Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
File: oKrlhQo22yiCKmwa_F_6z_AH7vI.mft (raw, json)
Hash identifier: 7Gi9dHZx1WcyGREC9cmZJ5pRaLoP1PbcCy8L+3f50F4=
Subject key identifier: 37:9B:98:03:FB:40:8A:0C:F3:EC:DD:5B:CF:FA:CC:45:0F:6D:96:71
Authority key identifier: A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2
Certificate issuer: /CN=a0aae5850a36db28822a6c1afc5ffacff007eef2
Certificate serial: 019A73384FE4EBCB7BD22293B275AE8E71D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
Manifest number: 0A16
Signing time: Tue 11 Nov 2025 14:01:01 +0000
Manifest this update: Tue 11 Nov 2025 14:01:01 +0000
Manifest next update: Wed 12 Nov 2025 14:01:01 +0000
Files and hashes: 1: oKrlhQo22yiCKmwa_F_6z_AH7vI.crl (hash: zMUbLAdknHOSVnhc1oiA2SuxbUHqhlxjkKu3exI23sY=)
2: vPivcilO-E_vThnuw1Jbeo7vl7Q.roa (hash: ue62obgrVIotq1vJM56av/nq50vzkGkDbEL5zd0kvpg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:38:4f:e4:eb:cb:7b:d2:22:93:b2:75:ae:8e:71:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0aae5850a36db28822a6c1afc5ffacff007eef2
Validity
Not Before: Nov 11 14:01:01 2025 GMT
Not After : Nov 12 14:01:01 2025 GMT
Subject: CN=379b9803fb408a0cf3ecdd5bcffacc450f6d9671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c4:05:69:22:9f:0b:ac:85:17:a4:d3:04:13:
51:b9:dd:67:92:e1:68:11:72:36:a5:b5:4d:31:24:
7c:40:16:59:89:a3:b0:2a:c6:5e:15:0f:8e:2b:85:
ab:c5:8f:c4:3a:d5:16:2e:3e:0d:ab:ce:b8:da:02:
51:86:4f:1c:8c:09:ed:fe:33:9b:d6:e0:3f:fb:a4:
4f:3b:46:fb:c7:46:c8:94:52:6a:a8:ee:07:85:32:
25:fa:53:00:e4:5c:15:58:90:4a:14:33:0b:ac:e9:
4e:99:5b:f0:bb:f7:28:a8:fa:b6:ee:53:47:e2:01:
b0:02:88:69:4c:9f:d8:73:1b:40:ad:17:cd:98:15:
7e:2d:4a:20:25:78:31:d4:8c:ca:bc:76:c7:2c:95:
09:bb:7c:55:0f:65:1e:d0:cb:52:d9:23:89:fd:c6:
5a:28:11:e3:c3:fa:ea:ed:ed:a0:80:c4:54:7b:b9:
5a:6e:57:4a:89:cb:62:3e:f1:7b:81:5c:c0:6b:15:
d5:51:29:a7:b5:62:06:4e:56:41:0f:80:33:7f:a6:
c2:20:f3:79:a5:b3:75:54:82:fb:1f:96:40:58:b8:
bc:13:70:80:e5:7f:fe:1e:cb:f5:ee:db:4b:5c:4d:
cd:99:e7:5f:0c:40:ea:8e:01:42:71:be:d1:ac:1c:
cd:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:9B:98:03:FB:40:8A:0C:F3:EC:DD:5B:CF:FA:CC:45:0F:6D:96:71
X509v3 Authority Key Identifier:
keyid:A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:c3:5f:4b:9d:3e:31:6f:0b:34:2d:c7:a5:4c:a1:bd:36:ff:
10:43:05:f5:20:b6:88:0d:80:d5:46:ff:92:6d:79:c2:08:88:
3c:7a:e7:37:dd:ba:a9:10:01:c7:fc:8e:f9:9d:88:bd:92:48:
62:94:38:75:9d:d4:c9:a4:a3:c5:aa:bb:65:81:71:b0:dc:23:
50:70:4a:b4:35:41:0e:8b:e0:13:c1:ab:a1:a7:89:cd:59:e3:
64:f6:b0:5a:e8:92:d7:93:6f:b0:dc:4c:32:98:69:98:93:48:
bc:7f:31:4d:3b:75:ff:0c:fd:ef:52:44:e2:93:6a:5f:c7:06:
5d:a2:14:39:97:bf:20:58:b5:71:fe:e0:1a:d9:b2:28:54:35:
46:27:d5:81:0d:98:28:ee:5b:0e:0d:48:61:30:3a:3d:d8:8f:
fc:25:79:4b:c0:de:62:32:71:78:03:fe:f6:98:8b:bc:a2:b8:
1a:8c:47:99:76:20:d0:5c:78:f0:2d:9e:b3:1c:65:73:57:53:
49:db:ca:e7:5e:01:0d:6d:21:57:23:37:8d:66:25:44:ce:7e:
45:85:92:30:80:c9:fd:a8:38:ac:8e:66:86:51:7b:c3:ab:0d:
33:55:21:34:69:e0:0c:03:f5:b1:d9:71:5c:63:ec:2c:ce:31:
92:f4:79:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzOE/k68t70iKTsnWujnHTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYWFlNTg1MGEzNmRiMjg4MjJhNmMxYWZjNWZmYWNmZjAw
N2VlZjIwHhcNMjUxMTExMTQwMTAxWhcNMjUxMTEyMTQwMTAxWjAzMTEwLwYDVQQD
EygzNzliOTgwM2ZiNDA4YTBjZjNlY2RkNWJjZmZhY2M0NTBmNmQ5NjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcQFaSKfC6yFF6TTBBNRud1nkuFo
EXI2pbVNMSR8QBZZiaOwKsZeFQ+OK4WrxY/EOtUWLj4Nq8642gJRhk8cjAnt/jOb
1uA/+6RPO0b7x0bIlFJqqO4HhTIl+lMA5FwVWJBKFDMLrOlOmVvwu/coqPq27lNH
4gGwAohpTJ/YcxtArRfNmBV+LUogJXgx1IzKvHbHLJUJu3xVD2Ue0MtS2SOJ/cZa
KBHjw/rq7e2ggMRUe7labldKictiPvF7gVzAaxXVUSmntWIGTlZBD4Azf6bCIPN5
pbN1VIL7H5ZAWLi8E3CA5X/+Hsv17ttLXE3NmedfDEDqjgFCcb7RrBzN/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDebmAP7QIoM8+zdW8/6zEUPbZZxMB8GA1UdIwQY
MBaAFKCq5YUKNtsogipsGvxf+s/wB+7yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODIt
MjgxOWU0YzVmMTIzLzEvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODItMjgxOWU0YzVmMTIz
LzEvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAccNfS50+
MW8LNC3HpUyhvTb/EEMF9SC2iA2A1Ub/km15wgiIPHrnN926qRABx/yO+Z2IvZJI
YpQ4dZ3UyaSjxaq7ZYFxsNwjUHBKtDVBDovgE8GroaeJzVnjZPawWuiS15NvsNxM
MphpmJNIvH8xTTt1/wz971JE4pNqX8cGXaIUOZe/IFi1cf7gGtmyKFQ1RifVgQ2Y
KO5bDg1IYTA6PdiP/CV5S8DeYjJxeAP+9piLvKK4GoxHmXYg0Fx48C2esxxlc1dT
SdvK514BDW0hVyM3jWYlRM5+RYWSMIDJ/ag4rI5mhlF7w6sNM1UhNGngDAP1sdlx
XGPsLM4xkvR5WA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:38:15 2025 by rpki-client