Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/OzBfl6JvMdgAYFn7OrGerPt4NFU.mft
File: OzBfl6JvMdgAYFn7OrGerPt4NFU.mft (raw, json)
Hash identifier: lFPfJCcMQDmoN3eDO826/t3TzldhAj45gdo/GcuxQto=
Subject key identifier: 17:FB:4E:E2:E8:F3:C3:B1:A9:9B:5B:82:0C:F7:3D:D4:DE:EB:F0:F3
Authority key identifier: 3B:30:5F:97:A2:6F:31:D8:00:60:59:FB:3A:B1:9E:AC:FB:78:34:55
Certificate issuer: /CN=3b305f97a26f31d8006059fb3ab19eacfb783455
Certificate serial: 019A71B7D9AF9E1DC78CAE29621B37E8BDCB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OzBfl6JvMdgAYFn7OrGerPt4NFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/OzBfl6JvMdgAYFn7OrGerPt4NFU.mft
Manifest number: 0B09
Signing time: Tue 11 Nov 2025 07:01:05 +0000
Manifest this update: Tue 11 Nov 2025 07:01:05 +0000
Manifest next update: Wed 12 Nov 2025 07:01:05 +0000
Files and hashes: 1: 6t5f4Ujb0FAO84dMqgRAqgV1jVs.roa (hash: u7nakvY2IzZI/nPIoCHOpaknwKeAH1RDuYLRGXqd0p4=)
2: OzBfl6JvMdgAYFn7OrGerPt4NFU.crl (hash: 9ovIYuyV1uQPzDWqhDCq0DGtIOMtNRa0RdqNSsHDln0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/OzBfl6JvMdgAYFn7OrGerPt4NFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/OzBfl6JvMdgAYFn7OrGerPt4NFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OzBfl6JvMdgAYFn7OrGerPt4NFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:d9:af:9e:1d:c7:8c:ae:29:62:1b:37:e8:bd:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b305f97a26f31d8006059fb3ab19eacfb783455
Validity
Not Before: Nov 11 07:01:05 2025 GMT
Not After : Nov 12 07:01:05 2025 GMT
Subject: CN=17fb4ee2e8f3c3b1a99b5b820cf73dd4deebf0f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:14:da:ca:60:e2:b2:84:38:fc:64:3e:23:a3:
16:06:fc:da:5d:54:37:7d:ac:ea:5c:48:1f:df:3a:
29:f4:ad:20:38:a2:36:d7:e0:c2:49:99:fa:3c:08:
3d:e0:35:7e:d3:ef:a3:fb:18:7e:ee:07:db:2d:a3:
c1:46:5d:fb:15:57:7f:5a:ba:bb:34:7b:c6:08:b3:
c9:1f:d0:f0:57:a7:7a:3c:5c:d1:17:bc:05:4a:ea:
b4:a3:31:35:08:b3:41:47:62:da:5e:2b:6b:46:05:
ae:47:2e:62:e8:77:48:3a:d6:25:37:88:2b:88:da:
a4:4c:30:d3:51:a2:7b:38:c4:f7:92:c2:c7:87:60:
b7:03:05:a6:19:dc:7e:bf:78:6b:cd:3c:11:2c:54:
62:62:5b:dc:0e:a2:0e:21:38:b7:73:69:f9:96:99:
49:33:ba:34:28:8d:15:62:3d:2a:81:98:95:29:ae:
d3:cb:65:9b:f3:49:04:d6:ec:9e:10:97:26:2f:e2:
9f:29:42:a5:cb:7c:07:df:24:ca:f5:78:8e:86:a2:
36:ad:43:a1:08:a9:de:39:7b:5d:e6:b7:73:bf:52:
7d:0f:81:04:94:3d:8d:7f:77:00:30:b2:c1:b5:24:
28:44:16:7c:b0:7d:0c:31:b2:59:11:db:4a:d8:83:
8d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:FB:4E:E2:E8:F3:C3:B1:A9:9B:5B:82:0C:F7:3D:D4:DE:EB:F0:F3
X509v3 Authority Key Identifier:
