Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/3f5ea4-1868-4a0b-9218-87e9f21b418b/1/O2BOwM_ulmxBmzptXwgrVjwYaL0.mft
File: O2BOwM_ulmxBmzptXwgrVjwYaL0.mft (raw, json)
Hash identifier: pog1LCMDO4egvMxqIhffroOLvg3Qa7bGjY4BLmqMbmk=
Subject key identifier: 77:B6:40:C0:A1:F0:E5:AC:54:24:08:27:78:F1:51:C6:04:F4:1E:2C
Authority key identifier: 3B:60:4E:C0:CF:EE:96:6C:41:9B:3A:6D:5F:08:2B:56:3C:18:68:BD
Certificate issuer: /CN=3b604ec0cfee966c419b3a6d5f082b563c1868bd
Certificate serial: 019A66C60E364D311216C768B4AD8D2CBC42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O2BOwM_ulmxBmzptXwgrVjwYaL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/3f5ea4-1868-4a0b-9218-87e9f21b418b/1/O2BOwM_ulmxBmzptXwgrVjwYaL0.mft
Manifest number: 0AC6
Signing time: Sun 09 Nov 2025 04:00:47 +0000
Manifest this update: Sun 09 Nov 2025 04:00:47 +0000
Manifest next update: Mon 10 Nov 2025 04:00:47 +0000
Files and hashes: 1: O2BOwM_ulmxBmzptXwgrVjwYaL0.crl (hash: KOO1JOzDM1i3LxhCR4PZZmXKgfoELAyFmgRNsHru4oA=)
2: Uekfh-0K2vRcuzrLz8uBXFaOroQ.roa (hash: QN8HhWjjJPearCTxHxonyEJ2yJIbW9sXZXyp6RMDaE0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/3f5ea4-1868-4a0b-9218-87e9f21b418b/1/O2BOwM_ulmxBmzptXwgrVjwYaL0.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/3f5ea4-1868-4a0b-9218-87e9f21b418b/1/O2BOwM_ulmxBmzptXwgrVjwYaL0.mft
rsync://rpki.ripe.net/repository/DEFAULT/O2BOwM_ulmxBmzptXwgrVjwYaL0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Nov 2025 03:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:66:c6:0e:36:4d:31:12:16:c7:68:b4:ad:8d:2c:bc:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b604ec0cfee966c419b3a6d5f082b563c1868bd
Validity
Not Before: Nov 9 04:00:47 2025 GMT
Not After : Nov 10 04:00:47 2025 GMT
Subject: CN=77b640c0a1f0e5ac5424082778f151c604f41e2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:06:f3:12:fd:8c:f5:63:bb:fe:b1:7c:39:8a:
33:fe:e4:7b:10:e9:88:e9:bd:7b:61:50:8c:59:be:
3e:8c:91:12:7e:4e:9b:53:5a:22:92:20:1f:94:0a:
8b:37:e2:c2:2a:7d:34:b7:79:6e:b0:f7:b0:90:d3:
0f:93:d8:ae:52:bd:f3:ae:37:86:7a:93:4b:e1:ff:
12:45:f6:e9:80:cf:21:82:58:b1:78:62:a7:d3:cd:
e6:ad:07:04:3e:d4:e0:ac:76:8e:67:24:59:07:1c:
14:f7:da:4c:53:92:3d:86:d0:c4:1a:59:f4:b3:39:
ea:35:8b:03:68:c9:3c:c8:d5:74:f5:fd:d6:00:55:
76:78:d9:1b:2c:50:f0:32:08:ac:7c:fe:cd:c6:98:
2d:45:a2:8e:91:2a:ad:e3:c1:ec:13:9b:45:65:99:
11:12:32:e4:50:fb:31:f8:d9:2e:ab:2e:c0:f9:ce:
30:6d:bb:79:f9:81:dc:dc:8a:a2:98:a8:27:e3:60:
f1:19:32:00:05:e2:14:47:a9:cb:e4:2b:58:aa:db:
b6:04:d4:53:d7:81:ff:2f:cf:38:fa:a0:2e:9b:d6:
12:f8:12:d9:e5:57:5e:f0:8f:86:1f:f0:32:ea:7f:
8e:78:4d:2b:72:2f:4d:b5:be:b2:27:42:81:13:d8:
e2:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:B6:40:C0:A1:F0:E5:AC:54:24:08:27:78:F1:51:C6:04:F4:1E:2C
X509v3 Authority Key Identifier:
