Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/0f3d8a-a430-4b27-8f95-ee178578dcb5/1/oynU0nVy71pqbb7NeS7vmM6QcW0.mft
File: oynU0nVy71pqbb7NeS7vmM6QcW0.mft (raw, json)
Hash identifier: OVy9MosLAVEEv29jW1UZSHOeIz0XfvvTg+BA1LrIoo0=
Subject key identifier: 5B:A3:CC:0B:3C:14:08:79:EE:F7:8D:1E:2D:0B:39:04:2F:63:3F:04
Authority key identifier: A3:29:D4:D2:75:72:EF:5A:6A:6D:BE:CD:79:2E:EF:98:CE:90:71:6D
Certificate issuer: /CN=a329d4d27572ef5a6a6dbecd792eef98ce90716d
Certificate serial: 019A72CA5515F0F380E6C4150609C1DFAA42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oynU0nVy71pqbb7NeS7vmM6QcW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/0f3d8a-a430-4b27-8f95-ee178578dcb5/1/oynU0nVy71pqbb7NeS7vmM6QcW0.mft
Manifest number: 1721
Signing time: Tue 11 Nov 2025 12:00:53 +0000
Manifest this update: Tue 11 Nov 2025 12:00:53 +0000
Manifest next update: Wed 12 Nov 2025 12:00:53 +0000
Files and hashes: 1: blse6v5EH2fVrElwGZmlrK99XJk.roa (hash: otAVsYT9s6hCs6g9uAr3ovy061yRH8/KdKxwyyD5qvk=)
2: oynU0nVy71pqbb7NeS7vmM6QcW0.crl (hash: yKi/NCijxn6BFTo9C7/YH+GXAp39C4pwQ/3Ylw/WUCM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/0f3d8a-a430-4b27-8f95-ee178578dcb5/1/oynU0nVy71pqbb7NeS7vmM6QcW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/0f3d8a-a430-4b27-8f95-ee178578dcb5/1/oynU0nVy71pqbb7NeS7vmM6QcW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oynU0nVy71pqbb7NeS7vmM6QcW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:55:15:f0:f3:80:e6:c4:15:06:09:c1:df:aa:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a329d4d27572ef5a6a6dbecd792eef98ce90716d
Validity
Not Before: Nov 11 12:00:53 2025 GMT
Not After : Nov 12 12:00:53 2025 GMT
Subject: CN=5ba3cc0b3c140879eef78d1e2d0b39042f633f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8c:94:96:3e:09:07:9d:53:54:10:12:86:0c:
ae:db:41:20:13:4a:93:5b:0f:6b:7c:61:75:29:ed:
47:79:9d:32:53:83:99:ed:90:6b:50:22:48:7b:20:
c4:e3:bf:da:ad:34:95:10:5f:29:65:6f:24:c3:7a:
91:12:9a:7f:24:c1:a6:cf:b1:c6:95:72:14:50:48:
b1:59:74:3e:35:68:46:43:13:30:6c:d9:ba:04:fe:
81:ac:43:51:72:80:51:46:1e:7e:ee:69:83:d9:c4:
20:d4:47:5d:c5:20:8f:9f:06:5b:5f:b8:fa:b0:5f:
dd:94:4d:c5:67:a6:66:1b:ef:a4:e0:f2:bd:25:7c:
13:cb:76:4c:74:4c:5d:c9:29:79:d7:72:ee:ec:cf:
0a:f9:b5:5e:96:df:2b:5b:f6:2d:d1:69:91:00:eb:
8e:d7:c9:60:f3:87:ba:00:99:e0:ed:12:6c:25:0a:
49:80:f7:77:45:ac:98:6b:a0:36:21:1c:b8:80:c8:
d1:f9:77:b4:1d:0d:4c:2c:07:3b:64:f9:0b:60:7e:
db:62:75:a9:1d:f5:92:54:15:0d:6c:12:54:6e:ac:
b9:d3:42:d1:35:5e:19:78:3b:3f:19:c5:a6:5e:16:
01:dc:c0:7d:46:d1:2e:41:3a:9d:5e:88:c1:1a:e0:
e6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:A3:CC:0B:3C:14:08:79:EE:F7:8D:1E:2D:0B:39:04:2F:63:3F:04
X509v3 Authority Key Identifier:
