Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/b57892-cd3d-4f06-91f7-55387bfb5e66/1/dotOLq79y-wVupnop6IcieSyzL0.mft
File: dotOLq79y-wVupnop6IcieSyzL0.mft (raw, json)
Hash identifier: usUn7rvbdk/U75rwgS/U+qXxn4zj83KJBtl9NAfIFFU=
Subject key identifier: 9B:40:34:F3:01:5E:18:7D:1F:F9:E1:2F:8A:F7:51:58:13:D3:5F:10
Authority key identifier: 76:8B:4E:2E:AE:FD:CB:EC:15:BA:99:E8:A7:A2:1C:89:E4:B2:CC:BD
Certificate issuer: /CN=768b4e2eaefdcbec15ba99e8a7a21c89e4b2ccbd
Certificate serial: 019A71B7F8EC6DE55117684D019FF9D07E09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dotOLq79y-wVupnop6IcieSyzL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/b57892-cd3d-4f06-91f7-55387bfb5e66/1/dotOLq79y-wVupnop6IcieSyzL0.mft
Manifest number: 028A
Signing time: Tue 11 Nov 2025 07:01:13 +0000
Manifest this update: Tue 11 Nov 2025 07:01:13 +0000
Manifest next update: Wed 12 Nov 2025 07:01:13 +0000
Files and hashes: 1: 2d_NXZtW0ODYRMQ4wdJe7FkxoW0.roa (hash: PhAe9DgdWLVDbJJiZelbxMyByKXlfBNEMtHqWSG1jZ8=)
2: dotOLq79y-wVupnop6IcieSyzL0.crl (hash: sEfQu82y2fiRDzXp0F4Mh75yzJjJtI+t6zEjlSZRZlA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/b57892-cd3d-4f06-91f7-55387bfb5e66/1/dotOLq79y-wVupnop6IcieSyzL0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/b57892-cd3d-4f06-91f7-55387bfb5e66/1/dotOLq79y-wVupnop6IcieSyzL0.mft
rsync://rpki.ripe.net/repository/DEFAULT/dotOLq79y-wVupnop6IcieSyzL0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:f8:ec:6d:e5:51:17:68:4d:01:9f:f9:d0:7e:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=768b4e2eaefdcbec15ba99e8a7a21c89e4b2ccbd
Validity
Not Before: Nov 11 07:01:13 2025 GMT
Not After : Nov 12 07:01:13 2025 GMT
Subject: CN=9b4034f3015e187d1ff9e12f8af7515813d35f10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0e:3b:c9:83:e2:f2:84:3c:e9:40:b2:5b:13:
26:a0:6a:92:39:af:89:2e:73:4b:3d:61:61:1b:6c:
7f:2e:b7:ff:5b:dc:78:55:29:1d:e3:21:d0:48:4a:
8f:1b:23:96:c5:e5:e1:f6:68:30:23:0f:29:37:4b:
de:84:1b:f3:e5:a2:d0:92:39:52:a4:a1:2c:c6:f5:
c8:8b:60:aa:96:cb:1a:b0:33:03:04:a7:c0:97:26:
8b:39:2b:78:80:53:4a:62:91:95:8c:a9:c5:b3:0d:
3b:09:8c:e5:63:42:be:39:4c:a8:68:f8:b8:73:ee:
b9:97:67:e0:d3:66:f8:99:7a:61:40:b3:b6:93:2d:
b0:f7:44:40:9b:81:bb:ea:65:a4:b0:98:57:16:66:
0a:25:ce:ad:89:ee:3c:0d:97:fc:d1:a2:a6:5a:9e:
5f:11:49:39:37:59:c6:89:87:ed:09:2a:29:82:a2:
c9:ec:64:75:d3:c6:41:3e:d0:e6:4d:e5:35:00:79:
09:2a:1f:7d:34:98:36:b4:5f:41:0e:a3:0b:ab:21:
42:2a:b5:b9:a1:ac:26:ce:08:7d:72:a5:e6:bb:81:
68:f8:6c:b0:b2:15:f6:c9:81:59:10:e9:31:96:55:
63:de:50:29:47:8c:83:d7:48:76:44:03:a2:01:37:
a2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:40:34:F3:01:5E:18:7D:1F:F9:E1:2F:8A:F7:51:58:13:D3:5F:10
X509v3 Authority Key Identifier:
