Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.mft
File: OZETdfzEhZYSGQ6-zHrjcaAaam0.mft (raw, json)
Hash identifier: xywc4tlNOBUqCZSRC0w3CUAkyW6+FC/vEvnnXFiJdMk=
Subject key identifier: ED:F2:00:25:50:B5:CF:33:CF:EB:7E:67:07:99:14:12:4C:D9:6B:83
Authority key identifier: 39:91:13:75:FC:C4:85:96:12:19:0E:BE:CC:7A:E3:71:A0:1A:6A:6D
Certificate issuer: /CN=39911375fcc4859612190ebecc7ae371a01a6a6d
Certificate serial: 019A706DFAF5486FC23B0591DA293D5BB37D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.mft
Manifest number: 1047
Signing time: Tue 11 Nov 2025 01:00:47 +0000
Manifest this update: Tue 11 Nov 2025 01:00:47 +0000
Manifest next update: Wed 12 Nov 2025 01:00:47 +0000
Files and hashes: 1: OZETdfzEhZYSGQ6-zHrjcaAaam0.crl (hash: uFXm0auCMT47h3J3Rp6oBq/RIm/DRGXUd0uxL+Zw/QE=)
2: mV-huyQ7uf2YxiJ1JUpDypBxzhA.roa (hash: XQgQ9aC7Ey76psDYNwOwzM5lgNTkkh3rEJlv1Rte2h0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 01:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:6d:fa:f5:48:6f:c2:3b:05:91:da:29:3d:5b:b3:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39911375fcc4859612190ebecc7ae371a01a6a6d
Validity
Not Before: Nov 11 01:00:47 2025 GMT
Not After : Nov 12 01:00:47 2025 GMT
Subject: CN=edf2002550b5cf33cfeb7e67079914124cd96b83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f7:84:04:cc:ca:c3:c4:09:70:74:8a:4e:ab:
01:67:24:85:c3:8d:c8:f5:89:0a:d2:8d:89:cb:53:
11:03:21:0c:c8:7e:77:51:02:d1:4b:47:75:c2:08:
19:af:9c:55:3f:10:85:23:8a:b2:58:91:ab:8a:31:
c9:dd:29:f4:e1:6a:43:10:34:a5:84:14:9f:5a:ad:
0e:4f:5c:5f:19:0d:b1:57:7a:5a:bb:d8:60:06:22:
39:94:f0:c9:13:47:f0:33:9d:77:bd:92:f1:14:c5:
d1:15:a9:1e:7d:26:fd:34:17:04:5a:9c:9c:1f:bc:
04:45:4a:f4:ee:67:16:b4:16:50:1b:28:81:fe:3e:
39:78:9d:21:00:e0:ad:73:57:af:b5:66:b2:2c:2a:
f8:53:34:13:2b:de:db:1a:3f:17:82:63:b5:9d:54:
ff:a1:ca:83:47:64:b4:de:60:3a:0e:93:37:f4:63:
05:10:f8:3b:fa:cc:37:f9:15:da:98:c6:d8:6b:ac:
0d:06:4b:98:e9:01:23:be:e3:f7:8c:95:2c:8b:40:
07:9c:2c:22:1c:a6:16:ff:54:c0:5a:51:2e:4e:59:
3e:07:ca:3d:db:85:ed:24:0e:2e:42:54:1f:1f:ce:
18:cd:1a:13:57:8c:1e:4f:4c:d4:92:14:2c:9c:55:
b8:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:F2:00:25:50:B5:CF:33:CF:EB:7E:67:07:99:14:12:4C:D9:6B:83
X509v3 Authority Key Identifier:
keyid:39:91:13:75:FC:C4:85:96:12:19:0E:BE:CC:7A:E3:71:A0:1A:6A:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:40:d0:be:e4:97:39:8f:1e:5b:5e:1f:23:47:80:53:c7:d7:
