Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft
File: OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft (raw, json)
Hash identifier: Fc69mEfld8no99SyRWVl3wNiWpRepO5xYDKht++EQvs=
Subject key identifier: 8E:F6:8D:0C:9B:62:86:83:85:9A:E4:58:6F:AA:40:90:F7:12:B0:B2
Authority key identifier: 38:66:F7:38:50:05:D5:BE:61:01:72:73:88:E1:B3:27:1F:64:4D:E4
Certificate issuer: /CN=3866f7385005d5be6101727388e1b3271f644de4
Certificate serial: 019A7149B849467010319A86B80E913A0318
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OGb3OFAF1b5hAXJziOGzJx9kTeQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft
Manifest number: 0224
Signing time: Tue 11 Nov 2025 05:00:47 +0000
Manifest this update: Tue 11 Nov 2025 05:00:47 +0000
Manifest next update: Wed 12 Nov 2025 05:00:47 +0000
Files and hashes: 1: OGb3OFAF1b5hAXJziOGzJx9kTeQ.crl (hash: SMSvinDNzbZW9RefkVpCTMHk277p0a+fV32dUHCVlpg=)
2: cvTvlJFXIrx4LNBKFN32BnQowu0.roa (hash: 2SQfqAvlePWceYDa/Gr4IqsSS7uQeMq3g8yyqM6DnK8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/OGb3OFAF1b5hAXJziOGzJx9kTeQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:b8:49:46:70:10:31:9a:86:b8:0e:91:3a:03:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3866f7385005d5be6101727388e1b3271f644de4
Validity
Not Before: Nov 11 05:00:47 2025 GMT
Not After : Nov 12 05:00:47 2025 GMT
Subject: CN=8ef68d0c9b628683859ae4586faa4090f712b0b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:66:ea:4e:87:87:34:0f:b9:02:e8:aa:35:8f:
b5:fd:43:c1:e2:0e:a6:c3:56:9b:f1:41:b2:03:cf:
49:b0:2a:1d:18:98:5c:dd:d4:11:b0:2b:2e:d5:67:
15:f0:9f:78:d1:af:2a:7d:ba:50:f5:1d:d8:96:ef:
10:35:76:14:08:3d:8e:0f:fd:fc:79:f8:9b:d7:1b:
05:63:67:0e:dc:83:45:06:5f:19:cb:23:47:72:ec:
28:f1:c5:40:67:36:23:93:6f:bf:a2:2e:18:96:5a:
0f:d3:2f:02:91:51:17:e2:1e:ef:c4:3c:97:38:66:
f4:69:67:f5:c9:e9:b7:e6:7d:5b:70:c2:33:93:84:
4a:25:bc:6a:c9:b2:f0:be:73:b7:db:0a:ef:d3:bc:
9d:d2:70:89:5c:1a:fc:c0:f5:c2:71:69:ca:82:16:
cc:9b:e4:39:3e:0f:af:21:bc:68:14:71:7f:10:2b:
1d:ce:ee:d8:a0:6f:f4:9c:4c:ae:c2:c1:c7:b6:6f:
c2:f3:fe:16:72:c0:07:d5:b0:69:64:08:75:7a:63:
da:56:cf:5c:a3:7f:b0:d8:9c:dd:30:25:45:c2:7e:
4d:48:d6:00:af:1a:0f:c8:1d:af:2b:14:e6:54:cb:
70:b6:dd:48:0b:ee:af:3c:cd:84:0c:71:e5:96:13:
c7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:F6:8D:0C:9B:62:86:83:85:9A:E4:58:6F:AA:40:90:F7:12:B0:B2
X509v3 Authority Key Identifier:
keyid:38:66:F7:38:50:05:D5:BE:61:01:72:73:88:E1:B3:27:1F:64:4D:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGb3OFAF1b5hAXJziOGzJx9kTeQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:23:03:4c:54:a9:4e:dc:a8:59:38:31:9f:ae:80:d8:80:79:
