Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.mft
File: OJDnpFSaVx9otoja1PXO2OUpBos.mft (raw, json)
Hash identifier: xVqkdMyPwsJ3zw60Rpu30Fbct5INcB2t0HpVr72APxQ=
Subject key identifier: 94:8A:72:2D:99:C4:4C:EF:F0:79:20:7C:19:DE:A0:50:F3:50:F2:3D
Authority key identifier: 38:90:E7:A4:54:9A:57:1F:68:B6:88:DA:D4:F5:CE:D8:E5:29:06:8B
Certificate issuer: /CN=3890e7a4549a571f68b688dad4f5ced8e529068b
Certificate serial: 019A71B8FE030004861664157CD9382D95EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJDnpFSaVx9otoja1PXO2OUpBos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 07:02:20 +0000
Manifest this update: Tue 11 Nov 2025 07:02:20 +0000
Manifest next update: Wed 12 Nov 2025 07:02:20 +0000
Files and hashes: 1: OJDnpFSaVx9otoja1PXO2OUpBos.crl (hash: EM0gnmOhI4UmS1q7oLw7ZiaJ4cypB0Gdt0ECqveWryI=)
2: XaY9bUiZ_CFGYXPkNboje_P8adc.roa (hash: b9+EkuxILTVWiZrAAhWN9xohV/5GiE1XVfEOgozpLGc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.mft
rsync://rpki.ripe.net/repository/DEFAULT/OJDnpFSaVx9otoja1PXO2OUpBos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:fe:03:00:04:86:16:64:15:7c:d9:38:2d:95:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3890e7a4549a571f68b688dad4f5ced8e529068b
Validity
Not Before: Nov 11 07:02:20 2025 GMT
Not After : Nov 12 07:02:20 2025 GMT
Subject: CN=948a722d99c44ceff079207c19dea050f350f23d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:89:fa:0f:bd:10:f2:e9:9e:74:6a:35:a4:af:
93:3d:4f:31:18:4f:37:cc:74:ea:b9:38:35:53:ee:
9d:07:51:7c:01:db:4e:9d:0c:70:09:b7:ce:f3:25:
e4:9d:6b:b6:fb:88:e8:0a:dc:85:b1:17:25:72:11:
53:90:59:34:fd:c8:ae:e8:ad:64:c0:62:e6:7d:d7:
c7:55:cb:b8:e9:34:25:96:9e:92:97:cf:bd:8b:25:
94:f3:bb:94:05:35:60:be:69:7a:46:c5:20:2b:87:
49:96:5c:03:b4:89:c6:55:c7:3d:37:9f:02:14:cd:
4c:4b:4e:51:08:16:69:33:98:91:cb:63:04:fc:5d:
96:a1:16:bb:2d:4f:8f:44:1a:c6:c4:63:a7:58:ef:
b2:e7:f9:ca:f6:f7:f4:50:28:0a:bb:de:d9:89:1e:
7d:ae:8e:45:24:e2:d9:b5:53:27:b6:ff:ef:7e:c6:
4a:8e:80:56:7d:66:9a:73:5f:c8:e6:da:18:3d:aa:
a6:f0:90:32:27:77:82:b0:72:1b:57:9a:f6:a0:f0:
65:75:3e:b0:74:70:9a:68:cd:d9:9d:51:4c:8b:7a:
07:06:61:2f:f0:3c:67:44:b9:37:44:16:ca:1e:e7:
d6:85:83:3a:2d:8f:b3:a1:39:80:92:8b:ac:4e:e3:
04:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:8A:72:2D:99:C4:4C:EF:F0:79:20:7C:19:DE:A0:50:F3:50:F2:3D
X509v3 Authority Key Identifier:
keyid:38:90:E7:A4:54:9A:57:1F:68:B6:88:DA:D4:F5:CE:D8:E5:29:06:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJDnpFSaVx9otoja1PXO2OUpBos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:66:81:58:b4:72:db:ae:47:2e:36:0e:1d:fe:97:e3:93:7f:
4f:b0:17:a6:ba:64:9f:00:50:a6:4a:a5:0d:1f:3a:f9:5e:92:
00:ae:db:02:42:37:28:bf:51:68:a7:90:13:78:26:7e:4d:35:
46:e5:79:da:e7:7d:a0:9b:8a:e4:45:30:7b:21:0c:b1:f3:42:
47:6a:9f:f8:ab:b4:7c:14:fa:97:78:da:6f:df:3e:73:c7:38:
97:8b:8f:f6:b7:94:0d:c5:3d:c7:d8:3d:7b:59:1e:4d:5a:a1:
7c:a9:c1:7b:c3:72:85:73:6b:c8:7c:c4:56:a6:85:61:52:81:
7d:4a:4c:5a:43:8c:86:6d:ec:f8:47:49:c0:bb:88:7e:55:d3:
07:13:83:03:86:8a:c7:b8:a6:90:8f:1d:0b:4c:ca:4a:20:04:
74:8c:0d:45:f2:55:32:a6:62:15:99:3b:6f:5e:c7:28:49:54:
9d:93:29:bf:f3:6f:c7:c3:c8:3f:fd:ca:a6:93:46:b6:97:77:
4e:c4:77:0b:1b:53:da:75:66:31:82:6c:fb:b8:26:12:9a:37:
e3:85:ec:3c:31:45:4c:4f:22:4a:df:f9:28:f8:44:2f:23:a4:
23:c3:98:f4:d9:13:21:56:64:b4:c9:d5:ab:df:f4:74:5a:06:
f3:bb:01:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuP4DAASGFmQVfNk4LZXvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OTBlN2E0NTQ5YTU3MWY2OGI2ODhkYWQ0ZjVjZWQ4ZTUy
OTA2OGIwHhcNMjUxMTExMDcwMjIwWhcNMjUxMTEyMDcwMjIwWjAzMTEwLwYDVQQD
Eyg5NDhhNzIyZDk5YzQ0Y2VmZjA3OTIwN2MxOWRlYTA1MGYzNTBmMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4n6D70Q8umedGo1pK+TPU8xGE83
zHTquTg1U+6dB1F8AdtOnQxwCbfO8yXknWu2+4joCtyFsRclchFTkFk0/ciu6K1k
wGLmfdfHVcu46TQllp6Sl8+9iyWU87uUBTVgvml6RsUgK4dJllwDtInGVcc9N58C
FM1MS05RCBZpM5iRy2ME/F2WoRa7LU+PRBrGxGOnWO+y5/nK9vf0UCgKu97ZiR59
ro5FJOLZtVMntv/vfsZKjoBWfWaac1/I5toYPaqm8JAyJ3eCsHIbV5r2oPBldT6w
dHCaaM3ZnVFMi3oHBmEv8DxnRLk3RBbKHufWhYM6LY+zoTmAkousTuMEoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJSKci2ZxEzv8HkgfBneoFDzUPI9MB8GA1UdIwQY
MBaAFDiQ56RUmlcfaLaI2tT1ztjlKQaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0pEbnBGU2FWeDlvdG9qYTFQWE8yT1VwQm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8yNWRmNGUtYWZjNS00YzUwLThkZTIt
OTQ4MTJjN2Y0NDllLzEvT0pEbnBGU2FWeDlvdG9qYTFQWE8yT1VwQm9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8yNWRmNGUtYWZjNS00YzUwLThkZTItOTQ4MTJjN2Y0NDll
LzEvT0pEbnBGU2FWeDlvdG9qYTFQWE8yT1VwQm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACmaBWLRy
265HLjYOHf6X45N/T7AXprpknwBQpkqlDR86+V6SAK7bAkI3KL9RaKeQE3gmfk01
RuV52ud9oJuK5EUweyEMsfNCR2qf+Ku0fBT6l3jab98+c8c4l4uP9reUDcU9x9g9
e1keTVqhfKnBe8NyhXNryHzEVqaFYVKBfUpMWkOMhm3s+EdJwLuIflXTBxODA4aK
x7imkI8dC0zKSiAEdIwNRfJVMqZiFZk7b17HKElUnZMpv/Nvx8PIP/3KppNGtpd3
TsR3CxtT2nVmMYJs+7gmEpo344XsPDFFTE8iSt/5KPhELyOkI8OY9NkTIVZktMnV
q9/0dFoG87sB4A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:47:34 2025 by rpki-client