Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/e2a8f4-7065-474b-a03d-27509711e37f/1/OCvsQ90a_pemT1brhUx58WP6TuY.mft
File: OCvsQ90a_pemT1brhUx58WP6TuY.mft (raw, json)
Hash identifier: nSZsiriWbtxwp+KP1awGCHulGQ8LOWKEdZ63oNNRCFU=
Subject key identifier: 67:A3:7A:03:BD:41:4E:2B:A1:6D:76:B6:76:F3:11:0B:88:B3:06:D3
Authority key identifier: 38:2B:EC:43:DD:1A:FE:97:A6:4F:56:EB:85:4C:79:F1:63:FA:4E:E6
Certificate issuer: /CN=382bec43dd1afe97a64f56eb854c79f163fa4ee6
Certificate serial: 019A1E3EC13CB8AC76064DACBFBE8FCB8A58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCvsQ90a_pemT1brhUx58WP6TuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/e2a8f4-7065-474b-a03d-27509711e37f/1/OCvsQ90a_pemT1brhUx58WP6TuY.mft
Manifest number: 16F6
Signing time: Sun 26 Oct 2025 02:00:20 +0000
Manifest this update: Sun 26 Oct 2025 02:00:20 +0000
Manifest next update: Mon 27 Oct 2025 02:00:20 +0000
Files and hashes: 1: OCvsQ90a_pemT1brhUx58WP6TuY.crl (hash: x/O5exMIqu03/aDiCXLxT0v8bAoRJNWwM6kUQGWk3pM=)
2: ZcMWvBkTNFkQiz2yA0G8DNGlqp8.roa (hash: ElsDKcX3/AeNMZDxpF6Opg+D9XtiydscqeFlhPJCg+c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/e2a8f4-7065-474b-a03d-27509711e37f/1/OCvsQ90a_pemT1brhUx58WP6TuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/e2a8f4-7065-474b-a03d-27509711e37f/1/OCvsQ90a_pemT1brhUx58WP6TuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/OCvsQ90a_pemT1brhUx58WP6TuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1e:3e:c1:3c:b8:ac:76:06:4d:ac:bf:be:8f:cb:8a:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382bec43dd1afe97a64f56eb854c79f163fa4ee6
Validity
Not Before: Oct 26 02:00:20 2025 GMT
Not After : Oct 27 02:00:20 2025 GMT
Subject: CN=67a37a03bd414e2ba16d76b676f3110b88b306d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:5a:8d:ac:3c:21:7b:a7:7f:13:71:49:ca:9b:
63:69:7c:61:ba:b2:db:1e:e7:97:2b:b3:4f:da:12:
31:2b:c4:f1:7d:7a:8b:44:e0:44:99:b7:42:5d:38:
07:51:86:7e:13:72:ca:df:42:cd:27:4c:b5:ab:48:
df:a5:a3:e4:5e:b5:85:07:cd:7c:65:33:80:63:f5:
fe:be:f9:c7:34:b7:ab:68:26:89:fd:22:b0:dd:cd:
a9:94:9c:b1:94:b3:65:3d:12:50:88:68:f9:95:9a:
85:46:d4:cc:71:b5:9c:65:c1:b5:5f:9b:da:b8:31:
4b:00:d3:dd:8b:6d:54:38:03:f3:b1:84:8d:ab:b4:
ef:cd:c0:d8:b7:ca:74:5f:dc:b9:d7:b4:7d:93:9a:
14:d6:da:a1:90:22:30:04:85:f2:5e:94:61:4a:62:
ff:d4:93:f8:54:d0:71:f3:d8:30:39:14:95:5a:32:
ad:de:a5:a9:d3:a3:7e:e1:7e:d6:3f:e5:af:a3:aa:
17:59:f0:33:b1:0b:c4:29:44:fa:5d:25:ae:fd:20:
16:20:90:4b:8e:93:93:e6:42:f3:d0:42:49:ce:1c:
9e:6c:3b:66:af:cc:da:90:0d:5a:83:30:54:ca:f5:
2f:28:75:48:e8:30:9d:e4:ac:10:85:21:5e:f5:fe:
99:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A3:7A:03:BD:41:4E:2B:A1:6D:76:B6:76:F3:11:0B:88:B3:06:D3
X509v3 Authority Key Identifier:
