Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d7a4a7-07e2-48ad-ba56-0db0ec1e945c/1/0OZTSNwTyFSZx3dNFWYUwSARirU.mft
File: 0OZTSNwTyFSZx3dNFWYUwSARirU.mft (raw, json)
Hash identifier: qdwqsv6Aq70xrYhYKXXlOZffL+SktfS4dBd5h3SaCSo=
Subject key identifier: 1F:49:E8:68:84:0E:21:3E:3E:EC:B9:42:48:38:DD:03:64:16:F9:64
Authority key identifier: D0:E6:53:48:DC:13:C8:54:99:C7:77:4D:15:66:14:C1:20:11:8A:B5
Certificate issuer: /CN=d0e65348dc13c85499c7774d156614c120118ab5
Certificate serial: 019A71B7CE89B34E46CBC4044CF72DFF8F2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0OZTSNwTyFSZx3dNFWYUwSARirU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/d7a4a7-07e2-48ad-ba56-0db0ec1e945c/1/0OZTSNwTyFSZx3dNFWYUwSARirU.mft
Manifest number: 1677
Signing time: Tue 11 Nov 2025 07:01:02 +0000
Manifest this update: Tue 11 Nov 2025 07:01:02 +0000
Manifest next update: Wed 12 Nov 2025 07:01:02 +0000
Files and hashes: 1: 0OZTSNwTyFSZx3dNFWYUwSARirU.crl (hash: WGTZ7kg7559QBXaTsS6Um4smnNpRx0CX4dKNQTXSsAg=)
2: I8hH4YeV3HM0yWrc52lfIOhYTt8.roa (hash: colmP8j9TQydvYGFc1+glmJgVJjDM5AxsV+6TerMW6o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/d7a4a7-07e2-48ad-ba56-0db0ec1e945c/1/0OZTSNwTyFSZx3dNFWYUwSARirU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/d7a4a7-07e2-48ad-ba56-0db0ec1e945c/1/0OZTSNwTyFSZx3dNFWYUwSARirU.mft
rsync://rpki.ripe.net/repository/DEFAULT/0OZTSNwTyFSZx3dNFWYUwSARirU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:ce:89:b3:4e:46:cb:c4:04:4c:f7:2d:ff:8f:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0e65348dc13c85499c7774d156614c120118ab5
Validity
Not Before: Nov 11 07:01:02 2025 GMT
Not After : Nov 12 07:01:02 2025 GMT
Subject: CN=1f49e868840e213e3eecb9424838dd036416f964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e9:c0:78:0b:0c:9b:dd:5f:68:bf:f9:a2:22:
bd:a1:f6:ee:4d:5b:63:53:67:05:1f:c8:63:56:c7:
88:3d:66:86:c9:cc:68:36:55:f9:48:6f:20:48:5c:
08:48:68:b3:63:72:2f:73:8c:4d:8b:b3:3b:0f:ad:
de:40:46:ca:80:5e:b2:85:2b:ba:5f:b8:b1:da:2a:
24:b9:8c:34:9f:28:a7:0d:c1:d2:35:09:0e:5d:f0:
5e:b6:a2:2b:0c:2f:da:8e:7d:0c:e1:5e:04:6b:3d:
97:c2:70:83:bc:d2:2c:8a:ab:ab:53:55:00:51:e7:
02:ca:a1:4b:c0:c7:ef:53:2c:79:14:2b:04:5e:5f:
80:49:eb:f3:ff:a9:45:d5:35:3e:2f:98:5e:25:2f:
de:36:83:a5:cf:40:20:21:03:b8:8b:84:ed:3e:db:
35:de:61:22:73:e7:09:5d:98:27:43:91:bd:53:26:
ea:1b:d3:08:27:65:2b:0c:1f:31:9a:94:7d:af:43:
e6:d7:aa:51:cf:53:34:ab:1c:f4:61:de:f9:78:52:
29:b5:1d:fe:13:8b:9e:2c:d6:50:e4:77:8b:a6:93:
50:64:f6:cf:48:1c:f9:8d:ad:af:e4:2e:24:92:d5:
a9:72:97:ee:67:8a:98:37:9d:6b:6a:e1:c2:82:56:
57:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:49:E8:68:84:0E:21:3E:3E:EC:B9:42:48:38:DD:03:64:16:F9:64
X509v3 Authority Key Identifier:
keyid:D0:E6:53:48:DC:13:C8:54:99:C7:77:4D:15:66:14:C1:20:11:8A:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0OZTSNwTyFSZx3dNFWYUwSARirU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d7a4a7-07e2-48ad-ba56-0db0ec1e945c/1/0OZTSNwTyFSZx3dNFWYUwSARirU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d7a4a7-07e2-48ad-ba56-0db0ec1e945c/1/0OZTSNwTyFSZx3dNFWYUwSARirU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:cf:7b:da:68:e1:b2:42:bf:ef:25:d7:06:48:4e:38:2a:e8:
2f:1f:48:98:2f:53:6f:9f:c0:70:02:7c:21:6a:b2:cc:55:12:
eb:a6:1d:3b:2a:42:4e:3f:b1:16:04:9f:d9:bc:d2:e5:80:44:
f5:f5:5f:6e:97:59:fd:56:19:e4:75:7b:3e:f6:1e:d1:0e:35:
b4:a5:1a:93:7e:5f:0a:df:43:96:68:d7:51:2b:79:43:12:85:
9c:15:b8:82:4d:f1:59:25:72:ac:a9:88:cb:d9:77:93:2c:a9:
13:5d:b1:43:80:ef:b9:25:a5:c5:d1:38:05:b6:7d:9e:63:53:
88:97:f4:29:26:3f:72:8d:bb:71:1a:e5:97:dd:6a:5f:26:db:
ba:67:80:db:97:0e:43:32:d6:e4:d8:9b:a3:7c:29:d1:e0:7a:
c1:ef:1f:b6:d3:5c:87:21:b5:28:d2:c5:b1:84:12:88:6a:fa:
46:d6:7a:4b:2b:b9:49:ed:e4:9b:9e:d3:ee:a8:58:08:e9:2d:
8b:8c:32:c0:48:64:da:0e:90:09:09:7d:72:89:e1:46:49:a1:
3b:2f:e7:c4:c2:73:93:75:f8:8a:bd:80:27:e0:bf:1c:82:14:
0b:d1:01:d5:0a:61:86:5e:8c:f8:c8:e3:be:56:7c:7e:89:13:
98:1f:fb:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt86Js05Gy8QETPct/48rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZTY1MzQ4ZGMxM2M4NTQ5OWM3Nzc0ZDE1NjYxNGMxMjAx
MThhYjUwHhcNMjUxMTExMDcwMTAyWhcNMjUxMTEyMDcwMTAyWjAzMTEwLwYDVQQD
EygxZjQ5ZTg2ODg0MGUyMTNlM2VlY2I5NDI0ODM4ZGQwMzY0MTZmOTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+nAeAsMm91faL/5oiK9ofbuTVtj
U2cFH8hjVseIPWaGycxoNlX5SG8gSFwISGizY3Ivc4xNi7M7D63eQEbKgF6yhSu6
X7ix2iokuYw0nyinDcHSNQkOXfBetqIrDC/ajn0M4V4Eaz2XwnCDvNIsiqurU1UA
UecCyqFLwMfvUyx5FCsEXl+ASevz/6lF1TU+L5heJS/eNoOlz0AgIQO4i4TtPts1
3mEic+cJXZgnQ5G9UybqG9MIJ2UrDB8xmpR9r0Pm16pRz1M0qxz0Yd75eFIptR3+
E4ueLNZQ5HeLppNQZPbPSBz5ja2v5C4kktWpcpfuZ4qYN51rauHCglZX9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB9J6GiEDiE+Puy5Qkg43QNkFvlkMB8GA1UdIwQY
MBaAFNDmU0jcE8hUmcd3TRVmFMEgEYq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME9aVFNOd1R5RlNaeDNkTkZXWVV3U0FSaXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kN2E0YTctMDdlMi00OGFkLWJhNTYt
MGRiMGVjMWU5NDVjLzEvME9aVFNOd1R5RlNaeDNkTkZXWVV3U0FSaXJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kN2E0YTctMDdlMi00OGFkLWJhNTYtMGRiMGVjMWU5NDVj
LzEvME9aVFNOd1R5RlNaeDNkTkZXWVV3U0FSaXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQc972mjh
skK/7yXXBkhOOCroLx9ImC9Tb5/AcAJ8IWqyzFUS66YdOypCTj+xFgSf2bzS5YBE
9fVfbpdZ/VYZ5HV7PvYe0Q41tKUak35fCt9DlmjXUSt5QxKFnBW4gk3xWSVyrKmI
y9l3kyypE12xQ4DvuSWlxdE4BbZ9nmNTiJf0KSY/co27cRrll91qXybbumeA25cO
QzLW5Nibo3wp0eB6we8fttNchyG1KNLFsYQSiGr6RtZ6Syu5Se3km57T7qhYCOkt
i4wywEhk2g6QCQl9conhRkmhOy/nxMJzk3X4ir2AJ+C/HIIUC9EB1Qphhl6M+Mjj
vlZ8fokTmB/7oA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:04:37 2025 by rpki-client