Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft
File: oNki4v4kvSzaeToqrcEzYlAM2bE.mft (raw, json)
Hash identifier: /asriXnkG2Wd6qgPQB473auuqFlCzcyWisB+hDRr2Ec=
Subject key identifier: 5E:BF:EC:DA:16:99:BB:6C:70:1A:15:A2:23:64:51:A2:22:42:61:CE
Authority key identifier: A0:D9:22:E2:FE:24:BD:2C:DA:79:3A:2A:AD:C1:33:62:50:0C:D9:B1
Certificate issuer: /CN=a0d922e2fe24bd2cda793a2aadc13362500cd9b1
Certificate serial: 019A725C8480D883F2F535B2504BE43EDF50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNki4v4kvSzaeToqrcEzYlAM2bE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft
Manifest number: 0D22
Signing time: Tue 11 Nov 2025 10:00:57 +0000
Manifest this update: Tue 11 Nov 2025 10:00:57 +0000
Manifest next update: Wed 12 Nov 2025 10:00:57 +0000
Files and hashes: 1: QU8GopeOlHwkTprCT-S3aTgX93c.roa (hash: wdEn+nBxYgSylw1Zt9va3XXWns8S/pGLaLLxEZ/5irY=)
2: oNki4v4kvSzaeToqrcEzYlAM2bE.crl (hash: fVMpLaLOb0ZsGIi08PLXrmB/EcjRQthriq3+TMMdoQM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNki4v4kvSzaeToqrcEzYlAM2bE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:84:80:d8:83:f2:f5:35:b2:50:4b:e4:3e:df:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d922e2fe24bd2cda793a2aadc13362500cd9b1
Validity
Not Before: Nov 11 10:00:57 2025 GMT
Not After : Nov 12 10:00:57 2025 GMT
Subject: CN=5ebfecda1699bb6c701a15a2236451a2224261ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0e:2f:b9:9c:0e:4a:0c:4d:88:46:53:5c:d5:
18:3d:a4:f1:4e:23:ef:3f:e4:dc:a2:58:bd:ef:bd:
c3:8c:d1:22:07:cb:8c:95:9d:6b:84:0f:09:ae:8e:
d9:66:01:35:8c:08:14:4a:97:c5:66:dd:af:5f:aa:
56:46:6a:2b:0a:24:51:16:16:12:3d:68:b6:24:a4:
b1:25:59:f9:ea:ea:0b:c3:e4:4a:8f:0b:57:ee:84:
6d:5b:fa:72:72:d0:e3:2b:fc:44:ba:37:3a:8a:55:
57:1f:96:39:b2:74:14:e5:bb:1c:c3:83:90:04:78:
77:55:c2:ea:20:b2:93:ca:e2:94:1b:a0:8c:cd:47:
09:07:da:c1:55:fa:5d:c3:7d:56:11:77:56:9d:74:
d6:e0:b4:44:f9:53:58:e0:50:3c:7a:3a:b5:e1:13:
76:09:00:84:24:56:37:f3:03:5e:48:c4:3c:29:cc:
0e:bf:1b:8f:ac:da:6a:ca:7d:be:4a:d1:b0:78:c8:
79:73:85:16:81:8b:4b:4a:e0:47:95:a5:c9:2c:2a:
ab:f8:12:82:31:48:58:f0:fb:ce:e6:62:4a:e9:a0:
f9:e4:3a:cd:eb:f2:1c:e3:b4:a7:ce:2f:44:b8:29:
80:25:22:46:df:f6:f1:b5:cc:c6:be:6c:ea:10:69:
07:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:BF:EC:DA:16:99:BB:6C:70:1A:15:A2:23:64:51:A2:22:42:61:CE
X509v3 Authority Key Identifier:
keyid:A0:D9:22:E2:FE:24:BD:2C:DA:79:3A:2A:AD:C1:33:62:50:0C:D9:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNki4v4kvSzaeToqrcEzYlAM2bE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
