Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
File: 1ots-3IKfJKhgMphS9sO2h8evp0.mft (raw, json)
Hash identifier: vceFxkmTWxzis5xMMNu9083rh8gpDeUvThvsj5jSb4w=
Subject key identifier: 51:B9:FD:D3:B2:81:10:6F:94:76:CE:E9:71:89:64:35:4D:A8:87:7B
Authority key identifier: D6:8B:6C:FB:72:0A:7C:92:A1:80:CA:61:4B:DB:0E:DA:1F:1E:BE:9D
Certificate issuer: /CN=d68b6cfb720a7c92a180ca614bdb0eda1f1ebe9d
Certificate serial: 019A71EE965B2C284FE53D086A790B1B4013
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
Manifest number: 0D1E
Signing time: Tue 11 Nov 2025 08:00:52 +0000
Manifest this update: Tue 11 Nov 2025 08:00:52 +0000
Manifest next update: Wed 12 Nov 2025 08:00:52 +0000
Files and hashes: 1: 1ots-3IKfJKhgMphS9sO2h8evp0.crl (hash: t+h66qtAH2HP6tuy6GGxYDvJQ/+DrzAdvQViauMI90Y=)
2: iN4kY7sCfzKOl-coUiFvOhD6wg4.roa (hash: ZI3B1VaDQ0JfOlPoqiW79rOHU3ymg8mbnEbUM636Uvw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:96:5b:2c:28:4f:e5:3d:08:6a:79:0b:1b:40:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d68b6cfb720a7c92a180ca614bdb0eda1f1ebe9d
Validity
Not Before: Nov 11 08:00:52 2025 GMT
Not After : Nov 12 08:00:52 2025 GMT
Subject: CN=51b9fdd3b281106f9476cee9718964354da8877b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a7:1d:13:3b:46:ef:7c:6c:5c:e9:0a:91:70:
46:f0:43:eb:31:ed:26:87:d2:e8:36:73:af:29:bc:
76:77:70:bc:8b:85:8e:42:e9:3f:2e:b3:50:2e:eb:
cf:fb:b3:fb:3e:9e:6c:fd:6b:61:fd:81:dc:2c:65:
39:d6:9d:db:86:ab:cd:08:84:c8:2f:4f:6b:42:a0:
0a:fa:ae:b9:23:67:78:fe:3e:a9:dd:56:be:e2:48:
d5:70:d6:46:40:13:49:fc:a6:41:b3:fa:f0:38:0b:
af:3d:3c:f0:ba:fe:f1:74:91:1b:81:56:86:43:54:
d1:15:68:63:ec:59:09:e5:02:a3:10:49:3e:21:11:
dd:70:aa:63:1d:33:2a:ca:ef:06:52:29:08:d4:6c:
3c:3f:57:36:29:87:ec:54:a0:08:92:8e:f2:d7:81:
1a:a0:0a:1d:64:75:46:96:6b:13:4f:31:86:a6:b9:
a7:57:7e:9f:d8:da:08:70:ff:3b:28:4e:02:ae:f5:
86:2f:e0:a3:0b:cc:3e:1a:40:0c:da:e1:1d:63:9e:
2b:9e:ac:4a:36:ee:b3:aa:ca:f0:3c:a3:c0:56:d9:
70:70:15:16:d1:b8:c6:a7:79:0c:c7:c2:12:bc:6d:
dd:88:dd:72:4a:71:ad:e6:26:07:10:70:92:58:6e:
ad:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:B9:FD:D3:B2:81:10:6F:94:76:CE:E9:71:89:64:35:4D:A8:87:7B
X509v3 Authority Key Identifier:
keyid:D6:8B:6C:FB:72:0A:7C:92:A1:80:CA:61:4B:DB:0E:DA:1F:1E:BE:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:2a:f2:4a:bf:b6:fe:38:ed:f8:f3:46:2b:fe:3b:4b:a6:e8:
