Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft
File: OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft (raw, json)
Hash identifier: 4oHW272gpI7spoRNHm1umHBSn1WDs1cGrVCIcDASSfI=
Subject key identifier: 30:41:E0:2B:80:C5:7F:A6:53:90:D2:60:44:0B:0A:E4:07:A1:49:32
Authority key identifier: 39:79:B4:35:A3:CF:EF:E7:C3:3A:84:B2:2F:60:33:00:9A:52:25:C7
Certificate issuer: /CN=3979b435a3cfefe7c33a84b22f6033009a5225c7
Certificate serial: 019A258AA2AA96C23B4FF1831B349E88489E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft
Manifest number: 1688
Signing time: Mon 27 Oct 2025 12:00:33 +0000
Manifest this update: Mon 27 Oct 2025 12:00:33 +0000
Manifest next update: Tue 28 Oct 2025 12:00:33 +0000
Files and hashes: 1: OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl (hash: lv0qxsbnUC78wycYpgbxLk4zxsXABbyXHUIYkjCcwNc=)
2: VwXHoptHeR9mWbeRFzNgE273Y_Y.roa (hash: O7PmmfQJftPOiteORNgrKpX/pUfGsXyieeu22jdpW5U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 12:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:25:8a:a2:aa:96:c2:3b:4f:f1:83:1b:34:9e:88:48:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3979b435a3cfefe7c33a84b22f6033009a5225c7
Validity
Not Before: Oct 27 12:00:33 2025 GMT
Not After : Oct 28 12:00:33 2025 GMT
Subject: CN=3041e02b80c57fa65390d260440b0ae407a14932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:db:be:7f:d9:16:23:c8:e1:a3:42:4a:a4:e6:
c9:bb:bf:c5:c8:29:b0:61:2d:c5:ba:1a:0c:a4:86:
7a:63:58:3a:6c:85:c8:67:bd:6c:d1:1a:fc:c3:cf:
f9:22:ba:7e:d1:1a:57:db:de:43:c2:c7:6a:5f:46:
79:42:f9:56:00:36:91:cb:57:1f:d4:1b:33:86:ec:
e3:1b:77:31:9f:1f:ce:6e:c0:ed:b4:75:59:a2:ed:
1c:ec:83:5c:d9:19:f6:84:04:a1:d7:e4:07:7a:72:
86:8e:a1:2f:47:82:bc:15:9e:52:d3:35:f7:15:a9:
28:ae:b4:4d:f6:68:82:27:85:41:b9:8f:d7:7e:ea:
fb:0e:b7:c2:5e:55:94:93:28:d3:61:04:57:75:07:
52:fd:e1:17:ce:3e:4b:e0:22:0a:d8:03:23:37:2b:
ad:49:13:e6:c1:03:cc:8b:48:ab:7d:23:70:ea:35:
f2:1d:57:20:9a:cc:e0:31:4c:bd:ca:fc:17:54:9a:
3e:50:3d:e4:61:3b:1c:c5:1e:d5:15:b1:de:7f:5b:
1f:8b:43:ff:1d:9c:1c:4c:ca:28:2d:3f:83:fa:d5:
16:f8:fa:0d:a2:9e:5e:a7:9c:51:6e:71:33:53:15:
a6:4b:c4:ad:a5:3d:41:48:47:d1:28:6a:37:cc:93:
89:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:41:E0:2B:80:C5:7F:A6:53:90:D2:60:44:0B:0A:E4:07:A1:49:32
X509v3 Authority Key Identifier:
keyid:39:79:B4:35:A3:CF:EF:E7:C3:3A:84:B2:2F:60:33:00:9A:52:25:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:49:c1:d2:e4:0f:d3:72:3a:cf:50:1e:cb:e6:6a:91:01:75:
cc:9c:ff:73:7b:91:02:d5:04:39:d5:47:d9:9a:d4:44:c7:96:
5f:69:12:3a:cf:ed:ba:40:b3:09:24:e9:51:97:ed:d1:04:a0:
35:9c:c0:53:6b:0d:bb:51:4a:01:a3:3b:37:68:7b:7f:1b:a7:
0c:63:d1:bc:64:da:dd:e8:f2:bd:93:e5:77:33:37:7b:5c:0a:
d6:e9:d9:81:1a:e0:1b:07:e0:6e:95:3b:a5:0a:29:88:b9:cc:
c4:17:13:f3:89:2d:29:05:1f:22:82:10:bf:9c:da:af:b4:eb:
b4:a2:47:5a:5a:43:4c:ca:b6:0c:73:43:ae:0f:99:0a:6f:35:
9f:df:ac:15:b8:5b:ed:5b:78:86:f9:8d:12:f6:ee:48:7f:e6:
b4:ae:3d:96:52:a0:ca:87:e2:a3:38:8d:7f:61:0c:a9:d4:a4:
8a:fa:6e:94:0b:66:ae:fc:0c:64:29:8b:18:4c:19:85:3b:f5:
7a:ea:a2:a0:af:49:8e:4d:4b:3b:c2:d6:c6:76:f5:da:d8:d7:
77:e4:75:4f:57:e6:0f:7d:3b:9d:f6:dd:3c:98:fb:65:a5:9e:
5b:39:7b:13:b2:f2:a8:fd:e0:30:fc:2a:6c:2a:64:1b:2e:2d:
88:f2:d6:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoliqKqlsI7T/GDGzSeiEieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzliNDM1YTNjZmVmZTdjMzNhODRiMjJmNjAzMzAwOWE1
MjI1YzcwHhcNMjUxMDI3MTIwMDMzWhcNMjUxMDI4MTIwMDMzWjAzMTEwLwYDVQQD
EygzMDQxZTAyYjgwYzU3ZmE2NTM5MGQyNjA0NDBiMGFlNDA3YTE0OTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Nu+f9kWI8jho0JKpObJu7/FyCmw
YS3FuhoMpIZ6Y1g6bIXIZ71s0Rr8w8/5Irp+0RpX295DwsdqX0Z5QvlWADaRy1cf
1BszhuzjG3cxnx/ObsDttHVZou0c7INc2Rn2hASh1+QHenKGjqEvR4K8FZ5S0zX3
FakorrRN9miCJ4VBuY/Xfur7DrfCXlWUkyjTYQRXdQdS/eEXzj5L4CIK2AMjNyut
SRPmwQPMi0irfSNw6jXyHVcgmszgMUy9yvwXVJo+UD3kYTscxR7VFbHef1sfi0P/
HZwcTMooLT+D+tUW+PoNop5ep5xRbnEzUxWmS8StpT1BSEfRKGo3zJOJxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDBB4CuAxX+mU5DSYEQLCuQHoUkyMB8GA1UdIwQY
MBaAFDl5tDWjz+/nwzqEsi9gMwCaUiXHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83M2E3MWUtNDQ2ZC00MWZmLWFhYmYt
ZDViYzIzOWY2YTk4LzEvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83M2E3MWUtNDQ2ZC00MWZmLWFhYmYtZDViYzIzOWY2YTk4
LzEvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASEnB0uQP
03I6z1Aey+ZqkQF1zJz/c3uRAtUEOdVH2ZrURMeWX2kSOs/tukCzCSTpUZft0QSg
NZzAU2sNu1FKAaM7N2h7fxunDGPRvGTa3ejyvZPldzM3e1wK1unZgRrgGwfgbpU7
pQopiLnMxBcT84ktKQUfIoIQv5zar7TrtKJHWlpDTMq2DHNDrg+ZCm81n9+sFbhb
7Vt4hvmNEvbuSH/mtK49llKgyofioziNf2EMqdSkivpulAtmrvwMZCmLGEwZhTv1
euqioK9Jjk1LO8LWxnb12tjXd+R1T1fmD307nfbdPJj7ZaWeWzl7E7LyqP3gMPwq
bCpkGy4tiPLW+Q==
-----END CERTIFICATE-----
Generated at Mon Oct 27 17:40:30 2025 by rpki-client