Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a0c7c-f2ca-4aa9-87c5-77f4fd53425e/1/oheIwIqkN9EWXOy9aP2xlaFd-gg.mft
File: oheIwIqkN9EWXOy9aP2xlaFd-gg.mft (raw, json)
Hash identifier: U4S19IFSPJWnIVrh13bafky3SZK1iiFgJbGQnTJDmOk=
Subject key identifier: D7:2D:20:39:0B:8F:2E:FF:2D:E6:96:11:6A:16:9A:7E:35:20:23:F5
Authority key identifier: A2:17:88:C0:8A:A4:37:D1:16:5C:EC:BD:68:FD:B1:95:A1:5D:FA:08
Certificate issuer: /CN=a21788c08aa437d1165cecbd68fdb195a15dfa08
Certificate serial: 019A71B8D95DCE2D231502BD31CA24ADB1F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oheIwIqkN9EWXOy9aP2xlaFd-gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a0c7c-f2ca-4aa9-87c5-77f4fd53425e/1/oheIwIqkN9EWXOy9aP2xlaFd-gg.mft
Manifest number: 1722
Signing time: Tue 11 Nov 2025 07:02:10 +0000
Manifest this update: Tue 11 Nov 2025 07:02:10 +0000
Manifest next update: Wed 12 Nov 2025 07:02:10 +0000
Files and hashes: 1: 3hcLMvc25IMPdhmKQEHCMZTqIjs.roa (hash: SEybTz+/cd8wiIccvdujur1jHcT09AAEthIXnDu/BtA=)
2: oheIwIqkN9EWXOy9aP2xlaFd-gg.crl (hash: +syhWkpIccfurnAUMeiu1ik1SHBw6hQEp2hsP1l9uf8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a0c7c-f2ca-4aa9-87c5-77f4fd53425e/1/oheIwIqkN9EWXOy9aP2xlaFd-gg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/7a0c7c-f2ca-4aa9-87c5-77f4fd53425e/1/oheIwIqkN9EWXOy9aP2xlaFd-gg.mft
rsync://rpki.ripe.net/repository/DEFAULT/oheIwIqkN9EWXOy9aP2xlaFd-gg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:d9:5d:ce:2d:23:15:02:bd:31:ca:24:ad:b1:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a21788c08aa437d1165cecbd68fdb195a15dfa08
Validity
Not Before: Nov 11 07:02:10 2025 GMT
Not After : Nov 12 07:02:10 2025 GMT
Subject: CN=d72d20390b8f2eff2de696116a169a7e352023f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:00:58:96:79:f1:d1:d8:5c:f0:b2:8a:54:7e:
f6:1d:c7:f7:cd:69:98:5c:ac:36:7e:25:be:49:a6:
a2:7c:cf:f4:32:a8:6e:01:fc:4a:b4:3d:1c:cd:0d:
92:cd:8b:13:8d:7b:97:c8:1c:5f:79:92:7f:39:61:
f8:87:c9:df:0e:98:36:53:b4:d5:e7:2c:e4:db:98:
41:23:78:5b:26:20:66:9d:f0:59:17:ab:df:d7:25:
3a:70:c8:ef:c3:55:b7:29:f8:49:3a:b2:2f:99:d7:
a6:28:91:4d:bd:7c:8e:dc:1f:9a:03:9b:36:38:67:
8e:1c:79:f2:74:6e:1d:cc:49:ee:33:7c:6e:cf:ef:
fb:45:8b:c5:a7:3a:e8:1e:68:7d:8c:40:3a:a3:bd:
a7:9a:c3:d5:46:db:69:a4:b0:f2:04:37:5b:61:ac:
7d:d3:b2:25:e1:01:03:74:db:28:3f:23:9a:83:02:
96:89:43:24:54:26:2c:26:d2:a6:73:a6:e9:bb:0e:
d7:35:3e:ec:81:9e:16:ed:14:a0:94:c6:88:15:61:
99:20:8f:00:8d:92:06:c0:c7:e6:73:97:b1:75:e6:
d9:bf:d9:ae:46:0f:a3:d7:49:9f:b0:fd:8c:28:56:
49:26:9c:9c:4d:58:64:62:6b:60:f5:9b:aa:63:f5:
83:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:2D:20:39:0B:8F:2E:FF:2D:E6:96:11:6A:16:9A:7E:35:20:23:F5
X509v3 Authority Key Identifier:
keyid:A2:17:88:C0:8A:A4:37:D1:16:5C:EC:BD:68:FD:B1:95:A1:5D:FA:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oheIwIqkN9EWXOy9aP2xlaFd-gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a0c7c-f2ca-4aa9-87c5-77f4fd53425e/1/oheIwIqkN9EWXOy9aP2xlaFd-gg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a0c7c-f2ca-4aa9-87c5-77f4fd53425e/1/oheIwIqkN9EWXOy9aP2xlaFd-gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:e3:f7:49:04:0d:49:99:ef:61:8a:04:a8:55:a4:2c:14:92:
57:41:e7:b4:2f:ec:f2:82:a8:d1:56:fa:63:8d:4d:43:9b:e9:
5c:a0:96:2a:b5:20:15:8d:8e:da:2f:d4:ea:30:fc:a7:b5:bd:
b3:1f:40:26:72:11:ba:1a:77:74:66:1b:9e:bb:c4:cb:eb:3d:
ec:f9:78:76:23:8d:79:5c:49:03:29:23:bd:a4:4c:f3:0f:d0:
56:dc:95:43:e9:4a:41:75:44:4b:78:e9:9b:7a:00:91:8a:34:
b2:ff:1b:2b:84:23:89:32:d4:cc:7a:25:98:47:ff:87:3a:d0:
a9:fb:89:55:ec:4c:7e:f3:09:c2:ae:e8:cf:dc:75:ad:48:ea:
85:3a:43:ff:d6:92:76:b7:cb:e9:df:5a:ad:1d:b7:4a:0e:d5:
f2:4d:18:8d:0f:6b:2b:01:30:a9:f2:5b:72:63:62:2b:24:ee:
88:7c:21:05:64:20:7b:d2:ec:9e:42:e8:8c:98:4b:ce:bd:23:
ef:fe:8c:41:4a:f3:a6:24:85:7f:20:a2:02:e0:32:57:ae:d1:
e9:7c:a8:0e:c5:4e:6e:7a:8a:b6:76:cf:75:9f:88:c3:1d:e2:
60:9e:79:49:64:8f:24:62:a9:2d:10:c7:dd:3e:92:26:3e:a7:
da:c4:37:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNldzi0jFQK9McokrbH0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMTc4OGMwOGFhNDM3ZDExNjVjZWNiZDY4ZmRiMTk1YTE1
ZGZhMDgwHhcNMjUxMTExMDcwMjEwWhcNMjUxMTEyMDcwMjEwWjAzMTEwLwYDVQQD
EyhkNzJkMjAzOTBiOGYyZWZmMmRlNjk2MTE2YTE2OWE3ZTM1MjAyM2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgBYlnnx0dhc8LKKVH72Hcf3zWmY
XKw2fiW+SaaifM/0MqhuAfxKtD0czQ2SzYsTjXuXyBxfeZJ/OWH4h8nfDpg2U7TV
5yzk25hBI3hbJiBmnfBZF6vf1yU6cMjvw1W3KfhJOrIvmdemKJFNvXyO3B+aA5s2
OGeOHHnydG4dzEnuM3xuz+/7RYvFpzroHmh9jEA6o72nmsPVRttppLDyBDdbYax9
07Il4QEDdNsoPyOagwKWiUMkVCYsJtKmc6bpuw7XNT7sgZ4W7RSglMaIFWGZII8A
jZIGwMfmc5exdebZv9muRg+j10mfsP2MKFZJJpycTVhkYmtg9ZuqY/WDPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNctIDkLjy7/LeaWEWoWmn41ICP1MB8GA1UdIwQY
MBaAFKIXiMCKpDfRFlzsvWj9sZWhXfoIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2hlSXdJcWtOOUVXWE95OWFQMnhsYUZkLWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTBjN2MtZjJjYS00YWE5LTg3YzUt
NzdmNGZkNTM0MjVlLzEvb2hlSXdJcWtOOUVXWE95OWFQMnhsYUZkLWdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTBjN2MtZjJjYS00YWE5LTg3YzUtNzdmNGZkNTM0MjVl
LzEvb2hlSXdJcWtOOUVXWE95OWFQMnhsYUZkLWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeeP3SQQN
SZnvYYoEqFWkLBSSV0HntC/s8oKo0Vb6Y41NQ5vpXKCWKrUgFY2O2i/U6jD8p7W9
sx9AJnIRuhp3dGYbnrvEy+s97Pl4diONeVxJAykjvaRM8w/QVtyVQ+lKQXVES3jp
m3oAkYo0sv8bK4QjiTLUzHolmEf/hzrQqfuJVexMfvMJwq7oz9x1rUjqhTpD/9aS
drfL6d9arR23Sg7V8k0YjQ9rKwEwqfJbcmNiKyTuiHwhBWQge9LsnkLojJhLzr0j
7/6MQUrzpiSFfyCiAuAyV67R6XyoDsVObnqKtnbPdZ+Iwx3iYJ55SWSPJGKpLRDH
3T6SJj6n2sQ3sw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:42 2025 by rpki-client