Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/OCUoqxzRttxzwLCbZ9Pn41hPNj0.mft
File: OCUoqxzRttxzwLCbZ9Pn41hPNj0.mft (raw, json)
Hash identifier: ATvKSGcWqiVrEDAlnURlQlzIWub8+WQtSUcjRoRbymY=
Subject key identifier: 8F:CD:E4:A8:44:A6:55:2B:BE:28:10:BB:C9:27:BB:8D:B2:C2:19:69
Authority key identifier: 38:25:28:AB:1C:D1:B6:DC:73:C0:B0:9B:67:D3:E7:E3:58:4F:36:3D
Certificate issuer: /CN=382528ab1cd1b6dc73c0b09b67d3e7e3584f363d
Certificate serial: 019A71EE6910B6DB888FD4622E9981F69601
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCUoqxzRttxzwLCbZ9Pn41hPNj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/OCUoqxzRttxzwLCbZ9Pn41hPNj0.mft
Manifest number: 1721
Signing time: Tue 11 Nov 2025 08:00:41 +0000
Manifest this update: Tue 11 Nov 2025 08:00:41 +0000
Manifest next update: Wed 12 Nov 2025 08:00:41 +0000
Files and hashes: 1: OCUoqxzRttxzwLCbZ9Pn41hPNj0.crl (hash: JcsQDC4EWgFJHNe6w63eNqEOCsY6VI35NRIfRhFX+i4=)
2: Q4SQTvELqYETYT6vjRCA2iGLGgc.roa (hash: tzC8sef+XSgDXhot9EyLUIit2vwD1a0sRJU8Ks3S1wY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/OCUoqxzRttxzwLCbZ9Pn41hPNj0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/OCUoqxzRttxzwLCbZ9Pn41hPNj0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OCUoqxzRttxzwLCbZ9Pn41hPNj0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:69:10:b6:db:88:8f:d4:62:2e:99:81:f6:96:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382528ab1cd1b6dc73c0b09b67d3e7e3584f363d
Validity
Not Before: Nov 11 08:00:41 2025 GMT
Not After : Nov 12 08:00:41 2025 GMT
Subject: CN=8fcde4a844a6552bbe2810bbc927bb8db2c21969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a8:78:45:c2:6b:59:b4:0b:67:24:7c:ed:8c:
16:df:38:ba:92:c5:1e:5c:96:34:54:a4:ec:a1:b3:
d4:2a:cf:89:ec:7f:79:24:fe:f2:94:4c:73:ab:50:
26:07:52:f7:5b:f5:7f:b5:18:e3:0d:86:55:9d:a3:
b2:c2:46:de:65:67:1b:01:44:de:95:61:42:aa:f8:
a7:16:c4:2e:32:7f:01:22:cb:92:6b:3a:f1:94:3e:
f5:d1:4d:ab:91:03:90:c9:ec:44:84:7a:b5:e4:4f:
ca:36:ed:9a:7c:c2:40:0a:06:8d:38:a3:05:e6:0b:
2a:57:f5:9b:27:b5:83:8d:ef:be:97:b6:0d:85:60:
82:5e:3e:31:43:db:bb:5a:c6:cb:56:8e:f0:4e:24:
35:d4:b0:17:8a:f9:fa:99:cc:85:8c:d1:de:9f:92:
b2:15:d2:ff:a6:63:25:2f:e9:e7:7c:6a:07:fd:c4:
49:d2:a7:dd:5a:b5:c9:8c:ed:9d:52:91:27:42:63:
b8:39:15:62:73:5d:0d:d0:c6:6f:1c:19:e8:25:3e:
61:0b:de:e7:d8:c0:a9:e0:86:a8:98:9c:15:ff:64:
e3:32:19:87:ee:90:04:b7:13:00:0b:95:55:1f:fb:
01:48:98:0f:27:12:fd:05:e7:12:72:35:4e:52:43:
ec:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:CD:E4:A8:44:A6:55:2B:BE:28:10:BB:C9:27:BB:8D:B2:C2:19:69
X509v3 Authority Key Identifier:
keyid:38:25:28:AB:1C:D1:B6:DC:73:C0:B0:9B:67:D3:E7:E3:58:4F:36:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCUoqxzRttxzwLCbZ9Pn41hPNj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/OCUoqxzRttxzwLCbZ9Pn41hPNj0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/OCUoqxzRttxzwLCbZ9Pn41hPNj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:3d:52:68:8b:da:93:12:b2:eb:af:28:62:2e:44:6a:f9:61:
f6:40:b7:b4:57:f3:35:3b:69:a6:e5:7a:69:ef:78:12:4e:78:
2f:a4:df:ce:9c:af:8e:ef:10:08:ca:8b:7a:bd:08:03:3e:4f:
c4:2f:06:c7:25:0d:6b:86:b5:1c:0a:e3:46:19:86:76:c7:0b:
e7:01:48:20:55:b3:f6:77:ab:88:7a:53:67:8f:7d:c6:29:6c:
c1:84:b7:45:b0:b7:4d:b8:1c:97:1f:63:90:92:c1:75:d4:f4:
05:47:18:35:5f:aa:3f:38:c8:a8:11:c0:24:25:eb:ed:08:c9:
99:05:bf:f5:2b:b9:d0:05:79:e4:95:88:59:1e:f6:2c:49:88:
19:a3:b2:29:84:f0:11:7b:b1:59:11:00:2e:36:7b:93:42:91:
ec:82:1c:e7:27:14:ad:be:da:04:9a:b5:ce:91:28:c7:e8:fc:
55:5c:f5:99:a3:af:62:91:a3:7a:f2:61:f5:06:a3:1b:7d:83:
8f:12:87:93:e9:d8:0d:11:69:52:6f:61:30:4f:24:b7:a3:55:
7e:89:e2:8a:45:aa:5a:89:47:10:e0:a5:b8:2e:fa:e8:21:aa:
6f:bb:c6:91:a5:72:5d:42:c0:b0:00:dd:75:4d:3b:fc:5c:27:
e5:cf:de:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7mkQttuIj9RiLpmB9pYBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjUyOGFiMWNkMWI2ZGM3M2MwYjA5YjY3ZDNlN2UzNTg0
ZjM2M2QwHhcNMjUxMTExMDgwMDQxWhcNMjUxMTEyMDgwMDQxWjAzMTEwLwYDVQQD
Eyg4ZmNkZTRhODQ0YTY1NTJiYmUyODEwYmJjOTI3YmI4ZGIyYzIxOTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArah4RcJrWbQLZyR87YwW3zi6ksUe
XJY0VKTsobPUKs+J7H95JP7ylExzq1AmB1L3W/V/tRjjDYZVnaOywkbeZWcbAUTe
lWFCqvinFsQuMn8BIsuSazrxlD710U2rkQOQyexEhHq15E/KNu2afMJACgaNOKMF
5gsqV/WbJ7WDje++l7YNhWCCXj4xQ9u7WsbLVo7wTiQ11LAXivn6mcyFjNHen5Ky
FdL/pmMlL+nnfGoH/cRJ0qfdWrXJjO2dUpEnQmO4ORVic10N0MZvHBnoJT5hC97n
2MCp4IaomJwV/2TjMhmH7pAEtxMAC5VVH/sBSJgPJxL9BecScjVOUkPsUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI/N5KhEplUrvigQu8knu42ywhlpMB8GA1UdIwQY
MBaAFDglKKsc0bbcc8Cwm2fT5+NYTzY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NVb3F4elJ0dHh6d0xDYlo5UG40MWhQTmowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wMDgxNmEtZWVkZi00MTkwLWJjMzMt
M2EwMmEyNDJmNDQ0LzEvT0NVb3F4elJ0dHh6d0xDYlo5UG40MWhQTmowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wMDgxNmEtZWVkZi00MTkwLWJjMzMtM2EwMmEyNDJmNDQ0
LzEvT0NVb3F4elJ0dHh6d0xDYlo5UG40MWhQTmowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQz1SaIva
kxKy668oYi5Eavlh9kC3tFfzNTtppuV6ae94Ek54L6Tfzpyvju8QCMqLer0IAz5P
xC8GxyUNa4a1HArjRhmGdscL5wFIIFWz9neriHpTZ499xilswYS3RbC3Tbgclx9j
kJLBddT0BUcYNV+qPzjIqBHAJCXr7QjJmQW/9Su50AV55JWIWR72LEmIGaOyKYTw
EXuxWREALjZ7k0KR7IIc5ycUrb7aBJq1zpEox+j8VVz1maOvYpGjevJh9QajG32D
jxKHk+nYDRFpUm9hME8kt6NVfoniikWqWolHEOCluC766CGqb7vGkaVyXULAsADd
dU07/Fwn5c/eLQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:47:48 2025 by rpki-client