keyid:A3:29:D4:D2:75:72:EF:5A:6A:6D:BE:CD:79:2E:EF:98:CE:90:71:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oynU0nVy71pqbb7NeS7vmM6QcW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0f3d8a-a430-4b27-8f95-ee178578dcb5/1/oynU0nVy71pqbb7NeS7vmM6QcW0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0f3d8a-a430-4b27-8f95-ee178578dcb5/1/oynU0nVy71pqbb7NeS7vmM6QcW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:57:96:2c:d1:bc:29:4d:a2:4d:d3:ba:9e:fd:fd:e2:39:5a:
95:c2:91:45:f0:e6:dd:da:5a:a8:f1:db:28:0e:1d:75:e9:c0:
7a:e7:0a:89:7f:04:be:23:d6:53:bd:7d:28:93:25:87:1d:7d:
23:a4:86:37:1d:e0:a6:18:1a:36:bc:91:27:26:2d:df:39:d1:
3f:27:3f:02:ec:cb:92:e3:4e:88:c0:4b:f6:93:8f:eb:d6:09:
6c:06:3b:da:70:c8:2b:8a:68:d6:85:34:c7:58:f4:8f:b9:8d:
9f:5c:1d:98:98:98:5b:b9:38:b5:af:ea:15:75:c6:5b:d5:7d:
95:93:af:d8:83:58:f4:db:1c:66:d1:63:f0:66:1b:88:5f:66:
57:2f:35:41:e2:72:21:a8:27:02:02:7a:d6:e2:9b:53:d9:57:
63:39:68:28:3a:c8:8c:4d:15:58:e6:fc:9e:4c:3d:e8:3a:aa:
7f:56:78:06:63:4c:56:bd:aa:72:52:f0:53:62:e8:9d:c5:2e:
1f:34:97:59:21:d4:c0:4c:40:ca:f7:98:24:b4:0c:4f:e1:c0:
92:b3:b0:14:e4:f8:a4:65:d8:ca:62:39:df:fb:42:dd:55:7c:
a1:88:23:5b:73:a6:f7:01:2d:0a:8d:85:5f:6a:00:03:29:6f:
47:c6:da:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyylUV8POA5sQVBgnB36pCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjlkNGQyNzU3MmVmNWE2YTZkYmVjZDc5MmVlZjk4Y2U5
MDcxNmQwHhcNMjUxMTExMTIwMDUzWhcNMjUxMTEyMTIwMDUzWjAzMTEwLwYDVQQD
Eyg1YmEzY2MwYjNjMTQwODc5ZWVmNzhkMWUyZDBiMzkwNDJmNjMzZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4yUlj4JB51TVBAShgyu20EgE0qT
Ww9rfGF1Ke1HeZ0yU4OZ7ZBrUCJIeyDE47/arTSVEF8pZW8kw3qREpp/JMGmz7HG
lXIUUEixWXQ+NWhGQxMwbNm6BP6BrENRcoBRRh5+7mmD2cQg1EddxSCPnwZbX7j6
sF/dlE3FZ6ZmG++k4PK9JXwTy3ZMdExdySl513Lu7M8K+bVelt8rW/Yt0WmRAOuO
18lg84e6AJng7RJsJQpJgPd3RayYa6A2IRy4gMjR+Xe0HQ1MLAc7ZPkLYH7bYnWp
HfWSVBUNbBJUbqy500LRNV4ZeDs/GcWmXhYB3MB9RtEuQTqdXojBGuDmHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFujzAs8FAh57veNHi0LOQQvYz8EMB8GA1UdIwQY
MBaAFKMp1NJ1cu9aam2+zXku75jOkHFtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3luVTBuVnk3MXBxYmI3TmVTN3ZtTTZRY1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wZjNkOGEtYTQzMC00YjI3LThmOTUt
ZWUxNzg1NzhkY2I1LzEvb3luVTBuVnk3MXBxYmI3TmVTN3ZtTTZRY1cwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8wZjNkOGEtYTQzMC00YjI3LThmOTUtZWUxNzg1NzhkY2I1
LzEvb3luVTBuVnk3MXBxYmI3TmVTN3ZtTTZRY1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo1eWLNG8
KU2iTdO6nv394jlalcKRRfDm3dpaqPHbKA4ddenAeucKiX8EviPWU719KJMlhx19
I6SGNx3gphgaNryRJyYt3znRPyc/AuzLkuNOiMBL9pOP69YJbAY72nDIK4po1oU0
x1j0j7mNn1wdmJiYW7k4ta/qFXXGW9V9lZOv2INY9NscZtFj8GYbiF9mVy81QeJy
IagnAgJ61uKbU9lXYzloKDrIjE0VWOb8nkw96Dqqf1Z4BmNMVr2qclLwU2LoncUu
HzSXWSHUwExAyveYJLQMT+HAkrOwFOT4pGXYymI53/tC3VV8oYgjW3Om9wEtCo2F
X2oAAylvR8baPg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:17:37 2025 by rpki-client