cb:fb:a2:66:3c:6a:40:38:dc:1f:b1:cc:e8:4b:c9:b4:03:c8:
6b:ec:82:78:fe:4e:ab:21:eb:dd:a1:59:f4:a6:87:7a:53:ea:
a9:f6:24:e4:f5:a7:e5:0d:d5:e1:80:75:f6:ca:db:81:ae:f4:
a7:e4:87:f1:64:5e:8c:90:69:71:d5:6d:4d:bd:b0:84:2f:79:
ea:8e:4a:3d:18:78:4d:c2:b0:cf:c2:6d:da:41:ad:e5:9c:8a:
0f:74:ab:50:8a:a6:4c:35:b7:a4:1e:2f:a9:b5:9c:6d:38:ad:
dd:b6:b1:59:99:ca:03:71:fd:31:23:8b:66:43:5b:90:86:e1:
88:9b:b9:40:2a:fb:6d:83:86:9c:37:b9:bc:d3:61:64:fd:9e:
e1:e1:42:40:2e:83:03:78:bd:a8:c3:a4:df:9c:14:b9:d2:66:
2b:5a:32:87:c1:39:d5:20:f1:26:a4:93:c1:71:55:9c:9c:59:
11:48:f7:b5:84:b4:8b:f6:de:e9:7f:21:c2:57:0f:7b:13:7a:
a7:43:56:a6:3d:7f:c0:42:fd:90:54:6c:9e:57:3e:4f:2d:82:
31:be:17:5a:f5:ca:82:6c:7f:32:3c:da:e1:ac:8e:b8:a1:77:
6d:1b:cf:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbfr1SG/COwWR2ik9W7N9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OTExMzc1ZmNjNDg1OTYxMjE5MGViZWNjN2FlMzcxYTAx
YTZhNmQwHhcNMjUxMTExMDEwMDQ3WhcNMjUxMTEyMDEwMDQ3WjAzMTEwLwYDVQQD
EyhlZGYyMDAyNTUwYjVjZjMzY2ZlYjdlNjcwNzk5MTQxMjRjZDk2YjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfeEBMzKw8QJcHSKTqsBZySFw43I
9YkK0o2Jy1MRAyEMyH53UQLRS0d1wggZr5xVPxCFI4qyWJGrijHJ3Sn04WpDEDSl
hBSfWq0OT1xfGQ2xV3pau9hgBiI5lPDJE0fwM513vZLxFMXRFakefSb9NBcEWpyc
H7wERUr07mcWtBZQGyiB/j45eJ0hAOCtc1evtWayLCr4UzQTK97bGj8XgmO1nVT/
ocqDR2S03mA6DpM39GMFEPg7+sw3+RXamMbYa6wNBkuY6QEjvuP3jJUsi0AHnCwi
HKYW/1TAWlEuTlk+B8o924XtJA4uQlQfH84YzRoTV4weT0zUkhQsnFW42wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO3yACVQtc8zz+t+ZweZFBJM2WuDMB8GA1UdIwQY
MBaAFDmRE3X8xIWWEhkOvsx643GgGmptMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1pFVGRmekVoWllTR1E2LXpIcmpjYUFhYW0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82MWMwYzUtNTI1Ny00NTNjLThlNzQt
OTMzZDkyZDAwMDBjLzEvT1pFVGRmekVoWllTR1E2LXpIcmpjYUFhYW0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82MWMwYzUtNTI1Ny00NTNjLThlNzQtOTMzZDkyZDAwMDBj
LzEvT1pFVGRmekVoWllTR1E2LXpIcmpjYUFhYW0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZEDQvuSX
OY8eW14fI0eAU8fXy/uiZjxqQDjcH7HM6EvJtAPIa+yCeP5OqyHr3aFZ9KaHelPq
qfYk5PWn5Q3V4YB19srbga70p+SH8WRejJBpcdVtTb2whC956o5KPRh4TcKwz8Jt
2kGt5ZyKD3SrUIqmTDW3pB4vqbWcbTit3baxWZnKA3H9MSOLZkNbkIbhiJu5QCr7
bYOGnDe5vNNhZP2e4eFCQC6DA3i9qMOk35wUudJmK1oyh8E51SDxJqSTwXFVnJxZ
EUj3tYS0i/be6X8hwlcPexN6p0NWpj1/wEL9kFRsnlc+Ty2CMb4XWvXKgmx/Mjza
4ayOuKF3bRvPwA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:13 2025 by rpki-client