Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
File: OCrZBtcZpmqFoxPRBSlAAstlf3s.mft (raw, json)
Hash identifier: HZkqefYHPCqJUobukwT7XXTX62ZLvld5Uq2EPjy/LXY=
Subject key identifier: 99:3E:5E:80:EA:70:E6:A1:AD:71:97:E9:77:A0:0A:FD:D0:B4:3A:F3
Authority key identifier: 38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B
Certificate issuer: /CN=382ad906d719a66a85a313d105294002cb657f7b
Certificate serial: 019A70A4E9A0186E645D892968927AB01B06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
Manifest number: 02FF
Signing time: Tue 11 Nov 2025 02:00:47 +0000
Manifest this update: Tue 11 Nov 2025 02:00:47 +0000
Manifest next update: Wed 12 Nov 2025 02:00:47 +0000
Files and hashes: 1: OCrZBtcZpmqFoxPRBSlAAstlf3s.crl (hash: IIfDgOk7Szook5KO/YR22AP3Fh/iYvvseRO7jvr1gEo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a4:e9:a0:18:6e:64:5d:89:29:68:92:7a:b0:1b:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382ad906d719a66a85a313d105294002cb657f7b
Validity
Not Before: Nov 11 02:00:47 2025 GMT
Not After : Nov 12 02:00:47 2025 GMT
Subject: CN=993e5e80ea70e6a1ad7197e977a00afdd0b43af3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ec:53:87:6b:be:06:9b:3a:42:78:97:a5:76:
62:3b:37:88:1c:2c:94:87:38:36:46:f8:62:48:8e:
cc:68:d0:3e:c2:5b:1d:44:78:b6:f2:d4:c0:49:03:
4f:67:85:12:fd:65:51:dc:8d:49:ed:10:0f:7d:55:
e4:3f:3d:c6:fa:55:eb:58:14:e0:aa:91:bc:07:72:
7c:7f:39:8e:df:ac:e6:de:0b:c0:fa:32:59:bf:62:
e6:c2:67:af:c5:0d:a6:35:c7:2b:5d:27:e9:43:ea:
56:1d:67:ac:6b:93:98:92:ca:2d:ed:d3:91:4f:79:
f3:43:c8:86:2b:bd:24:46:99:d9:15:6e:91:31:cc:
10:43:d7:1e:e5:9b:d6:83:3e:ea:bc:dc:7c:a5:67:
c8:e4:60:46:e9:65:85:32:cc:fa:d7:d6:50:78:a3:
0a:e6:9a:2a:b4:cb:de:e1:e0:a2:df:db:d0:86:de:
9a:34:ce:ea:bd:98:9c:0b:f9:23:8b:40:34:3d:32:
a2:69:f9:52:13:b0:0f:5a:4c:f4:92:e4:52:aa:df:
de:1e:3e:4e:80:1f:42:48:55:a1:8d:97:df:e7:29:
df:12:cc:4b:49:2c:ea:f3:ef:2a:62:32:ba:00:bb:
7d:87:88:2a:a7:c5:9c:fb:fa:c7:5c:c8:92:69:19:
30:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:3E:5E:80:EA:70:E6:A1:AD:71:97:E9:77:A0:0A:FD:D0:B4:3A:F3
X509v3 Authority Key Identifier:
keyid:38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:c7:a7:9a:0b:a3:ec:76:36:ab:48:6a:71:42:1b:79:ff:2f:
fe:2c:d0:6c:6c:97:dd:a7:60:97:c2:43:6c:cf:57:01:79:13:
78:b6:26:98:4d:54:dd:5a:f2:a4:fc:26:0d:7b:bc:6a:c9:0f:
33:4b:09:d0:95:cc:a3:f7:1c:ba:d6:56:30:ad:cf:c4:7a:b3:
c3:29:ae:30:1c:e5:fb:de:5c:ce:de:04:c2:97:3a:e0:fb:fa:
21:90:e0:be:de:37:7c:f2:8b:3d:c6:b4:d7:ae:3f:cf:49:6c:
47:8f:e7:ad:c4:35:87:f4:47:bc:1d:f9:30:04:df:56:e6:82:
20:ec:43:d8:3a:b6:4c:49:e7:3d:ca:f7:b1:87:e4:a3:7c:a0:
da:d0:fe:bd:8e:93:7b:0e:ab:7e:21:4a:24:97:cf:9d:2b:69:
8d:3f:09:35:ec:11:80:2b:b0:d7:48:72:7c:9f:93:e8:a1:e6:
ed:9f:e3:46:0f:36:0f:ab:18:8c:0d:8f:2e:79:3c:85:4f:f1:
b6:e6:c0:98:43:ed:43:7a:e8:01:08:a3:bd:0c:20:98:3e:4f:
17:3e:c5:50:ec:2d:39:83:d1:98:ba:0b:af:90:5e:d2:cb:81:
61:d3:83:10:9f:96:94:23:1d:76:ed:dd:d3:6b:c7:4a:2d:bf:
9c:c9:b3:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpOmgGG5kXYkpaJJ6sBsGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmFkOTA2ZDcxOWE2NmE4NWEzMTNkMTA1Mjk0MDAyY2I2
NTdmN2IwHhcNMjUxMTExMDIwMDQ3WhcNMjUxMTEyMDIwMDQ3WjAzMTEwLwYDVQQD
Eyg5OTNlNWU4MGVhNzBlNmExYWQ3MTk3ZTk3N2EwMGFmZGQwYjQzYWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOxTh2u+Bps6QniXpXZiOzeIHCyU
hzg2RvhiSI7MaNA+wlsdRHi28tTASQNPZ4US/WVR3I1J7RAPfVXkPz3G+lXrWBTg
qpG8B3J8fzmO36zm3gvA+jJZv2LmwmevxQ2mNccrXSfpQ+pWHWesa5OYksot7dOR
T3nzQ8iGK70kRpnZFW6RMcwQQ9ce5ZvWgz7qvNx8pWfI5GBG6WWFMsz619ZQeKMK
5poqtMve4eCi39vQht6aNM7qvZicC/kji0A0PTKiaflSE7APWkz0kuRSqt/eHj5O
gB9CSFWhjZff5ynfEsxLSSzq8+8qYjK6ALt9h4gqp8Wc+/rHXMiSaRkwLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJk+XoDqcOahrXGX6XegCv3QtDrzMB8GA1UdIwQY
MBaAFDgq2QbXGaZqhaMT0QUpQALLZX97MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAt
NmNlNTJiZWU2NjZhLzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAtNmNlNTJiZWU2NjZh
LzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj8enmguj
7HY2q0hqcUIbef8v/izQbGyX3adgl8JDbM9XAXkTeLYmmE1U3VrypPwmDXu8askP
M0sJ0JXMo/ccutZWMK3PxHqzwymuMBzl+95czt4Ewpc64Pv6IZDgvt43fPKLPca0
164/z0lsR4/nrcQ1h/RHvB35MATfVuaCIOxD2Dq2TEnnPcr3sYfko3yg2tD+vY6T
ew6rfiFKJJfPnStpjT8JNewRgCuw10hyfJ+T6KHm7Z/jRg82D6sYjA2PLnk8hU/x
tubAmEPtQ3roAQijvQwgmD5PFz7FUOwtOYPRmLoLr5Be0suBYdODEJ+WlCMddu3d
02vHSi2/nMmzNw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:47:33 2025 by rpki-client