Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/41fda9-9702-458d-982f-8d11257d4af6/1/OGq5cL-2lHWX6XzvuRbsdqDFaFg.mft
File: OGq5cL-2lHWX6XzvuRbsdqDFaFg.mft (raw, json)
Hash identifier: BcWPm3uj7utws7BR5LRANJpPmKwc3O0FOaK9eJzXTIM=
Subject key identifier: 5D:84:8D:B6:69:10:8A:7E:8B:62:EB:94:94:56:F3:19:47:64:AD:27
Authority key identifier: 38:6A:B9:70:BF:B6:94:75:97:E9:7C:EF:B9:16:EC:76:A0:C5:68:58
Certificate issuer: /CN=386ab970bfb6947597e97cefb916ec76a0c56858
Certificate serial: 019A70DC53B7C6F8A7D839C3D30E13E31173
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OGq5cL-2lHWX6XzvuRbsdqDFaFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/41fda9-9702-458d-982f-8d11257d4af6/1/OGq5cL-2lHWX6XzvuRbsdqDFaFg.mft
Manifest number: 1721
Signing time: Tue 11 Nov 2025 03:01:18 +0000
Manifest this update: Tue 11 Nov 2025 03:01:18 +0000
Manifest next update: Wed 12 Nov 2025 03:01:18 +0000
Files and hashes: 1: I01Lo7qwhvaLI2U54ucZ10pkExs.roa (hash: mTrGRc4f1Skt/0lHfZ3XZbVEvrQ9mBUuWZXJpIXORz4=)
2: OGq5cL-2lHWX6XzvuRbsdqDFaFg.crl (hash: jxfD6Fl15GN8xDBDokp0B3LjBKU0adjxzXMtunREjpw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/41fda9-9702-458d-982f-8d11257d4af6/1/OGq5cL-2lHWX6XzvuRbsdqDFaFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/41fda9-9702-458d-982f-8d11257d4af6/1/OGq5cL-2lHWX6XzvuRbsdqDFaFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/OGq5cL-2lHWX6XzvuRbsdqDFaFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:53:b7:c6:f8:a7:d8:39:c3:d3:0e:13:e3:11:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=386ab970bfb6947597e97cefb916ec76a0c56858
Validity
Not Before: Nov 11 03:01:18 2025 GMT
Not After : Nov 12 03:01:18 2025 GMT
Subject: CN=5d848db669108a7e8b62eb949456f3194764ad27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fd:45:90:47:02:9b:13:c8:5b:af:97:97:d4:
41:a3:43:1e:e2:e7:bc:ef:da:12:e5:70:5f:c2:b3:
4d:88:cd:94:f2:84:9a:fc:bb:b9:30:62:cb:ed:8c:
c1:51:a7:bc:7b:97:91:f3:8e:45:05:be:da:0e:99:
7e:f1:76:bd:0d:63:51:9f:e3:19:42:aa:d7:af:86:
0d:17:e7:7b:c6:60:7f:b5:21:a1:69:ec:b8:6d:a9:
41:fe:1d:fb:e6:92:ad:87:69:4e:dd:b8:7c:98:4f:
d1:ad:23:8c:57:48:9f:e9:c9:52:51:5a:6b:4a:13:
89:7b:ce:25:6a:5f:82:89:7a:47:74:00:19:40:8c:
bc:08:2c:c0:4d:8b:c8:74:9e:fa:97:09:bf:9e:a1:
3d:fb:63:33:5d:50:30:15:40:bc:4b:56:e2:47:d1:
55:d1:8e:30:6e:5c:d0:97:1f:f6:3c:57:6e:b4:56:
d0:f5:fc:27:18:d9:3a:75:77:74:e9:89:db:87:dc:
d6:96:2b:35:d5:3c:f3:7f:90:d7:42:9b:65:a5:04:
0b:b7:21:7a:11:f2:46:9a:93:0f:c5:4a:11:dc:01:
5b:52:49:46:dd:ef:f4:30:66:dc:26:cb:2f:d4:5d:
9c:66:61:bf:a8:33:b7:43:ff:ff:de:61:13:64:d6:
1f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:84:8D:B6:69:10:8A:7E:8B:62:EB:94:94:56:F3:19:47:64:AD:27
X509v3 Authority Key Identifier:
keyid:38:6A:B9:70:BF:B6:94:75:97:E9:7C:EF:B9:16:EC:76:A0:C5:68:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGq5cL-2lHWX6XzvuRbsdqDFaFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/41fda9-9702-458d-982f-8d11257d4af6/1/OGq5cL-2lHWX6XzvuRbsdqDFaFg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/41fda9-9702-458d-982f-8d11257d4af6/1/OGq5cL-2lHWX6XzvuRbsdqDFaFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
de:37:6c:aa:80:f7:bc:e2:0b:64:40:0e:33:c2:cc:7c:e0:b2:
43:45:0c:0a:3d:b0:1a:ff:61:77:c7:06:9c:91:a5:c4:5c:45:
f8:19:ab:2c:ec:84:43:3b:f6:29:17:00:ce:0a:76:39:97:39:
be:eb:88:ac:30:c3:2e:f1:70:2c:d8:ec:85:ec:f7:88:29:1d:
c2:e1:ee:26:62:85:ba:5f:c7:44:cb:72:4c:e1:bf:d2:1a:48:
69:fd:ee:aa:52:ae:a4:cb:ad:96:7f:00:32:d1:ce:b1:eb:f4:
42:18:fe:86:1e:04:b5:14:9b:15:84:0d:7e:28:49:36:7c:e6:
9e:95:81:a2:24:66:c4:8c:4b:42:4c:4a:af:e0:ff:84:c7:6a:
b1:85:2a:53:57:d1:44:e2:28:ee:ef:5f:56:93:9d:07:6a:03:
3d:64:ea:7b:f8:3f:a7:05:03:ce:e4:12:c4:86:43:6c:23:28:
7d:58:4c:98:d0:01:df:a7:40:fe:3d:dd:39:84:07:57:9c:f0:
6c:25:08:fb:ed:52:27:36:7a:ae:ad:bc:72:fd:7f:24:b3:f9:
d5:8d:9b:69:bf:d8:d4:6d:5d:5a:36:5a:cc:fd:80:a0:ce:96:
00:37:1e:35:4b:20:5e:ff:c6:0f:7e:4e:32:1d:8c:8f:69:ea:
4f:62:4a:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3FO3xvin2DnD0w4T4xFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NmFiOTcwYmZiNjk0NzU5N2U5N2NlZmI5MTZlYzc2YTBj
NTY4NTgwHhcNMjUxMTExMDMwMTE4WhcNMjUxMTEyMDMwMTE4WjAzMTEwLwYDVQQD
Eyg1ZDg0OGRiNjY5MTA4YTdlOGI2MmViOTQ5NDU2ZjMxOTQ3NjRhZDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/1FkEcCmxPIW6+Xl9RBo0Me4ue8
79oS5XBfwrNNiM2U8oSa/Lu5MGLL7YzBUae8e5eR845FBb7aDpl+8Xa9DWNRn+MZ
QqrXr4YNF+d7xmB/tSGhaey4balB/h375pKth2lO3bh8mE/RrSOMV0if6clSUVpr
ShOJe84lal+CiXpHdAAZQIy8CCzATYvIdJ76lwm/nqE9+2MzXVAwFUC8S1biR9FV
0Y4wblzQlx/2PFdutFbQ9fwnGNk6dXd06Ynbh9zWlis11Tzzf5DXQptlpQQLtyF6
EfJGmpMPxUoR3AFbUklG3e/0MGbcJssv1F2cZmG/qDO3Q///3mETZNYfhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2EjbZpEIp+i2LrlJRW8xlHZK0nMB8GA1UdIwQY
MBaAFDhquXC/tpR1l+l877kW7HagxWhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0dxNWNMLTJsSFdYNlh6dnVSYnNkcURGYUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC80MWZkYTktOTcwMi00NThkLTk4MmYt
OGQxMTI1N2Q0YWY2LzEvT0dxNWNMLTJsSFdYNlh6dnVSYnNkcURGYUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC80MWZkYTktOTcwMi00NThkLTk4MmYtOGQxMTI1N2Q0YWY2
LzEvT0dxNWNMLTJsSFdYNlh6dnVSYnNkcURGYUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3jdsqoD3
vOILZEAOM8LMfOCyQ0UMCj2wGv9hd8cGnJGlxFxF+BmrLOyEQzv2KRcAzgp2OZc5
vuuIrDDDLvFwLNjshez3iCkdwuHuJmKFul/HRMtyTOG/0hpIaf3uqlKupMutln8A
MtHOsev0Qhj+hh4EtRSbFYQNfihJNnzmnpWBoiRmxIxLQkxKr+D/hMdqsYUqU1fR
ROIo7u9fVpOdB2oDPWTqe/g/pwUDzuQSxIZDbCMofVhMmNAB36dA/j3dOYQHV5zw
bCUI++1SJzZ6rq28cv1/JLP51Y2bab/Y1G1dWjZazP2AoM6WADceNUsgXv/GD35O
Mh2Mj2nqT2JK9Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:44:29 2025 by rpki-client