Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.mft
File: O33D0CKCjk9bNr3vehiwuwz7rgk.mft (raw, json)
Hash identifier: yaI1d1Ihn62Yf4R9d8cvPcVM0h7fRWCzWcdZi5T/510=
Subject key identifier: B3:BF:E2:2B:A9:18:2A:CE:9C:41:59:0B:2C:64:EF:DE:DE:AD:C4:3D
Authority key identifier: 3B:7D:C3:D0:22:82:8E:4F:5B:36:BD:EF:7A:18:B0:BB:0C:FB:AE:09
Certificate issuer: /CN=3b7dc3d022828e4f5b36bdef7a18b0bb0cfbae09
Certificate serial: 019A71EEAA0048E6E1634DCC95C7181FF905
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O33D0CKCjk9bNr3vehiwuwz7rgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.mft
Manifest number: 0F33
Signing time: Tue 11 Nov 2025 08:00:57 +0000
Manifest this update: Tue 11 Nov 2025 08:00:57 +0000
Manifest next update: Wed 12 Nov 2025 08:00:57 +0000
Files and hashes: 1: O33D0CKCjk9bNr3vehiwuwz7rgk.crl (hash: FMZ/+sfLb8zhLL8ko7pqZBX3bHUEv5aXtGhCcQyBPHo=)
2: qE1MDKZGRZtaXQk1vt-cL_6WtUI.roa (hash: 3oUc3w7eQj0W70nllC5MQS//X4mPSXNpxrBOqqqOaLU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O33D0CKCjk9bNr3vehiwuwz7rgk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:aa:00:48:e6:e1:63:4d:cc:95:c7:18:1f:f9:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7dc3d022828e4f5b36bdef7a18b0bb0cfbae09
Validity
Not Before: Nov 11 08:00:57 2025 GMT
Not After : Nov 12 08:00:57 2025 GMT
Subject: CN=b3bfe22ba9182ace9c41590b2c64efdedeadc43d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:60:8a:a5:3a:5b:5b:6e:37:08:9b:d9:e6:07:
c3:90:5a:b3:e5:1c:b2:00:f3:bd:5c:a9:9f:58:48:
5c:c8:e7:91:81:16:b8:b6:5b:ce:f0:ee:e4:06:4b:
55:76:c8:fe:13:ae:ef:ac:58:a5:fd:57:17:e3:09:
13:2a:d8:38:77:7e:7d:a1:04:a4:53:a7:5e:9d:ca:
59:f1:b2:8e:a6:18:84:c8:88:4e:a9:cb:c3:d5:9d:
e0:5b:72:71:84:58:31:97:1b:8f:2b:92:c5:f3:10:
37:81:b7:9b:ea:df:71:36:ab:d1:f0:35:e2:e7:13:
d9:ae:fc:a8:f0:00:f9:5b:41:5d:81:5c:04:b4:c4:
ea:34:79:e7:78:7e:8f:37:2c:9b:02:d2:9b:92:22:
82:d3:7f:90:9d:74:a8:11:55:92:28:88:95:38:83:
3b:3a:6f:ec:c6:7d:78:0a:3e:11:9a:9a:84:b3:2f:
dc:e1:34:77:ce:2a:3e:a5:cb:be:dd:de:ba:4e:0d:
dc:d4:7f:9c:af:9d:11:4a:32:ed:18:ae:25:3f:18:
16:a7:6c:e7:2d:95:37:5d:7a:66:1d:43:9e:31:6d:
04:ac:ac:26:8c:87:53:fa:1c:78:6d:57:ba:8d:9a:
7d:db:86:ac:6b:58:65:d0:e9:5f:27:42:80:3f:71:
56:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:BF:E2:2B:A9:18:2A:CE:9C:41:59:0B:2C:64:EF:DE:DE:AD:C4:3D
X509v3 Authority Key Identifier:
keyid:3B:7D:C3:D0:22:82:8E:4F:5B:36:BD:EF:7A:18:B0:BB:0C:FB:AE:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O33D0CKCjk9bNr3vehiwuwz7rgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:f8:75:7a:8b:a3:b8:e9:59:30:8f:06:e9:d1:7c:2e:4f:88:
b6:9b:b9:31:c3:9a:6a:97:ea:ee:63:74:38:43:b3:9d:98:ba:
d8:4a:81:e1:17:91:6f:fa:a5:e4:3a:22:7f:11:1b:8d:ec:8a:
cc:08:b9:cf:e5:e3:cc:ad:01:25:d1:4f:fc:b7:46:93:e3:76:
6c:78:9f:1b:20:73:15:b2:ec:bc:0d:25:8e:21:b7:f5:6a:8a:
c7:bf:4d:88:86:a7:1c:89:2f:d0:ab:20:27:38:2f:a4:1d:2d:
17:ec:79:ea:31:d6:0e:39:8b:8d:4c:4c:a6:f4:89:dd:cd:a5:
8f:b1:3f:5b:46:69:3e:f5:97:72:0e:9f:6f:db:7d:38:c1:c2:
54:8d:79:3a:bb:90:2e:73:53:ab:95:1e:f2:12:f2:89:ae:36:
30:30:4a:f3:ca:7d:5c:ca:78:50:6b:d2:36:cd:23:c4:7e:ea:
9e:7d:d8:d3:67:8a:44:44:18:77:98:ec:54:ef:94:39:fd:1f:
75:d8:a2:cd:60:07:a5:37:12:3f:f9:ec:0b:ee:b4:6a:15:23:
bc:16:a7:db:21:69:89:71:cd:92:81:60:bb:ea:7e:cc:c1:4d:
c1:f5:8c:76:a7:69:a8:bb:32:6e:db:59:12:8c:2b:57:0b:13:
c1:03:9f:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7qoASObhY03MlccYH/kFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2RjM2QwMjI4MjhlNGY1YjM2YmRlZjdhMThiMGJiMGNm
YmFlMDkwHhcNMjUxMTExMDgwMDU3WhcNMjUxMTEyMDgwMDU3WjAzMTEwLwYDVQQD
EyhiM2JmZTIyYmE5MTgyYWNlOWM0MTU5MGIyYzY0ZWZkZWRlYWRjNDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGCKpTpbW243CJvZ5gfDkFqz5Ryy
APO9XKmfWEhcyOeRgRa4tlvO8O7kBktVdsj+E67vrFil/VcX4wkTKtg4d359oQSk
U6dencpZ8bKOphiEyIhOqcvD1Z3gW3JxhFgxlxuPK5LF8xA3gbeb6t9xNqvR8DXi
5xPZrvyo8AD5W0FdgVwEtMTqNHnneH6PNyybAtKbkiKC03+QnXSoEVWSKIiVOIM7
Om/sxn14Cj4RmpqEsy/c4TR3zio+pcu+3d66Tg3c1H+cr50RSjLtGK4lPxgWp2zn
LZU3XXpmHUOeMW0ErKwmjIdT+hx4bVe6jZp924asa1hl0OlfJ0KAP3FWBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLO/4iupGCrOnEFZCyxk797ercQ9MB8GA1UdIwQY
MBaAFDt9w9Aigo5PWza973oYsLsM+64JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzMzRDBDS0NqazliTnIzdmVoaXd1d3o3cmdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80ZWYwMmMtOGY4ZC00NmUzLThkMGIt
NzE5NDhlM2M5YWQ0LzEvTzMzRDBDS0NqazliTnIzdmVoaXd1d3o3cmdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC80ZWYwMmMtOGY4ZC00NmUzLThkMGItNzE5NDhlM2M5YWQ0
LzEvTzMzRDBDS0NqazliTnIzdmVoaXd1d3o3cmdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXfh1eouj
uOlZMI8G6dF8Lk+Itpu5McOaapfq7mN0OEOznZi62EqB4ReRb/ql5DoifxEbjeyK
zAi5z+XjzK0BJdFP/LdGk+N2bHifGyBzFbLsvA0ljiG39WqKx79NiIanHIkv0Ksg
JzgvpB0tF+x56jHWDjmLjUxMpvSJ3c2lj7E/W0ZpPvWXcg6fb9t9OMHCVI15OruQ
LnNTq5Ue8hLyia42MDBK88p9XMp4UGvSNs0jxH7qnn3Y02eKREQYd5jsVO+UOf0f
ddiizWAHpTcSP/nsC+60ahUjvBan2yFpiXHNkoFgu+p+zMFNwfWMdqdpqLsybttZ
EowrVwsTwQOf9A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:15:33 2025 by rpki-client