keyid:3B:60:4E:C0:CF:EE:96:6C:41:9B:3A:6D:5F:08:2B:56:3C:18:68:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O2BOwM_ulmxBmzptXwgrVjwYaL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/3f5ea4-1868-4a0b-9218-87e9f21b418b/1/O2BOwM_ulmxBmzptXwgrVjwYaL0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/3f5ea4-1868-4a0b-9218-87e9f21b418b/1/O2BOwM_ulmxBmzptXwgrVjwYaL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:d6:13:68:a8:79:71:86:e9:5c:0a:41:3a:a8:c1:2a:1e:7d:
8d:cf:fd:17:7f:c4:c3:54:cd:98:d5:f4:4c:20:d0:a4:bf:2e:
96:12:33:1e:35:72:45:eb:bb:18:53:55:f1:15:ca:16:5d:d5:
6a:63:2b:5a:d9:65:ca:8d:76:b8:ce:40:a8:54:22:bb:2f:5b:
62:52:fc:71:93:22:62:4c:6d:99:15:f3:9b:b4:91:d2:bd:cf:
15:73:8c:e3:81:a0:a6:37:c0:29:29:95:5c:21:9e:d0:d7:5b:
f2:1e:75:84:e5:ce:df:d5:e9:c5:7e:98:8f:0d:d8:98:28:f6:
47:7d:14:3a:30:83:98:a7:4a:8f:34:14:09:d8:72:4c:b8:5a:
d5:f2:bb:dd:e9:2c:24:50:91:29:21:f2:55:ed:a6:b3:58:cb:
2b:c5:ce:eb:de:57:82:b3:db:34:0b:31:35:c5:3c:d4:02:89:
2d:31:70:dc:d2:e1:f5:44:c0:ad:56:d0:1d:6c:5c:1a:bb:c8:
37:b6:10:e2:dc:38:b2:88:61:38:33:3a:b5:7a:99:50:53:ff:
e6:66:a5:72:da:05:53:5e:8c:c6:98:e9:82:1a:75:04:12:f6:
a0:9e:d5:42:58:0d:75:14:4d:8f:ca:c4:d5:47:f3:32:bb:ca:
87:ab:f1:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpmxg42TTESFsdotK2NLLxCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNjA0ZWMwY2ZlZTk2NmM0MTliM2E2ZDVmMDgyYjU2M2Mx
ODY4YmQwHhcNMjUxMTA5MDQwMDQ3WhcNMjUxMTEwMDQwMDQ3WjAzMTEwLwYDVQQD
Eyg3N2I2NDBjMGExZjBlNWFjNTQyNDA4Mjc3OGYxNTFjNjA0ZjQxZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQbzEv2M9WO7/rF8OYoz/uR7EOmI
6b17YVCMWb4+jJESfk6bU1oikiAflAqLN+LCKn00t3lusPewkNMPk9iuUr3zrjeG
epNL4f8SRfbpgM8hglixeGKn083mrQcEPtTgrHaOZyRZBxwU99pMU5I9htDEGln0
sznqNYsDaMk8yNV09f3WAFV2eNkbLFDwMgisfP7NxpgtRaKOkSqt48HsE5tFZZkR
EjLkUPsx+Nkuqy7A+c4wbbt5+YHc3IqimKgn42DxGTIABeIUR6nL5CtYqtu2BNRT
14H/L884+qAum9YS+BLZ5Vde8I+GH/Ay6n+OeE0rci9Ntb6yJ0KBE9jiTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHe2QMCh8OWsVCQIJ3jxUcYE9B4sMB8GA1UdIwQY
MBaAFDtgTsDP7pZsQZs6bV8IK1Y8GGi9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzJCT3dNX3VsbXhCbXpwdFh3Z3JWandZYUwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8zZjVlYTQtMTg2OC00YTBiLTkyMTgt
ODdlOWYyMWI0MThiLzEvTzJCT3dNX3VsbXhCbXpwdFh3Z3JWandZYUwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8zZjVlYTQtMTg2OC00YTBiLTkyMTgtODdlOWYyMWI0MThi
LzEvTzJCT3dNX3VsbXhCbXpwdFh3Z3JWandZYUwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAItYTaKh5
cYbpXApBOqjBKh59jc/9F3/Ew1TNmNX0TCDQpL8ulhIzHjVyReu7GFNV8RXKFl3V
amMrWtllyo12uM5AqFQiuy9bYlL8cZMiYkxtmRXzm7SR0r3PFXOM44GgpjfAKSmV
XCGe0Ndb8h51hOXO39XpxX6Yjw3YmCj2R30UOjCDmKdKjzQUCdhyTLha1fK73eks
JFCRKSHyVe2ms1jLK8XO695XgrPbNAsxNcU81AKJLTFw3NLh9UTArVbQHWxcGrvI
N7YQ4tw4sohhODM6tXqZUFP/5malctoFU16Mxpjpghp1BBL2oJ7VQlgNdRRNj8rE
1UfzMrvKh6vxDA==
-----END CERTIFICATE-----
Generated at Sun Nov 9 10:10:37 2025 by rpki-client