Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
File: OpL12TZ1K68tDfcTKZSZzs-p9I0.mft (raw, json)
Hash identifier: Lm2e+gyc7ITcedHn6QJh1gly1sFJX2O9zBgcTzs4Wdk=
Subject key identifier: 12:D5:27:7D:15:08:45:95:FB:31:8C:39:BF:3D:34:89:A7:B9:B0:D4
Authority key identifier: 3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
Certificate issuer: /CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Certificate serial: 019922C309DA517CDC7AC3009FB9993CBC65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
Manifest number: 1678
Signing time: Sun 07 Sep 2025 06:00:31 +0000
Manifest this update: Sun 07 Sep 2025 06:00:31 +0000
Manifest next update: Mon 08 Sep 2025 06:00:31 +0000
Files and hashes: 1: NJaotZFnvbCZC6dKCr_vEzEYn6M.roa (hash: dqeYK6phWm8PSJhw0mmBUevUz1KleMZYBxhoQuo4/mw=)
2: OpL12TZ1K68tDfcTKZSZzs-p9I0.crl (hash: KDnd4tEVmgdJC2QEQvVxM91hCpGBFX4LNjiSQsVODQk=)
3: abyvfDmy4Q3zVDJIfxfSkrtZdLo.roa (hash: IZm94vPLNr133XeI56Dl5DQUBKwgG1pbFRgf8ws+6Pw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c3:09:da:51:7c:dc:7a:c3:00:9f:b9:99:3c:bc:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Validity
Not Before: Sep 7 06:00:31 2025 GMT
Not After : Sep 8 06:00:31 2025 GMT
Subject: CN=12d5277d15084595fb318c39bf3d3489a7b9b0d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:69:5d:9a:f2:2c:a7:2b:5c:0d:ad:1c:a4:4a:
2c:7d:df:81:35:3f:e8:6e:2d:df:f8:d0:38:a5:a2:
20:fa:95:45:b6:ea:c3:b5:3b:4f:e5:7a:81:b9:81:
5e:77:0d:30:3a:70:95:19:4c:6a:85:31:28:6e:ef:
64:68:17:f0:c8:57:8b:f0:b5:d5:2a:c7:13:1b:a2:
8b:42:25:5b:e3:a0:94:89:b2:a5:08:87:e7:45:25:
ce:68:2e:ce:7e:69:c6:f8:64:a7:19:a0:86:2e:2e:
61:2f:86:dc:b1:5e:37:5c:eb:c0:3f:b6:4a:69:16:
8f:02:f4:e8:bb:a2:37:e8:3b:66:ee:d8:77:e0:e4:
b8:4e:f4:e9:d0:a3:94:b8:4e:d9:c1:e1:bd:fc:cf:
17:bc:7b:61:4f:76:32:b6:3e:6d:55:e1:7d:08:3a:
57:75:96:1c:ea:e1:fd:80:1d:47:cf:bb:cc:da:fe:
97:b5:7e:b8:31:a0:cf:56:41:5e:39:51:ff:c5:93:
e6:a0:51:c3:b8:99:38:89:f5:d7:7b:2f:4d:d3:cf:
e0:3f:28:47:69:2b:d5:f1:d9:7c:56:50:f8:db:1c:
47:ac:8e:e0:17:03:4d:c0:89:9a:c4:62:2d:80:15:
55:c5:74:32:4a:fa:70:17:81:e5:f6:15:07:76:97:
8c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:D5:27:7D:15:08:45:95:FB:31:8C:39:BF:3D:34:89:A7:B9:B0:D4
X509v3 Authority Key Identifier:
keyid:3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:ad:c8:1e:0f:96:33:a5:32:47:bc:c0:08:0d:1e:f0:24:e2:
d5:90:e0:d3:6d:c2:da:e1:57:ab:31:72:ab:cb:dc:8d:49:8a:
ce:c7:5d:41:89:86:35:6a:04:d4:ae:8f:ce:fd:d6:c7:bc:99:
44:e3:48:55:ca:00:6f:9f:8b:2e:46:e1:d6:a5:5f:a8:2a:4b:
18:77:f6:f0:dd:c4:91:49:30:39:c3:1a:99:2e:41:be:af:b4:
c4:cc:c7:ee:0f:1e:3e:c5:27:f0:8e:6b:8b:2a:1c:0c:8b:86:
ca:d3:4e:88:95:14:cc:f2:dd:da:a6:f1:69:b0:a6:83:bc:8a:
ec:7a:07:58:1b:8d:d0:0e:b4:be:dd:85:38:69:27:c9:cc:58:
71:5e:57:56:6f:20:7c:36:ca:ba:9c:2f:81:ac:5c:78:52:19:
f2:ac:af:c8:29:ff:b9:3c:31:0e:26:33:83:a8:6b:26:b2:dc:
2f:3a:4b:9f:91:f1:45:4e:fa:da:47:ab:86:fb:88:38:27:de:
db:64:cc:a5:af:69:50:02:1e:cc:b7:5e:5e:65:74:0b:67:2b:
a4:f7:53:c3:fd:38:50:47:a7:90:89:4a:3c:7a:01:89:c5:05:
10:11:88:cc:79:77:27:b3:a6:1a:ee:cf:4a:38:f1:0e:f1:4a:
1b:62:dd:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiwwnaUXzcesMAn7mZPLxlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOTJmNWQ5MzY3NTJiYWYyZDBkZjcxMzI5OTQ5OWNlY2Zh
OWY0OGQwHhcNMjUwOTA3MDYwMDMxWhcNMjUwOTA4MDYwMDMxWjAzMTEwLwYDVQQD
EygxMmQ1Mjc3ZDE1MDg0NTk1ZmIzMThjMzliZjNkMzQ4OWE3YjliMGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmldmvIspytcDa0cpEosfd+BNT/o
bi3f+NA4paIg+pVFturDtTtP5XqBuYFedw0wOnCVGUxqhTEobu9kaBfwyFeL8LXV
KscTG6KLQiVb46CUibKlCIfnRSXOaC7OfmnG+GSnGaCGLi5hL4bcsV43XOvAP7ZK
aRaPAvTou6I36Dtm7th34OS4TvTp0KOUuE7ZweG9/M8XvHthT3Yytj5tVeF9CDpX
dZYc6uH9gB1Hz7vM2v6XtX64MaDPVkFeOVH/xZPmoFHDuJk4ifXXey9N08/gPyhH
aSvV8dl8VlD42xxHrI7gFwNNwImaxGItgBVVxXQySvpwF4Hl9hUHdpeM0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBLVJ30VCEWV+zGMOb89NImnubDUMB8GA1UdIwQY
MBaAFDqS9dk2dSuvLQ33EymUmc7PqfSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTIt
MTY5NmIyNDZjZDUwLzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTItMTY5NmIyNDZjZDUw
LzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhK3IHg+W
M6UyR7zACA0e8CTi1ZDg023C2uFXqzFyq8vcjUmKzsddQYmGNWoE1K6Pzv3Wx7yZ
RONIVcoAb5+LLkbh1qVfqCpLGHf28N3EkUkwOcMamS5Bvq+0xMzH7g8ePsUn8I5r
iyocDIuGytNOiJUUzPLd2qbxabCmg7yK7HoHWBuN0A60vt2FOGknycxYcV5XVm8g
fDbKupwvgaxceFIZ8qyvyCn/uTwxDiYzg6hrJrLcLzpLn5HxRU762kerhvuIOCfe
22TMpa9pUAIezLdeXmV0C2crpPdTw/04UEenkIlKPHoBicUFEBGIzHl3J7OmGu7P
SjjxDvFKG2Ldew==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:24:53 2025 by rpki-client