Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/oL_QbOhVti2baIzYxTXV9JTNOTI.mft
File: oL_QbOhVti2baIzYxTXV9JTNOTI.mft (raw, json)
Hash identifier: rFPRXgpfrk1m4bGWZXdt+Tk0QJ4HPDTlndGR9fYQJOs=
Subject key identifier: 4A:19:4C:2B:9E:B9:48:79:B8:B6:79:65:64:F1:D7:CE:F1:AB:AB:E5
Authority key identifier: A0:BF:D0:6C:E8:55:B6:2D:9B:68:8C:D8:C5:35:D5:F4:94:CD:39:32
Certificate issuer: /CN=a0bfd06ce855b62d9b688cd8c535d5f494cd3932
Certificate serial: 019A7293284C3EBC99B7988D0F8855759161
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oL_QbOhVti2baIzYxTXV9JTNOTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/oL_QbOhVti2baIzYxTXV9JTNOTI.mft
Manifest number: 1723
Signing time: Tue 11 Nov 2025 11:00:37 +0000
Manifest this update: Tue 11 Nov 2025 11:00:37 +0000
Manifest next update: Wed 12 Nov 2025 11:00:37 +0000
Files and hashes: 1: YZGMIvadW2xPxhoSXpNJb8SDWu8.roa (hash: jQfGmlQO1sTVXZe+wmgboQPBpNBgVW+6jbuLSLsW9ZU=)
2: oL_QbOhVti2baIzYxTXV9JTNOTI.crl (hash: Im2hWkpfr5bMK3dfzYntgnyOfYExNTVv5MOL2RY6egg=)
3: rtetBP97DUA2lCqt3_qex3wy1cw.roa (hash: wIFAeHjq7EkgeOiBpciajSkZ9QKt8Kq/92+zr7+OjbA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/oL_QbOhVti2baIzYxTXV9JTNOTI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/oL_QbOhVti2baIzYxTXV9JTNOTI.mft
rsync://rpki.ripe.net/repository/DEFAULT/oL_QbOhVti2baIzYxTXV9JTNOTI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:28:4c:3e:bc:99:b7:98:8d:0f:88:55:75:91:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0bfd06ce855b62d9b688cd8c535d5f494cd3932
Validity
Not Before: Nov 11 11:00:37 2025 GMT
Not After : Nov 12 11:00:37 2025 GMT
Subject: CN=4a194c2b9eb94879b8b6796564f1d7cef1ababe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:61:ca:66:8a:14:6a:86:4f:02:c2:13:52:dc:
b5:03:c8:7e:bf:42:fc:69:69:59:28:86:7d:fc:5a:
b6:b7:9c:67:8f:c1:ef:91:c5:a4:87:d1:50:7e:a1:
41:42:26:52:fa:75:6e:d7:da:77:39:cd:59:92:a3:
33:1a:c6:2a:ef:ff:ce:20:81:c6:9e:96:a1:4e:29:
c4:33:c0:1c:42:71:e1:fa:51:0d:c7:96:13:2d:97:
2f:73:1f:c9:5d:3e:80:1a:1e:0e:a8:78:73:86:12:
9c:0a:7a:99:5c:53:a7:a2:cc:5a:61:42:24:95:0f:
03:a5:a3:26:b6:2c:a2:48:98:f5:92:00:6d:49:b4:
26:c1:9b:1a:58:e3:8c:66:ab:b2:cf:04:f5:ab:36:
34:b5:73:1f:5f:2d:68:fb:98:5b:dc:02:8c:9f:31:
ce:d3:c9:7c:e4:8b:44:69:28:6d:6f:06:ad:31:21:
7f:44:05:b1:6c:b0:3f:e6:02:a5:ed:56:62:0a:73:
57:58:34:9d:33:cf:b5:76:21:7c:ff:3b:59:5e:4d:
22:bd:61:f7:c0:5c:d4:d4:6d:b6:85:90:c7:47:9d:
d5:a4:d1:69:1f:d4:14:18:20:80:c1:63:1d:46:e7:
19:3b:6f:a4:80:d1:f2:b4:6a:86:b6:e1:44:59:2f:
b9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:19:4C:2B:9E:B9:48:79:B8:B6:79:65:64:F1:D7:CE:F1:AB:AB:E5
X509v3 Authority Key Identifier:
keyid:A0:BF:D0:6C:E8:55:B6:2D:9B:68:8C:D8:C5:35:D5:F4:94:CD:39:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oL_QbOhVti2baIzYxTXV9JTNOTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/oL_QbOhVti2baIzYxTXV9JTNOTI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/oL_QbOhVti2baIzYxTXV9JTNOTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:ce:70:ac:84:1d:fc:63:9a:2c:78:0d:d1:d5:b0:cd:a9:79:
dd:22:ae:7c:7b:71:0c:c7:10:d8:7e:98:d1:cd:12:22:98:e3:
8b:5a:db:c0:90:8e:e6:76:39:97:1f:b1:32:1c:d4:0e:a9:75:
c8:31:0b:0f:be:fa:2b:a1:e1:1f:d3:cc:81:d9:be:f0:ed:6f:
a8:b0:ba:1e:c7:8b:97:28:97:ba:c5:a1:6f:a4:13:e9:39:93:
19:4d:43:22:b7:9e:bc:ca:fd:e2:30:c8:f1:9a:09:69:95:67:
7a:f3:6e:db:d1:0e:eb:d4:45:45:0c:58:35:d6:ac:b3:24:6b:
90:31:3d:9b:fb:5a:77:36:a0:04:a7:0a:ce:d7:67:5d:dc:4b:
b3:49:6e:24:22:29:ae:03:fa:8d:df:44:36:69:f7:56:41:2e:
65:35:ea:8f:ec:69:a7:c8:d1:de:9c:a9:e3:31:03:73:0a:49:
2b:fb:99:0a:46:70:9a:1a:9c:f7:18:ea:da:fd:86:a7:b3:6e:
95:e4:64:ae:f8:b7:00:95:8b:84:98:aa:cd:77:ce:de:fc:9f:
11:7e:09:74:14:12:2f:0b:98:4c:3b:ae:44:11:b4:b5:23:3b:
6d:c5:56:fe:50:4a:3b:44:a6:bd:90:c6:77:44:60:80:f8:f9:
84:69:b1:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpykyhMPryZt5iND4hVdZFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYmZkMDZjZTg1NWI2MmQ5YjY4OGNkOGM1MzVkNWY0OTRj
ZDM5MzIwHhcNMjUxMTExMTEwMDM3WhcNMjUxMTEyMTEwMDM3WjAzMTEwLwYDVQQD
Eyg0YTE5NGMyYjllYjk0ODc5YjhiNjc5NjU2NGYxZDdjZWYxYWJhYmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2HKZooUaoZPAsITUty1A8h+v0L8
aWlZKIZ9/Fq2t5xnj8HvkcWkh9FQfqFBQiZS+nVu19p3Oc1ZkqMzGsYq7//OIIHG
npahTinEM8AcQnHh+lENx5YTLZcvcx/JXT6AGh4OqHhzhhKcCnqZXFOnosxaYUIk
lQ8DpaMmtiyiSJj1kgBtSbQmwZsaWOOMZquyzwT1qzY0tXMfXy1o+5hb3AKMnzHO
08l85ItEaShtbwatMSF/RAWxbLA/5gKl7VZiCnNXWDSdM8+1diF8/ztZXk0ivWH3
wFzU1G22hZDHR53VpNFpH9QUGCCAwWMdRucZO2+kgNHytGqGtuFEWS+5bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEoZTCueuUh5uLZ5ZWTx187xq6vlMB8GA1UdIwQY
MBaAFKC/0GzoVbYtm2iM2MU11fSUzTkyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0xfUWJPaFZ0aTJiYUl6WXhUWFY5SlROT1RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wMzMxNmQtMDRlMC00NjYwLWE2M2Ut
NjcxODM5MjAwNjA0LzEvb0xfUWJPaFZ0aTJiYUl6WXhUWFY5SlROT1RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wMzMxNmQtMDRlMC00NjYwLWE2M2UtNjcxODM5MjAwNjA0
LzEvb0xfUWJPaFZ0aTJiYUl6WXhUWFY5SlROT1RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh85wrIQd
/GOaLHgN0dWwzal53SKufHtxDMcQ2H6Y0c0SIpjji1rbwJCO5nY5lx+xMhzUDql1
yDELD776K6HhH9PMgdm+8O1vqLC6HseLlyiXusWhb6QT6TmTGU1DIreevMr94jDI
8ZoJaZVnevNu29EO69RFRQxYNdassyRrkDE9m/tadzagBKcKztdnXdxLs0luJCIp
rgP6jd9ENmn3VkEuZTXqj+xpp8jR3pyp4zEDcwpJK/uZCkZwmhqc9xjq2v2Gp7Nu
leRkrvi3AJWLhJiqzXfO3vyfEX4JdBQSLwuYTDuuRBG0tSM7bcVW/lBKO0SmvZDG
d0RggPj5hGmxDA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:54:33 2025 by rpki-client