Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
File: 1OKXHl2BaclArwINsCe-2tiZFZA.mft (raw, json)
Hash identifier: 4EWFpmrZUw7ZA2iSVLvIIHJg4lfZvUBbvtFWffhrnbo=
Subject key identifier: 2E:A5:01:90:ED:99:FB:9D:F1:51:07:22:05:ED:2D:85:63:19:69:D3
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial: 019A725C3FF7263F781F7B0706C1B40FEF90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
Manifest number: 1723
Signing time: Tue 11 Nov 2025 10:00:39 +0000
Manifest this update: Tue 11 Nov 2025 10:00:39 +0000
Manifest next update: Wed 12 Nov 2025 10:00:39 +0000
Files and hashes: 1: 1OKXHl2BaclArwINsCe-2tiZFZA.crl (hash: Qb83xO64X1sD9w1/R3G1MDz4eRrwz52XY7pNABchDf4=)
2: JSqJ02JsxZMyq1FZ1Ds1WnAXfzM.roa (hash: FrjQUqzgc9bbbA26gpxWpuyB85Zjnu+GzKv9yBO8vww=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:3f:f7:26:3f:78:1f:7b:07:06:c1:b4:0f:ef:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
Validity
Not Before: Nov 11 10:00:39 2025 GMT
Not After : Nov 12 10:00:39 2025 GMT
Subject: CN=2ea50190ed99fb9df151072205ed2d85631969d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7b:9e:b6:7d:c4:ed:20:2b:41:ab:18:33:8c:
be:1a:5e:07:cb:e0:8d:fb:55:fd:67:ab:fd:2d:bf:
b4:33:48:c4:17:fe:2a:13:fb:4b:18:d3:b3:08:d7:
49:59:ec:3a:10:b2:69:43:b8:fd:c9:d9:4c:d7:68:
d5:d8:bf:cf:79:96:85:55:f8:3e:36:9d:50:d0:fa:
1a:14:d5:4d:8a:1d:6f:0b:73:08:6f:2b:13:49:55:
54:b7:d6:62:05:c3:b7:ec:4a:db:f2:c6:34:5c:58:
98:77:82:21:0d:cc:75:b6:24:39:2e:36:da:96:74:
37:5c:13:23:a5:c0:10:1a:7b:eb:19:c9:82:4d:8d:
59:fb:20:2f:10:45:df:11:34:b3:53:25:17:53:48:
4e:bf:a0:fe:98:cc:80:0b:d2:0c:8d:7e:cf:20:6a:
10:4d:a8:65:df:e8:39:64:97:5d:0e:86:c8:43:37:
f8:63:78:5b:4b:fa:f8:ec:a7:03:6b:a7:1e:60:35:
b9:7e:c5:11:f5:2c:97:02:e6:ff:35:57:58:65:8b:
2c:8b:40:18:4f:e6:03:c1:70:43:32:e9:c4:66:94:
c1:2e:2d:c0:3a:d6:8e:bd:44:c2:38:0c:eb:88:40:
c9:2f:09:b3:ca:2d:53:69:ac:e8:ce:d6:d7:94:27:
86:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:A5:01:90:ED:99:FB:9D:F1:51:07:22:05:ED:2D:85:63:19:69:D3
X509v3 Authority Key Identifier:
keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:12:f1:bd:fd:29:d8:96:f3:c7:2b:94:17:e2:38:d5:ea:4e:
b0:c9:6e:1a:d6:57:c4:ad:e9:72:c7:56:e0:e1:68:14:ee:ee:
e3:5a:76:68:f3:66:91:be:05:61:86:3f:52:a0:5c:d0:fe:54:
d8:4d:d0:25:d1:36:9a:a7:c8:77:01:88:2d:4f:cc:0e:d6:b4:
9e:7d:7d:a9:2b:d2:70:c0:b3:25:47:8f:15:bc:78:ce:5e:e1:
fa:a6:aa:52:01:6c:d0:65:c5:dc:9c:1e:46:ac:07:b8:4a:50:
68:89:df:31:36:59:d3:e7:c7:2e:49:75:38:d0:c4:1a:c5:00:
87:a9:d8:d0:bc:ff:d8:3e:cc:53:61:18:4f:c9:df:19:95:14:
6a:60:48:4d:26:92:84:a6:c5:00:28:d1:d8:9b:5c:6b:b8:02:
e8:7c:4e:e0:e0:76:91:58:a9:83:8d:6a:a2:29:ab:11:c6:0e:
35:9d:40:c1:1e:f9:06:73:0a:86:f6:18:d9:a5:82:7d:16:f0:
d1:d1:0f:e5:01:65:57:e9:47:de:5d:df:eb:5e:65:32:2b:49:
23:5f:73:55:ea:07:19:46:f5:3a:cf:62:b6:32:ef:45:d8:57:
50:f2:cf:24:03:37:c8:f5:3e:05:a5:ad:4d:2a:dd:57:1d:3a:
25:0e:f3:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXD/3Jj94H3sHBsG0D++QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5
OTE1OTAwHhcNMjUxMTExMTAwMDM5WhcNMjUxMTEyMTAwMDM5WjAzMTEwLwYDVQQD
EygyZWE1MDE5MGVkOTlmYjlkZjE1MTA3MjIwNWVkMmQ4NTYzMTk2OWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHuetn3E7SArQasYM4y+Gl4Hy+CN
+1X9Z6v9Lb+0M0jEF/4qE/tLGNOzCNdJWew6ELJpQ7j9ydlM12jV2L/PeZaFVfg+
Np1Q0PoaFNVNih1vC3MIbysTSVVUt9ZiBcO37Erb8sY0XFiYd4IhDcx1tiQ5Ljba
lnQ3XBMjpcAQGnvrGcmCTY1Z+yAvEEXfETSzUyUXU0hOv6D+mMyAC9IMjX7PIGoQ
Tahl3+g5ZJddDobIQzf4Y3hbS/r47KcDa6ceYDW5fsUR9SyXAub/NVdYZYssi0AY
T+YDwXBDMunEZpTBLi3AOtaOvUTCOAzriEDJLwmzyi1TaazoztbXlCeGHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC6lAZDtmfud8VEHIgXtLYVjGWnTMB8GA1UdIwQY
MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt
MTg5NDkwZDYwZWE2LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2
LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAghLxvf0p
2JbzxyuUF+I41epOsMluGtZXxK3pcsdW4OFoFO7u41p2aPNmkb4FYYY/UqBc0P5U
2E3QJdE2mqfIdwGILU/MDta0nn19qSvScMCzJUePFbx4zl7h+qaqUgFs0GXF3Jwe
RqwHuEpQaInfMTZZ0+fHLkl1ONDEGsUAh6nY0Lz/2D7MU2EYT8nfGZUUamBITSaS
hKbFACjR2Jtca7gC6HxO4OB2kVipg41qoimrEcYONZ1AwR75BnMKhvYY2aWCfRbw
0dEP5QFlV+lH3l3f615lMitJI19zVeoHGUb1Os9itjLvRdhXUPLPJAM3yPU+BaWt
TSrdVx06JQ7zxA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:43:04 2025 by rpki-client