Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
File: OC5TMDOzzpXklyvyOC3awpPC3AE.mft (raw, json)
Hash identifier: +HH1UWU6A5gdWNVo9R7hc6xI1ck7oLrIrje91yDeU6s=
Subject key identifier: B9:A8:B3:70:92:4E:79:C9:50:1B:2E:F9:FB:E7:B2:FF:A6:D2:B8:E6
Authority key identifier: 38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
Certificate issuer: /CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Certificate serial: 019A71B80CFF711B5123C70D2CD2FD3B9490
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
Manifest number: 0A7E
Signing time: Tue 11 Nov 2025 07:01:18 +0000
Manifest this update: Tue 11 Nov 2025 07:01:18 +0000
Manifest next update: Wed 12 Nov 2025 07:01:18 +0000
Files and hashes: 1: 5Ut0b0NCsET_SBcrRZDGmpxguZ8.roa (hash: yFP/8VV88RGdYS/1gMV2xguqReDrDsPUy9So1+AmUlY=)
2: 5govGzTOoEOkHW5AQQBeXhEslnY.roa (hash: WSesnMfx5MzV8mfpr2Kk+2TovkIoHzCJWKSulEHwHA0=)
3: OC5TMDOzzpXklyvyOC3awpPC3AE.crl (hash: L15m7BthGlNu6alZqfvzIt9cpniJLKhuLJ7p8AGy4+k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:0c:ff:71:1b:51:23:c7:0d:2c:d2:fd:3b:94:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Validity
Not Before: Nov 11 07:01:18 2025 GMT
Not After : Nov 12 07:01:18 2025 GMT
Subject: CN=b9a8b370924e79c9501b2ef9fbe7b2ffa6d2b8e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:eb:f9:30:4a:e3:e0:91:18:7b:46:ae:01:3c:
d4:d4:19:fe:5a:f4:12:2b:e5:8d:f4:7a:7b:ce:18:
7c:b9:d8:25:61:6b:45:94:1c:43:6f:59:29:7b:5f:
61:a8:1d:5e:f4:6d:f0:70:d9:b7:ab:23:a6:5c:0e:
88:54:07:c5:56:23:1d:1d:ce:75:e6:a7:5d:34:3f:
e5:9d:2c:7d:c6:e1:b5:56:79:30:cd:fa:8f:17:c9:
d8:d3:58:98:62:44:94:85:7d:ae:9c:13:bb:7b:f1:
a7:cc:2e:b0:d0:5e:81:ab:04:c0:47:c3:a4:78:bb:
73:10:a2:3f:b3:dd:d6:3b:94:d8:22:88:55:22:e4:
10:db:d3:f4:bf:2e:81:ee:62:36:da:13:2f:e6:86:
39:ff:b2:e2:54:a3:d7:4a:13:f5:45:da:82:7c:03:
cc:6e:74:ad:ac:cd:fe:92:27:7b:75:69:45:41:bd:
b2:3f:c2:1e:49:b8:9a:23:f6:4f:99:d9:0d:eb:6d:
cf:77:38:8d:8a:1e:cc:d1:f9:9d:bd:07:7a:c1:e3:
24:62:a2:a7:5a:23:14:d0:97:9c:89:9a:59:67:86:
3b:48:b2:e1:e4:ed:68:7a:88:aa:6b:f9:26:06:85:
55:4f:b3:9e:dd:fc:61:e6:1c:9d:42:e4:a1:15:f8:
d1:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:A8:B3:70:92:4E:79:C9:50:1B:2E:F9:FB:E7:B2:FF:A6:D2:B8:E6
X509v3 Authority Key Identifier:
keyid:38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bb:d2:c5:7e:eb:d8:b1:db:13:dd:53:56:e9:c9:4a:2f:59:45:
eb:c7:63:1b:81:ff:7f:78:e0:7c:ef:dc:df:b6:dc:3f:a1:35:
dd:66:aa:56:29:27:a7:1f:ca:a8:7d:5d:c9:c0:fb:2c:df:da:
d5:b5:d1:49:be:13:38:5d:9b:58:14:e5:a3:ed:5e:48:2c:e9:
82:b8:fc:fe:a6:2a:f6:7c:58:8d:9a:3f:9b:41:d9:09:92:2a:
60:29:17:d5:74:42:8d:56:1b:a8:8b:85:d7:c5:e6:d9:09:c8:
17:f1:10:5d:dc:0b:89:c9:04:47:bd:2a:09:e7:1b:32:fe:74:
33:5b:4a:cf:7b:c3:7d:65:8b:02:b2:3b:45:23:12:42:40:c8:
40:97:9a:10:24:5d:4d:27:33:fc:de:67:ca:60:a5:99:17:f8:
48:83:8e:a5:7f:d8:4f:dd:dd:d5:df:f4:85:4f:cd:03:38:bd:
d8:07:8a:24:4e:3d:52:f0:1c:94:eb:f6:66:86:0a:72:d3:12:
1d:c5:b8:65:4d:98:76:28:ef:d5:61:17:48:58:e4:4e:a7:e9:
44:fe:58:8a:de:ac:df:49:35:41:08:f4:1f:bf:42:f3:67:4f:
cd:b6:3e:58:55:a3:a4:4f:b8:ad:17:3b:af:6a:0d:81:bc:65:
93:b1:fe:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuAz/cRtRI8cNLNL9O5SQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmU1MzMwMzNiM2NlOTVlNDk3MmJmMjM4MmRkYWMyOTNj
MmRjMDEwHhcNMjUxMTExMDcwMTE4WhcNMjUxMTEyMDcwMTE4WjAzMTEwLwYDVQQD
EyhiOWE4YjM3MDkyNGU3OWM5NTAxYjJlZjlmYmU3YjJmZmE2ZDJiOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ev5MErj4JEYe0auATzU1Bn+WvQS
K+WN9Hp7zhh8udglYWtFlBxDb1kpe19hqB1e9G3wcNm3qyOmXA6IVAfFViMdHc51
5qddND/lnSx9xuG1VnkwzfqPF8nY01iYYkSUhX2unBO7e/GnzC6w0F6BqwTAR8Ok
eLtzEKI/s93WO5TYIohVIuQQ29P0vy6B7mI22hMv5oY5/7LiVKPXShP1RdqCfAPM
bnStrM3+kid7dWlFQb2yP8IeSbiaI/ZPmdkN623PdziNih7M0fmdvQd6weMkYqKn
WiMU0JeciZpZZ4Y7SLLh5O1oeoiqa/kmBoVVT7Oe3fxh5hydQuShFfjRYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLmos3CSTnnJUBsu+fvnsv+m0rjmMB8GA1UdIwQY
MBaAFDguUzAzs86V5Jcr8jgt2sKTwtwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQt
ZWFhMDkwNTE0YjUyLzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQtZWFhMDkwNTE0YjUy
LzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu9LFfuvY
sdsT3VNW6clKL1lF68djG4H/f3jgfO/c37bcP6E13WaqViknpx/KqH1dycD7LN/a
1bXRSb4TOF2bWBTlo+1eSCzpgrj8/qYq9nxYjZo/m0HZCZIqYCkX1XRCjVYbqIuF
18Xm2QnIF/EQXdwLickER70qCecbMv50M1tKz3vDfWWLArI7RSMSQkDIQJeaECRd
TScz/N5nymClmRf4SIOOpX/YT93d1d/0hU/NAzi92AeKJE49UvAclOv2ZoYKctMS
HcW4ZU2Ydijv1WEXSFjkTqfpRP5Yit6s30k1QQj0H79C82dPzbY+WFWjpE+4rRc7
r2oNgbxlk7H+hQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:54:04 2025 by rpki-client