74:30:48:b5:0d:52:36:57:db:c1:37:a0:58:14:0c:43:42:83:
00:8a:80:d7:7e:87:a5:16:44:ae:61:32:af:32:7c:53:34:5b:
1b:3b:4b:d8:85:49:1e:35:b8:4f:ee:81:85:52:1d:d5:8f:47:
d1:3b:b8:8c:5e:5e:7b:0a:bc:73:c9:82:d6:da:f1:1b:6f:e5:
b9:2c:55:67:5f:c7:bf:70:89:ad:4a:d7:da:b1:e7:c7:f2:48:
3c:aa:62:0e:8a:52:2e:16:01:f3:29:00:26:8e:3f:3b:dd:53:
aa:f0:cd:a5:83:18:8e:20:50:fb:1e:af:7c:58:cb:4e:de:34:
6e:6e:06:ad:dc:fe:c4:b8:e6:ff:09:99:73:d0:36:b0:ac:45:
5f:24:bc:b8:26:7d:36:41:61:18:68:da:73:bb:ae:8d:40:3d:
42:a7:34:34:51:bf:ba:c2:fa:c7:59:53:db:6d:5c:34:b3:4d:
c6:fb:35:59:b5:13:2d:ff:be:8e:9a:6d:02:bd:7e:9d:6c:e5:
b5:de:07:ce:1a:1b:d6:b1:6a:59:3f:21:05:5d:86:b5:d8:05:
83:bc:81:5e:62:06:2a:8c:24:fe:de:d6:d1:c5:41:ff:c3:f8:
2d:6f:0a:da:ff:66:d7:79:df:b5:78:b4:81:0e:60:2c:4b:44:
4c:a0:da:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXISA2IPy9TWyUEvkPt9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDkyMmUyZmUyNGJkMmNkYTc5M2EyYWFkYzEzMzYyNTAw
Y2Q5YjEwHhcNMjUxMTExMTAwMDU3WhcNMjUxMTEyMTAwMDU3WjAzMTEwLwYDVQQD
Eyg1ZWJmZWNkYTE2OTliYjZjNzAxYTE1YTIyMzY0NTFhMjIyNDI2MWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw4vuZwOSgxNiEZTXNUYPaTxTiPv
P+Tcoli9773DjNEiB8uMlZ1rhA8Jro7ZZgE1jAgUSpfFZt2vX6pWRmorCiRRFhYS
PWi2JKSxJVn56uoLw+RKjwtX7oRtW/pyctDjK/xEujc6ilVXH5Y5snQU5bscw4OQ
BHh3VcLqILKTyuKUG6CMzUcJB9rBVfpdw31WEXdWnXTW4LRE+VNY4FA8ejq14RN2
CQCEJFY38wNeSMQ8KcwOvxuPrNpqyn2+StGweMh5c4UWgYtLSuBHlaXJLCqr+BKC
MUhY8PvO5mJK6aD55DrN6/Ic47Snzi9EuCmAJSJG3/bxtczGvmzqEGkH1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF6/7NoWmbtscBoVoiNkUaIiQmHOMB8GA1UdIwQY
MBaAFKDZIuL+JL0s2nk6Kq3BM2JQDNmxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05raTR2NGt2U3phZVRvcXJjRXpZbEFNMmJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9kNGZjNGMtNDgxNS00ZTU2LWJmNzMt
NGE2YWNlMjZiOTcyLzEvb05raTR2NGt2U3phZVRvcXJjRXpZbEFNMmJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9kNGZjNGMtNDgxNS00ZTU2LWJmNzMtNGE2YWNlMjZiOTcy
LzEvb05raTR2NGt2U3phZVRvcXJjRXpZbEFNMmJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdDBItQ1S
NlfbwTegWBQMQ0KDAIqA136HpRZErmEyrzJ8UzRbGztL2IVJHjW4T+6BhVId1Y9H
0Tu4jF5eewq8c8mC1trxG2/luSxVZ1/Hv3CJrUrX2rHnx/JIPKpiDopSLhYB8ykA
Jo4/O91TqvDNpYMYjiBQ+x6vfFjLTt40bm4Grdz+xLjm/wmZc9A2sKxFXyS8uCZ9
NkFhGGjac7uujUA9Qqc0NFG/usL6x1lT221cNLNNxvs1WbUTLf++jpptAr1+nWzl
td4Hzhob1rFqWT8hBV2GtdgFg7yBXmIGKowk/t7W0cVB/8P4LW8K2v9m13nftXi0
gQ5gLEtETKDaEw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:38:23 2025 by rpki-client