Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft
File: oUx52o8IwpnEYya3m55CTkmmh1s.mft (raw, json)
Hash identifier: YoU8yn5sSlzceDsXuz6RhYr3gLk/9o3+zwUvxUZog8s=
Subject key identifier: 9C:6A:85:29:F0:2B:81:D0:7A:2C:07:98:4A:0F:C2:51:D0:5F:82:7A
Authority key identifier: A1:4C:79:DA:8F:08:C2:99:C4:63:26:B7:9B:9E:42:4E:49:A6:87:5B
Certificate issuer: /CN=a14c79da8f08c299c46326b79b9e424e49a6875b
Certificate serial: 019A71B7EA8DD0CBBD6AB52557F004AF1C4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oUx52o8IwpnEYya3m55CTkmmh1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft
Manifest number: 16AF
Signing time: Tue 11 Nov 2025 07:01:09 +0000
Manifest this update: Tue 11 Nov 2025 07:01:09 +0000
Manifest next update: Wed 12 Nov 2025 07:01:09 +0000
Files and hashes: 1: oUx52o8IwpnEYya3m55CTkmmh1s.crl (hash: kCDeJ+p5OpLdVad/cwsHzhiXRVIE4uGpq8yXlUK4pNs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft
rsync://rpki.ripe.net/repository/DEFAULT/oUx52o8IwpnEYya3m55CTkmmh1s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:ea:8d:d0:cb:bd:6a:b5:25:57:f0:04:af:1c:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a14c79da8f08c299c46326b79b9e424e49a6875b
Validity
Not Before: Nov 11 07:01:09 2025 GMT
Not After : Nov 12 07:01:09 2025 GMT
Subject: CN=9c6a8529f02b81d07a2c07984a0fc251d05f827a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:39:f7:73:18:fe:e0:fd:ca:1e:20:c4:7f:36:
84:08:75:c7:d4:58:b7:98:cb:f6:28:9e:95:c9:f4:
d0:c8:d5:32:d9:88:25:34:1f:fe:4c:aa:14:fb:a4:
0c:a8:8b:a1:75:27:31:a7:7e:6c:a3:4b:9e:5a:c4:
f2:97:8f:dc:f4:f5:8d:1a:c7:d0:00:ba:35:41:f1:
3c:76:b5:0a:a1:22:08:36:a3:b5:28:a1:4b:75:69:
94:f9:12:f6:f3:c2:47:ef:c7:75:db:b6:e8:c6:7c:
fd:fc:c0:7e:b9:0c:6b:ea:60:b3:87:91:35:e9:53:
f5:fb:97:df:ba:84:e7:b3:73:78:57:e1:bd:dd:3a:
80:e0:3a:00:da:f0:ba:a0:7e:dd:76:60:8f:ea:c8:
a1:d8:45:70:c1:9d:4c:ea:2d:a3:67:10:43:4a:7a:
5a:0d:12:0f:3e:7e:8f:4c:29:a0:34:14:68:7b:03:
80:aa:26:51:86:7d:3f:ff:e8:e1:47:bd:16:4e:70:
f0:fe:0d:56:e0:5c:45:05:9e:d7:09:6c:ce:c8:64:
4e:8f:56:f2:c8:d6:55:41:8b:45:cf:1b:91:25:c4:
b6:19:aa:83:14:6e:f5:a1:c8:a4:8a:ac:53:db:4b:
1e:61:52:27:0d:70:e2:a0:94:e6:2b:e2:89:cf:6e:
96:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:6A:85:29:F0:2B:81:D0:7A:2C:07:98:4A:0F:C2:51:D0:5F:82:7A
X509v3 Authority Key Identifier:
keyid:A1:4C:79:DA:8F:08:C2:99:C4:63:26:B7:9B:9E:42:4E:49:A6:87:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUx52o8IwpnEYya3m55CTkmmh1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:24:c5:6d:59:c8:65:d3:a3:75:f1:13:5e:f1:bb:2d:7e:a1:
d8:c6:58:11:a2:d7:fb:a3:eb:1a:88:7f:1d:c2:f9:37:a9:f2:
55:c4:a4:37:f2:a2:4b:6c:d4:cb:5e:5f:ff:c4:6b:5e:23:9d:
7d:12:52:3e:9d:c5:b7:c1:b6:61:1f:56:c9:08:9d:b9:5d:03:
1c:5a:f3:03:df:c6:18:02:b2:e1:7a:0d:a8:a0:c4:0c:c5:6a:
b1:c3:ec:e7:8b:d5:d7:fb:28:1d:e7:7d:14:21:c8:d7:12:f5:
38:c2:4c:64:71:3a:1b:7e:70:ba:fb:d0:4b:85:b6:a4:00:3d:
3b:57:bc:0f:1a:1d:a5:f2:de:8e:fd:35:bd:e4:b0:0a:35:4f:
73:51:12:c3:51:f2:27:0a:ec:90:31:96:a6:31:f1:cd:d3:ba:
b0:28:1d:56:99:3d:5c:57:da:9d:b5:5b:03:82:38:74:a7:87:
5d:ef:d7:e5:78:4e:84:77:c2:dc:aa:0f:39:30:a3:8c:41:ab:
a4:01:e8:21:9b:45:8d:77:43:1c:46:ec:9f:ca:16:11:89:04:
a7:d9:7b:7c:23:49:0c:60:bb:40:83:ef:fd:2d:f0:ea:33:73:
6d:15:d9:82:b6:58:82:09:8e:e7:9a:c5:93:86:ea:ec:60:0e:
6b:1f:d4:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+qN0Mu9arUlV/AErxxLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNGM3OWRhOGYwOGMyOTljNDYzMjZiNzliOWU0MjRlNDlh
Njg3NWIwHhcNMjUxMTExMDcwMTA5WhcNMjUxMTEyMDcwMTA5WjAzMTEwLwYDVQQD
Eyg5YzZhODUyOWYwMmI4MWQwN2EyYzA3OTg0YTBmYzI1MWQwNWY4MjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzn3cxj+4P3KHiDEfzaECHXH1Fi3
mMv2KJ6VyfTQyNUy2YglNB/+TKoU+6QMqIuhdScxp35so0ueWsTyl4/c9PWNGsfQ
ALo1QfE8drUKoSIINqO1KKFLdWmU+RL288JH78d127boxnz9/MB+uQxr6mCzh5E1
6VP1+5ffuoTns3N4V+G93TqA4DoA2vC6oH7ddmCP6sih2EVwwZ1M6i2jZxBDSnpa
DRIPPn6PTCmgNBRoewOAqiZRhn0//+jhR70WTnDw/g1W4FxFBZ7XCWzOyGROj1by
yNZVQYtFzxuRJcS2GaqDFG71ocikiqxT20seYVInDXDioJTmK+KJz26WzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJxqhSnwK4HQeiwHmEoPwlHQX4J6MB8GA1UdIwQY
MBaAFKFMedqPCMKZxGMmt5ueQk5JpodbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1V4NTJvOEl3cG5FWXlhM201NUNUa21taDFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yMmViNTMtNGY2MC00MTFiLTg0MDkt
ZDRjOTdmZjZlMTFlLzEvb1V4NTJvOEl3cG5FWXlhM201NUNUa21taDFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yMmViNTMtNGY2MC00MTFiLTg0MDktZDRjOTdmZjZlMTFl
LzEvb1V4NTJvOEl3cG5FWXlhM201NUNUa21taDFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAliTFbVnI
ZdOjdfETXvG7LX6h2MZYEaLX+6PrGoh/HcL5N6nyVcSkN/KiS2zUy15f/8RrXiOd
fRJSPp3Ft8G2YR9WyQiduV0DHFrzA9/GGAKy4XoNqKDEDMVqscPs54vV1/soHed9
FCHI1xL1OMJMZHE6G35wuvvQS4W2pAA9O1e8DxodpfLejv01veSwCjVPc1ESw1Hy
JwrskDGWpjHxzdO6sCgdVpk9XFfanbVbA4I4dKeHXe/X5XhOhHfC3KoPOTCjjEGr
pAHoIZtFjXdDHEbsn8oWEYkEp9l7fCNJDGC7QIPv/S3w6jNzbRXZgrZYggmO55rF
k4bq7GAOax/Ueg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:18:29 2025 by rpki-client