Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft
File: OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft (raw, json)
Hash identifier: 3wJ5JC59yLs04c3DBsz+E3GLSrnKOHpkAgre5RKM7g8=
Subject key identifier: 00:5C:56:60:78:03:64:CA:11:03:07:E8:3D:AC:60:FF:EE:EE:DD:D4
Authority key identifier: 38:5C:F4:93:9B:EE:EA:EA:F4:40:9C:28:40:EB:34:4C:AB:08:50:E0
Certificate issuer: /CN=385cf4939beeeaeaf4409c2840eb344cab0850e0
Certificate serial: 019A70A4EAB40E786AAE65A462C89F9EAA64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFz0k5vu6ur0QJwoQOs0TKsIUOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft
Manifest number: 0C65
Signing time: Tue 11 Nov 2025 02:00:47 +0000
Manifest this update: Tue 11 Nov 2025 02:00:47 +0000
Manifest next update: Wed 12 Nov 2025 02:00:47 +0000
Files and hashes: 1: KI_OzKHWNWDApgfZA8fhKRHWYNw.roa (hash: KgInzOYraW/0zKTqbj1OirpA4x6saReBh+LdfK4ZXdI=)
2: OFz0k5vu6ur0QJwoQOs0TKsIUOA.crl (hash: nxS1VfuQA0cFCLcdzbVoIntnzJrauJSRUXNlq7joWAM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OFz0k5vu6ur0QJwoQOs0TKsIUOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a4:ea:b4:0e:78:6a:ae:65:a4:62:c8:9f:9e:aa:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385cf4939beeeaeaf4409c2840eb344cab0850e0
Validity
Not Before: Nov 11 02:00:47 2025 GMT
Not After : Nov 12 02:00:47 2025 GMT
Subject: CN=005c5660780364ca110307e83dac60ffeeeeddd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:bf:03:9b:f9:07:86:6a:46:8c:eb:5e:95:42:
81:e0:9b:cd:7f:6d:db:56:ff:d5:9e:50:e3:f3:66:
7b:bd:d5:8b:cb:45:be:56:ea:65:a9:ea:58:70:43:
66:07:c3:05:4b:ba:ec:50:b0:6c:5b:d3:e7:48:8f:
2e:15:88:81:3d:3c:7e:64:26:0d:27:11:cb:3e:58:
84:69:41:06:94:83:08:53:9b:5f:5c:0a:bc:25:b5:
d0:4a:62:85:59:8d:87:db:3d:01:71:aa:6f:dc:15:
ac:6e:3d:db:1f:a4:37:34:1d:ad:c8:2f:76:76:ee:
b9:0c:c8:3d:a5:9e:f8:40:a6:c9:8d:94:74:8c:2d:
a5:80:61:9c:db:90:a9:a3:a7:5d:06:69:e5:20:01:
b1:10:b3:92:1a:58:3e:dd:54:9a:5d:67:19:c2:88:
71:f7:6b:22:ea:3c:39:87:3d:49:5a:07:d5:8d:2a:
65:a1:4e:44:68:0b:ea:8c:d6:70:aa:d7:eb:21:76:
da:b6:d9:2c:06:54:72:e9:69:88:7d:e6:67:f1:9a:
98:ab:6b:eb:0b:e3:e5:1d:65:e3:ac:bc:eb:43:aa:
45:db:d4:52:79:47:5c:2e:7b:0b:ec:0f:c8:97:f4:
78:90:a2:05:e4:c3:ea:1f:a9:23:2f:20:5c:81:c8:
4c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:5C:56:60:78:03:64:CA:11:03:07:E8:3D:AC:60:FF:EE:EE:DD:D4
X509v3 Authority Key Identifier:
keyid:38:5C:F4:93:9B:EE:EA:EA:F4:40:9C:28:40:EB:34:4C:AB:08:50:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFz0k5vu6ur0QJwoQOs0TKsIUOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:1e:0a:1a:47:2d:e7:2a:02:b2:f9:a6:09:af:3a:55:02:bc:
17:f3:57:da:30:54:6f:27:8e:28:86:27:25:25:21:b7:a9:c9:
06:4a:dd:35:fc:f2:8f:6c:b2:bd:58:34:40:34:62:e9:7c:71:
a7:58:89:fe:df:7f:fd:ad:7b:46:46:5c:ba:ac:29:53:4d:b9:
a5:71:d2:c7:4b:7e:2e:a9:d5:88:ef:a0:0c:1f:f1:ba:67:3e:
53:9f:9d:2f:86:80:bf:8f:50:98:3d:3d:27:6d:4e:07:e1:0d:
06:55:fa:1f:b2:73:da:90:2d:89:0d:f8:1c:b1:f0:80:62:21:
d2:9c:59:5c:42:a8:4e:55:a0:18:5a:ef:05:b8:95:9a:f5:c4:
53:09:f5:c4:99:d9:fb:6a:be:a4:34:52:38:51:2a:23:67:e8:
72:12:8a:7f:d5:fd:27:cb:89:0f:b9:d8:e5:fd:3b:1f:ce:8a:
d7:10:f0:0a:37:1b:05:25:f8:87:0a:08:87:f9:b0:e6:b8:5c:
07:9f:1b:72:f2:77:96:c5:00:72:b0:3f:cf:54:ba:d2:27:f8:
3c:ac:0f:58:6a:4d:fa:7b:2b:48:84:ce:d7:c9:86:f4:b2:bb:
43:7d:56:8b:9b:5b:47:5e:97:e8:ba:d8:fe:4d:0c:1d:ba:10:
ea:3f:55:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpOq0DnhqrmWkYsifnqpkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NWNmNDkzOWJlZWVhZWFmNDQwOWMyODQwZWIzNDRjYWIw
ODUwZTAwHhcNMjUxMTExMDIwMDQ3WhcNMjUxMTEyMDIwMDQ3WjAzMTEwLwYDVQQD
EygwMDVjNTY2MDc4MDM2NGNhMTEwMzA3ZTgzZGFjNjBmZmVlZWVkZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6b8Dm/kHhmpGjOtelUKB4JvNf23b
Vv/VnlDj82Z7vdWLy0W+VuplqepYcENmB8MFS7rsULBsW9PnSI8uFYiBPTx+ZCYN
JxHLPliEaUEGlIMIU5tfXAq8JbXQSmKFWY2H2z0Bcapv3BWsbj3bH6Q3NB2tyC92
du65DMg9pZ74QKbJjZR0jC2lgGGc25Cpo6ddBmnlIAGxELOSGlg+3VSaXWcZwohx
92si6jw5hz1JWgfVjSploU5EaAvqjNZwqtfrIXbattksBlRy6WmIfeZn8ZqYq2vr
C+PlHWXjrLzrQ6pF29RSeUdcLnsL7A/Il/R4kKIF5MPqH6kjLyBcgchMLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFABcVmB4A2TKEQMH6D2sYP/u7t3UMB8GA1UdIwQY
MBaAFDhc9JOb7urq9ECcKEDrNEyrCFDgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Z6MGs1dnU2dXIwUUp3b1FPczBUS3NJVU9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8zNWI2YmQtMTRiNi00M2RjLTgzODQt
N2I3NjE1ZmYwZTk2LzEvT0Z6MGs1dnU2dXIwUUp3b1FPczBUS3NJVU9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8zNWI2YmQtMTRiNi00M2RjLTgzODQtN2I3NjE1ZmYwZTk2
LzEvT0Z6MGs1dnU2dXIwUUp3b1FPczBUS3NJVU9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADB4KGkct
5yoCsvmmCa86VQK8F/NX2jBUbyeOKIYnJSUht6nJBkrdNfzyj2yyvVg0QDRi6Xxx
p1iJ/t9//a17RkZcuqwpU025pXHSx0t+LqnViO+gDB/xumc+U5+dL4aAv49QmD09
J21OB+ENBlX6H7Jz2pAtiQ34HLHwgGIh0pxZXEKoTlWgGFrvBbiVmvXEUwn1xJnZ
+2q+pDRSOFEqI2fochKKf9X9J8uJD7nY5f07H86K1xDwCjcbBSX4hwoIh/mw5rhc
B58bcvJ3lsUAcrA/z1S60if4PKwPWGpN+nsrSITO18mG9LK7Q31Wi5tbR16X6LrY
/k0MHboQ6j9V9Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:43:54 2025 by rpki-client