Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/19d13a-3ec6-4202-8d48-77db32647ca9/1/OCeQLuylKp8IFACI9VjkUuDslV8.mft
File: OCeQLuylKp8IFACI9VjkUuDslV8.mft (raw, json)
Hash identifier: B4rSNeDJMtJ43I9nMsI/8TlIVa7jUYAGrMV+7fP15LA=
Subject key identifier: 06:94:08:17:BC:9B:F9:EA:85:25:C9:10:71:6A:9B:A9:FB:86:84:DC
Authority key identifier: 38:27:90:2E:EC:A5:2A:9F:08:14:00:88:F5:58:E4:52:E0:EC:95:5F
Certificate issuer: /CN=3827902eeca52a9f08140088f558e452e0ec955f
Certificate serial: 019A71B8686E84065CABDC0600C28A62001C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCeQLuylKp8IFACI9VjkUuDslV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/19d13a-3ec6-4202-8d48-77db32647ca9/1/OCeQLuylKp8IFACI9VjkUuDslV8.mft
Manifest number: 01E4
Signing time: Tue 11 Nov 2025 07:01:41 +0000
Manifest this update: Tue 11 Nov 2025 07:01:41 +0000
Manifest next update: Wed 12 Nov 2025 07:01:41 +0000
Files and hashes: 1: 7nhLLpXwqJ1voHCkK-P1ueQH-PM.roa (hash: Y5wnVvyZMdqfWGL6r50VzIWMh6QnpnoTzvTu5ABQUTI=)
2: OCeQLuylKp8IFACI9VjkUuDslV8.crl (hash: A8SvkC2zD26UsMnpHyDPqVttiTIwm0WDktjKpLvPG1o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/19d13a-3ec6-4202-8d48-77db32647ca9/1/OCeQLuylKp8IFACI9VjkUuDslV8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/19d13a-3ec6-4202-8d48-77db32647ca9/1/OCeQLuylKp8IFACI9VjkUuDslV8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OCeQLuylKp8IFACI9VjkUuDslV8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:68:6e:84:06:5c:ab:dc:06:00:c2:8a:62:00:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3827902eeca52a9f08140088f558e452e0ec955f
Validity
Not Before: Nov 11 07:01:41 2025 GMT
Not After : Nov 12 07:01:41 2025 GMT
Subject: CN=06940817bc9bf9ea8525c910716a9ba9fb8684dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ec:2d:f6:7e:70:40:0d:86:1a:6d:50:95:2a:
df:cb:94:49:4d:98:22:d2:d8:f7:20:dd:84:65:18:
d7:7f:1e:83:97:f4:5f:6c:12:30:bd:db:04:ef:b3:
30:58:54:52:05:c4:d5:25:66:bb:bb:d9:e8:14:59:
12:db:90:28:14:70:b2:6d:f8:40:d1:47:56:5a:70:
d5:31:6e:dc:74:0e:68:d5:d3:48:1d:e4:9d:04:dc:
e9:16:75:57:76:3e:93:b3:04:09:4b:99:b4:cd:b5:
cd:f2:3b:d5:27:95:49:59:25:f8:78:59:cf:e3:da:
a2:6e:52:59:1d:53:86:7a:54:1b:c6:c1:83:40:d5:
5e:aa:8f:29:d4:d6:0c:cf:23:e4:d0:c2:96:b7:99:
b5:b5:df:1c:c7:ee:1d:a3:76:b6:38:ce:07:bf:10:
13:a9:a1:92:7f:ed:c8:9c:0a:e0:7b:f2:d6:eb:99:
4d:ac:23:76:f3:5c:6c:29:fe:88:d8:ef:dc:fe:9b:
76:ef:1e:7e:1e:4a:7f:ca:f8:91:06:a6:c2:d8:d7:
bc:86:41:47:25:9e:b8:9c:58:4f:21:cc:7c:7f:e7:
68:ec:e9:52:9f:44:93:e3:f9:6b:09:b0:f3:2f:76:
4f:13:99:7f:2c:56:89:33:39:79:9d:86:e4:61:6e:
eb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:94:08:17:BC:9B:F9:EA:85:25:C9:10:71:6A:9B:A9:FB:86:84:DC
X509v3 Authority Key Identifier:
keyid:38:27:90:2E:EC:A5:2A:9F:08:14:00:88:F5:58:E4:52:E0:EC:95:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCeQLuylKp8IFACI9VjkUuDslV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/19d13a-3ec6-4202-8d48-77db32647ca9/1/OCeQLuylKp8IFACI9VjkUuDslV8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/19d13a-3ec6-4202-8d48-77db32647ca9/1/OCeQLuylKp8IFACI9VjkUuDslV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
cc:10:4f:3a:60:89:e4:b2:c0:57:3e:b7:9c:4c:bc:9d:2b:1d:
84:17:4a:34:79:8c:84:3c:58:b7:f9:b7:2f:7b:5b:08:d6:5a:
56:e7:70:b1:d3:19:42:ea:0e:6e:cb:08:c2:b6:ff:11:29:66:
1b:0f:3e:0f:4a:92:38:5b:24:6c:c3:7d:0d:8b:0c:b6:b3:7f:
df:ee:68:c9:b7:56:5b:31:00:62:dd:1c:f9:76:98:bf:60:47:
f4:0f:c9:df:78:81:d5:64:e6:ec:c0:55:af:8a:b5:b1:8f:1d:
ea:4d:14:5a:58:d2:7e:6b:e7:4b:ce:e1:da:52:d0:fe:31:30:
94:fd:e0:5e:8f:73:5b:b9:fc:09:c1:f5:a4:87:d6:1f:ca:49:
21:f5:40:2f:20:cf:94:bd:d3:f8:2e:e8:df:3d:5d:02:a6:2d:
9b:b1:68:72:65:6f:89:8e:f6:10:33:98:b0:95:99:d2:41:73:
11:17:c9:af:d0:d2:45:98:7f:17:86:92:d0:03:bc:91:0d:02:
c1:85:a2:00:06:53:f8:dd:4f:22:b4:6c:ba:aa:b0:d9:38:9e:
eb:9d:f0:66:b6:c0:2b:38:13:0b:9d:14:c6:f9:10:c0:98:2c:
9e:1c:3e:1a:dc:4e:66:72:2a:b9:65:23:79:5d:73:86:02:a4:
7e:9f:8f:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuGhuhAZcq9wGAMKKYgAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Mjc5MDJlZWNhNTJhOWYwODE0MDA4OGY1NThlNDUyZTBl
Yzk1NWYwHhcNMjUxMTExMDcwMTQxWhcNMjUxMTEyMDcwMTQxWjAzMTEwLwYDVQQD
EygwNjk0MDgxN2JjOWJmOWVhODUyNWM5MTA3MTZhOWJhOWZiODY4NGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uwt9n5wQA2GGm1QlSrfy5RJTZgi
0tj3IN2EZRjXfx6Dl/RfbBIwvdsE77MwWFRSBcTVJWa7u9noFFkS25AoFHCybfhA
0UdWWnDVMW7cdA5o1dNIHeSdBNzpFnVXdj6TswQJS5m0zbXN8jvVJ5VJWSX4eFnP
49qiblJZHVOGelQbxsGDQNVeqo8p1NYMzyPk0MKWt5m1td8cx+4do3a2OM4HvxAT
qaGSf+3InArge/LW65lNrCN281xsKf6I2O/c/pt27x5+Hkp/yviRBqbC2Ne8hkFH
JZ64nFhPIcx8f+do7OlSn0ST4/lrCbDzL3ZPE5l/LFaJMzl5nYbkYW7rCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAaUCBe8m/nqhSXJEHFqm6n7hoTcMB8GA1UdIwQY
MBaAFDgnkC7spSqfCBQAiPVY5FLg7JVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NlUUx1eWxLcDhJRkFDSTlWamtVdURzbFY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8xOWQxM2EtM2VjNi00MjAyLThkNDgt
NzdkYjMyNjQ3Y2E5LzEvT0NlUUx1eWxLcDhJRkFDSTlWamtVdURzbFY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8xOWQxM2EtM2VjNi00MjAyLThkNDgtNzdkYjMyNjQ3Y2E5
LzEvT0NlUUx1eWxLcDhJRkFDSTlWamtVdURzbFY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzBBPOmCJ
5LLAVz63nEy8nSsdhBdKNHmMhDxYt/m3L3tbCNZaVudwsdMZQuoObssIwrb/ESlm
Gw8+D0qSOFskbMN9DYsMtrN/3+5oybdWWzEAYt0c+XaYv2BH9A/J33iB1WTm7MBV
r4q1sY8d6k0UWljSfmvnS87h2lLQ/jEwlP3gXo9zW7n8CcH1pIfWH8pJIfVALyDP
lL3T+C7o3z1dAqYtm7FocmVviY72EDOYsJWZ0kFzERfJr9DSRZh/F4aS0AO8kQ0C
wYWiAAZT+N1PIrRsuqqw2Tie653wZrbAKzgTC50UxvkQwJgsnhw+GtxOZnIquWUj
eV1zhgKkfp+PLg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:08:39 2025 by rpki-client