Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/f95969-67ef-408e-a743-e1eb79899242/1/OFIGrAjYQMKL9KxWiZ8qKPj9zMU.mft
File: OFIGrAjYQMKL9KxWiZ8qKPj9zMU.mft (raw, json)
Hash identifier: uAlldETd76OT14QTjypi8Vx2bkXg9Leo/BLOXL9k3rE=
Subject key identifier: 6D:60:2E:93:0A:2D:94:79:C4:DB:A6:99:EB:6B:F9:77:34:52:D7:DE
Authority key identifier: 38:52:06:AC:08:D8:40:C2:8B:F4:AC:56:89:9F:2A:28:F8:FD:CC:C5
Certificate issuer: /CN=385206ac08d840c28bf4ac56899f2a28f8fdccc5
Certificate serial: 019A7112EF1BD4108873E4B03C67759935AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFIGrAjYQMKL9KxWiZ8qKPj9zMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/f95969-67ef-408e-a743-e1eb79899242/1/OFIGrAjYQMKL9KxWiZ8qKPj9zMU.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 04:00:57 +0000
Manifest this update: Tue 11 Nov 2025 04:00:57 +0000
Manifest next update: Wed 12 Nov 2025 04:00:57 +0000
Files and hashes: 1: O3UwipOzhbcra36OR7wqsPRc0eI.roa (hash: r6js7pxWhUJ5O0hB/bSR9JVoNUKTp5yLnXbbvCl45RM=)
2: OFIGrAjYQMKL9KxWiZ8qKPj9zMU.crl (hash: 8hNqQHpqR3zKvwJPUJ9XsS3t89S4Fcr+f/Ep7IqaUIk=)
3: eMQhZAA1BBjlcx0eTkggms08VQo.roa (hash: xi+ujT09IBX2cdfgWniCY7aqnXMFDpXhE7QErRO6YQ4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/f95969-67ef-408e-a743-e1eb79899242/1/OFIGrAjYQMKL9KxWiZ8qKPj9zMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/f95969-67ef-408e-a743-e1eb79899242/1/OFIGrAjYQMKL9KxWiZ8qKPj9zMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OFIGrAjYQMKL9KxWiZ8qKPj9zMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:12:ef:1b:d4:10:88:73:e4:b0:3c:67:75:99:35:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385206ac08d840c28bf4ac56899f2a28f8fdccc5
Validity
Not Before: Nov 11 04:00:57 2025 GMT
Not After : Nov 12 04:00:57 2025 GMT
Subject: CN=6d602e930a2d9479c4dba699eb6bf9773452d7de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f9:14:cc:0b:ae:0f:75:41:85:fa:8c:12:4e:
70:a5:28:83:ad:69:81:5c:b0:c0:20:7f:c9:51:4b:
a4:a4:86:c7:19:f1:d0:d0:7f:1d:6f:40:35:05:35:
30:8f:cb:ca:7c:2b:98:9d:8d:20:34:7d:8b:e5:3e:
fc:41:41:d4:66:db:a2:54:a3:23:49:51:7f:60:ee:
ae:ae:cb:06:b4:ee:42:e8:4d:44:fc:bc:7e:62:47:
24:0b:f8:d2:a1:0a:e5:d8:91:d4:1f:26:a5:d4:95:
47:62:b9:e7:c7:82:b2:a5:c3:0e:10:9d:1e:79:64:
d6:4d:a4:a3:6d:96:7e:e6:27:7c:b0:9d:ba:92:f6:
0e:96:90:88:e3:e6:10:ba:07:8e:42:cf:16:ba:f2:
8e:76:a1:96:5d:cb:dd:d6:12:96:fa:fc:b4:96:59:
9b:34:53:4b:ea:76:df:b8:0d:fc:8a:6a:8c:1a:52:
7a:a8:0f:bb:41:b5:8e:7a:84:d5:80:25:a4:b4:57:
e5:75:40:a5:15:00:9f:c5:c3:7a:1b:76:01:4b:f7:
a6:f7:ab:95:07:c6:5e:95:b0:d7:86:c6:15:f9:77:
1b:08:db:c6:a1:2b:b9:66:5e:a4:a2:35:96:83:f4:
92:b2:47:20:38:4f:f9:73:5f:e4:36:8a:17:9f:2a:
73:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:60:2E:93:0A:2D:94:79:C4:DB:A6:99:EB:6B:F9:77:34:52:D7:DE
X509v3 Authority Key Identifier:
keyid:38:52:06:AC:08:D8:40:C2:8B:F4:AC:56:89:9F:2A:28:F8:FD:CC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFIGrAjYQMKL9KxWiZ8qKPj9zMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/f95969-67ef-408e-a743-e1eb79899242/1/OFIGrAjYQMKL9KxWiZ8qKPj9zMU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/f95969-67ef-408e-a743-e1eb79899242/1/OFIGrAjYQMKL9KxWiZ8qKPj9zMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:bc:0c:71:da:4b:03:06:f3:34:af:d0:71:05:4d:41:d9:60:
8a:2e:13:97:ce:d8:62:49:15:33:2f:c4:de:4e:f1:ec:e7:1b:
11:3b:69:09:e7:eb:94:05:d6:ff:77:c0:99:27:d3:86:4f:9e:
58:05:91:d0:7d:a1:43:32:44:fb:8a:2e:37:23:b9:39:59:b7:
04:7d:a9:a5:2f:bc:91:9a:de:7a:2d:4e:bd:d3:5e:e8:b9:70:
72:12:49:ab:5b:0a:af:47:cd:68:29:a5:f2:d2:4a:40:19:5d:
76:e6:95:71:03:ce:68:fb:35:1e:c4:f4:ce:58:c5:9a:80:1a:
3d:14:8f:8d:2b:da:a6:21:6b:19:1b:09:c6:d7:c1:10:57:e6:
a6:44:cb:98:55:a4:04:64:0b:bc:01:fe:44:d7:6e:37:1f:9d:
fa:61:65:22:1c:25:5e:e9:c9:ad:a9:ad:f3:5a:63:23:eb:5d:
83:9e:29:e7:a3:48:98:25:18:9d:28:ef:59:d3:07:8b:ca:03:
bd:9d:b5:85:80:ee:31:c8:ee:c5:7f:e2:69:6c:4a:1e:96:05:
aa:6d:9c:ec:c3:0e:c9:1c:73:c6:01:33:a8:58:4d:47:51:5e:
e3:4d:a0:18:5d:28:25:e3:41:94:eb:d4:2f:92:30:b4:b0:63:
cc:9c:ac:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEu8b1BCIc+SwPGd1mTWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NTIwNmFjMDhkODQwYzI4YmY0YWM1Njg5OWYyYTI4Zjhm
ZGNjYzUwHhcNMjUxMTExMDQwMDU3WhcNMjUxMTEyMDQwMDU3WjAzMTEwLwYDVQQD
Eyg2ZDYwMmU5MzBhMmQ5NDc5YzRkYmE2OTllYjZiZjk3NzM0NTJkN2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vkUzAuuD3VBhfqMEk5wpSiDrWmB
XLDAIH/JUUukpIbHGfHQ0H8db0A1BTUwj8vKfCuYnY0gNH2L5T78QUHUZtuiVKMj
SVF/YO6urssGtO5C6E1E/Lx+YkckC/jSoQrl2JHUHyal1JVHYrnnx4KypcMOEJ0e
eWTWTaSjbZZ+5id8sJ26kvYOlpCI4+YQugeOQs8WuvKOdqGWXcvd1hKW+vy0llmb
NFNL6nbfuA38imqMGlJ6qA+7QbWOeoTVgCWktFfldUClFQCfxcN6G3YBS/em96uV
B8ZelbDXhsYV+XcbCNvGoSu5Zl6kojWWg/SSskcgOE/5c1/kNooXnypzPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG1gLpMKLZR5xNummetr+Xc0UtfeMB8GA1UdIwQY
MBaAFDhSBqwI2EDCi/SsVomfKij4/czFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ZJR3JBallRTUtMOUt4V2laOHFLUGo5ek1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9mOTU5NjktNjdlZi00MDhlLWE3NDMt
ZTFlYjc5ODk5MjQyLzEvT0ZJR3JBallRTUtMOUt4V2laOHFLUGo5ek1VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9mOTU5NjktNjdlZi00MDhlLWE3NDMtZTFlYjc5ODk5MjQy
LzEvT0ZJR3JBallRTUtMOUt4V2laOHFLUGo5ek1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEbwMcdpL
AwbzNK/QcQVNQdlgii4Tl87YYkkVMy/E3k7x7OcbETtpCefrlAXW/3fAmSfThk+e
WAWR0H2hQzJE+4ouNyO5OVm3BH2ppS+8kZreei1OvdNe6LlwchJJq1sKr0fNaCml
8tJKQBldduaVcQPOaPs1HsT0zljFmoAaPRSPjSvapiFrGRsJxtfBEFfmpkTLmFWk
BGQLvAH+RNduNx+d+mFlIhwlXunJramt81pjI+tdg54p56NImCUYnSjvWdMHi8oD
vZ21hYDuMcjuxX/iaWxKHpYFqm2c7MMOyRxzxgEzqFhNR1Fe402gGF0oJeNBlOvU
L5IwtLBjzJysBw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:22 2025 by rpki-client