Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft
File: o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft (raw, json)
Hash identifier: AUHiE1TzFLiEIsIGV0oM7tlrGW3kbU9wEXHHa+hF/cE=
Subject key identifier: D8:5B:DB:3B:8F:CB:15:33:10:2B:A4:4D:3B:69:AA:DE:F0:40:1D:1D
Authority key identifier: A3:D3:90:7F:81:1C:B8:3F:16:B8:16:78:5E:38:0B:C2:4C:8A:C1:93
Certificate issuer: /CN=a3d3907f811cb83f16b816785e380bc24c8ac193
Certificate serial: 019A72CA922AD206E4A1BDE33A3A9843DBE0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft
Manifest number: 142D
Signing time: Tue 11 Nov 2025 12:01:09 +0000
Manifest this update: Tue 11 Nov 2025 12:01:09 +0000
Manifest next update: Wed 12 Nov 2025 12:01:09 +0000
Files and hashes: 1: KHmBEFAHu1D8g7BNr6DM90HcrdE.roa (hash: cHCWZbVIixRYPkJFTsJoo7AK/4mwhNH2E0rmOh1q4HI=)
2: o9OQf4EcuD8WuBZ4XjgLwkyKwZM.crl (hash: ZFg6u0sR9rFhCdybRT7RVxaqCdK466XlepuDcnIeoZw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft
rsync://rpki.ripe.net/repository/DEFAULT/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:92:2a:d2:06:e4:a1:bd:e3:3a:3a:98:43:db:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3d3907f811cb83f16b816785e380bc24c8ac193
Validity
Not Before: Nov 11 12:01:09 2025 GMT
Not After : Nov 12 12:01:09 2025 GMT
Subject: CN=d85bdb3b8fcb1533102ba44d3b69aadef0401d1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:96:8c:1d:f5:95:c0:75:9e:58:0a:7f:69:56:
07:6b:11:e3:ce:ae:38:68:ea:66:83:98:72:ba:df:
da:9d:6d:e2:4d:b9:3f:88:50:12:ff:23:18:48:78:
36:9e:4a:c1:bc:cb:1d:23:60:09:a5:71:1a:a0:3a:
1a:68:f0:e0:a0:47:c1:b2:16:af:ee:f8:dc:42:20:
e3:21:4d:5d:2a:a9:8a:e1:ae:51:2f:2c:63:c9:6c:
b1:55:2c:d6:4e:68:d1:53:92:db:d5:ac:67:19:6f:
be:d6:1b:a7:a2:92:db:ea:8c:ee:62:55:2d:ba:e0:
33:c2:0c:e9:11:b5:ae:9b:d2:30:e4:fa:ee:00:06:
8f:5e:5c:3e:7b:8f:39:49:5b:cd:81:64:5c:5c:a9:
21:4d:e5:4f:25:a9:cf:d4:4a:4c:8f:bf:fd:38:79:
d7:a1:43:e8:eb:93:79:0c:1d:96:fb:bd:ed:bb:33:
4c:31:00:03:e9:98:c4:45:fc:90:42:2c:19:62:44:
04:d1:93:d4:f3:92:ff:ab:cf:c1:74:82:36:8f:1a:
3a:4e:84:b5:85:85:cf:d5:75:c7:ea:a2:69:ab:a8:
2c:b4:d2:08:36:f7:cf:c1:1e:75:20:3c:9e:2b:15:
4f:f6:bb:ab:06:f5:7c:ce:f1:a3:c1:8b:2b:59:cc:
7c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:5B:DB:3B:8F:CB:15:33:10:2B:A4:4D:3B:69:AA:DE:F0:40:1D:1D
X509v3 Authority Key Identifier:
keyid:A3:D3:90:7F:81:1C:B8:3F:16:B8:16:78:5E:38:0B:C2:4C:8A:C1:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:f1:19:25:ec:5c:cf:eb:76:b5:b6:85:8c:75:36:a8:0c:27:
84:00:c2:01:86:1b:37:0a:f3:3c:c5:31:09:24:91:f4:3d:4e:
9e:c1:a6:6c:6f:6a:06:83:7b:8f:0c:18:d1:b7:f1:35:5a:03:
89:53:d1:77:7d:68:e0:f6:34:e1:ab:2f:70:bc:61:1d:09:aa:
dd:54:24:40:d9:45:2d:b6:f4:67:6e:f6:32:69:28:c4:aa:93:
6c:18:9b:36:f2:fa:39:42:e3:ff:28:cc:e9:dd:5d:78:25:9d:
85:77:d1:6d:72:bf:1e:14:bd:3d:6e:6f:88:a8:6b:fb:07:08:
5c:ba:a6:06:b8:1c:a0:fd:dd:fa:32:f4:9d:d4:c4:7b:85:2e:
d1:a3:66:21:35:6c:ae:97:a0:3d:41:d8:ff:61:da:9c:82:f7:
ec:d5:16:4d:92:55:b0:91:b4:28:d0:00:29:18:cf:ec:61:3c:
78:ad:46:56:dc:55:41:94:cc:cc:ca:81:f3:46:16:25:5f:cb:
f1:4d:54:45:29:c0:5e:0b:63:27:22:0c:41:d6:da:93:7b:6f:
0f:d7:ef:bd:e9:b2:52:22:2c:6f:e4:b5:d4:93:d7:39:cf:f5:
4b:85:dd:36:83:6a:a1:5f:35:ec:33:f8:c6:ff:d7:99:7c:ca:
21:45:ff:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyypIq0gbkob3jOjqYQ9vgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZDM5MDdmODExY2I4M2YxNmI4MTY3ODVlMzgwYmMyNGM4
YWMxOTMwHhcNMjUxMTExMTIwMTA5WhcNMjUxMTEyMTIwMTA5WjAzMTEwLwYDVQQD
EyhkODViZGIzYjhmY2IxNTMzMTAyYmE0NGQzYjY5YWFkZWYwNDAxZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5aMHfWVwHWeWAp/aVYHaxHjzq44
aOpmg5hyut/anW3iTbk/iFAS/yMYSHg2nkrBvMsdI2AJpXEaoDoaaPDgoEfBshav
7vjcQiDjIU1dKqmK4a5RLyxjyWyxVSzWTmjRU5Lb1axnGW++1hunopLb6ozuYlUt
uuAzwgzpEbWum9Iw5PruAAaPXlw+e485SVvNgWRcXKkhTeVPJanP1EpMj7/9OHnX
oUPo65N5DB2W+73tuzNMMQAD6ZjERfyQQiwZYkQE0ZPU85L/q8/BdII2jxo6ToS1
hYXP1XXH6qJpq6gstNIINvfPwR51IDyeKxVP9rurBvV8zvGjwYsrWcx8QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhb2zuPyxUzECukTTtpqt7wQB0dMB8GA1UdIwQY
MBaAFKPTkH+BHLg/FrgWeF44C8JMisGTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzlPUWY0RWN1RDhXdUJaNFhqZ0x3a3lLd1pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80M2ViMDUtYWZmZS00Mjc0LTkxM2It
MzMyMDI3MWZiM2FjLzEvbzlPUWY0RWN1RDhXdUJaNFhqZ0x3a3lLd1pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80M2ViMDUtYWZmZS00Mjc0LTkxM2ItMzMyMDI3MWZiM2Fj
LzEvbzlPUWY0RWN1RDhXdUJaNFhqZ0x3a3lLd1pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASvEZJexc
z+t2tbaFjHU2qAwnhADCAYYbNwrzPMUxCSSR9D1OnsGmbG9qBoN7jwwY0bfxNVoD
iVPRd31o4PY04asvcLxhHQmq3VQkQNlFLbb0Z272MmkoxKqTbBibNvL6OULj/yjM
6d1deCWdhXfRbXK/HhS9PW5viKhr+wcIXLqmBrgcoP3d+jL0ndTEe4Uu0aNmITVs
rpegPUHY/2HanIL37NUWTZJVsJG0KNAAKRjP7GE8eK1GVtxVQZTMzMqB80YWJV/L
8U1URSnAXgtjJyIMQdbak3tvD9fvvemyUiIsb+S11JPXOc/1S4XdNoNqoV817DP4
xv/XmXzKIUX/Yg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:19:38 2025 by rpki-client