Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.mft
File: O_zNSgBCLIZfUJO4W7howrswxGk.mft (raw, json)
Hash identifier: rGEWeImEyztEDzg/Z9TYegdCEpIdfiKcjQZ6LFflScM=
Subject key identifier: BD:CF:69:5C:07:AA:BE:BF:B5:96:95:49:F0:FF:C6:50:C0:87:45:85
Authority key identifier: 3B:FC:CD:4A:00:42:2C:86:5F:50:93:B8:5B:B8:68:C2:BB:30:C4:69
Certificate issuer: /CN=3bfccd4a00422c865f5093b85bb868c2bb30c469
Certificate serial: 019A725C3C253E33FE66D5FCEE1BB02AFB7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_zNSgBCLIZfUJO4W7howrswxGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.mft
Manifest number: 1722
Signing time: Tue 11 Nov 2025 10:00:38 +0000
Manifest this update: Tue 11 Nov 2025 10:00:38 +0000
Manifest next update: Wed 12 Nov 2025 10:00:38 +0000
Files and hashes: 1: 3U1ZWgNoASiRwWRzOTs9a26_aSI.roa (hash: rfiPEMHu4Dy2ke39aiCtx6HNVMRJPDS81QuXHyTH8CQ=)
2: O_zNSgBCLIZfUJO4W7howrswxGk.crl (hash: m9I6Gq3CU9cSFP0yA9UiQ6x+s+Kh5QyRBlYiilFC5es=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O_zNSgBCLIZfUJO4W7howrswxGk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:3c:25:3e:33:fe:66:d5:fc:ee:1b:b0:2a:fb:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfccd4a00422c865f5093b85bb868c2bb30c469
Validity
Not Before: Nov 11 10:00:38 2025 GMT
Not After : Nov 12 10:00:38 2025 GMT
Subject: CN=bdcf695c07aabebfb5969549f0ffc650c0874585
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:50:b4:19:9f:79:05:49:67:bd:5f:80:80:a4:
a1:77:67:bf:60:eb:ec:a0:20:d4:9a:e7:f3:c0:68:
ac:8e:04:9c:47:1d:49:d2:93:d3:c6:3f:aa:32:f8:
7c:24:7e:3b:b7:ba:9d:8b:95:0b:09:e4:dc:5b:1c:
92:2d:58:b6:a2:e1:6f:2e:69:d9:0c:e0:3a:0e:88:
04:54:87:ba:4f:56:ec:6b:9f:16:ae:e5:a1:f2:64:
3f:1a:f3:a1:79:bf:ab:e2:db:e7:39:97:ea:07:14:
e1:c2:63:36:77:76:b7:21:05:ec:8f:0e:91:d0:0e:
55:3a:04:51:ea:81:2d:17:56:a2:2b:ad:b3:00:91:
de:51:87:07:9d:e5:08:26:1d:86:88:08:f7:76:7a:
5b:3d:d2:a8:08:0b:8d:27:1c:1c:78:08:55:12:20:
91:55:f7:2d:c8:b5:e9:7e:fd:03:d2:ef:c1:44:bb:
ac:a9:2e:e0:6e:aa:81:d4:98:c6:88:ef:1b:f2:46:
be:f4:75:d5:c4:e6:1a:3f:b7:ac:f2:ba:15:45:da:
50:a1:7a:92:96:70:05:66:70:70:cf:b9:64:4b:45:
06:5a:7c:3e:15:b4:ed:2d:05:aa:25:cb:ea:ea:8b:
e5:0e:06:92:9a:f6:10:d7:08:3e:08:88:24:a0:ef:
cd:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:CF:69:5C:07:AA:BE:BF:B5:96:95:49:F0:FF:C6:50:C0:87:45:85
X509v3 Authority Key Identifier:
keyid:3B:FC:CD:4A:00:42:2C:86:5F:50:93:B8:5B:B8:68:C2:BB:30:C4:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_zNSgBCLIZfUJO4W7howrswxGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d0:f0:64:7c:ee:4d:eb:6d:cc:a4:53:31:e1:06:e5:be:e6:ca:
d4:1d:06:f8:4f:51:19:0c:f6:3e:10:31:2f:ef:86:2b:1c:3a:
33:65:73:76:41:3e:58:8e:ee:3b:c1:66:22:86:3b:96:f8:a5:
d6:2f:6e:e8:a5:e1:a8:b0:d3:e1:23:8c:83:db:2d:c5:0f:67:
c1:5c:fa:ae:89:95:8d:d1:d1:da:77:e6:42:35:d4:fd:95:0f:
35:73:02:43:dc:3c:d0:c3:98:c1:47:3a:33:46:57:ed:07:2b:
99:42:e4:29:18:fa:90:28:ce:2e:41:e8:3b:3a:0c:e7:38:e1:
e9:69:ca:f5:ae:9d:a4:09:dd:a8:dd:40:cc:6c:9f:ed:bc:63:
ac:b8:e9:0e:f3:02:d1:4a:89:ed:ca:bd:3f:3a:45:74:c6:52:
11:ee:25:d8:1b:4a:fd:30:7c:6c:44:70:f5:32:8c:a7:0e:83:
8f:e2:1a:84:91:e2:b1:0d:e9:2c:04:0f:53:51:60:5b:ea:c0:
6a:2f:83:4a:84:f4:7f:60:4d:68:a2:af:31:19:1a:49:eb:37:
e1:5a:c1:8c:f4:95:20:de:95:b9:cf:f9:6d:6c:a8:70:9a:f3:
23:2e:2f:77:52:07:ac:13:83:67:c6:45:de:36:e5:e9:b8:4a:
c4:f7:36:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXDwlPjP+ZtX87huwKvt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmNjZDRhMDA0MjJjODY1ZjUwOTNiODViYjg2OGMyYmIz
MGM0NjkwHhcNMjUxMTExMTAwMDM4WhcNMjUxMTEyMTAwMDM4WjAzMTEwLwYDVQQD
EyhiZGNmNjk1YzA3YWFiZWJmYjU5Njk1NDlmMGZmYzY1MGMwODc0NTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFC0GZ95BUlnvV+AgKShd2e/YOvs
oCDUmufzwGisjgScRx1J0pPTxj+qMvh8JH47t7qdi5ULCeTcWxySLVi2ouFvLmnZ
DOA6DogEVIe6T1bsa58WruWh8mQ/GvOheb+r4tvnOZfqBxThwmM2d3a3IQXsjw6R
0A5VOgRR6oEtF1aiK62zAJHeUYcHneUIJh2GiAj3dnpbPdKoCAuNJxwceAhVEiCR
VfctyLXpfv0D0u/BRLusqS7gbqqB1JjGiO8b8ka+9HXVxOYaP7es8roVRdpQoXqS
lnAFZnBwz7lkS0UGWnw+FbTtLQWqJcvq6ovlDgaSmvYQ1wg+CIgkoO/NrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL3PaVwHqr6/tZaVSfD/xlDAh0WFMB8GA1UdIwQY
MBaAFDv8zUoAQiyGX1CTuFu4aMK7MMRpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT196TlNnQkNMSVpmVUpPNFc3aG93cnN3eEdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYTcwZjItYjdhYy00MzQ2LTlkMDgt
NjNhZTBiZmMxNjlmLzEvT196TlNnQkNMSVpmVUpPNFc3aG93cnN3eEdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iYTcwZjItYjdhYy00MzQ2LTlkMDgtNjNhZTBiZmMxNjlm
LzEvT196TlNnQkNMSVpmVUpPNFc3aG93cnN3eEdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0PBkfO5N
623MpFMx4QblvubK1B0G+E9RGQz2PhAxL++GKxw6M2VzdkE+WI7uO8FmIoY7lvil
1i9u6KXhqLDT4SOMg9stxQ9nwVz6romVjdHR2nfmQjXU/ZUPNXMCQ9w80MOYwUc6
M0ZX7QcrmULkKRj6kCjOLkHoOzoM5zjh6WnK9a6dpAndqN1AzGyf7bxjrLjpDvMC
0UqJ7cq9PzpFdMZSEe4l2BtK/TB8bERw9TKMpw6Dj+IahJHisQ3pLAQPU1FgW+rA
ai+DSoT0f2BNaKKvMRkaSes34VrBjPSVIN6Vuc/5bWyocJrzIy4vd1IHrBODZ8ZF
3jbl6bhKxPc2FQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:18:40 2025 by rpki-client