Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.mft
File: OxRinHZc4axPaIlW47kPatjEtYI.mft (raw, json)
Hash identifier: VKZ/R/6HAGGsrID5gBWkCbkmRUeOZ0wZt7Qo4y/+U0o=
Subject key identifier: 42:0C:88:D6:32:ED:12:F3:EB:F7:EF:4C:9C:CC:90:D2:AF:15:2A:5E
Authority key identifier: 3B:14:62:9C:76:5C:E1:AC:4F:68:89:56:E3:B9:0F:6A:D8:C4:B5:82
Certificate issuer: /CN=3b14629c765ce1ac4f688956e3b90f6ad8c4b582
Certificate serial: 019A706DEAEBA37788534FA1797B71274823
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OxRinHZc4axPaIlW47kPatjEtYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.mft
Manifest number: 16B2
Signing time: Tue 11 Nov 2025 01:00:42 +0000
Manifest this update: Tue 11 Nov 2025 01:00:42 +0000
Manifest next update: Wed 12 Nov 2025 01:00:42 +0000
Files and hashes: 1: C_zGKKe9EmjFWVKBb9utgZ7LvBo.roa (hash: DBtQlC6QblgPpVW+sAN+YH267kvW3kiRyXFujtkor/8=)
2: OxRinHZc4axPaIlW47kPatjEtYI.crl (hash: 1o4i66jmdo5UXbrn7dKw/fKkKb4SQhve9Hm0Okz1Uk8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/OxRinHZc4axPaIlW47kPatjEtYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 01:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:6d:ea:eb:a3:77:88:53:4f:a1:79:7b:71:27:48:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b14629c765ce1ac4f688956e3b90f6ad8c4b582
Validity
Not Before: Nov 11 01:00:42 2025 GMT
Not After : Nov 12 01:00:42 2025 GMT
Subject: CN=420c88d632ed12f3ebf7ef4c9ccc90d2af152a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:67:19:0d:b9:54:6b:c3:e1:53:8b:84:0b:6e:
2e:07:b5:af:1f:4b:ab:79:b1:b2:59:f5:ca:62:8f:
56:aa:e8:3e:14:e9:a9:d6:fd:d4:d8:1c:d2:69:c4:
8b:71:c0:af:86:63:74:61:de:9f:d4:83:d1:1b:39:
51:55:67:9f:88:16:7b:79:6b:26:36:33:24:2f:17:
2f:98:71:b8:76:6a:b0:5a:87:1e:0c:71:ee:86:09:
cd:94:37:ec:35:c4:b7:78:c4:9f:2e:5d:0a:01:0b:
f6:80:21:3a:fe:09:1a:2d:27:b3:ca:32:64:9f:ef:
b6:7f:d9:3b:3c:a9:2b:a1:c7:b7:88:c8:06:de:2d:
57:4a:cd:8f:f0:16:5e:8e:a9:26:62:68:0b:2a:78:
da:c0:25:7c:3b:85:19:4b:7e:9a:2c:ad:2b:d6:ca:
46:c9:61:00:ba:07:0e:fd:2a:cf:54:b7:b5:a0:59:
11:88:61:68:e2:79:cc:3f:9f:b8:2d:ec:cb:1e:4b:
e4:e1:da:7c:70:a8:f9:ff:f1:31:51:33:64:d8:0f:
29:9b:4d:fa:d9:f0:3d:c9:a3:9b:10:84:4d:a5:34:
47:e1:c1:90:dd:0f:ea:78:7c:44:34:9f:ca:fd:aa:
4c:ec:e7:73:cc:1b:52:15:f7:c7:75:3c:03:18:cd:
af:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:0C:88:D6:32:ED:12:F3:EB:F7:EF:4C:9C:CC:90:D2:AF:15:2A:5E
X509v3 Authority Key Identifier:
keyid:3B:14:62:9C:76:5C:E1:AC:4F:68:89:56:E3:B9:0F:6A:D8:C4:B5:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OxRinHZc4axPaIlW47kPatjEtYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:87:fc:45:57:3e:56:49:d9:8a:e3:86:f5:c2:6e:98:16:0e:
49:0a:3d:ef:cb:06:ef:4b:78:f9:5d:39:2d:a3:15:5b:5a:32:
5c:1e:51:39:c0:44:a6:93:0c:17:16:4f:69:4d:d2:55:b6:d3:
c5:4e:d9:9e:c5:f2:f5:db:a1:e8:d1:3c:81:57:16:c1:d1:b3:
4d:9b:b9:d6:49:bd:cd:f2:34:a9:21:83:fb:d2:75:ea:86:0c:
1c:9b:6b:a2:e0:81:43:5b:53:d6:89:4d:03:1b:d6:a8:cd:c5:
c1:0a:6c:15:b3:f9:2e:63:31:83:5a:c2:e4:16:ee:53:f4:71:
06:2d:ca:25:5e:7b:12:a3:8d:f0:de:39:40:9b:16:a7:93:b2:
68:af:89:fa:71:0c:2c:cd:0c:af:7b:d9:0d:99:f8:11:66:54:
af:64:cc:d2:81:d4:85:03:97:b2:c0:16:59:69:4f:f4:de:bc:
25:f2:ee:90:10:bf:fa:0b:f9:7a:de:87:24:43:8c:37:a4:16:
d3:70:a3:d7:73:08:ad:2b:74:ca:07:f1:3e:1a:2c:f7:62:de:
29:af:d4:b2:d2:54:01:b0:c3:6a:2c:9c:08:23:95:f9:d7:b0:
f0:70:b7:96:bf:20:0b:da:cf:90:a5:40:2c:ef:59:d7:91:02:
4d:9b:74:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwberro3eIU0+heXtxJ0gjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMTQ2MjljNzY1Y2UxYWM0ZjY4ODk1NmUzYjkwZjZhZDhj
NGI1ODIwHhcNMjUxMTExMDEwMDQyWhcNMjUxMTEyMDEwMDQyWjAzMTEwLwYDVQQD
Eyg0MjBjODhkNjMyZWQxMmYzZWJmN2VmNGM5Y2NjOTBkMmFmMTUyYTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmcZDblUa8PhU4uEC24uB7WvH0ur
ebGyWfXKYo9Wqug+FOmp1v3U2BzSacSLccCvhmN0Yd6f1IPRGzlRVWefiBZ7eWsm
NjMkLxcvmHG4dmqwWoceDHHuhgnNlDfsNcS3eMSfLl0KAQv2gCE6/gkaLSezyjJk
n++2f9k7PKkroce3iMgG3i1XSs2P8BZejqkmYmgLKnjawCV8O4UZS36aLK0r1spG
yWEAugcO/SrPVLe1oFkRiGFo4nnMP5+4LezLHkvk4dp8cKj5//ExUTNk2A8pm036
2fA9yaObEIRNpTRH4cGQ3Q/qeHxENJ/K/apM7OdzzBtSFffHdTwDGM2vxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIMiNYy7RLz6/fvTJzMkNKvFSpeMB8GA1UdIwQY
MBaAFDsUYpx2XOGsT2iJVuO5D2rYxLWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3hSaW5IWmM0YXhQYUlsVzQ3a1BhdGpFdFlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9hMzdmOWMtMWU2YS00NjY1LWEwZTIt
ZmUzMTEwMGQwODFmLzEvT3hSaW5IWmM0YXhQYUlsVzQ3a1BhdGpFdFlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9hMzdmOWMtMWU2YS00NjY1LWEwZTItZmUzMTEwMGQwODFm
LzEvT3hSaW5IWmM0YXhQYUlsVzQ3a1BhdGpFdFlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEYf8RVc+
VknZiuOG9cJumBYOSQo978sG70t4+V05LaMVW1oyXB5ROcBEppMMFxZPaU3SVbbT
xU7ZnsXy9duh6NE8gVcWwdGzTZu51km9zfI0qSGD+9J16oYMHJtrouCBQ1tT1olN
AxvWqM3FwQpsFbP5LmMxg1rC5BbuU/RxBi3KJV57EqON8N45QJsWp5OyaK+J+nEM
LM0Mr3vZDZn4EWZUr2TM0oHUhQOXssAWWWlP9N68JfLukBC/+gv5et6HJEOMN6QW
03Cj13MIrSt0ygfxPhos92LeKa/UstJUAbDDaiycCCOV+dew8HC3lr8gC9rPkKVA
LO9Z15ECTZt0tA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:47 2025 by rpki-client