68:f7:55:db:b6:1f:0d:68:c5:aa:e2:00:96:97:5d:53:0a:69:
bf:d7:f9:b5:6a:a5:46:a5:76:4a:28:bc:84:6b:62:90:10:12:
4b:c5:3a:a9:6d:7b:f3:ce:c7:fd:64:c6:b4:7f:5f:71:9d:bd:
bd:6b:da:f7:cf:ba:74:30:bb:41:41:56:a8:2e:a3:8d:bb:1e:
bb:eb:27:4b:25:f7:78:18:83:4c:92:36:99:de:c6:e4:e7:1e:
8b:fc:0e:20:a0:75:2e:14:ed:a4:f7:10:ec:d7:1b:a8:0a:70:
7a:f7:a7:48:ab:71:ee:fc:d4:49:b6:6e:fa:33:53:5c:ba:c3:
9e:7f:ed:c4:b9:90:69:ee:6b:12:41:24:e2:03:99:3d:5e:ec:
86:d5:8e:97:45:aa:62:d2:f3:a4:49:ec:43:27:e3:4e:31:13:
aa:28:53:07:c1:4a:75:35:25:7d:6b:9b:0f:b6:b4:61:ef:0e:
ed:28:ff:dd:64:20:eb:70:62:1f:8c:56:7b:3d:39:5f:d9:f6:
2d:cb:10:61:d4:f6:48:9b:52:6a:b0:ec:0c:22:b2:91:9a:b1:
d1:a8:33:94:58:31:9f:48:63:d6:66:e6:53:2a:97:11:a2:a0:
19:61:c3:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7pZbLChP5T0IankLG0ATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2OGI2Y2ZiNzIwYTdjOTJhMTgwY2E2MTRiZGIwZWRhMWYx
ZWJlOWQwHhcNMjUxMTExMDgwMDUyWhcNMjUxMTEyMDgwMDUyWjAzMTEwLwYDVQQD
Eyg1MWI5ZmRkM2IyODExMDZmOTQ3NmNlZTk3MTg5NjQzNTRkYTg4NzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKcdEztG73xsXOkKkXBG8EPrMe0m
h9LoNnOvKbx2d3C8i4WOQuk/LrNQLuvP+7P7Pp5s/Wth/YHcLGU51p3bhqvNCITI
L09rQqAK+q65I2d4/j6p3Va+4kjVcNZGQBNJ/KZBs/rwOAuvPTzwuv7xdJEbgVaG
Q1TRFWhj7FkJ5QKjEEk+IRHdcKpjHTMqyu8GUikI1Gw8P1c2KYfsVKAIko7y14Ea
oAodZHVGlmsTTzGGprmnV36f2NoIcP87KE4CrvWGL+CjC8w+GkAM2uEdY54rnqxK
Nu6zqsrwPKPAVtlwcBUW0bjGp3kMx8ISvG3diN1ySnGt5iYHEHCSWG6tLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFG5/dOygRBvlHbO6XGJZDVNqId7MB8GA1UdIwQY
MBaAFNaLbPtyCnySoYDKYUvbDtofHr6dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iNTk0NWQtNDkxNS00YmQ3LTkxYzEt
MzNlMzE5YTQ1NGVmLzEvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iNTk0NWQtNDkxNS00YmQ3LTkxYzEtMzNlMzE5YTQ1NGVm
LzEvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABirySr+2
/jjt+PNGK/47S6boaPdV27YfDWjFquIAlpddUwppv9f5tWqlRqV2Sii8hGtikBAS
S8U6qW17887H/WTGtH9fcZ29vWva98+6dDC7QUFWqC6jjbseu+snSyX3eBiDTJI2
md7G5Ocei/wOIKB1LhTtpPcQ7NcbqApwevenSKtx7vzUSbZu+jNTXLrDnn/txLmQ
ae5rEkEk4gOZPV7shtWOl0WqYtLzpEnsQyfjTjETqihTB8FKdTUlfWubD7a0Ye8O
7Sj/3WQg63BiH4xWez05X9n2LcsQYdT2SJtSarDsDCKykZqx0agzlFgxn0hj1mbm
UyqXEaKgGWHDpg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:37:08 2025 by rpki-client