Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.mft
File: OCJ6lvpkrZUkDwruC9N0ZGxrvuI.mft (raw, json)
Hash identifier: 8DLcASn9JNW/6OR/8u7LhFEmExZj5xhMknSs1Lb5io0=
Subject key identifier: DE:93:EF:23:AE:B1:EB:EA:E3:E3:F4:FC:05:E6:CC:84:79:66:5A:6A
Authority key identifier: 38:22:7A:96:FA:64:AD:95:24:0F:0A:EE:0B:D3:74:64:6C:6B:BE:E2
Certificate issuer: /CN=38227a96fa64ad95240f0aee0bd374646c6bbee2
Certificate serial: 019A71B83680A3CD2A97046D2E379E730319
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.mft
Manifest number: 129C
Signing time: Tue 11 Nov 2025 07:01:29 +0000
Manifest this update: Tue 11 Nov 2025 07:01:29 +0000
Manifest next update: Wed 12 Nov 2025 07:01:29 +0000
Files and hashes: 1: OCJ6lvpkrZUkDwruC9N0ZGxrvuI.crl (hash: oQOCLmzWPpVz/nBG5jWnih/QJBcj2Ej16l9yA6beqrk=)
2: hbt7WcwBqBoPW6rBuDIQ3SNZmzc.roa (hash: gFxs6hHw3FxfMImk+yNCzFI6L94MQhx1psEtxtAsjbw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.mft
rsync://rpki.ripe.net/repository/DEFAULT/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:36:80:a3:cd:2a:97:04:6d:2e:37:9e:73:03:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38227a96fa64ad95240f0aee0bd374646c6bbee2
Validity
Not Before: Nov 11 07:01:29 2025 GMT
Not After : Nov 12 07:01:29 2025 GMT
Subject: CN=de93ef23aeb1ebeae3e3f4fc05e6cc8479665a6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:38:8f:d3:c5:cb:d6:d2:aa:50:8f:2a:da:c7:
3e:02:5b:72:7f:a8:5f:3d:03:14:56:cb:33:ed:0d:
e9:d8:10:e9:68:a3:ee:94:5a:32:3d:61:5e:35:f2:
59:ae:ee:44:63:a1:b5:05:63:16:00:79:eb:0b:3e:
95:7f:2a:d9:d4:c1:df:3c:b8:f3:bb:68:78:d8:8d:
48:3f:eb:cf:45:89:1a:9f:3e:4c:9b:4a:fc:86:88:
94:2f:86:55:1b:6d:cf:d4:fc:db:0d:c5:64:13:7f:
5e:77:74:fa:93:de:bc:50:51:9c:dd:75:f3:19:40:
db:41:10:22:c2:46:2d:c0:bd:b0:77:63:16:ab:ee:
7e:bf:02:e4:4e:e6:33:60:24:e8:06:2e:e2:d9:ea:
81:a3:f3:1d:de:16:1b:6d:34:dd:42:91:4b:f3:1c:
db:5f:1e:6a:2e:03:fb:a9:35:7e:36:d9:e3:50:d2:
c6:26:2e:a3:35:2b:7f:21:ff:73:d7:d7:49:cd:5b:
10:9f:11:a1:0e:a3:41:92:12:27:42:19:1d:5e:49:
d3:3e:30:96:c5:48:f5:c7:76:49:a5:f7:6a:16:86:
89:98:ed:44:2a:78:97:69:e6:52:87:af:3a:96:52:
a1:04:c6:3b:ac:9c:4a:a9:d5:6b:a2:39:e9:36:2a:
a7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:93:EF:23:AE:B1:EB:EA:E3:E3:F4:FC:05:E6:CC:84:79:66:5A:6A
X509v3 Authority Key Identifier:
keyid:38:22:7A:96:FA:64:AD:95:24:0F:0A:EE:0B:D3:74:64:6C:6B:BE:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