b2:33:74:9e:ad:ec:4a:33:97:db:a4:f4:b8:df:eb:23:8a:2d:
7a:cf:83:c7:64:8c:95:31:57:5f:6d:32:91:51:97:28:b3:72:
1a:36:48:f6:33:96:04:6d:7a:bf:9b:f7:ac:ba:a7:53:4e:90:
c6:88:4b:19:8f:19:df:af:eb:7c:0b:9c:27:7a:dc:91:c8:59:
3c:a6:14:ca:b5:4f:dd:7b:e7:1b:13:77:23:fa:c9:b8:07:e9:
f1:77:03:6d:9b:9f:15:af:17:d7:ba:bd:e9:4d:25:eb:49:9e:
4f:18:84:b9:c6:12:a2:54:54:d4:8c:ac:e4:5b:53:76:23:07:
dd:34:db:37:b5:32:f8:e4:17:04:af:49:ea:6f:db:e6:b2:3e:
14:d4:2b:83:53:9e:78:ec:45:1f:8f:e8:f1:73:cc:f3:51:82:
40:7c:fe:46:65:30:1b:05:16:e9:2f:fe:45:a6:78:2f:61:35:
0f:5b:b5:0e:6f:f3:b9:b1:4a:86:ce:99:75:ab:ac:62:aa:28:
c6:35:06:e2:dc:db:ec:44:8e:30:d5:9a:70:af:a4:2a:1f:a9:
ff:59:b8:07:12:38:41:53:ed:51:83:75:c7:ea:cc:ad:93:21:
7f:3d:a7:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSbhJRnAQMZqGuA6ROgMYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NjZmNzM4NTAwNWQ1YmU2MTAxNzI3Mzg4ZTFiMzI3MWY2
NDRkZTQwHhcNMjUxMTExMDUwMDQ3WhcNMjUxMTEyMDUwMDQ3WjAzMTEwLwYDVQQD
Eyg4ZWY2OGQwYzliNjI4NjgzODU5YWU0NTg2ZmFhNDA5MGY3MTJiMGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmbqToeHNA+5AuiqNY+1/UPB4g6m
w1ab8UGyA89JsCodGJhc3dQRsCsu1WcV8J940a8qfbpQ9R3Ylu8QNXYUCD2OD/38
efib1xsFY2cO3INFBl8ZyyNHcuwo8cVAZzYjk2+/oi4YlloP0y8CkVEX4h7vxDyX
OGb0aWf1yem35n1bcMIzk4RKJbxqybLwvnO32wrv07yd0nCJXBr8wPXCcWnKghbM
m+Q5Pg+vIbxoFHF/ECsdzu7YoG/0nEyuwsHHtm/C8/4WcsAH1bBpZAh1emPaVs9c
o3+w2JzdMCVFwn5NSNYArxoPyB2vKxTmVMtwtt1IC+6vPM2EDHHllhPHcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI72jQybYoaDhZrkWG+qQJD3ErCyMB8GA1UdIwQY
MBaAFDhm9zhQBdW+YQFyc4jhsycfZE3kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0diM09GQUYxYjVoQVhKemlPR3pKeDlrVGVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iMDYxOTctNjhkMi00MjllLWFjZTUt
ZTAxNWJmM2YzM2Q3LzEvT0diM09GQUYxYjVoQVhKemlPR3pKeDlrVGVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iMDYxOTctNjhkMi00MjllLWFjZTUtZTAxNWJmM2YzM2Q3
LzEvT0diM09GQUYxYjVoQVhKemlPR3pKeDlrVGVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbiMDTFSp
TtyoWTgxn66A2IB5sjN0nq3sSjOX26T0uN/rI4otes+Dx2SMlTFXX20ykVGXKLNy
GjZI9jOWBG16v5v3rLqnU06QxohLGY8Z36/rfAucJ3rckchZPKYUyrVP3XvnGxN3
I/rJuAfp8XcDbZufFa8X17q96U0l60meTxiEucYSolRU1Iys5FtTdiMH3TTbN7Uy
+OQXBK9J6m/b5rI+FNQrg1OeeOxFH4/o8XPM81GCQHz+RmUwGwUW6S/+RaZ4L2E1
D1u1Dm/zubFKhs6ZdausYqooxjUG4tzb7ESOMNWacK+kKh+p/1m4BxI4QVPtUYN1
x+rMrZMhfz2nrw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:43:57 2025 by rpki-client