Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/83a77d-9cad-40de-abed-c4d42b7f6270/1/ogAYZIx6-hREZNR7seLLK6eG67E.mft
File: ogAYZIx6-hREZNR7seLLK6eG67E.mft (raw, json)
Hash identifier: R8zRsmVqvqBafyMk5gPvz2jsd90th0KTVHZ9dswevO8=
Subject key identifier: D5:A1:88:7A:96:4C:A7:69:29:6D:0D:F7:F8:3D:34:78:F9:A9:21:1D
Authority key identifier: A2:00:18:64:8C:7A:FA:14:44:64:D4:7B:B1:E2:CB:2B:A7:86:EB:B1
Certificate issuer: /CN=a20018648c7afa144464d47bb1e2cb2ba786ebb1
Certificate serial: 019A729404AF3B18B7DA9450733B27FB2987
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogAYZIx6-hREZNR7seLLK6eG67E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/83a77d-9cad-40de-abed-c4d42b7f6270/1/ogAYZIx6-hREZNR7seLLK6eG67E.mft
Manifest number: 0428
Signing time: Tue 11 Nov 2025 11:01:34 +0000
Manifest this update: Tue 11 Nov 2025 11:01:34 +0000
Manifest next update: Wed 12 Nov 2025 11:01:34 +0000
Files and hashes: 1: Hg_LuWwF2PqnDP--QEmiR8s_JMw.roa (hash: pTVkg9vcSnhojGDdhaJdcSnTn9EzuAwvN69LeVjj+eI=)
2: ZyIFjDXNoQmTUrQTfRFil604EkI.roa (hash: w5vJh9LGNygfKftlkH12Umx5kIPwjNAoWDXEhQaobKc=)
3: ogAYZIx6-hREZNR7seLLK6eG67E.crl (hash: vY4kuqKJhMYsCD/uxoBT0nFoCEa4bUL72LZm0mDiD04=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/83a77d-9cad-40de-abed-c4d42b7f6270/1/ogAYZIx6-hREZNR7seLLK6eG67E.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/83a77d-9cad-40de-abed-c4d42b7f6270/1/ogAYZIx6-hREZNR7seLLK6eG67E.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogAYZIx6-hREZNR7seLLK6eG67E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:94:04:af:3b:18:b7:da:94:50:73:3b:27:fb:29:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a20018648c7afa144464d47bb1e2cb2ba786ebb1
Validity
Not Before: Nov 11 11:01:34 2025 GMT
Not After : Nov 12 11:01:34 2025 GMT
Subject: CN=d5a1887a964ca769296d0df7f83d3478f9a9211d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:59:c5:cd:20:61:18:1b:40:a3:87:d3:ed:30:
c0:05:fb:b4:1c:88:cc:49:30:81:d6:1a:f6:01:46:
08:58:33:ac:66:c0:18:f9:50:bf:ae:31:b6:62:c7:
f4:f5:9a:c5:ba:cb:28:19:2b:27:82:21:1f:d1:e4:
f3:95:67:18:00:20:1c:11:92:ab:fd:60:d8:55:78:
f5:7a:70:6e:e2:4d:b6:a0:e1:32:95:48:41:c7:85:
70:60:dd:73:ed:8d:8b:32:12:32:2c:ff:d9:ae:66:
4a:cd:9a:99:74:40:19:fb:c8:b4:72:8a:99:22:40:
52:ef:b3:68:c4:77:73:5e:7f:fc:27:10:c2:a5:3b:
98:9d:f8:5e:76:1e:3c:4f:61:72:c9:e3:9f:b0:55:
2f:16:27:c9:47:25:46:43:51:76:67:b8:08:34:11:
6e:ae:e3:a2:90:a3:32:98:99:58:85:cf:83:b9:d4:
29:54:07:79:f8:6b:8c:18:21:2d:fb:9c:e0:b1:60:
ac:2f:0a:5c:8e:64:d7:8f:44:e4:7d:c3:cd:5f:d9:
16:68:f6:45:92:ca:e0:b9:32:05:fc:6b:cd:43:a0:
c2:d4:ab:96:01:da:7c:52:09:9a:dc:ff:9d:2b:24:
9b:d7:af:98:49:dd:4e:2b:5e:1c:af:c2:d8:0e:ac:
10:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:A1:88:7A:96:4C:A7:69:29:6D:0D:F7:F8:3D:34:78:F9:A9:21:1D
X509v3 Authority Key Identifier:
keyid:A2:00:18:64:8C:7A:FA:14:44:64:D4:7B:B1:E2:CB:2B:A7:86:EB:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogAYZIx6-hREZNR7seLLK6eG67E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/83a77d-9cad-40de-abed-c4d42b7f6270/1/ogAYZIx6-hREZNR7seLLK6eG67E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/83a77d-9cad-40de-abed-c4d42b7f6270/1/ogAYZIx6-hREZNR7seLLK6eG67E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d8:7e:e2:b7:b0:a1:f4:46:20:bd:f3:69:37:c8:f7:a9:5f:d9:
ff:2f:1c:04:63:16:47:d1:cc:5f:bb:17:f8:fa:42:8d:5d:cb:
0e:70:1d:74:ee:a7:89:8a:bc:80:fd:05:2a:8c:75:38:0b:33:
e1:29:e7:6d:a9:f7:40:b7:e3:59:73:75:33:75:ca:66:48:f7:
e9:82:44:53:99:3c:95:89:ab:69:99:46:35:62:52:d2:ac:50:
e1:e7:92:7e:fa:6b:6d:09:17:59:bb:20:a1:25:a3:c1:26:8a:
5a:7e:23:98:b1:3a:5b:41:16:bd:43:7c:21:81:ce:e8:1a:da:
6a:73:28:6e:43:d7:d2:43:d6:50:fd:a5:1b:bf:9b:93:bd:e1:
d2:c6:8d:7d:ec:0e:ee:45:fb:5f:bb:75:09:3e:2e:ff:c1:fa:
40:b3:3d:2a:78:8b:26:af:8e:cd:43:e8:51:65:cc:2f:c2:68:
66:67:fe:8e:7b:60:91:de:32:1d:16:ec:4d:e6:45:cb:7e:41:
41:e6:f6:2c:7c:ec:df:f3:c9:80:3f:a3:5a:bd:ea:67:48:b1:
bb:2c:06:23:16:db:9f:04:9c:16:c7:65:49:6b:42:cd:d3:8a:
5c:4c:65:bd:98:97:e4:52:02:b9:ad:45:8a:1d:36:e2:f9:7d:
43:5c:9d:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpylASvOxi32pRQczsn+ymHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDAxODY0OGM3YWZhMTQ0NDY0ZDQ3YmIxZTJjYjJiYTc4
NmViYjEwHhcNMjUxMTExMTEwMTM0WhcNMjUxMTEyMTEwMTM0WjAzMTEwLwYDVQQD
EyhkNWExODg3YTk2NGNhNzY5Mjk2ZDBkZjdmODNkMzQ3OGY5YTkyMTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FnFzSBhGBtAo4fT7TDABfu0HIjM
STCB1hr2AUYIWDOsZsAY+VC/rjG2Ysf09ZrFussoGSsngiEf0eTzlWcYACAcEZKr
/WDYVXj1enBu4k22oOEylUhBx4VwYN1z7Y2LMhIyLP/ZrmZKzZqZdEAZ+8i0coqZ
IkBS77NoxHdzXn/8JxDCpTuYnfhedh48T2FyyeOfsFUvFifJRyVGQ1F2Z7gINBFu
ruOikKMymJlYhc+DudQpVAd5+GuMGCEt+5zgsWCsLwpcjmTXj0TkfcPNX9kWaPZF
ksrguTIF/GvNQ6DC1KuWAdp8Ugma3P+dKySb16+YSd1OK14cr8LYDqwQaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNWhiHqWTKdpKW0N9/g9NHj5qSEdMB8GA1UdIwQY
MBaAFKIAGGSMevoURGTUe7HiyyunhuuxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dBWVpJeDYtaFJFWk5SN3NlTExLNmVHNjdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84M2E3N2QtOWNhZC00MGRlLWFiZWQt
YzRkNDJiN2Y2MjcwLzEvb2dBWVpJeDYtaFJFWk5SN3NlTExLNmVHNjdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84M2E3N2QtOWNhZC00MGRlLWFiZWQtYzRkNDJiN2Y2Mjcw
LzEvb2dBWVpJeDYtaFJFWk5SN3NlTExLNmVHNjdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2H7it7Ch
9EYgvfNpN8j3qV/Z/y8cBGMWR9HMX7sX+PpCjV3LDnAddO6niYq8gP0FKox1OAsz
4Snnban3QLfjWXN1M3XKZkj36YJEU5k8lYmraZlGNWJS0qxQ4eeSfvprbQkXWbsg
oSWjwSaKWn4jmLE6W0EWvUN8IYHO6BraanMobkPX0kPWUP2lG7+bk73h0saNfewO
7kX7X7t1CT4u/8H6QLM9KniLJq+OzUPoUWXML8JoZmf+jntgkd4yHRbsTeZFy35B
Qeb2LHzs3/PJgD+jWr3qZ0ixuywGIxbbnwScFsdlSWtCzdOKXExlvZiX5FICua1F
ih024vl9Q1ydFA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:14:08 2025 by rpki-client