27:5d:95:f3:40:b5:88:d6:52:15:05:ce:b6:31:5d:9c:5d:32:
bd:5d:14:eb:84:53:bc:2c:dd:cb:64:c2:14:ca:5f:24:09:40:
37:43:d8:12:2a:1f:48:a3:b9:54:4d:15:7c:87:1c:5a:3c:8d:
ab:76:aa:7a:45:a4:f9:0b:97:73:d2:80:a8:81:d1:6c:4a:2c:
f1:a2:74:e8:a0:30:1c:04:a1:d3:ee:13:b9:7a:6d:8e:b7:11:
b6:6f:e0:86:f6:a1:c5:54:33:4f:a9:52:b0:54:09:35:c9:a3:
ad:99:ad:ac:27:df:54:1b:31:37:19:09:ee:9b:06:6c:fc:d7:
60:8e:1b:e6:26:6b:ac:8f:12:9f:39:6c:6b:c9:fd:03:aa:5d:
3f:a9:35:3f:01:a7:15:21:9c:c6:e7:5b:7a:47:da:d9:30:78:
9f:36:99:75:c3:4b:2c:c1:42:97:fa:b5:2f:15:3a:b3:f4:53:
13:5e:3c:92:88:00:9c:96:ba:fe:b1:49:c7:52:90:8f:57:a8:
56:99:89:e2:ee:5a:2a:e6:8c:45:27:e1:45:fa:46:22:de:cf:
a9:66:cd:b8:8a:d6:bf:d1:9b:51:6b:b6:92:03:6c:24:42:08:
1c:d4:85:fb:37:ae:89:48:96:d2:9b:3c:ae:f2:2a:61:c2:05:
87:18:2c:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuDaAo80qlwRtLjeecwMZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjI3YTk2ZmE2NGFkOTUyNDBmMGFlZTBiZDM3NDY0NmM2
YmJlZTIwHhcNMjUxMTExMDcwMTI5WhcNMjUxMTEyMDcwMTI5WjAzMTEwLwYDVQQD
EyhkZTkzZWYyM2FlYjFlYmVhZTNlM2Y0ZmMwNWU2Y2M4NDc5NjY1YTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxziP08XL1tKqUI8q2sc+Altyf6hf
PQMUVssz7Q3p2BDpaKPulFoyPWFeNfJZru5EY6G1BWMWAHnrCz6VfyrZ1MHfPLjz
u2h42I1IP+vPRYkanz5Mm0r8hoiUL4ZVG23P1PzbDcVkE39ed3T6k968UFGc3XXz
GUDbQRAiwkYtwL2wd2MWq+5+vwLkTuYzYCToBi7i2eqBo/Md3hYbbTTdQpFL8xzb
Xx5qLgP7qTV+NtnjUNLGJi6jNSt/If9z19dJzVsQnxGhDqNBkhInQhkdXknTPjCW
xUj1x3ZJpfdqFoaJmO1EKniXaeZSh686llKhBMY7rJxKqdVrojnpNiqnEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN6T7yOusevq4+P0/AXmzIR5ZlpqMB8GA1UdIwQY
MBaAFDgiepb6ZK2VJA8K7gvTdGRsa77iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NKNmx2cGtyWlVrRHdydUM5TjBaR3hydnVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xY2Y5YWMtMTBkNC00YTVlLWE3MDYt
ZDFjOWJhMDhmNTU5LzEvT0NKNmx2cGtyWlVrRHdydUM5TjBaR3hydnVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xY2Y5YWMtMTBkNC00YTVlLWE3MDYtZDFjOWJhMDhmNTU5
LzEvT0NKNmx2cGtyWlVrRHdydUM5TjBaR3hydnVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ12V80C1
iNZSFQXOtjFdnF0yvV0U64RTvCzdy2TCFMpfJAlAN0PYEiofSKO5VE0VfIccWjyN
q3aqekWk+QuXc9KAqIHRbEos8aJ06KAwHASh0+4TuXptjrcRtm/ghvahxVQzT6lS
sFQJNcmjrZmtrCffVBsxNxkJ7psGbPzXYI4b5iZrrI8Snzlsa8n9A6pdP6k1PwGn
FSGcxudbekfa2TB4nzaZdcNLLMFCl/q1LxU6s/RTE148kogAnJa6/rFJx1KQj1eo
VpmJ4u5aKuaMRSfhRfpGIt7PqWbNuIrWv9GbUWu2kgNsJEIIHNSF+zeuiUiW0ps8
rvIqYcIFhxgs6g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:40 2025 by rpki-client