Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft
File: OTioGkQSd0HZSaNVpH88tZk4mng.mft (raw, json)
Hash identifier: 5cn4sfTRbfoV62rqo3pwCrGU99u34vhNqG3KLSR4KVQ=
Subject key identifier: 75:C9:DD:BB:66:E3:95:50:C0:AE:5B:B4:8E:60:C9:FB:7F:C9:7D:00
Authority key identifier: 39:38:A8:1A:44:12:77:41:D9:49:A3:55:A4:7F:3C:B5:99:38:9A:78
Certificate issuer: /CN=3938a81a44127741d949a355a47f3cb599389a78
Certificate serial: 019A7226263C583BAD07D9E8396BFFA75521
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft
Manifest number: 1172
Signing time: Tue 11 Nov 2025 09:01:34 +0000
Manifest this update: Tue 11 Nov 2025 09:01:34 +0000
Manifest next update: Wed 12 Nov 2025 09:01:34 +0000
Files and hashes: 1: OTioGkQSd0HZSaNVpH88tZk4mng.crl (hash: VZIoB1jO0UtsBPJvWBRm7OVMtwgsA40TJG6Lw0NmNaY=)
2: SyALsZDSYtge1NmYRoKzwbP5Vv8.roa (hash: rjh76rxbo7HoAknp3g/P2hhQiBIAvMqHmifN8tVtg/g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft
rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:26:3c:58:3b:ad:07:d9:e8:39:6b:ff:a7:55:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3938a81a44127741d949a355a47f3cb599389a78
Validity
Not Before: Nov 11 09:01:34 2025 GMT
Not After : Nov 12 09:01:34 2025 GMT
Subject: CN=75c9ddbb66e39550c0ae5bb48e60c9fb7fc97d00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3b:11:7b:2d:11:43:87:15:b2:44:41:4b:b6:
28:c2:b1:f9:d6:6e:ea:e5:7d:ee:0e:5c:b4:a2:ab:
e8:2b:22:e0:05:7c:e7:a3:fc:d7:c9:36:90:78:29:
08:fc:aa:2a:59:42:d7:4f:00:69:fd:21:83:2b:25:
ff:16:48:d4:03:42:36:d5:48:21:c6:90:04:b3:7c:
b0:da:da:8b:85:0a:d2:c1:95:52:f5:9b:05:8e:74:
be:6a:50:88:db:3b:96:f8:0c:a6:c9:15:36:4a:9d:
3c:57:3b:d4:0b:a7:31:dc:6f:26:ac:f5:f2:c7:24:
e3:4d:58:0e:21:72:1c:b1:d4:c9:0a:4e:c5:3c:65:
3f:6b:1f:67:94:5c:14:26:43:94:24:05:69:d4:3d:
d0:0f:b7:8d:3c:6d:1d:a0:19:50:49:0d:bc:43:80:
3e:44:1f:2b:96:15:d6:92:03:d0:ea:f0:84:f1:3f:
87:27:81:06:a6:6f:0e:a9:bb:37:f2:d5:db:2d:a9:
05:23:8a:b8:b1:4d:3e:68:ec:f4:cd:0d:fe:51:5f:
87:8f:89:03:e6:70:a9:ed:e2:0c:63:58:09:3a:ad:
b1:89:15:93:c0:9d:84:06:c5:a3:7f:62:92:e7:f7:
92:70:5b:cc:00:09:10:21:5b:5d:ee:89:42:d6:04:
55:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:C9:DD:BB:66:E3:95:50:C0:AE:5B:B4:8E:60:C9:FB:7F:C9:7D:00
X509v3 Authority Key Identifier:
keyid:39:38:A8:1A:44:12:77:41:D9:49:A3:55:A4:7F:3C:B5:99:38:9A:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b4:c6:b6:51:36:7f:30:79:40:cd:f8:2b:12:17:9d:42:3a:8e:
6a:29:33:9b:3c:53:25:0a:41:fa:4e:0c:3e:30:36:29:ba:8a:
54:06:a7:ed:7a:63:66:f7:1e:a0:c4:9b:99:f1:27:56:92:e8:
d7:40:26:44:7e:75:70:e6:9a:e5:a9:54:06:1b:72:09:3f:8e:
90:97:9f:d4:7a:27:75:d4:82:9e:75:f5:c9:30:ae:b7:b3:99:
1c:6e:85:7e:8f:2b:7e:43:a7:97:09:4c:72:7c:22:d2:1b:6a:
6a:1d:21:12:9e:26:c9:8d:c9:68:a3:ab:aa:ec:d6:ba:21:37:
6e:22:db:ef:b8:c0:25:ae:4a:86:d4:e1:e0:33:01:6a:c6:ed:
d5:2e:0f:27:39:6c:ae:61:fb:72:67:d9:d6:b1:7e:20:e1:0d:
6d:61:d1:19:6c:3b:65:64:d3:de:6d:d0:45:b0:3e:07:34:6b:
34:5f:9d:e0:70:bc:59:39:43:e7:9d:7d:00:d9:35:58:0f:54:
b5:51:bc:ce:06:e7:2e:42:aa:82:5b:a5:02:94:af:ba:46:77:
ca:ed:a4:8a:b7:3a:55:4b:f4:a8:26:8d:22:5a:ab:09:a3:ef:
cf:e6:2d:33:15:55:2c:c1:99:10:cf:b6:ac:aa:a0:ad:94:d2:
f8:3a:2b:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJiY8WDutB9noOWv/p1UhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MzhhODFhNDQxMjc3NDFkOTQ5YTM1NWE0N2YzY2I1OTkz
ODlhNzgwHhcNMjUxMTExMDkwMTM0WhcNMjUxMTEyMDkwMTM0WjAzMTEwLwYDVQQD
Eyg3NWM5ZGRiYjY2ZTM5NTUwYzBhZTViYjQ4ZTYwYzlmYjdmYzk3ZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDsRey0RQ4cVskRBS7YowrH51m7q
5X3uDly0oqvoKyLgBXzno/zXyTaQeCkI/KoqWULXTwBp/SGDKyX/FkjUA0I21Ugh
xpAEs3yw2tqLhQrSwZVS9ZsFjnS+alCI2zuW+AymyRU2Sp08VzvUC6cx3G8mrPXy
xyTjTVgOIXIcsdTJCk7FPGU/ax9nlFwUJkOUJAVp1D3QD7eNPG0doBlQSQ28Q4A+
RB8rlhXWkgPQ6vCE8T+HJ4EGpm8Oqbs38tXbLakFI4q4sU0+aOz0zQ3+UV+Hj4kD
5nCp7eIMY1gJOq2xiRWTwJ2EBsWjf2KS5/eScFvMAAkQIVtd7olC1gRVxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHXJ3btm45VQwK5btI5gyft/yX0AMB8GA1UdIwQY
MBaAFDk4qBpEEndB2UmjVaR/PLWZOJp4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wMmNhYjUtNTliNC00ZDkwLWE1ZGIt
ZmQyMTRjYWNmYjYyLzEvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wMmNhYjUtNTliNC00ZDkwLWE1ZGItZmQyMTRjYWNmYjYy
LzEvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtMa2UTZ/
MHlAzfgrEhedQjqOaikzmzxTJQpB+k4MPjA2KbqKVAan7XpjZvceoMSbmfEnVpLo
10AmRH51cOaa5alUBhtyCT+OkJef1HonddSCnnX1yTCut7OZHG6Ffo8rfkOnlwlM
cnwi0htqah0hEp4myY3JaKOrquzWuiE3biLb77jAJa5KhtTh4DMBasbt1S4PJzls
rmH7cmfZ1rF+IOENbWHRGWw7ZWTT3m3QRbA+BzRrNF+d4HC8WTlD5519ANk1WA9U
tVG8zgbnLkKqglulApSvukZ3yu2kirc6VUv0qCaNIlqrCaPvz+YtMxVVLMGZEM+2
rKqgrZTS+DoruQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:38:19 2025 by rpki-client