Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.mft
File: OvdxDfit1ku5aI4PRYG-pn5ALGY.mft (raw, json)
Hash identifier: ETKufN9DxSgHfESD0xXJxRM5f1fAmjdj+/0PkiixQBc=
Subject key identifier: 45:15:6D:5A:BF:99:33:09:D9:72:91:85:1B:CD:9A:50:AA:8D:39:B3
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 019A1B071BD61A1E99F31B2100FFB8595021
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.mft
Manifest number: 0C2E
Signing time: Sat 25 Oct 2025 11:00:41 +0000
Manifest this update: Sat 25 Oct 2025 11:00:41 +0000
Manifest next update: Sun 26 Oct 2025 11:00:41 +0000
Files and hashes: 1: 1-5V6RXgQOXjxU3mO34q_0PmmYk4.roa (hash: UBzppXP3Ubih2qJBoeebTWZSAjaul2dwW+uHzrrKrpI=)
2: OvdxDfit1ku5aI4PRYG-pn5ALGY.crl (hash: ALOxYxth88e+vwRY/S53JQhmaJ+MW8om6EJh9biZyJ4=)
3: XSqKcr4vohHwUX7C_jwkOz3T4S8.roa (hash: S5RGDFj4AygaOQ9nMJnUMnAW4DmVGX2kAbpxmhv1Nxo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 08:33:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1b:07:1b:d6:1a:1e:99:f3:1b:21:00:ff:b8:59:50:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Oct 25 11:00:41 2025 GMT
Not After : Oct 26 11:00:41 2025 GMT
Subject: CN=45156d5abf993309d97291851bcd9a50aa8d39b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:af:15:30:60:af:0a:c9:ab:ab:be:75:6c:8a:
c2:5e:3f:bf:a7:80:2d:11:f8:eb:02:95:50:97:e8:
5b:b9:df:8a:3d:ab:9e:f9:46:1c:44:81:17:d2:da:
a8:60:15:2f:c1:21:d4:6d:18:f1:d3:33:80:cf:8a:
de:61:4a:2e:40:d4:e8:67:cc:7a:ad:f3:01:a9:18:
aa:e6:84:67:c8:bd:08:fb:de:00:17:ad:43:98:64:
ee:ca:97:9c:e5:f9:d7:11:86:94:ce:ce:53:4a:c4:
81:b6:e7:87:e0:c7:bf:0c:3b:50:7a:30:82:06:23:
cc:c9:a4:16:37:98:f2:ca:55:28:cd:88:ce:02:80:
25:58:50:9d:d2:d1:fb:08:d9:91:5b:b5:0b:ec:e9:
5f:59:d6:07:19:ee:92:2d:9d:5c:88:69:37:ab:4b:
11:5e:28:2a:1c:3b:26:1d:4e:e0:16:b2:d8:a7:f5:
51:38:47:50:83:f3:14:32:d8:3a:b9:b2:84:8c:22:
54:6f:62:1a:7f:3d:78:24:4b:a7:53:d8:8d:a2:53:
fc:1d:16:71:3b:2d:d1:8e:cc:33:6d:65:c5:39:ab:
13:a4:c1:ab:13:eb:eb:c3:21:80:e6:96:42:53:ed:
91:57:9e:72:45:8e:8d:6c:87:f3:4a:ae:a3:80:10:
d3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:15:6D:5A:BF:99:33:09:D9:72:91:85:1B:CD:9A:50:AA:8D:39:B3
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:75:89:1e:bb:c8:a8:98:8f:96:39:26:10:af:11:89:b3:d6:
26:f4:98:f7:af:71:27:26:d3:f7:1c:c7:a3:3c:36:6c:3f:19:
19:b1:a1:1f:52:fb:c9:a4:9b:3e:1b:9e:9e:55:3d:9f:ec:7a:
6c:46:df:7f:65:98:e7:37:6e:8a:ea:3a:b8:52:18:6b:ce:e3:
d9:3a:ab:48:9f:80:34:c8:1e:27:60:f2:7c:c2:f2:03:0f:23:
28:df:03:89:26:a2:43:21:56:d4:25:3d:e3:2e:39:3d:68:9e:
a1:17:48:87:b5:fb:ef:9e:b6:24:f8:97:cd:0d:57:3a:21:13:
2d:fc:da:c8:6a:54:1f:9c:f7:90:e6:09:57:74:ec:2f:2b:68:
a2:58:2e:b8:81:32:c3:29:49:0d:7c:03:32:8e:05:ee:5b:cf:
dc:9a:c8:c2:1a:33:d7:00:d2:dd:af:18:5c:03:f6:14:af:c6:
40:94:78:7a:30:33:44:47:00:e0:a5:20:af:a1:bf:ec:b8:f2:
d4:25:3a:a5:42:24:8d:83:4c:37:a4:9e:c0:01:db:a8:db:74:
34:91:53:38:cc:51:01:fd:fa:da:fa:49:d2:f4:62:65:56:84:
79:ba:bd:85:5a:d9:20:68:b2:a2:77:fc:9a:5e:3e:55:72:4a:
f3:39:ae:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZobBxvWGh6Z8xshAP+4WVAhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjUxMDI1MTEwMDQxWhcNMjUxMDI2MTEwMDQxWjAzMTEwLwYDVQQD
Eyg0NTE1NmQ1YWJmOTkzMzA5ZDk3MjkxODUxYmNkOWE1MGFhOGQzOWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr68VMGCvCsmrq751bIrCXj+/p4At
EfjrApVQl+hbud+KPaue+UYcRIEX0tqoYBUvwSHUbRjx0zOAz4reYUouQNToZ8x6
rfMBqRiq5oRnyL0I+94AF61DmGTuypec5fnXEYaUzs5TSsSBtueH4Me/DDtQejCC
BiPMyaQWN5jyylUozYjOAoAlWFCd0tH7CNmRW7UL7OlfWdYHGe6SLZ1ciGk3q0sR
XigqHDsmHU7gFrLYp/VROEdQg/MUMtg6ubKEjCJUb2Iafz14JEunU9iNolP8HRZx
Oy3RjswzbWXFOasTpMGrE+vrwyGA5pZCU+2RV55yRY6NbIfzSq6jgBDTnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEUVbVq/mTMJ2XKRhRvNmlCqjTmzMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZHWJHrvI
qJiPljkmEK8RibPWJvSY969xJybT9xzHozw2bD8ZGbGhH1L7yaSbPhuenlU9n+x6
bEbff2WY5zduiuo6uFIYa87j2TqrSJ+ANMgeJ2DyfMLyAw8jKN8DiSaiQyFW1CU9
4y45PWieoRdIh7X77562JPiXzQ1XOiETLfzayGpUH5z3kOYJV3TsLytoolguuIEy
wylJDXwDMo4F7lvP3JrIwhoz1wDS3a8YXAP2FK/GQJR4ejAzREcA4KUgr6G/7Ljy
1CU6pUIkjYNMN6SewAHbqNt0NJFTOMxRAf362vpJ0vRiZVaEebq9hVrZIGiyonf8
ml4+VXJK8zmu0w==
-----END CERTIFICATE-----
Generated at Sat Oct 25 12:37:25 2025 by rpki-client