Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
File: _OTzlnKb9HjmNlSYIfb2lw2JP1I.mft (raw, json)
Hash identifier: jUrR5KluF7UivDEEsurnRz2b+TyZCaxEfPWdJBQSBoU=
Subject key identifier: E7:C9:26:47:9E:15:D6:9D:B1:64:A1:89:E0:E4:5A:AD:0F:44:8A:A7
Authority key identifier: FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
Certificate issuer: /CN=fce4f396729bf478e636549821f6f6970d893f52
Certificate serial: 019A714A2869C9FB20311CA75F7F1C801A45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 05:01:16 +0000
Manifest this update: Tue 11 Nov 2025 05:01:16 +0000
Manifest next update: Wed 12 Nov 2025 05:01:16 +0000
Files and hashes: 1: _OTzlnKb9HjmNlSYIfb2lw2JP1I.crl (hash: TNB+LSxu3S7ekrJ8dAyE8MyJ6WwZrnYor4pDUndUpAg=)
2: adNqeNQUFWI4IAHxy1r153UdECA.roa (hash: xLvUeb8ak+yii4A1TZl7dHrog2mgx9j4/AxydjM8K8Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:4a:28:69:c9:fb:20:31:1c:a7:5f:7f:1c:80:1a:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fce4f396729bf478e636549821f6f6970d893f52
Validity
Not Before: Nov 11 05:01:16 2025 GMT
Not After : Nov 12 05:01:16 2025 GMT
Subject: CN=e7c926479e15d69db164a189e0e45aad0f448aa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b9:3a:86:c6:32:e6:e7:6a:62:a4:25:c4:bd:
e6:2f:b3:0b:68:5b:86:ed:5d:25:d0:a8:2a:87:f8:
ba:e6:d1:df:7a:cb:1e:6e:15:cc:ee:fa:a4:59:b4:
61:98:ed:c5:3b:1f:57:49:42:43:52:cb:f8:2c:06:
65:a6:84:b8:61:90:14:90:de:6a:09:df:5d:03:fe:
dc:39:7d:7a:0a:9b:6f:52:a2:47:19:8a:db:17:b2:
03:68:ad:05:c4:00:0f:90:87:72:07:6c:49:6b:84:
dc:98:42:7d:05:94:38:bb:2a:6c:65:86:c2:f4:d4:
ff:f2:a7:ea:e7:f0:f0:90:a2:92:ab:eb:b4:b2:28:
dd:90:17:f7:2a:04:aa:b2:f5:47:49:b3:21:a9:f1:
4d:82:90:8b:8b:dd:b1:f0:a3:5e:1c:17:be:36:a9:
ca:31:0c:de:d8:a5:68:a1:3d:cc:a6:66:a4:e8:79:
2f:d1:0b:53:19:a5:9c:ce:ac:a1:be:e9:d5:21:e6:
a6:a3:c2:5f:48:d9:ae:c9:bf:05:dd:ec:45:ba:12:
b1:ca:c7:2f:3a:f0:b6:fb:e4:06:f9:a3:20:4d:3c:
b7:4b:0e:79:c0:52:be:e2:d2:19:21:06:e5:de:30:
ef:9e:a8:88:13:67:cc:eb:81:e1:7d:18:97:fb:63:
7e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C9:26:47:9E:15:D6:9D:B1:64:A1:89:E0:E4:5A:AD:0F:44:8A:A7
X509v3 Authority Key Identifier:
keyid:FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:0a:50:44:cb:b3:23:1f:bf:4f:a9:7a:48:6f:6c:ba:c7:bd:
bc:0e:bf:ef:b4:68:17:39:a1:3a:d8:27:b9:dd:b5:73:88:31:
f1:a2:9b:e3:bc:94:24:50:0e:28:2b:04:26:01:e9:91:08:ae:
b7:0f:eb:2b:45:41:da:a3:25:ac:62:fe:4b:23:3f:54:b2:2e:
dd:27:f2:78:4b:15:85:70:4f:76:28:a5:ec:59:07:20:7c:43:
9b:ed:92:0c:f7:e4:77:53:07:f5:a7:b7:53:5a:f2:ad:92:6b:
ee:2f:67:4f:83:9a:b5:c9:fa:4a:6c:27:9d:9c:fd:44:e9:54:
7e:cc:2b:17:c2:69:bb:a3:bf:50:0d:2a:ff:6c:2b:ae:b5:aa:
2d:13:a5:c9:d4:59:c5:1c:10:02:bd:8c:a7:0b:2b:f1:f9:1e:
c4:96:2f:6e:99:bd:a5:a3:dd:47:72:1a:20:fe:49:cc:3b:4d:
eb:7c:97:3c:67:1d:32:ce:0f:35:36:3b:6f:37:0d:0d:d1:f6:
7f:b3:1d:a1:c3:0b:90:d2:58:ea:eb:26:70:62:4d:22:09:7a:
c3:30:34:15:0f:f4:92:eb:0c:b8:72:96:2d:a2:da:30:09:c9:
f8:84:a2:ba:ad:fa:d4:e5:42:42:63:ca:3b:4c:08:2f:55:2e:
8f:a4:d5:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSihpyfsgMRynX38cgBpFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZTRmMzk2NzI5YmY0NzhlNjM2NTQ5ODIxZjZmNjk3MGQ4
OTNmNTIwHhcNMjUxMTExMDUwMTE2WhcNMjUxMTEyMDUwMTE2WjAzMTEwLwYDVQQD
EyhlN2M5MjY0NzllMTVkNjlkYjE2NGExODllMGU0NWFhZDBmNDQ4YWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrk6hsYy5udqYqQlxL3mL7MLaFuG
7V0l0Kgqh/i65tHfessebhXM7vqkWbRhmO3FOx9XSUJDUsv4LAZlpoS4YZAUkN5q
Cd9dA/7cOX16CptvUqJHGYrbF7IDaK0FxAAPkIdyB2xJa4TcmEJ9BZQ4uypsZYbC
9NT/8qfq5/DwkKKSq+u0sijdkBf3KgSqsvVHSbMhqfFNgpCLi92x8KNeHBe+NqnK
MQze2KVooT3Mpmak6Hkv0QtTGaWczqyhvunVIeamo8JfSNmuyb8F3exFuhKxyscv
OvC2++QG+aMgTTy3Sw55wFK+4tIZIQbl3jDvnqiIE2fM64HhfRiX+2N+hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOfJJkeeFdadsWShieDkWq0PRIqnMB8GA1UdIwQY
MBaAFPzk85Zym/R45jZUmCH29pcNiT9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zNjI3NWUtNjc1OS00ZDUyLWIyZDEt
OGM3MGRlOWU5YjlkLzEvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zNjI3NWUtNjc1OS00ZDUyLWIyZDEtOGM3MGRlOWU5Yjlk
LzEvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjgpQRMuz
Ix+/T6l6SG9suse9vA6/77RoFzmhOtgnud21c4gx8aKb47yUJFAOKCsEJgHpkQiu
tw/rK0VB2qMlrGL+SyM/VLIu3SfyeEsVhXBPdiil7FkHIHxDm+2SDPfkd1MH9ae3
U1ryrZJr7i9nT4Oatcn6SmwnnZz9ROlUfswrF8Jpu6O/UA0q/2wrrrWqLROlydRZ
xRwQAr2Mpwsr8fkexJYvbpm9paPdR3IaIP5JzDtN63yXPGcdMs4PNTY7bzcNDdH2
f7MdocMLkNJY6usmcGJNIgl6wzA0FQ/0kusMuHKWLaLaMAnJ+ISiuq361OVCQmPK
O0wIL1Uuj6TVeA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:46:26 2025 by rpki-client