Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
File: OJwDADZ1arjNrJIrGvI3vOE2fOA.mft (raw, json)
Hash identifier: A5a0ojIqk1qRB6KkeWwOyT0Od7XJXj0Y1REfMGWmua8=
Subject key identifier: B7:D2:9C:66:84:90:E7:BC:52:D7:5D:A6:1C:58:7F:82:BC:87:8B:99
Authority key identifier: 38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0
Certificate issuer: /CN=389c030036756ab8cdac922b1af237bce1367ce0
Certificate serial: 019A7180964BB0130E957441181F297D0D8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 06:00:43 +0000
Manifest this update: Tue 11 Nov 2025 06:00:43 +0000
Manifest next update: Wed 12 Nov 2025 06:00:43 +0000
Files and hashes: 1: 7_8yBJLyqtyIR9OHFg7LU1M1Onc.roa (hash: RwjNHeRVHQ2HqUbmJiZCyAxBMEck7wiXEWN73Kexaq4=)
2: OJwDADZ1arjNrJIrGvI3vOE2fOA.crl (hash: +UDZYdQiSHfNY8m9/Cn9OA77ohFrjdogO6An2hzSdws=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 06:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:80:96:4b:b0:13:0e:95:74:41:18:1f:29:7d:0d:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=389c030036756ab8cdac922b1af237bce1367ce0
Validity
Not Before: Nov 11 06:00:43 2025 GMT
Not After : Nov 12 06:00:43 2025 GMT
Subject: CN=b7d29c668490e7bc52d75da61c587f82bc878b99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:94:aa:c2:d0:33:29:0e:02:5a:84:25:29:fd:
00:9b:5c:93:7e:10:d9:cc:cd:20:f3:b8:4e:1c:38:
79:0a:3d:58:35:07:89:cc:5c:d1:09:db:61:48:e5:
ce:aa:73:f4:85:4f:76:82:cb:47:44:b7:fb:63:7c:
fb:b3:b0:9e:ff:f8:0a:68:d3:ff:d1:ac:e9:15:d1:
1b:c9:cc:42:5c:cc:76:95:95:ba:01:e0:50:62:53:
d1:03:67:38:89:98:06:7c:0a:98:cf:0a:00:99:a0:
eb:8b:87:07:a9:1f:e1:9f:e1:b3:e0:0b:c6:0b:28:
92:ec:55:d4:97:82:de:e0:89:0c:16:46:92:ac:16:
ac:e3:e7:0d:ea:df:f7:dc:9a:da:23:36:8a:0f:47:
03:d7:1b:05:0f:9d:80:de:5a:d7:48:6f:d4:96:25:
59:fa:d1:b9:cf:da:5c:4b:1d:0a:19:75:e3:d4:dc:
8b:82:67:d5:31:f4:14:eb:a7:3b:c8:a8:6d:73:db:
1f:c9:c5:a5:70:d4:c5:bc:05:82:26:24:2a:77:6f:
58:d7:1c:c4:49:87:1a:54:2e:7b:53:36:c5:8b:40:
5b:9a:92:aa:f8:49:40:6b:2b:24:00:a9:e3:8d:fa:
1b:3c:7c:ca:90:67:88:5b:fd:a8:24:d4:fd:65:b6:
c3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:D2:9C:66:84:90:E7:BC:52:D7:5D:A6:1C:58:7F:82:BC:87:8B:99
X509v3 Authority Key Identifier:
keyid:38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:20:0e:31:f5:b8:58:ca:29:58:21:4f:ce:df:71:1e:5e:54:
43:bd:a6:3a:eb:86:64:de:48:fb:5e:b2:7d:6c:f1:e8:0c:f2:
1d:cd:ac:05:5e:91:50:7d:ec:99:e9:c8:d4:6d:b8:03:8b:36:
1e:a3:d4:49:49:1c:e7:ab:fc:f9:2a:9b:7e:f4:79:8e:53:be:
22:39:f2:85:16:b2:0f:99:ff:f7:f3:7e:10:49:19:08:71:24:
13:29:12:48:a1:b1:f7:4f:a8:12:b2:8a:e2:3b:fa:6c:58:ed:
e0:80:03:dd:2a:19:b1:af:30:78:9a:32:f7:aa:67:76:62:a0:
a3:fe:ff:e7:a8:8c:08:87:02:15:db:ab:34:a4:4a:ce:7b:d6:
e6:14:39:79:c6:8c:57:4d:9b:79:df:ba:43:ee:75:03:6b:9a:
2a:a5:a3:bb:78:7c:2d:cc:d1:d8:c0:5b:05:a8:2f:39:82:ad:
3c:4a:62:b3:e2:c9:40:76:44:0e:6d:cb:5d:45:20:84:dd:85:
3f:54:f1:f5:47:2f:7c:c3:6f:05:52:f4:91:02:14:63:39:74:
f8:ca:5b:d9:9e:6a:94:e9:45:a0:c5:3f:4e:39:53:01:11:16:
aa:c2:77:67:10:82:aa:82:64:3b:94:8b:b8:95:fd:36:e5:6b:
e5:3f:d7:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxgJZLsBMOlXRBGB8pfQ2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWMwMzAwMzY3NTZhYjhjZGFjOTIyYjFhZjIzN2JjZTEz
NjdjZTAwHhcNMjUxMTExMDYwMDQzWhcNMjUxMTEyMDYwMDQzWjAzMTEwLwYDVQQD
EyhiN2QyOWM2Njg0OTBlN2JjNTJkNzVkYTYxYzU4N2Y4MmJjODc4Yjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05SqwtAzKQ4CWoQlKf0Am1yTfhDZ
zM0g87hOHDh5Cj1YNQeJzFzRCdthSOXOqnP0hU92gstHRLf7Y3z7s7Ce//gKaNP/
0azpFdEbycxCXMx2lZW6AeBQYlPRA2c4iZgGfAqYzwoAmaDri4cHqR/hn+Gz4AvG
CyiS7FXUl4Le4IkMFkaSrBas4+cN6t/33JraIzaKD0cD1xsFD52A3lrXSG/UliVZ
+tG5z9pcSx0KGXXj1NyLgmfVMfQU66c7yKhtc9sfycWlcNTFvAWCJiQqd29Y1xzE
SYcaVC57UzbFi0BbmpKq+ElAayskAKnjjfobPHzKkGeIW/2oJNT9ZbbDuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLfSnGaEkOe8UtddphxYf4K8h4uZMB8GA1UdIwQY
MBaAFDicAwA2dWq4zaySKxryN7zhNnzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMt
NjcxN2I5YmFiYjM0LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMtNjcxN2I5YmFiYjM0
LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWSAOMfW4
WMopWCFPzt9xHl5UQ72mOuuGZN5I+16yfWzx6AzyHc2sBV6RUH3smenI1G24A4s2
HqPUSUkc56v8+SqbfvR5jlO+IjnyhRayD5n/9/N+EEkZCHEkEykSSKGx90+oErKK
4jv6bFjt4IAD3SoZsa8weJoy96pndmKgo/7/56iMCIcCFdurNKRKznvW5hQ5ecaM
V02bed+6Q+51A2uaKqWju3h8LczR2MBbBagvOYKtPEpis+LJQHZEDm3LXUUghN2F
P1Tx9UcvfMNvBVL0kQIUYzl0+Mpb2Z5qlOlFoMU/TjlTAREWqsJ3ZxCCqoJkO5SL
uJX9NuVr5T/Xrw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:20:37 2025 by rpki-client