keyid:38:2B:EC:43:DD:1A:FE:97:A6:4F:56:EB:85:4C:79:F1:63:FA:4E:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCvsQ90a_pemT1brhUx58WP6TuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/e2a8f4-7065-474b-a03d-27509711e37f/1/OCvsQ90a_pemT1brhUx58WP6TuY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/e2a8f4-7065-474b-a03d-27509711e37f/1/OCvsQ90a_pemT1brhUx58WP6TuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:83:47:42:41:d7:1e:cd:4b:7b:91:70:2c:f5:9b:12:61:8f:
16:05:fd:33:64:6d:5b:43:8e:38:c7:dc:73:a5:de:5e:d0:43:
50:d6:6b:22:f5:25:56:51:f8:29:88:ba:a1:14:25:c2:3e:2f:
3b:49:33:f3:02:20:66:fc:1e:8a:c6:0e:24:a6:ad:dd:66:94:
6d:62:00:00:6b:ff:5c:af:86:2d:bb:c2:f8:3f:56:91:13:43:
e4:1f:04:8d:27:9e:cd:b4:8c:41:87:fa:f0:5e:9e:97:4c:a5:
bc:7a:a1:d1:a0:8e:36:28:86:cc:46:49:36:84:b9:df:bc:22:
57:85:ee:27:9a:82:4c:8d:3c:d8:d6:c2:6a:d6:c3:cd:1f:aa:
8c:89:f8:96:da:5b:5e:de:f1:c2:fe:3a:4e:90:2c:cf:3e:93:
f7:af:7e:90:67:5f:9f:58:64:79:37:f7:58:f3:7e:7f:56:5e:
ee:74:f9:2b:8e:36:a4:1d:7b:d9:1b:40:5a:3f:57:5d:89:49:
f6:59:ab:ff:bc:d8:f5:f2:93:c4:a8:00:f3:be:2f:f6:b5:10:
b3:a4:c0:76:bd:1e:d3:0d:1b:e0:69:ee:c9:e5:90:fa:b6:0c:
fa:2f:e1:bc:19:a8:37:7d:89:fe:71:c1:3f:3a:be:67:6e:f9:
6a:df:e8:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoePsE8uKx2Bk2sv76Py4pYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmJlYzQzZGQxYWZlOTdhNjRmNTZlYjg1NGM3OWYxNjNm
YTRlZTYwHhcNMjUxMDI2MDIwMDIwWhcNMjUxMDI3MDIwMDIwWjAzMTEwLwYDVQQD
Eyg2N2EzN2EwM2JkNDE0ZTJiYTE2ZDc2YjY3NmYzMTEwYjg4YjMwNmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA81qNrDwhe6d/E3FJyptjaXxhurLb
HueXK7NP2hIxK8TxfXqLROBEmbdCXTgHUYZ+E3LK30LNJ0y1q0jfpaPkXrWFB818
ZTOAY/X+vvnHNLeraCaJ/SKw3c2plJyxlLNlPRJQiGj5lZqFRtTMcbWcZcG1X5va
uDFLANPdi21UOAPzsYSNq7TvzcDYt8p0X9y517R9k5oU1tqhkCIwBIXyXpRhSmL/
1JP4VNBx89gwORSVWjKt3qWp06N+4X7WP+Wvo6oXWfAzsQvEKUT6XSWu/SAWIJBL
jpOT5kLz0EJJzhyebDtmr8zakA1agzBUyvUvKHVI6DCd5KwQhSFe9f6ZcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGejegO9QU4roW12tnbzEQuIswbTMB8GA1UdIwQY
MBaAFDgr7EPdGv6Xpk9W64VMefFj+k7mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0N2c1E5MGFfcGVtVDFicmhVeDU4V1A2VHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9lMmE4ZjQtNzA2NS00NzRiLWEwM2Qt
Mjc1MDk3MTFlMzdmLzEvT0N2c1E5MGFfcGVtVDFicmhVeDU4V1A2VHVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9lMmE4ZjQtNzA2NS00NzRiLWEwM2QtMjc1MDk3MTFlMzdm
LzEvT0N2c1E5MGFfcGVtVDFicmhVeDU4V1A2VHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY4NHQkHX
Hs1Le5FwLPWbEmGPFgX9M2RtW0OOOMfcc6XeXtBDUNZrIvUlVlH4KYi6oRQlwj4v
O0kz8wIgZvweisYOJKat3WaUbWIAAGv/XK+GLbvC+D9WkRND5B8EjSeezbSMQYf6
8F6el0ylvHqh0aCONiiGzEZJNoS537wiV4XuJ5qCTI082NbCatbDzR+qjIn4ltpb
Xt7xwv46TpAszz6T969+kGdfn1hkeTf3WPN+f1Ze7nT5K442pB172RtAWj9XXYlJ
9lmr/7zY9fKTxKgA874v9rUQs6TAdr0e0w0b4GnuyeWQ+rYM+i/hvBmoN32J/nHB
Pzq+Z275at/o3Q==
-----END CERTIFICATE-----
Generated at Sun Oct 26 10:52:39 2025 by rpki-client