Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft
File: OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft (raw, json)
Hash identifier: nGZ9lCSNgVcaUU1ARFFpB0dwwj9DFugu6mr6/8+5Hic=
Subject key identifier: C7:89:FF:5F:94:12:5F:E2:8E:65:22:88:E8:8C:34:50:F3:5A:33:72
Authority key identifier: 38:B9:12:A1:EA:B1:8E:B7:29:74:5E:89:78:13:8B:25:C4:40:77:61
Certificate issuer: /CN=38b912a1eab18eb729745e8978138b25c4407761
Certificate serial: 019A7225CBA98E9259C234CB53F57A8A9E48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLkSoeqxjrcpdF6JeBOLJcRAd2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft
Manifest number: 0E01
Signing time: Tue 11 Nov 2025 09:01:10 +0000
Manifest this update: Tue 11 Nov 2025 09:01:10 +0000
Manifest next update: Wed 12 Nov 2025 09:01:10 +0000
Files and hashes: 1: FVz1Gs3goS-mz1CP7z4LNut0fHE.roa (hash: +EzGyBevLVejen0VLkmFtejit+8sBRd5jz7yFu64Sbw=)
2: OLkSoeqxjrcpdF6JeBOLJcRAd2E.crl (hash: uCMUV2DwEBoUiDFlMSW2SZOT/YqSG87lczuOcRHJUCQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLkSoeqxjrcpdF6JeBOLJcRAd2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:cb:a9:8e:92:59:c2:34:cb:53:f5:7a:8a:9e:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b912a1eab18eb729745e8978138b25c4407761
Validity
Not Before: Nov 11 09:01:10 2025 GMT
Not After : Nov 12 09:01:10 2025 GMT
Subject: CN=c789ff5f94125fe28e652288e88c3450f35a3372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fa:19:0c:38:5c:2e:1d:80:44:46:83:ab:c2:
ae:8d:94:b1:22:7f:ef:64:57:f3:a7:98:cc:57:32:
5c:8a:a4:e3:58:67:6a:d2:70:e9:1d:70:70:da:91:
d6:09:7c:d4:51:c4:7a:f8:6d:8b:ce:47:ae:18:f5:
ac:54:e2:0f:f8:5f:7e:63:a2:d0:37:9f:3e:dc:39:
f0:1d:85:99:49:52:94:0a:5e:41:34:98:2f:0f:cd:
bd:30:34:87:31:c8:0b:a3:ba:5a:32:e0:dc:39:02:
05:08:11:22:63:df:9a:d7:eb:3a:dc:d7:41:6f:f3:
83:25:f1:c6:43:cb:2a:d0:94:86:d2:87:d3:f4:60:
05:5c:44:e3:fa:ac:7e:7f:7b:2f:8a:a7:bd:a7:40:
8d:bc:b9:47:ed:8f:48:04:d4:56:29:13:2a:a2:fc:
56:14:f1:b6:b4:3d:c3:03:13:9f:28:86:41:f4:98:
ac:42:fe:3d:ba:42:0e:48:6b:a9:c5:d2:c9:f3:94:
a0:2d:91:1e:36:85:36:f2:f3:24:f2:80:d5:da:76:
ea:0f:d2:76:48:cb:60:18:5c:f4:a4:a4:d3:f6:65:
07:5c:40:2f:26:20:95:ca:98:8c:91:37:22:4d:c5:
f5:7b:48:9a:d8:bf:24:27:4b:1d:b0:ec:66:6d:3f:
55:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:89:FF:5F:94:12:5F:E2:8E:65:22:88:E8:8C:34:50:F3:5A:33:72
X509v3 Authority Key Identifier:
keyid:38:B9:12:A1:EA:B1:8E:B7:29:74:5E:89:78:13:8B:25:C4:40:77:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLkSoeqxjrcpdF6JeBOLJcRAd2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:b9:50:cd:af:ea:67:58:30:af:1c:c5:b0:41:ef:11:3e:c0:
1e:a3:35:cc:5b:44:f0:0f:cd:9f:53:e4:84:4f:35:d1:1d:74:
41:29:d5:a5:ff:b7:fb:bf:5e:5b:9a:17:51:37:fc:9d:59:41:
74:95:9a:a9:a0:37:5f:8d:d6:0a:39:e5:da:de:24:ff:82:97:
f5:ba:61:67:54:3c:d1:3b:1c:03:bb:c4:cc:eb:c1:7b:20:7e:
51:1b:47:26:34:fe:7c:b8:dc:d4:79:5e:af:f5:24:c6:cb:0a:
74:97:b1:e9:bb:a9:4c:2b:3e:17:f8:18:aa:db:db:4f:58:70:
48:05:19:5e:94:c9:33:a9:48:1e:ab:bd:88:b3:ba:76:f8:81:
9f:64:ac:50:39:2e:a2:68:0c:38:6b:40:38:76:f1:9a:46:11:
96:ca:cb:f6:92:23:45:0d:ab:f3:6e:dc:90:b7:17:78:7b:97:
7b:25:8f:c1:70:ad:cd:bc:d1:e6:7c:eb:e4:8f:fd:09:e5:3d:
86:18:45:96:2e:10:55:9e:45:27:f0:cb:98:8f:9b:01:04:20:
40:f9:2a:d2:d6:5a:62:90:5a:a3:a6:bb:cb:34:5d:63:4b:8b:
74:69:18:73:60:80:47:43:9e:dd:36:c5:3c:39:3e:54:5e:8e:
c4:d5:f5:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJcupjpJZwjTLU/V6ip5IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjkxMmExZWFiMThlYjcyOTc0NWU4OTc4MTM4YjI1YzQ0
MDc3NjEwHhcNMjUxMTExMDkwMTEwWhcNMjUxMTEyMDkwMTEwWjAzMTEwLwYDVQQD
EyhjNzg5ZmY1Zjk0MTI1ZmUyOGU2NTIyODhlODhjMzQ1MGYzNWEzMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvoZDDhcLh2AREaDq8KujZSxIn/v
ZFfzp5jMVzJciqTjWGdq0nDpHXBw2pHWCXzUUcR6+G2LzkeuGPWsVOIP+F9+Y6LQ
N58+3DnwHYWZSVKUCl5BNJgvD829MDSHMcgLo7paMuDcOQIFCBEiY9+a1+s63NdB
b/ODJfHGQ8sq0JSG0ofT9GAFXETj+qx+f3sviqe9p0CNvLlH7Y9IBNRWKRMqovxW
FPG2tD3DAxOfKIZB9JisQv49ukIOSGupxdLJ85SgLZEeNoU28vMk8oDV2nbqD9J2
SMtgGFz0pKTT9mUHXEAvJiCVypiMkTciTcX1e0ia2L8kJ0sdsOxmbT9VPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMeJ/1+UEl/ijmUiiOiMNFDzWjNyMB8GA1UdIwQY
MBaAFDi5EqHqsY63KXReiXgTiyXEQHdhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xrU29lcXhqcmNwZEY2SmVCT0xKY1JBZDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8zZmFlOTYtNGFhZS00NTQ0LWJlZjIt
YzFkNTIxMTY2YmVjLzEvT0xrU29lcXhqcmNwZEY2SmVCT0xKY1JBZDJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8zZmFlOTYtNGFhZS00NTQ0LWJlZjItYzFkNTIxMTY2YmVj
LzEvT0xrU29lcXhqcmNwZEY2SmVCT0xKY1JBZDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT7lQza/q
Z1gwrxzFsEHvET7AHqM1zFtE8A/Nn1PkhE810R10QSnVpf+3+79eW5oXUTf8nVlB
dJWaqaA3X43WCjnl2t4k/4KX9bphZ1Q80TscA7vEzOvBeyB+URtHJjT+fLjc1Hle
r/UkxssKdJex6bupTCs+F/gYqtvbT1hwSAUZXpTJM6lIHqu9iLO6dviBn2SsUDku
omgMOGtAOHbxmkYRlsrL9pIjRQ2r827ckLcXeHuXeyWPwXCtzbzR5nzr5I/9CeU9
hhhFli4QVZ5FJ/DLmI+bAQQgQPkq0tZaYpBao6a7yzRdY0uLdGkYc2CAR0Oe3TbF
PDk+VF6OxNX1lg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:18:31 2025 by rpki-client