Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft
File: 2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft (raw, json)
Hash identifier: ohPoMNn1Fc2qivcxpOXB3r1icg1gKDfpyF0N4BtIO0M=
Subject key identifier: E9:7D:19:F5:D2:CA:A8:7E:AB:97:D0:3C:95:0E:EA:5E:1A:F0:08:3E
Authority key identifier: DA:73:A3:9A:0E:04:5D:DF:AE:F5:02:F1:FD:91:C6:CC:16:50:94:59
Certificate issuer: /CN=da73a39a0e045ddfaef502f1fd91c6cc16509459
Certificate serial: 019A711368FE555D986CC92CED34730AAA85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft
Manifest number: 0EAE
Signing time: Tue 11 Nov 2025 04:01:28 +0000
Manifest this update: Tue 11 Nov 2025 04:01:28 +0000
Manifest next update: Wed 12 Nov 2025 04:01:28 +0000
Files and hashes: 1: 2nOjmg4EXd-u9QLx_ZHGzBZQlFk.crl (hash: 22gYMwu1RTITwewtKkjIG8dxpIphEuF+MpScwAEMVV4=)
2: nEst59VNXuZ4VJfEimqfkDoIWMw.roa (hash: MVYyTOwc+4oCrDyXY6sI17JYzQycO6fjKklmhjG1KnA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:68:fe:55:5d:98:6c:c9:2c:ed:34:73:0a:aa:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da73a39a0e045ddfaef502f1fd91c6cc16509459
Validity
Not Before: Nov 11 04:01:28 2025 GMT
Not After : Nov 12 04:01:28 2025 GMT
Subject: CN=e97d19f5d2caa87eab97d03c950eea5e1af0083e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f1:51:3b:fb:39:6a:72:e2:77:67:60:92:ef:
2b:65:40:ca:dc:43:f6:54:4d:91:42:03:b1:91:d0:
2c:8e:9c:89:03:78:98:5e:96:92:d0:fc:87:6c:46:
63:05:81:fc:3d:b4:98:78:8b:ea:72:48:91:a4:a4:
19:fe:c7:f3:d9:bb:9a:69:9a:ab:c0:77:df:01:1f:
73:f9:d2:5c:f1:4c:b9:21:10:cd:5a:84:35:52:84:
ce:56:3d:2a:83:ce:19:3b:60:34:39:c2:bb:f4:1a:
7b:07:b7:45:2a:71:13:2d:7c:98:c2:41:91:c4:d2:
11:14:8f:61:48:7e:7a:53:a9:ce:f3:4b:66:be:83:
82:9f:41:90:be:89:ef:7b:13:50:97:6d:7d:2e:ad:
45:51:46:2c:d5:a5:cc:21:0a:b1:9e:77:78:5d:d1:
44:79:6c:a3:b3:f6:de:7d:46:da:e7:51:3e:f4:34:
a7:fe:8a:d1:47:35:f2:66:2a:5d:44:a2:86:5e:fc:
f4:c1:49:cd:8d:8a:58:b4:af:ca:f2:fc:c8:cd:b2:
11:a5:ac:5e:4e:41:59:67:21:c1:79:77:6a:29:c8:
ad:68:85:9f:8c:30:d8:eb:78:0d:37:59:04:00:5d:
48:a5:29:53:2f:0a:91:de:e3:0a:7d:f9:6b:3e:11:
44:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:7D:19:F5:D2:CA:A8:7E:AB:97:D0:3C:95:0E:EA:5E:1A:F0:08:3E
X509v3 Authority Key Identifier:
keyid:DA:73:A3:9A:0E:04:5D:DF:AE:F5:02:F1:FD:91:C6:CC:16:50:94:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:bf:31:95:a2:04:1a:99:87:9a:a7:20:8f:21:ff:d7:a7:18:
2e:39:66:07:07:d9:62:a4:1e:dc:35:3c:cd:56:e1:62:4e:bf:
08:a8:0f:b3:ae:4b:ee:68:db:02:0c:a6:a0:55:52:2e:52:24:
f4:14:dc:03:59:00:43:62:5d:14:77:ee:eb:ff:00:a8:89:00:
1b:fa:e5:3e:5d:9a:dd:4d:09:01:0d:ff:59:ec:7c:dd:4f:69:
27:59:88:f3:ee:19:d1:16:39:e8:ac:99:68:cd:13:c8:b0:8a:
ff:c1:2c:29:ef:9e:d9:66:c0:48:6e:b2:07:5a:47:c9:df:63:
32:e4:48:24:fe:7a:f1:70:e4:82:e5:19:a7:b4:a5:39:26:aa:
d6:4e:57:52:9f:cf:01:bf:5c:4f:5b:a2:1f:85:88:a8:77:1d:
e9:2f:d6:5f:79:e4:15:12:5a:30:4d:ef:5d:23:90:e3:66:0f:
f3:ca:58:d2:08:49:62:ab:0d:b3:96:fd:4f:c8:1d:e1:80:ef:
91:77:01:3c:94:bb:77:c7:70:55:60:ce:13:a3:a6:56:0f:f6:
35:7e:5a:a3:b0:1a:e9:d0:8b:72:a8:41:6d:6f:87:4b:06:69:
34:8f:a8:4d:3a:e0:2e:80:7f:79:af:8f:70:da:19:11:12:0d:
9e:f1:ca:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE2j+VV2YbMks7TRzCqqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzNhMzlhMGUwNDVkZGZhZWY1MDJmMWZkOTFjNmNjMTY1
MDk0NTkwHhcNMjUxMTExMDQwMTI4WhcNMjUxMTEyMDQwMTI4WjAzMTEwLwYDVQQD
EyhlOTdkMTlmNWQyY2FhODdlYWI5N2QwM2M5NTBlZWE1ZTFhZjAwODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/FRO/s5anLid2dgku8rZUDK3EP2
VE2RQgOxkdAsjpyJA3iYXpaS0PyHbEZjBYH8PbSYeIvqckiRpKQZ/sfz2buaaZqr
wHffAR9z+dJc8Uy5IRDNWoQ1UoTOVj0qg84ZO2A0OcK79Bp7B7dFKnETLXyYwkGR
xNIRFI9hSH56U6nO80tmvoOCn0GQvonvexNQl219Lq1FUUYs1aXMIQqxnnd4XdFE
eWyjs/befUba51E+9DSn/orRRzXyZipdRKKGXvz0wUnNjYpYtK/K8vzIzbIRpaxe
TkFZZyHBeXdqKcitaIWfjDDY63gNN1kEAF1IpSlTLwqR3uMKfflrPhFEiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOl9GfXSyqh+q5fQPJUO6l4a8Ag+MB8GA1UdIwQY
MBaAFNpzo5oOBF3frvUC8f2RxswWUJRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5Pam1nNEVYZC11OVFMeF9aSEd6QlpRbEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8xNzM3ZmMtYjIyMS00ZmYwLWJmYTct
NWQ2NzRjYWRkZDZmLzEvMm5Pam1nNEVYZC11OVFMeF9aSEd6QlpRbEZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8xNzM3ZmMtYjIyMS00ZmYwLWJmYTctNWQ2NzRjYWRkZDZm
LzEvMm5Pam1nNEVYZC11OVFMeF9aSEd6QlpRbEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaL8xlaIE
GpmHmqcgjyH/16cYLjlmBwfZYqQe3DU8zVbhYk6/CKgPs65L7mjbAgymoFVSLlIk
9BTcA1kAQ2JdFHfu6/8AqIkAG/rlPl2a3U0JAQ3/Wex83U9pJ1mI8+4Z0RY56KyZ
aM0TyLCK/8EsKe+e2WbASG6yB1pHyd9jMuRIJP568XDkguUZp7SlOSaq1k5XUp/P
Ab9cT1uiH4WIqHcd6S/WX3nkFRJaME3vXSOQ42YP88pY0ghJYqsNs5b9T8gd4YDv
kXcBPJS7d8dwVWDOE6OmVg/2NX5ao7Aa6dCLcqhBbW+HSwZpNI+oTTrgLoB/ea+P
cNoZERINnvHKJA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:26:49 2025 by rpki-client