Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
File: oNMhbMzIY-ygw90YmUGxueo3ys0.mft (raw, json)
Hash identifier: 9HGS9JQ1BtzGOuF5NK3CjG/BqdrCvDJX36ZrIPimBQM=
Subject key identifier: DE:28:04:50:95:F6:0D:E3:80:B8:B4:1F:55:96:2B:41:C7:A5:10:F3
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial: 019A4DAABE9489449F1EAF9CA693E487A319
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
Manifest number: 0F5A
Signing time: Tue 04 Nov 2025 07:00:26 +0000
Manifest this update: Tue 04 Nov 2025 07:00:26 +0000
Manifest next update: Wed 05 Nov 2025 07:00:26 +0000
Files and hashes: 1: 39kht1dMkPPkyzVEUtQczwfTvnI.roa (hash: nGaIvUiJ54BR8itFDRSZZFTb/ADjvMX1q4ZciY7jeK8=)
2: YAQOG7HS14oLGl_AE__5KljKQek.roa (hash: vYFfnqVBOtNvOIxvJDmuRRaUo+YW3T+OADCuratSdoU=)
3: oNMhbMzIY-ygw90YmUGxueo3ys0.crl (hash: FA8nFC7x5gSSKSRdoltHqGLGebeTAd8nBwkjMdMHUOo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:aa:be:94:89:44:9f:1e:af:9c:a6:93:e4:87:a3:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Validity
Not Before: Nov 4 07:00:26 2025 GMT
Not After : Nov 5 07:00:26 2025 GMT
Subject: CN=de28045095f60de380b8b41f55962b41c7a510f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:32:b8:21:63:42:21:64:59:ba:0c:85:8d:88:
13:bb:31:79:13:5d:1d:44:38:7f:6a:8f:3c:e6:59:
d5:51:53:91:3c:ff:94:21:39:5b:ae:81:ea:db:0f:
90:24:57:c1:e7:e0:11:df:bd:ca:cb:4d:4d:ae:5e:
1a:34:d8:cb:87:b7:36:09:b7:d6:ac:79:17:ca:41:
92:ce:d5:9f:1c:1d:a5:98:c0:b2:5f:05:13:09:6a:
64:42:1f:97:93:cb:10:6f:4c:dd:55:03:da:18:63:
e2:3c:a9:f6:f0:38:1d:06:ee:44:08:59:ff:5d:8e:
ed:e3:6a:ee:fe:ba:2b:dd:84:b2:cb:b7:ef:3c:48:
7c:a7:ac:93:40:57:60:95:68:32:43:dd:53:30:e5:
1e:56:9e:6d:40:65:23:ce:37:05:9a:f9:33:fc:b9:
5e:2d:89:0c:fb:f9:c2:75:bd:3d:9e:d8:a2:cb:b1:
69:66:7e:6f:32:c6:16:c0:e5:a8:43:78:90:fc:3a:
c4:7f:57:ee:4f:4b:a0:a4:c9:7d:73:ab:1b:9d:d4:
f5:7b:b7:56:94:3c:a0:2b:ee:b8:2e:90:d7:5c:bc:
c8:1b:78:1c:89:f6:a6:f8:e4:c1:9f:15:18:2d:9b:
d5:c7:43:ab:a5:67:f9:35:8c:fc:89:5c:d0:fe:8a:
c2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:28:04:50:95:F6:0D:E3:80:B8:B4:1F:55:96:2B:41:C7:A5:10:F3
X509v3 Authority Key Identifier:
keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:37:ee:7f:41:37:ff:6b:44:e7:55:70:34:e2:f7:58:ea:5d:
5c:02:b6:7b:b2:19:aa:0d:2a:11:c5:ab:35:bf:31:1a:f7:26:
3d:ea:a0:48:d9:b0:88:85:c2:e0:32:f7:01:94:a9:f6:ac:f0:
94:e1:35:c7:2b:a2:1d:13:27:3f:0e:d4:dc:d1:8b:bf:34:6f:
7d:e2:97:b0:8a:e1:7b:64:0b:0d:7d:41:d4:d2:30:aa:6c:20:
89:6b:99:8a:07:16:a6:14:f5:ae:98:8f:a5:cc:c2:af:42:4b:
c0:f2:20:e2:10:9c:67:88:ca:57:57:35:89:06:94:30:86:6e:
79:eb:75:5a:3a:82:45:54:ea:11:66:25:46:19:b1:88:40:19:
d5:82:1e:56:2d:a9:c5:07:01:f9:36:1c:67:d0:98:57:6f:aa:
16:9b:01:0b:fa:b4:51:ef:b8:5e:05:3f:4e:45:b4:58:3d:3e:
8e:25:b4:79:e7:dd:17:ab:a5:85:ca:77:ae:e3:f1:4f:e2:5b:
e7:23:ff:0f:96:e5:9b:47:15:8b:8c:46:05:33:fb:69:ee:3f:
2e:53:85:70:48:24:c3:b6:01:97:4f:36:5c:cf:85:8b:f4:cc:
ce:50:f6:bd:06:7d:78:cc:67:63:07:a1:dc:90:6c:2e:d0:72:
b4:b1:b4:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqr6UiUSfHq+cppPkh6MZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjUxMTA0MDcwMDI2WhcNMjUxMTA1MDcwMDI2WjAzMTEwLwYDVQQD
EyhkZTI4MDQ1MDk1ZjYwZGUzODBiOGI0MWY1NTk2MmI0MWM3YTUxMGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjK4IWNCIWRZugyFjYgTuzF5E10d
RDh/ao885lnVUVORPP+UITlbroHq2w+QJFfB5+AR373Ky01Nrl4aNNjLh7c2CbfW
rHkXykGSztWfHB2lmMCyXwUTCWpkQh+Xk8sQb0zdVQPaGGPiPKn28DgdBu5ECFn/
XY7t42ru/ror3YSyy7fvPEh8p6yTQFdglWgyQ91TMOUeVp5tQGUjzjcFmvkz/Lle
LYkM+/nCdb09ntiiy7FpZn5vMsYWwOWoQ3iQ/DrEf1fuT0ugpMl9c6sbndT1e7dW
lDygK+64LpDXXLzIG3gcifam+OTBnxUYLZvVx0OrpWf5NYz8iVzQ/orCoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN4oBFCV9g3jgLi0H1WWK0HHpRDzMB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIjfuf0E3
/2tE51VwNOL3WOpdXAK2e7IZqg0qEcWrNb8xGvcmPeqgSNmwiIXC4DL3AZSp9qzw
lOE1xyuiHRMnPw7U3NGLvzRvfeKXsIrhe2QLDX1B1NIwqmwgiWuZigcWphT1rpiP
pczCr0JLwPIg4hCcZ4jKV1c1iQaUMIZueet1WjqCRVTqEWYlRhmxiEAZ1YIeVi2p
xQcB+TYcZ9CYV2+qFpsBC/q0Ue+4XgU/TkW0WD0+jiW0eefdF6ulhcp3ruPxT+Jb
5yP/D5blm0cVi4xGBTP7ae4/LlOFcEgkw7YBl082XM+Fi/TMzlD2vQZ9eMxnYweh
3JBsLtBytLG0Nw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 08:25:02 2025 by rpki-client