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
Manifest number: 1711
Signing time: Mon 03 Nov 2025 15:00:25 +0000
Manifest this update: Mon 03 Nov 2025 15:00:25 +0000
Manifest next update: Tue 04 Nov 2025 15:00:25 +0000
Files and hashes: 1: NJaotZFnvbCZC6dKCr_vEzEYn6M.roa (hash: dqeYK6phWm8PSJhw0mmBUevUz1KleMZYBxhoQuo4/mw=)
2: OpL12TZ1K68tDfcTKZSZzs-p9I0.crl (hash: u8sHiFbOv18J+Qk1Kt5I4PA2ZnnD9v5FTy978p6QD14=)
3: abyvfDmy4Q3zVDJIfxfSkrtZdLo.roa (hash: IZm94vPLNr133XeI56Dl5DQUBKwgG1pbFRgf8ws+6Pw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 15:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4a:3b:d2:75:31:f9:d1:a7:f6:aa:6b:b7:23:c4:ab:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Validity
Not Before: Nov 3 15:00:25 2025 GMT
Not After : Nov 4 15:00:25 2025 GMT
Subject: CN=b66cfda367acb9c88030a1a17029f136bb9f0f50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:97:01:c3:9e:01:4f:37:cb:c8:d6:08:d5:11:
1b:f3:50:6f:c2:7d:76:a0:b9:4b:d9:f4:b1:58:27:
5c:95:60:b9:29:da:b3:23:e8:72:9e:82:61:0b:1d:
7a:0a:56:01:32:a1:cf:0d:dd:7a:98:6b:e7:51:68:
88:ff:52:58:b9:fa:eb:0c:33:9f:25:a9:89:21:e3:
bb:14:f8:e5:1a:ce:11:3d:c9:3d:8b:4b:99:2e:d9:
d3:a0:0b:f7:78:dc:bb:88:8e:0c:cf:5f:2b:b3:e7:
be:34:ce:17:15:43:5e:6b:0b:e4:d8:42:82:39:93:
59:21:8e:56:26:7b:89:0f:6b:63:a8:83:65:03:0b:
75:71:80:e7:30:d7:1a:4d:52:36:e0:d7:91:e7:41:
59:fd:de:54:26:f0:55:22:ec:c9:34:dc:80:e8:f5:
f4:3d:23:ec:14:7e:2c:40:c9:c8:4f:cf:ce:69:e1:
ee:01:54:9f:85:87:21:29:bc:9b:e6:6a:fc:b5:7b:
e1:22:3f:5b:02:b5:b9:79:f4:f5:cc:fd:1e:d9:dc:
b8:8d:c8:8e:7c:e6:cc:49:93:a2:c2:91:22:7a:8a:
76:93:b7:7a:ff:1f:c7:91:d8:97:8b:50:1c:51:66:
c1:02:87:f9:8b:bc:1f:bc:a4:2f:e7:c6:07:7b:78:
9a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:6C:FD:A3:67:AC:B9:C8:80:30:A1:A1:70:29:F1:36:BB:9F:0F:50
X509v3 Authority Key Identifier:
keyid:3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:2d:48:f9:03:9c:de:63:f1:b7:98:d9:aa:ae:ee:d0:17:64:
97:b9:4c:1f:90:9d:fa:db:35:d8:65:c6:e0:4b:a5:6d:6d:da:
9c:82:6d:94:ad:c0:a8:8c:7b:92:21:bb:51:71:58:0f:f3:f6:
aa:49:00:98:8d:2d:02:c4:3c:65:c2:17:4a:5f:bc:00:c9:18:
4d:2f:de:cd:2a:f7:a7:39:38:fc:0b:cf:c7:ad:fa:96:6e:3f:
ec:fd:f4:c8:4a:2c:45:d4:b6:ee:b0:18:cd:bf:fe:82:38:81:
3a:cb:e9:cf:82:08:74:ed:a6:00:b9:92:a7:ba:e3:eb:5c:53:
53:80:0d:9a:61:54:aa:8c:fb:0b:54:3b:4b:79:74:f1:9b:b0:
cb:b9:5d:ed:3e:5e:57:b3:dd:9b:77:ce:9c:bb:04:74:ce:7c:
25:4d:78:85:74:0b:e9:ea:5b:b9:bd:56:75:0c:a6:e0:53:b5:
e6:58:b3:60:30:ca:8a:d9:79:fd:9a:be:fe:95:b6:25:12:71:
b8:d7:51:a3:b2:69:50:f4:e6:93:94:47:4f:53:83:7c:5d:5f:
d3:83:21:ea:30:0d:5c:56:ea:46:b9:b3:35:1a:0f:f0:9b:ab:
a6:4b:2f:13:e9:6c:90:55:f7:b8:3b:ba:be:2d:ee:ba:79:6e:
d4:da:ae:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpKO9J1MfnRp/aqa7cjxKuUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOTJmNWQ5MzY3NTJiYWYyZDBkZjcxMzI5OTQ5OWNlY2Zh
OWY0OGQwHhcNMjUxMTAzMTUwMDI1WhcNMjUxMTA0MTUwMDI1WjAzMTEwLwYDVQQD
EyhiNjZjZmRhMzY3YWNiOWM4ODAzMGExYTE3MDI5ZjEzNmJiOWYwZjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJcBw54BTzfLyNYI1REb81Bvwn12
oLlL2fSxWCdclWC5KdqzI+hynoJhCx16ClYBMqHPDd16mGvnUWiI/1JYufrrDDOf
JamJIeO7FPjlGs4RPck9i0uZLtnToAv3eNy7iI4Mz18rs+e+NM4XFUNeawvk2EKC
OZNZIY5WJnuJD2tjqINlAwt1cYDnMNcaTVI24NeR50FZ/d5UJvBVIuzJNNyA6PX0
PSPsFH4sQMnIT8/OaeHuAVSfhYchKbyb5mr8tXvhIj9bArW5efT1zP0e2dy4jciO
fObMSZOiwpEieop2k7d6/x/HkdiXi1AcUWbBAof5i7wfvKQv58YHe3iaXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLZs/aNnrLnIgDChoXAp8Ta7nw9QMB8GA1UdIwQY
MBaAFDqS9dk2dSuvLQ33EymUmc7PqfSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTIt
MTY5NmIyNDZjZDUwLzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTItMTY5NmIyNDZjZDUw
LzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASy1I+QOc
3mPxt5jZqq7u0Bdkl7lMH5Cd+ts12GXG4EulbW3anIJtlK3AqIx7kiG7UXFYD/P2
qkkAmI0tAsQ8ZcIXSl+8AMkYTS/ezSr3pzk4/AvPx636lm4/7P30yEosRdS27rAY
zb/+gjiBOsvpz4IIdO2mALmSp7rj61xTU4ANmmFUqoz7C1Q7S3l08Zuwy7ld7T5e
V7Pdm3fOnLsEdM58JU14hXQL6epbub1WdQym4FO15lizYDDKitl5/Zq+/pW2JRJx
uNdRo7JpUPTmk5RHT1ODfF1f04Mh6jANXFbqRrmzNRoP8JurpksvE+lskFX3uDu6
vi3uunlu1NquBw==
-----END CERTIFICATE-----
Generated at Mon Nov 3 22:13:09 2025 by rpki-client