keyid:76:8B:4E:2E:AE:FD:CB:EC:15:BA:99:E8:A7:A2:1C:89:E4:B2:CC:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dotOLq79y-wVupnop6IcieSyzL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/b57892-cd3d-4f06-91f7-55387bfb5e66/1/dotOLq79y-wVupnop6IcieSyzL0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/b57892-cd3d-4f06-91f7-55387bfb5e66/1/dotOLq79y-wVupnop6IcieSyzL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:a6:82:ee:58:f3:fc:e5:8a:a9:7b:af:dd:36:b1:94:7d:2a:
65:d9:e1:53:fa:c4:6b:27:d3:67:a9:d4:a8:ac:20:e3:79:2f:
9a:be:3c:52:5d:5c:4c:f2:80:ba:9b:b3:1d:3f:b9:b9:56:04:
d4:d5:b6:6d:36:33:93:78:31:f2:3b:a3:6c:fd:c9:2c:cf:0e:
26:9f:bb:2b:6f:99:06:99:27:89:bc:80:f9:ef:cb:12:a3:32:
ac:96:39:2f:39:dc:e7:f8:e1:2a:5a:75:f6:b7:de:89:e0:93:
67:7c:b8:5e:63:d3:29:6f:e4:e2:16:08:94:63:64:e9:6d:12:
e2:06:64:26:7a:c7:01:fb:15:59:a4:89:4d:cd:85:0c:ec:88:
91:e9:97:93:fb:db:0b:43:76:21:1d:7c:5e:b7:8c:40:cb:68:
98:d3:01:08:9d:7c:57:57:70:c5:b8:99:b7:c4:4c:8a:dc:0b:
d1:1d:68:44:2b:40:3c:e2:27:27:fb:c9:2b:1a:17:89:55:91:
e2:63:2e:54:5b:2e:54:fc:8e:41:a4:9a:25:79:18:7b:50:24:
a7:50:73:ec:bc:06:e2:39:99:56:c9:d8:7d:7a:e9:11:80:1a:
93:a0:ae:83:ec:e0:3e:99:06:74:51:a9:53:c4:72:ca:82:ad:
27:36:b8:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt/jsbeVRF2hNAZ/50H4JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2OGI0ZTJlYWVmZGNiZWMxNWJhOTllOGE3YTIxYzg5ZTRi
MmNjYmQwHhcNMjUxMTExMDcwMTEzWhcNMjUxMTEyMDcwMTEzWjAzMTEwLwYDVQQD
Eyg5YjQwMzRmMzAxNWUxODdkMWZmOWUxMmY4YWY3NTE1ODEzZDM1ZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApA47yYPi8oQ86UCyWxMmoGqSOa+J
LnNLPWFhG2x/Lrf/W9x4VSkd4yHQSEqPGyOWxeXh9mgwIw8pN0vehBvz5aLQkjlS
pKEsxvXIi2CqlssasDMDBKfAlyaLOSt4gFNKYpGVjKnFsw07CYzlY0K+OUyoaPi4
c+65l2fg02b4mXphQLO2ky2w90RAm4G76mWksJhXFmYKJc6tie48DZf80aKmWp5f
EUk5N1nGiYftCSopgqLJ7GR108ZBPtDmTeU1AHkJKh99NJg2tF9BDqMLqyFCKrW5
oawmzgh9cqXmu4Fo+GywshX2yYFZEOkxllVj3lApR4yD10h2RAOiATeitQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJtANPMBXhh9H/nhL4r3UVgT018QMB8GA1UdIwQY
MBaAFHaLTi6u/cvsFbqZ6KeiHInkssy9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG90T0xxNzl5LXdWdXBub3A2SWNpZVN5ekwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9iNTc4OTItY2QzZC00ZjA2LTkxZjct
NTUzODdiZmI1ZTY2LzEvZG90T0xxNzl5LXdWdXBub3A2SWNpZVN5ekwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9iNTc4OTItY2QzZC00ZjA2LTkxZjctNTUzODdiZmI1ZTY2
LzEvZG90T0xxNzl5LXdWdXBub3A2SWNpZVN5ekwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHqaC7ljz
/OWKqXuv3TaxlH0qZdnhU/rEayfTZ6nUqKwg43kvmr48Ul1cTPKAupuzHT+5uVYE
1NW2bTYzk3gx8jujbP3JLM8OJp+7K2+ZBpknibyA+e/LEqMyrJY5Lznc5/jhKlp1
9rfeieCTZ3y4XmPTKW/k4hYIlGNk6W0S4gZkJnrHAfsVWaSJTc2FDOyIkemXk/vb
C0N2IR18XreMQMtomNMBCJ18V1dwxbiZt8RMitwL0R1oRCtAPOInJ/vJKxoXiVWR
4mMuVFsuVPyOQaSaJXkYe1Akp1Bz7LwG4jmZVsnYfXrpEYAak6Cug+zgPpkGdFGp
U8RyyoKtJza4mg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:46:07 2025 by rpki-client