Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/OdQ8JkaIGcB7GSURX-SSH4QgPRY.mft
File: OdQ8JkaIGcB7GSURX-SSH4QgPRY.mft (raw, json)
Hash identifier: UNPnr54VAUZbHeCf8U6G4Ce0tViHiJalzDhb8oDCNIM=
Subject key identifier: DF:81:62:28:1E:75:E3:1E:B2:2C:D6:15:67:C5:69:AF:B7:75:3C:D1
Authority key identifier: 39:D4:3C:26:46:88:19:C0:7B:19:25:11:5F:E4:92:1F:84:20:3D:16
Certificate issuer: /CN=39d43c26468819c07b1925115fe4921f84203d16
Certificate serial: 019A71B9214246526C4EE47842E24D0EC5C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OdQ8JkaIGcB7GSURX-SSH4QgPRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/OdQ8JkaIGcB7GSURX-SSH4QgPRY.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 07:02:29 +0000
Manifest this update: Tue 11 Nov 2025 07:02:29 +0000
Manifest next update: Wed 12 Nov 2025 07:02:29 +0000
Files and hashes: 1: HJiUdFRcnCCA97tz7GIyzHp366Y.roa (hash: yKaY+45Vcb3qR17Dz+EuLvkK0krevHkZZEA1gt2KjQg=)
2: OdQ8JkaIGcB7GSURX-SSH4QgPRY.crl (hash: 5tkkR+++QJZzT6ChzvWCypJsuA+xNPysPuEsgT2mjtI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/OdQ8JkaIGcB7GSURX-SSH4QgPRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/OdQ8JkaIGcB7GSURX-SSH4QgPRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/OdQ8JkaIGcB7GSURX-SSH4QgPRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:21:42:46:52:6c:4e:e4:78:42:e2:4d:0e:c5:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39d43c26468819c07b1925115fe4921f84203d16
Validity
Not Before: Nov 11 07:02:29 2025 GMT
Not After : Nov 12 07:02:29 2025 GMT
Subject: CN=df8162281e75e31eb22cd61567c569afb7753cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:3f:1a:cb:42:d4:10:86:25:45:3b:c4:31:1e:
ed:a3:61:54:6e:37:52:46:ff:c6:f0:a9:ed:7c:b6:
1d:02:ca:fb:28:ee:f0:cc:4e:00:bc:f5:6e:62:54:
02:af:26:ae:7c:d2:3f:89:b4:9f:62:07:7a:d1:5b:
c8:93:61:1e:be:70:37:29:f6:1d:da:52:bc:c3:43:
3e:3b:f2:01:8f:5a:e9:e5:17:4d:b6:07:ec:23:22:
8e:f9:a3:78:0f:d3:26:e9:b4:89:d5:11:0e:88:9f:
e6:a0:ae:ca:7b:6d:77:0b:ae:08:da:99:0c:78:87:
38:57:82:32:0d:55:ea:a4:6a:d5:62:36:38:85:73:
9b:06:27:9d:b6:4f:c5:ae:66:c2:82:18:8e:df:b4:
98:e3:e1:7e:e8:ca:31:7f:35:69:9c:75:5d:b6:c7:
d8:20:57:04:41:57:a9:58:95:5f:3b:11:a4:ca:c7:
11:ab:b9:5c:1e:ee:a3:de:98:bf:32:7f:2f:31:a5:
7d:ac:1d:cc:fe:ab:2a:d0:6b:23:7b:a4:59:31:07:
db:1e:f1:f7:9a:12:32:b3:af:a8:3e:67:4b:97:fd:
a6:87:dc:cd:73:94:fd:3d:17:0c:77:04:f9:b2:93:
7c:41:85:db:ab:ad:5c:3f:10:52:5b:89:d1:e8:35:
e5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:81:62:28:1E:75:E3:1E:B2:2C:D6:15:67:C5:69:AF:B7:75:3C:D1
X509v3 Authority Key Identifier:
keyid:39:D4:3C:26:46:88:19:C0:7B:19:25:11:5F:E4:92:1F:84:20:3D:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OdQ8JkaIGcB7GSURX-SSH4QgPRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/OdQ8JkaIGcB7GSURX-SSH4QgPRY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/OdQ8JkaIGcB7GSURX-SSH4QgPRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:19:c8:5c:af:24:3e:0c:00:e4:30:9c:22:3c:19:86:ba:6b:
65:d0:e9:06:c0:76:77:59:c6:c4:6f:d6:b5:7c:61:b0:dd:90:
7f:d1:cf:e0:e6:23:dd:89:0f:d1:6d:33:d4:b0:05:b0:a8:d0:
c5:e5:bb:28:62:36:14:51:77:0f:c2:d2:cb:f7:07:91:6e:71:
b3:87:c8:9e:ca:44:48:e2:47:3e:56:45:af:ff:3e:80:d4:01:
d7:93:df:5e:e0:2a:09:c4:04:e9:cc:d0:9d:79:81:a8:bb:fd:
5e:5c:f2:02:23:6e:e3:2c:7e:86:c0:43:97:7a:3e:5c:69:10:
db:96:78:e4:d7:ca:5c:23:a5:66:b4:07:6d:a4:ff:aa:e1:b5:
ba:e5:ab:df:93:67:c0:a1:3a:2a:7b:81:29:62:05:e7:e5:bd:
c6:77:a4:e8:57:db:61:50:17:32:41:dc:68:77:6a:d7:4d:64:
d4:f9:69:f6:8d:69:37:eb:7c:57:fd:10:21:b1:b2:47:8d:b9:
b5:ac:90:6c:6a:ed:fd:df:2f:56:f2:fc:76:90:ab:6c:a6:7a:
60:b0:02:06:f0:b3:41:a1:3d:3a:f0:51:d3:e1:6e:96:3b:91:
5a:90:72:26:0f:b8:cc:6e:3a:d6:91:a7:68:e0:16:bf:be:49:
f3:84:b7:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuSFCRlJsTuR4QuJNDsXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ZDQzYzI2NDY4ODE5YzA3YjE5MjUxMTVmZTQ5MjFmODQy
MDNkMTYwHhcNMjUxMTExMDcwMjI5WhcNMjUxMTEyMDcwMjI5WjAzMTEwLwYDVQQD
EyhkZjgxNjIyODFlNzVlMzFlYjIyY2Q2MTU2N2M1NjlhZmI3NzUzY2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1z8ay0LUEIYlRTvEMR7to2FUbjdS
Rv/G8KntfLYdAsr7KO7wzE4AvPVuYlQCryaufNI/ibSfYgd60VvIk2EevnA3KfYd
2lK8w0M+O/IBj1rp5RdNtgfsIyKO+aN4D9Mm6bSJ1REOiJ/moK7Ke213C64I2pkM
eIc4V4IyDVXqpGrVYjY4hXObBiedtk/FrmbCghiO37SY4+F+6MoxfzVpnHVdtsfY
IFcEQVepWJVfOxGkyscRq7lcHu6j3pi/Mn8vMaV9rB3M/qsq0Gsje6RZMQfbHvH3
mhIys6+oPmdLl/2mh9zNc5T9PRcMdwT5spN8QYXbq61cPxBSW4nR6DXl4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN+BYigedeMesizWFWfFaa+3dTzRMB8GA1UdIwQY
MBaAFDnUPCZGiBnAexklEV/kkh+EID0WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2RROEprYUlHY0I3R1NVUlgtU1NINFFnUFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9hZmZjMDEtYTU4Zi00ZjcwLWE0MDQt
YWJmMGVhMDdlZmFmLzEvT2RROEprYUlHY0I3R1NVUlgtU1NINFFnUFJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9hZmZjMDEtYTU4Zi00ZjcwLWE0MDQtYWJmMGVhMDdlZmFm
LzEvT2RROEprYUlHY0I3R1NVUlgtU1NINFFnUFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPhnIXK8k
PgwA5DCcIjwZhrprZdDpBsB2d1nGxG/WtXxhsN2Qf9HP4OYj3YkP0W0z1LAFsKjQ
xeW7KGI2FFF3D8LSy/cHkW5xs4fInspESOJHPlZFr/8+gNQB15PfXuAqCcQE6czQ
nXmBqLv9XlzyAiNu4yx+hsBDl3o+XGkQ25Z45NfKXCOlZrQHbaT/quG1uuWr35Nn
wKE6KnuBKWIF5+W9xnek6FfbYVAXMkHcaHdq101k1Plp9o1pN+t8V/0QIbGyR425
tayQbGrt/d8vVvL8dpCrbKZ6YLACBvCzQaE9OvBR0+FuljuRWpByJg+4zG461pGn
aOAWv75J84S3rA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:18:55 2025 by rpki-client