keyid:3B:30:5F:97:A2:6F:31:D8:00:60:59:FB:3A:B1:9E:AC:FB:78:34:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OzBfl6JvMdgAYFn7OrGerPt4NFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/OzBfl6JvMdgAYFn7OrGerPt4NFU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/OzBfl6JvMdgAYFn7OrGerPt4NFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9f:4b:f9:40:41:f3:52:90:6b:45:0e:93:0f:35:44:31:ed:ad:
e6:87:7b:f0:3f:94:12:9f:4b:bd:e8:e6:43:47:cc:1e:a1:54:
23:e8:84:12:87:86:d1:14:67:38:5d:c5:82:4f:17:70:13:4e:
dd:80:ac:9b:36:4b:6e:23:e8:ba:e1:80:6f:05:ce:7a:cb:8d:
88:ef:a9:01:47:33:c6:c1:9a:13:a5:11:7a:4d:1f:01:2b:be:
f6:20:ab:20:4e:32:71:07:18:48:fb:17:36:4e:fd:ee:36:76:
a8:5c:21:77:b9:74:26:b9:7b:6d:f6:d9:41:ac:bc:2b:30:12:
7e:a4:bc:58:a2:54:8d:84:3a:62:00:db:fe:90:5b:f4:d6:a5:
58:c2:10:e4:20:b8:f5:64:33:be:07:11:18:57:6b:f7:cb:b4:
eb:b7:c4:ac:52:5b:de:b9:e1:4e:4d:8b:2f:59:0e:00:99:43:
98:8c:26:a4:2f:61:b9:b0:ab:9b:18:98:06:1e:73:6c:b9:c7:
bd:e0:04:28:bf:44:21:6b:56:d2:9d:66:63:50:c1:5b:29:92:
3c:52:e7:45:9f:30:8d:2c:af:68:05:7a:14:24:7c:bb:c8:d8:
eb:82:7e:c9:35:a5:d2:58:a4:f4:10:81:5f:06:33:f3:8e:ce:
e1:1a:18:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt9mvnh3HjK4pYhs36L3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMzA1Zjk3YTI2ZjMxZDgwMDYwNTlmYjNhYjE5ZWFjZmI3
ODM0NTUwHhcNMjUxMTExMDcwMTA1WhcNMjUxMTEyMDcwMTA1WjAzMTEwLwYDVQQD
EygxN2ZiNGVlMmU4ZjNjM2IxYTk5YjViODIwY2Y3M2RkNGRlZWJmMGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7BTaymDisoQ4/GQ+I6MWBvzaXVQ3
fazqXEgf3zop9K0gOKI21+DCSZn6PAg94DV+0++j+xh+7gfbLaPBRl37FVd/Wrq7
NHvGCLPJH9DwV6d6PFzRF7wFSuq0ozE1CLNBR2LaXitrRgWuRy5i6HdIOtYlN4gr
iNqkTDDTUaJ7OMT3ksLHh2C3AwWmGdx+v3hrzTwRLFRiYlvcDqIOITi3c2n5lplJ
M7o0KI0VYj0qgZiVKa7Ty2Wb80kE1uyeEJcmL+KfKUKly3wH3yTK9XiOhqI2rUOh
CKneOXtd5rdzv1J9D4EElD2Nf3cAMLLBtSQoRBZ8sH0MMbJZEdtK2IONlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBf7TuLo88OxqZtbggz3PdTe6/DzMB8GA1UdIwQY
MBaAFDswX5eibzHYAGBZ+zqxnqz7eDRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3pCZmw2SnZNZGdBWUZuN09yR2VyUHQ0TkZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8xYWE5NTEtNmM0OC00OTNkLWFkODkt
NThiOWIwYzI0NDBiLzEvT3pCZmw2SnZNZGdBWUZuN09yR2VyUHQ0TkZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8xYWE5NTEtNmM0OC00OTNkLWFkODktNThiOWIwYzI0NDBi
LzEvT3pCZmw2SnZNZGdBWUZuN09yR2VyUHQ0TkZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn0v5QEHz
UpBrRQ6TDzVEMe2t5od78D+UEp9LvejmQ0fMHqFUI+iEEoeG0RRnOF3Fgk8XcBNO
3YCsmzZLbiPouuGAbwXOesuNiO+pAUczxsGaE6URek0fASu+9iCrIE4ycQcYSPsX
Nk797jZ2qFwhd7l0Jrl7bfbZQay8KzASfqS8WKJUjYQ6YgDb/pBb9NalWMIQ5CC4
9WQzvgcRGFdr98u067fErFJb3rnhTk2LL1kOAJlDmIwmpC9hubCrmxiYBh5zbLnH
veAEKL9EIWtW0p1mY1DBWymSPFLnRZ8wjSyvaAV6FCR8u8jY64J+yTWl0lik9BCB
XwYz847O4RoYoQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:48:29 2025 by rpki-client