Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.mft
File: roOCT9wp6-SsKGygGETfhtTXXsA.mft (raw, json)
Hash identifier: TR1jAZ/oP04lx32woFjvW0H/Y8Ma2iCRVOfcA6b9Rvg=
Subject key identifier: 31:95:72:98:88:89:AE:A7:5C:E3:A7:6B:E0:8A:AB:27:52:3A:74:59
Authority key identifier: AE:83:82:4F:DC:29:EB:E4:AC:28:6C:A0:18:44:DF:86:D4:D7:5E:C0
Certificate issuer: /CN=ae83824fdc29ebe4ac286ca01844df86d4d75ec0
Certificate serial: 019A71EE718DB34CF59F43B21A0D9CF6F63B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/roOCT9wp6-SsKGygGETfhtTXXsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.mft
Manifest number: 0344
Signing time: Tue 11 Nov 2025 08:00:43 +0000
Manifest this update: Tue 11 Nov 2025 08:00:43 +0000
Manifest next update: Wed 12 Nov 2025 08:00:43 +0000
Files and hashes: 1: jHCjx-TBB5oXKBhOsM_EWQyL88A.roa (hash: rucNPqCxXwLKo5x3absYJUk2L/e2sCkpCPYtoCEmNPo=)
2: roOCT9wp6-SsKGygGETfhtTXXsA.crl (hash: MibjzRO7PHxxGsJDsL7NU8B6B3bFqbsbtykPEB2gAnk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.mft
rsync://rpki.ripe.net/repository/DEFAULT/roOCT9wp6-SsKGygGETfhtTXXsA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:71:8d:b3:4c:f5:9f:43:b2:1a:0d:9c:f6:f6:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae83824fdc29ebe4ac286ca01844df86d4d75ec0
Validity
Not Before: Nov 11 08:00:43 2025 GMT
Not After : Nov 12 08:00:43 2025 GMT
Subject: CN=319572988889aea75ce3a76be08aab27523a7459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:10:06:bb:ea:90:88:21:80:dd:a5:98:35:4a:
0b:65:f7:54:71:85:e8:d5:8b:c5:13:c0:5a:44:33:
ca:35:40:86:f3:7c:2f:c4:bf:42:fd:0f:2f:cc:b2:
33:82:37:1b:ae:59:15:c3:83:c8:77:17:5e:e8:f6:
93:d6:ad:91:2e:84:99:1c:40:49:db:bf:8b:e7:92:
3a:b5:56:d2:07:69:6e:65:2e:d0:91:16:b7:6b:0d:
bd:fd:7f:b1:ee:10:63:62:b8:17:d7:a3:2c:8f:39:
0b:e3:8f:ff:c0:c7:6d:d9:59:c8:32:ab:e4:2c:70:
b5:69:f3:b0:bb:6c:4c:0a:f8:d8:a7:50:ec:71:af:
09:fe:e2:f7:50:d7:42:9d:80:93:6c:e0:6b:d9:5a:
b0:54:a0:a7:35:c8:ef:ad:60:cc:86:31:51:5f:3f:
22:63:4d:a8:52:b9:30:7c:96:50:82:1f:58:1b:fa:
34:a5:57:73:6f:22:cd:ed:70:89:f0:43:8f:fe:df:
a1:49:57:ee:5a:e4:7f:4b:c7:b9:56:2a:ec:8b:13:
4e:a4:e4:77:63:57:4d:5e:4a:bd:55:a0:f2:f4:18:
b4:8b:6b:73:55:53:c0:b8:a2:20:45:62:4f:54:d0:
71:92:9a:eb:e6:c4:01:fa:08:a0:7e:1b:b9:dd:61:
23:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:95:72:98:88:89:AE:A7:5C:E3:A7:6B:E0:8A:AB:27:52:3A:74:59
X509v3 Authority Key Identifier:
keyid:AE:83:82:4F:DC:29:EB:E4:AC:28:6C:A0:18:44:DF:86:D4:D7:5E:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/roOCT9wp6-SsKGygGETfhtTXXsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:c3:42:8b:0f:61:e7:70:dd:ca:19:88:ab:4e:98:7d:af:c7:
97:bb:8a:92:f8:8b:77:f2:b3:6a:f9:19:9f:d7:84:f9:37:df:
99:ec:20:ae:5e:5b:a2:c5:e9:79:36:b8:eb:dc:89:9a:4b:ee:
ad:4e:64:a9:11:ff:52:bb:3c:db:e2:f4:b1:c9:e2:b9:c8:72:
44:94:2f:2b:e0:3b:78:70:8f:4a:99:a1:98:fe:21:fb:02:6a:
fa:d6:4f:89:68:02:5e:62:47:ff:e8:af:2b:5e:b4:5f:f3:a4:
a6:ba:bd:42:62:5f:70:34:0c:92:25:31:ab:a5:a8:e1:96:04:
20:0c:99:25:dd:57:96:d4:00:6a:96:79:d1:a8:1a:36:c5:77:
27:b2:74:52:1a:3a:5d:78:73:cd:e5:ca:74:2a:01:dc:65:54:
49:3b:c6:de:fd:5f:29:3f:07:b8:56:be:c5:46:a1:a8:7f:31:
0b:a3:19:06:13:5c:b1:48:16:0a:37:09:42:39:a2:26:ce:e9:
c3:8b:5c:c5:cf:c2:c1:be:69:85:ce:aa:b5:93:5d:86:06:e0:
77:db:50:f7:8c:96:2d:59:83:bd:a8:19:7d:25:67:01:ce:5a:
13:85:b8:00:6d:3e:f2:f1:8f:14:5f:43:0a:90:21:61:d4:72:
c8:ab:ec:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7nGNs0z1n0OyGg2c9vY7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlODM4MjRmZGMyOWViZTRhYzI4NmNhMDE4NDRkZjg2ZDRk
NzVlYzAwHhcNMjUxMTExMDgwMDQzWhcNMjUxMTEyMDgwMDQzWjAzMTEwLwYDVQQD
EygzMTk1NzI5ODg4ODlhZWE3NWNlM2E3NmJlMDhhYWIyNzUyM2E3NDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBAGu+qQiCGA3aWYNUoLZfdUcYXo
1YvFE8BaRDPKNUCG83wvxL9C/Q8vzLIzgjcbrlkVw4PIdxde6PaT1q2RLoSZHEBJ
27+L55I6tVbSB2luZS7QkRa3aw29/X+x7hBjYrgX16MsjzkL44//wMdt2VnIMqvk
LHC1afOwu2xMCvjYp1Dsca8J/uL3UNdCnYCTbOBr2VqwVKCnNcjvrWDMhjFRXz8i
Y02oUrkwfJZQgh9YG/o0pVdzbyLN7XCJ8EOP/t+hSVfuWuR/S8e5VirsixNOpOR3
Y1dNXkq9VaDy9Bi0i2tzVVPAuKIgRWJPVNBxkprr5sQB+gigfhu53WEjcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDGVcpiIia6nXOOna+CKqydSOnRZMB8GA1UdIwQY
MBaAFK6Dgk/cKevkrChsoBhE34bU117AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm9PQ1Q5d3A2LVNzS0d5Z0dFVGZodFRYWHNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC83MTc0ZWUtMzA3Ni00OTZjLWIyNTkt
OTcwMDU0NmI1NzExLzEvcm9PQ1Q5d3A2LVNzS0d5Z0dFVGZodFRYWHNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC83MTc0ZWUtMzA3Ni00OTZjLWIyNTktOTcwMDU0NmI1NzEx
LzEvcm9PQ1Q5d3A2LVNzS0d5Z0dFVGZodFRYWHNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjMNCiw9h
53DdyhmIq06Yfa/Hl7uKkviLd/KzavkZn9eE+Tffmewgrl5bosXpeTa469yJmkvu
rU5kqRH/Urs82+L0scniuchyRJQvK+A7eHCPSpmhmP4h+wJq+tZPiWgCXmJH/+iv
K160X/Okprq9QmJfcDQMkiUxq6Wo4ZYEIAyZJd1XltQAapZ50agaNsV3J7J0Uho6
XXhzzeXKdCoB3GVUSTvG3v1fKT8HuFa+xUahqH8xC6MZBhNcsUgWCjcJQjmiJs7p
w4tcxc/Cwb5phc6qtZNdhgbgd9tQ94yWLVmDvagZfSVnAc5aE4W4AG0+8vGPFF9D
CpAhYdRyyKvsaw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:44 2025 by rpki-client