Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
File: O8RoMnEppQF7l23I7aydG56aFMw.mft (raw, json)
Hash identifier: PlFgt0FGuBy6QVJQLwxX4nq7CRZ26zcBcmseeG5rCvg=
Subject key identifier: 1F:E3:B6:36:AD:20:78:5C:0C:0C:99:F0:A8:5A:FE:9C:EF:63:31:1F
Authority key identifier: 3B:C4:68:32:71:29:A5:01:7B:97:6D:C8:ED:AC:9D:1B:9E:9A:14:CC
Certificate issuer: /CN=3bc468327129a5017b976dc8edac9d1b9e9a14cc
Certificate serial: 019A73014E843875C3DB9D5BDB56BDFC5AD0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
Manifest number: 16AB
Signing time: Tue 11 Nov 2025 13:00:56 +0000
Manifest this update: Tue 11 Nov 2025 13:00:56 +0000
Manifest next update: Wed 12 Nov 2025 13:00:56 +0000
Files and hashes: 1: O8RoMnEppQF7l23I7aydG56aFMw.crl (hash: SDeIWKPZhmDNrYRAaNXOs5H9epQUyt3Vs3oLEY5vTHY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:4e:84:38:75:c3:db:9d:5b:db:56:bd:fc:5a:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bc468327129a5017b976dc8edac9d1b9e9a14cc
Validity
Not Before: Nov 11 13:00:56 2025 GMT
Not After : Nov 12 13:00:56 2025 GMT
Subject: CN=1fe3b636ad20785c0c0c99f0a85afe9cef63311f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:01:99:41:6f:9c:4a:8b:95:7c:9b:e1:05:98:
21:99:17:18:fa:29:f3:34:90:b1:84:9f:46:a7:70:
06:fc:2a:e5:d6:f0:2f:fe:4b:89:06:3e:0e:d0:69:
1c:1a:57:10:04:25:13:eb:36:9e:c7:58:fc:73:0b:
37:05:21:7e:28:f8:bf:9c:45:3c:53:3c:aa:87:02:
e5:98:18:8d:56:00:f8:53:0b:12:61:ca:2d:b7:7f:
50:c6:f8:c5:8a:c4:e3:88:ff:a7:7a:58:34:ef:41:
4a:fd:3b:e6:d2:1c:b5:c9:cc:08:a7:18:13:ab:94:
36:f8:36:b7:fd:ad:22:8d:80:4e:80:44:ff:e1:6a:
1d:8b:55:a8:db:e0:c8:02:e4:6b:97:c4:bf:e5:17:
e6:1d:df:29:43:d5:f5:02:77:7c:fe:53:83:76:ef:
6a:87:77:27:d5:ce:bd:da:0a:a7:14:cb:6a:7a:da:
a0:2a:40:d0:3f:90:84:19:04:83:66:4e:84:88:cc:
2b:1c:61:54:e4:77:79:67:5c:68:26:bc:6a:f2:4a:
6a:2e:64:35:96:c6:fd:ca:7a:49:59:e7:cf:cb:35:
bb:8a:71:fa:7b:ea:fc:47:58:2f:5d:95:59:4f:75:
7e:99:66:c3:51:9b:7e:39:2c:33:e9:df:d8:dc:4f:
52:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:E3:B6:36:AD:20:78:5C:0C:0C:99:F0:A8:5A:FE:9C:EF:63:31:1F
X509v3 Authority Key Identifier:
keyid:3B:C4:68:32:71:29:A5:01:7B:97:6D:C8:ED:AC:9D:1B:9E:9A:14:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:25:fa:ad:5a:a3:70:37:ac:fc:7d:a3:26:46:6f:c5:5b:53:
ba:73:ea:49:49:d7:4a:d4:24:8f:89:64:3b:c7:24:23:4c:64:
34:d0:35:6b:3c:c9:a7:4d:2a:f6:52:35:bc:51:4c:ad:58:74:
c5:a8:3f:e9:72:27:6c:8d:ef:3b:c1:71:66:67:68:3c:ac:57:
02:d0:97:25:e0:f7:20:bc:1b:e1:19:14:8d:ed:19:72:f2:40:
61:ed:2c:42:10:26:8d:5b:7d:48:dc:14:97:54:f4:c5:e6:11:
ca:75:11:90:bc:bd:e1:15:55:c7:88:89:7b:b1:6b:ec:24:36:
cb:1e:9a:ba:38:57:93:72:cc:f2:15:96:c7:03:1c:d8:6a:34:
9c:08:ae:7b:62:a0:ac:0e:28:50:a2:94:70:dd:d2:9a:30:48:
32:a4:d0:37:e4:89:ed:34:fe:5a:d5:79:c7:b0:f9:36:87:8c:
8c:31:04:3c:df:1d:f1:9e:68:0c:eb:08:93:f5:55:4b:36:0e:
38:a1:ac:3b:5a:2c:c4:b0:ad:a0:8a:9e:90:39:90:5d:51:e7:
36:b3:05:1f:6f:ff:c9:64:cc:7a:d2:8b:9a:76:a0:cf:f2:11:
50:57:77:3d:3f:55:c6:23:52:b7:8e:ba:20:05:11:74:c9:1b:
52:c7:20:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAU6EOHXD251b21a9/FrQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYzQ2ODMyNzEyOWE1MDE3Yjk3NmRjOGVkYWM5ZDFiOWU5
YTE0Y2MwHhcNMjUxMTExMTMwMDU2WhcNMjUxMTEyMTMwMDU2WjAzMTEwLwYDVQQD
EygxZmUzYjYzNmFkMjA3ODVjMGMwYzk5ZjBhODVhZmU5Y2VmNjMzMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAGZQW+cSouVfJvhBZghmRcY+inz
NJCxhJ9Gp3AG/Crl1vAv/kuJBj4O0GkcGlcQBCUT6zaex1j8cws3BSF+KPi/nEU8
UzyqhwLlmBiNVgD4UwsSYcott39QxvjFisTjiP+nelg070FK/Tvm0hy1ycwIpxgT
q5Q2+Da3/a0ijYBOgET/4Wodi1Wo2+DIAuRrl8S/5RfmHd8pQ9X1And8/lODdu9q
h3cn1c692gqnFMtqetqgKkDQP5CEGQSDZk6EiMwrHGFU5Hd5Z1xoJrxq8kpqLmQ1
lsb9ynpJWefPyzW7inH6e+r8R1gvXZVZT3V+mWbDUZt+OSwz6d/Y3E9SrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB/jtjatIHhcDAyZ8Kha/pzvYzEfMB8GA1UdIwQY
MBaAFDvEaDJxKaUBe5dtyO2snRuemhTMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC84ZDRjMDMtNWZjNy00MWFjLTk0ZjYt
MWYwMmM3ZTkyM2IzLzEvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC84ZDRjMDMtNWZjNy00MWFjLTk0ZjYtMWYwMmM3ZTkyM2Iz
LzEvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfCX6rVqj
cDes/H2jJkZvxVtTunPqSUnXStQkj4lkO8ckI0xkNNA1azzJp00q9lI1vFFMrVh0
xag/6XInbI3vO8FxZmdoPKxXAtCXJeD3ILwb4RkUje0ZcvJAYe0sQhAmjVt9SNwU
l1T0xeYRynURkLy94RVVx4iJe7Fr7CQ2yx6aujhXk3LM8hWWxwMc2Go0nAiue2Kg
rA4oUKKUcN3SmjBIMqTQN+SJ7TT+WtV5x7D5NoeMjDEEPN8d8Z5oDOsIk/VVSzYO
OKGsO1osxLCtoIqekDmQXVHnNrMFH2//yWTMetKLmnagz/IRUFd3PT9VxiNSt466
IAURdMkbUscgvQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:24:59 2025 by rpki-client