Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.mft
File: OXbmqwhMnu7ehuKva95yFSdLlac.mft (raw, json)
Hash identifier: CZx98RUlPhATCty1k47pdzTYcHwGo/iK38NKVSIm7Eo=
Subject key identifier: D0:9E:DD:1C:CC:C8:20:51:81:F9:D6:A5:8A:48:C6:A4:F0:D6:0A:C2
Authority key identifier: 39:76:E6:AB:08:4C:9E:EE:DE:86:E2:AF:6B:DE:72:15:27:4B:95:A7
Certificate issuer: /CN=3976e6ab084c9eeede86e2af6bde7215274b95a7
Certificate serial: 019A71B7A66AAB319D603DA20DA69D601F31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXbmqwhMnu7ehuKva95yFSdLlac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 07:00:52 +0000
Manifest this update: Tue 11 Nov 2025 07:00:52 +0000
Manifest next update: Wed 12 Nov 2025 07:00:52 +0000
Files and hashes: 1: OXbmqwhMnu7ehuKva95yFSdLlac.crl (hash: Y4LzAWzGrNUKJPX8EiPjC0ksSbZuFV9F5Te/tyO0Y74=)
2: bS8D5tTeBAXDkMQSy-j-MAcdPro.roa (hash: R+yA1y5Nb8S44doc/dttKyd8pVatx4WMIyAI41rpB+c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.mft
rsync://rpki.ripe.net/repository/DEFAULT/OXbmqwhMnu7ehuKva95yFSdLlac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:a6:6a:ab:31:9d:60:3d:a2:0d:a6:9d:60:1f:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3976e6ab084c9eeede86e2af6bde7215274b95a7
Validity
Not Before: Nov 11 07:00:52 2025 GMT
Not After : Nov 12 07:00:52 2025 GMT
Subject: CN=d09edd1cccc8205181f9d6a58a48c6a4f0d60ac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e7:2c:ff:f0:d0:b0:25:8a:aa:32:a5:6e:61:
65:5f:74:d9:1b:a6:49:74:d2:34:1b:dd:e9:dd:e8:
26:d2:4b:1e:58:ac:bb:86:57:5a:83:dc:5b:cb:a9:
fa:bb:6b:38:0a:42:aa:7c:03:eb:ce:67:1b:b7:e7:
6d:04:e2:1f:0b:d3:53:61:c9:52:e6:fe:3d:eb:fe:
84:df:b6:7f:17:2d:f0:62:27:bb:ee:0b:70:c3:39:
bb:d7:11:de:bd:f4:e0:6b:50:bc:27:05:f5:0d:83:
d3:c0:c7:ed:8d:56:4d:bf:ea:4b:ac:f2:d1:e8:36:
77:42:12:c3:f6:01:38:92:01:6e:e1:59:a1:7d:e4:
52:ab:34:4e:b3:92:f2:57:06:33:a3:e0:bc:1e:c5:
74:b1:b8:6a:46:c6:44:0f:29:2e:d1:a2:ad:97:83:
3f:de:a6:f2:06:fe:12:04:fd:57:60:18:d7:98:f0:
4c:d9:7a:b8:cd:5c:4f:61:d9:1c:d8:33:37:53:9f:
b8:1f:7b:93:15:52:7c:4d:33:b1:12:0e:6e:22:85:
8d:f1:76:08:23:c2:15:d1:cf:52:79:c8:38:59:b8:
c3:48:d8:cb:ed:9b:81:68:a3:4e:62:41:7c:b0:09:
cf:f0:a5:36:86:8d:39:c0:c3:db:5b:16:4f:09:b3:
28:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:9E:DD:1C:CC:C8:20:51:81:F9:D6:A5:8A:48:C6:A4:F0:D6:0A:C2
X509v3 Authority Key Identifier:
keyid:39:76:E6:AB:08:4C:9E:EE:DE:86:E2:AF:6B:DE:72:15:27:4B:95:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXbmqwhMnu7ehuKva95yFSdLlac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:3c:56:95:9c:98:fc:45:a5:e2:24:44:f5:9d:15:3c:0b:cb:
17:81:84:62:a9:62:50:2b:d0:0b:95:cf:f1:db:af:da:44:dc:
54:b2:eb:8d:92:34:90:1c:e3:57:68:90:41:a8:58:33:4b:c7:
c7:e5:42:3c:71:42:61:62:1a:09:7d:65:93:7d:40:6b:3e:f6:
c2:bb:38:17:c6:ac:59:c7:2b:a5:d7:ae:ab:18:d5:34:01:82:
1f:10:ce:db:d2:e8:ef:ea:fa:76:06:55:b7:d1:70:46:d9:8f:
3f:d1:a6:8a:25:b0:30:f9:c6:c9:3a:71:98:f3:dc:30:0b:73:
89:51:0a:0e:4f:86:5a:dd:c3:30:38:54:1d:b3:82:a1:e8:18:
37:3d:a6:3a:07:bb:80:f0:cb:ce:75:6e:59:f4:b8:7c:43:6f:
3f:46:c9:f8:3b:4e:56:cb:f0:bd:1d:65:70:52:3b:42:7a:5b:
cf:97:8b:cc:d5:04:dc:5b:94:c9:06:2a:d3:02:34:3a:a1:f5:
be:07:89:64:08:40:62:d8:fb:38:1d:8e:27:51:ce:b8:55:b6:
ac:bb:0b:27:6b:95:5e:64:7e:68:c8:ba:b5:70:50:c3:4c:e6:
a8:b6:e9:83:60:5a:9b:b4:b2:b5:23:4d:10:9a:e9:d7:6e:02:
00:e1:96:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt6ZqqzGdYD2iDaadYB8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzZlNmFiMDg0YzllZWVkZTg2ZTJhZjZiZGU3MjE1Mjc0
Yjk1YTcwHhcNMjUxMTExMDcwMDUyWhcNMjUxMTEyMDcwMDUyWjAzMTEwLwYDVQQD
EyhkMDllZGQxY2NjYzgyMDUxODFmOWQ2YTU4YTQ4YzZhNGYwZDYwYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyucs//DQsCWKqjKlbmFlX3TZG6ZJ
dNI0G93p3egm0kseWKy7hldag9xby6n6u2s4CkKqfAPrzmcbt+dtBOIfC9NTYclS
5v496/6E37Z/Fy3wYie77gtwwzm71xHevfTga1C8JwX1DYPTwMftjVZNv+pLrPLR
6DZ3QhLD9gE4kgFu4VmhfeRSqzROs5LyVwYzo+C8HsV0sbhqRsZEDyku0aKtl4M/
3qbyBv4SBP1XYBjXmPBM2Xq4zVxPYdkc2DM3U5+4H3uTFVJ8TTOxEg5uIoWN8XYI
I8IV0c9Secg4WbjDSNjL7ZuBaKNOYkF8sAnP8KU2ho05wMPbWxZPCbMorQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNCe3RzMyCBRgfnWpYpIxqTw1grCMB8GA1UdIwQY
MBaAFDl25qsITJ7u3obir2vechUnS5WnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hibXF3aE1udTdlaHVLdmE5NXlGU2RMbGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC83MDI5Y2MtZDMzMS00NjA2LTg4OWMt
ZDY2Njc0Y2ZhNDI0LzEvT1hibXF3aE1udTdlaHVLdmE5NXlGU2RMbGFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC83MDI5Y2MtZDMzMS00NjA2LTg4OWMtZDY2Njc0Y2ZhNDI0
LzEvT1hibXF3aE1udTdlaHVLdmE5NXlGU2RMbGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIDxWlZyY
/EWl4iRE9Z0VPAvLF4GEYqliUCvQC5XP8duv2kTcVLLrjZI0kBzjV2iQQahYM0vH
x+VCPHFCYWIaCX1lk31Aaz72wrs4F8asWccrpdeuqxjVNAGCHxDO29Lo7+r6dgZV
t9FwRtmPP9GmiiWwMPnGyTpxmPPcMAtziVEKDk+GWt3DMDhUHbOCoegYNz2mOge7
gPDLznVuWfS4fENvP0bJ+DtOVsvwvR1lcFI7Qnpbz5eLzNUE3FuUyQYq0wI0OqH1
vgeJZAhAYtj7OB2OJ1HOuFW2rLsLJ2uVXmR+aMi6tXBQw0zmqLbpg2Bam7SytSNN
EJrp124CAOGWog==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:20:24 2025 by rpki-client