Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.mft
File: OXBHadCH2f6PeQplVctPvvzSTTg.mft (raw, json)
Hash identifier: 6lfz+ARaBjgL+mH/MZLyynygLBS9F+qsCNLYlb8d8f4=
Subject key identifier: CE:17:CD:AD:05:FF:D8:EC:FB:08:2C:15:8D:43:32:BE:B4:12:F6:12
Authority key identifier: 39:70:47:69:D0:87:D9:FE:8F:79:0A:65:55:CB:4F:BE:FC:D2:4D:38
Certificate issuer: /CN=39704769d087d9fe8f790a6555cb4fbefcd24d38
Certificate serial: 019A71B911AF462391C2C7937BBE2242F34E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.mft
Manifest number: 03D3
Signing time: Tue 11 Nov 2025 07:02:25 +0000
Manifest this update: Tue 11 Nov 2025 07:02:25 +0000
Manifest next update: Wed 12 Nov 2025 07:02:25 +0000
Files and hashes: 1: DKYMmdoi70YjC_-L8vJdFhUTolQ.roa (hash: VRVvbtOKDPVO0AG7Nxe+ryERsb8GEeQGYIh0LURsjdI=)
2: GvH_ld4kbG2WgWcG2cx_5y70SCI.roa (hash: aThEESBkBgawQBBj+8NWP1oT0rEWoC0jxTnO1rDLqhk=)
3: OXBHadCH2f6PeQplVctPvvzSTTg.crl (hash: 6+e8ETfyVV6vxJSLSRJX7fpf9TwCxj4v0uw82Cru8NM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:11:af:46:23:91:c2:c7:93:7b:be:22:42:f3:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39704769d087d9fe8f790a6555cb4fbefcd24d38
Validity
Not Before: Nov 11 07:02:25 2025 GMT
Not After : Nov 12 07:02:25 2025 GMT
Subject: CN=ce17cdad05ffd8ecfb082c158d4332beb412f612
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:24:99:a5:a4:1b:aa:92:fb:e4:74:f9:5b:3c:
20:1e:94:87:3d:a2:98:53:e0:c5:84:2c:e3:bd:a5:
94:c0:f1:40:90:f8:59:9b:44:de:cc:84:4a:27:ca:
b3:86:a1:c2:5d:aa:ed:89:a6:a1:cd:0a:eb:45:41:
ab:f3:27:7c:66:b7:a1:ec:b5:91:ad:bb:33:b2:11:
7d:10:ef:41:02:24:48:61:fe:48:83:b3:9c:9e:6f:
d1:2c:10:b6:15:d5:62:d3:b5:8a:3b:46:0d:43:c6:
ea:85:46:1f:54:d8:1b:49:5c:1e:63:e7:b8:ed:a8:
60:6c:18:da:5c:09:44:96:b5:d5:06:21:de:10:8d:
ce:92:35:f0:fa:09:0e:71:ae:17:b5:ce:1b:80:85:
ec:93:2c:e0:df:b1:43:bd:7b:d1:bc:16:e9:f1:d2:
be:49:eb:f9:07:95:f1:29:f8:2a:45:b4:aa:82:aa:
9d:f0:88:17:8e:4c:20:87:18:dc:92:76:65:12:36:
95:8d:78:0d:2f:4f:b0:2d:32:70:60:a3:b7:82:29:
30:99:5a:62:88:13:74:9b:ce:4b:a2:ff:91:27:1a:
b4:e0:4f:c6:25:02:dc:aa:7d:ee:14:c7:79:dd:00:
b7:cc:d0:e8:a3:1d:4e:6b:03:85:38:6a:fb:4a:6a:
ed:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:17:CD:AD:05:FF:D8:EC:FB:08:2C:15:8D:43:32:BE:B4:12:F6:12
X509v3 Authority Key Identifier:
keyid:39:70:47:69:D0:87:D9:FE:8F:79:0A:65:55:CB:4F:BE:FC:D2:4D:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b1:30:e1:21:e4:e2:e8:77:80:3d:68:c7:73:c9:fe:57:04:be:
b6:9c:1e:db:02:67:91:61:9e:ed:ab:ae:35:a8:67:4d:0f:2a:
31:f9:ed:ed:e9:23:17:61:c4:be:76:66:da:b3:de:2b:84:dc:
82:01:69:40:93:00:ec:af:d3:76:7e:b7:91:f0:a2:0e:25:0b:
ee:34:eb:91:ab:7e:f9:67:a0:31:48:9e:9b:e1:8a:4b:c9:82:
b8:e6:c2:b1:7f:4b:09:0e:55:97:a5:49:67:83:5a:c3:41:9d:
c8:bd:56:c3:a0:cf:d7:05:43:b6:24:d0:b4:bf:e1:09:a2:02:
18:24:86:09:c3:25:15:6f:0d:0b:c3:2a:7e:81:c4:95:e4:70:
00:47:41:e9:bb:7e:49:96:4f:3c:14:cf:54:62:37:5e:7e:23:
b2:5d:ef:ca:a6:0b:32:ce:52:f4:78:a4:19:fb:bf:2a:fc:27:
55:7a:8a:7f:f7:99:40:e1:87:2a:c4:f1:f3:c7:6e:b4:a4:27:
b1:05:7a:19:69:7a:ef:0f:26:6e:55:e9:ce:73:73:a3:75:6d:
e5:0c:c4:9e:6f:90:b0:f5:3d:84:48:11:d3:2c:d2:eb:0c:9e:
e3:29:8b:ee:73:e8:b5:25:b2:f5:34:c5:70:68:df:90:ee:74:
11:a2:20:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuRGvRiORwseTe74iQvNOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzA0NzY5ZDA4N2Q5ZmU4Zjc5MGE2NTU1Y2I0ZmJlZmNk
MjRkMzgwHhcNMjUxMTExMDcwMjI1WhcNMjUxMTEyMDcwMjI1WjAzMTEwLwYDVQQD
EyhjZTE3Y2RhZDA1ZmZkOGVjZmIwODJjMTU4ZDQzMzJiZWI0MTJmNjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtySZpaQbqpL75HT5WzwgHpSHPaKY
U+DFhCzjvaWUwPFAkPhZm0TezIRKJ8qzhqHCXartiaahzQrrRUGr8yd8Zreh7LWR
rbszshF9EO9BAiRIYf5Ig7Ocnm/RLBC2FdVi07WKO0YNQ8bqhUYfVNgbSVweY+e4
7ahgbBjaXAlElrXVBiHeEI3OkjXw+gkOca4Xtc4bgIXskyzg37FDvXvRvBbp8dK+
Sev5B5XxKfgqRbSqgqqd8IgXjkwghxjcknZlEjaVjXgNL0+wLTJwYKO3gikwmVpi
iBN0m85Lov+RJxq04E/GJQLcqn3uFMd53QC3zNDoox1OawOFOGr7Smrt2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM4Xza0F/9js+wgsFY1DMr60EvYSMB8GA1UdIwQY
MBaAFDlwR2nQh9n+j3kKZVXLT7780k04MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zZWFlYjQtZmI5OS00OTkzLTgxMjIt
ZTQ1MzUwNDE0ZGRmLzEvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8zZWFlYjQtZmI5OS00OTkzLTgxMjItZTQ1MzUwNDE0ZGRm
LzEvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsTDhIeTi
6HeAPWjHc8n+VwS+tpwe2wJnkWGe7auuNahnTQ8qMfnt7ekjF2HEvnZm2rPeK4Tc
ggFpQJMA7K/Tdn63kfCiDiUL7jTrkat++WegMUiem+GKS8mCuObCsX9LCQ5Vl6VJ
Z4Naw0GdyL1Ww6DP1wVDtiTQtL/hCaICGCSGCcMlFW8NC8MqfoHEleRwAEdB6bt+
SZZPPBTPVGI3Xn4jsl3vyqYLMs5S9HikGfu/KvwnVXqKf/eZQOGHKsTx88dutKQn
sQV6GWl67w8mblXpznNzo3Vt5QzEnm+QsPU9hEgR0yzS6wye4ymL7nPotSWy9TTF
cGjfkO50EaIgIg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:47:22 2025 by rpki-client