Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft
File: o2n7GRvuUc3HQUppYxl_hrvzE6s.mft (raw, json)
Hash identifier: 4HJPPvzOiUFymsZYIwD5ewjfSl5ve9ydAuYtB1bPr0I=
Subject key identifier: 8A:7B:A3:09:E7:FC:35:C4:2D:A1:5D:89:8F:40:F8:0A:D3:D0:73:BB
Authority key identifier: A3:69:FB:19:1B:EE:51:CD:C7:41:4A:69:63:19:7F:86:BB:F3:13:AB
Certificate issuer: /CN=a369fb191bee51cdc7414a6963197f86bbf313ab
Certificate serial: 019A70DBEEFA8284D072C8C66F2507C7FD28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2n7GRvuUc3HQUppYxl_hrvzE6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft
Manifest number: 117F
Signing time: Tue 11 Nov 2025 03:00:52 +0000
Manifest this update: Tue 11 Nov 2025 03:00:52 +0000
Manifest next update: Wed 12 Nov 2025 03:00:52 +0000
Files and hashes: 1: DfIfeCsjxuTLGxOswS1IRTtCtFo.roa (hash: BfLaITLvBopGuXyhXf+VexAjyd8LBGCkT8+9wJK+KLI=)
2: o2n7GRvuUc3HQUppYxl_hrvzE6s.crl (hash: 7FgxxDcz8sgLgcRRBgTOHIj382TXt8mHNKCn7sZoV2s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/o2n7GRvuUc3HQUppYxl_hrvzE6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:db:ee:fa:82:84:d0:72:c8:c6:6f:25:07:c7:fd:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a369fb191bee51cdc7414a6963197f86bbf313ab
Validity
Not Before: Nov 11 03:00:52 2025 GMT
Not After : Nov 12 03:00:52 2025 GMT
Subject: CN=8a7ba309e7fc35c42da15d898f40f80ad3d073bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:71:fa:28:06:5a:3f:b6:a3:4c:85:e8:49:3f:
7f:08:a9:40:ef:f1:a8:c4:62:07:8a:a3:75:de:44:
fc:00:1e:85:9b:f3:d1:bd:1a:19:62:63:d2:72:e6:
9c:a3:32:a9:97:0a:58:de:aa:44:d4:53:f2:73:1d:
83:8e:a4:d7:10:80:be:04:82:c3:c0:3d:d0:30:b0:
1e:36:4a:b3:b2:ad:e3:54:20:56:c9:11:7a:65:7c:
44:1d:d0:da:36:c5:2f:4b:a3:be:d8:72:61:34:ba:
2e:9d:11:74:f8:8e:f2:28:5a:7c:d1:67:bc:80:59:
16:16:43:27:d4:11:90:4f:d9:d5:2f:3f:8b:18:4b:
c9:cf:d0:a5:7b:63:30:c5:02:64:2b:62:17:3d:d4:
10:3e:f8:73:47:6f:99:d2:d5:df:1e:14:a3:b9:ad:
f8:44:4b:3c:f6:44:19:4a:3b:f0:26:cd:44:d2:8f:
a9:d4:5d:ac:87:e3:cc:d7:cb:96:c5:b0:5c:66:76:
63:d4:8e:8c:54:b3:91:27:c7:fe:c0:bb:cb:d5:60:
89:df:e9:8d:91:1d:ba:5a:ee:3a:66:6a:f0:eb:00:
3e:03:60:eb:a8:76:38:99:8e:d4:78:f8:b3:81:05:
ba:81:04:bf:c2:1f:67:5e:bd:63:db:7f:59:e9:3a:
34:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:7B:A3:09:E7:FC:35:C4:2D:A1:5D:89:8F:40:F8:0A:D3:D0:73:BB
X509v3 Authority Key Identifier:
keyid:A3:69:FB:19:1B:EE:51:CD:C7:41:4A:69:63:19:7F:86:BB:F3:13:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2n7GRvuUc3HQUppYxl_hrvzE6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:3f:2a:47:23:b4:93:49:97:54:2b:a4:7f:7f:f0:24:ed:df:
f5:95:11:6e:4a:6a:1f:e7:90:e9:7b:f9:71:44:02:cb:91:e4:
f0:52:7e:02:a2:a0:a3:01:9c:a1:6b:7f:b9:f8:7e:9b:0f:05:
4a:b4:0e:3f:c3:9e:f4:8a:02:a9:a5:ca:1f:2a:2d:7b:a1:63:
86:0e:29:26:18:0e:7d:c2:d4:d7:70:d2:25:57:29:e2:79:23:
e6:0c:0c:b7:f2:23:47:23:f8:ee:95:24:91:73:10:62:cd:75:
0e:88:6a:e2:51:ea:ce:e6:d0:8e:18:7f:98:88:3d:a8:02:52:
33:a4:47:67:8c:7b:72:22:51:71:49:0b:e1:1e:aa:a4:90:af:
4a:20:d9:52:a0:c8:1d:b2:05:3d:0d:2b:c0:39:76:a3:da:ce:
15:6d:91:25:ab:58:b6:27:7d:4d:1b:d0:ff:68:83:8a:46:8b:
8e:c4:80:37:3e:20:5c:12:2b:e0:6c:f2:07:4d:4e:f6:f8:ab:
c7:f1:f8:d9:a7:2a:f3:86:83:33:4d:a3:1a:e9:a4:a0:08:cb:
41:46:12:b8:cb:bf:01:64:fd:82:49:68:dd:7f:a8:eb:e9:ce:
97:76:07:db:a0:39:ea:3b:a3:40:eb:51:64:c6:51:b0:d2:7c:
2f:5a:61:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw2+76goTQcsjGbyUHx/0oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjlmYjE5MWJlZTUxY2RjNzQxNGE2OTYzMTk3Zjg2YmJm
MzEzYWIwHhcNMjUxMTExMDMwMDUyWhcNMjUxMTEyMDMwMDUyWjAzMTEwLwYDVQQD
Eyg4YTdiYTMwOWU3ZmMzNWM0MmRhMTVkODk4ZjQwZjgwYWQzZDA3M2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHH6KAZaP7ajTIXoST9/CKlA7/Go
xGIHiqN13kT8AB6Fm/PRvRoZYmPScuacozKplwpY3qpE1FPycx2DjqTXEIC+BILD
wD3QMLAeNkqzsq3jVCBWyRF6ZXxEHdDaNsUvS6O+2HJhNLounRF0+I7yKFp80We8
gFkWFkMn1BGQT9nVLz+LGEvJz9Cle2MwxQJkK2IXPdQQPvhzR2+Z0tXfHhSjua34
REs89kQZSjvwJs1E0o+p1F2sh+PM18uWxbBcZnZj1I6MVLORJ8f+wLvL1WCJ3+mN
kR26Wu46Zmrw6wA+A2DrqHY4mY7UePizgQW6gQS/wh9nXr1j239Z6To0wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIp7ownn/DXELaFdiY9A+ArT0HO7MB8GA1UdIwQY
MBaAFKNp+xkb7lHNx0FKaWMZf4a78xOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJuN0dSdnVVYzNIUVVwcFl4bF9ocnZ6RTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yMGRhNjAtYzcxOS00YmUxLThlNGYt
ZTE4MDUyZjM4MWJiLzEvbzJuN0dSdnVVYzNIUVVwcFl4bF9ocnZ6RTZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yMGRhNjAtYzcxOS00YmUxLThlNGYtZTE4MDUyZjM4MWJi
LzEvbzJuN0dSdnVVYzNIUVVwcFl4bF9ocnZ6RTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATz8qRyO0
k0mXVCukf3/wJO3f9ZURbkpqH+eQ6Xv5cUQCy5Hk8FJ+AqKgowGcoWt/ufh+mw8F
SrQOP8Oe9IoCqaXKHyote6Fjhg4pJhgOfcLU13DSJVcp4nkj5gwMt/IjRyP47pUk
kXMQYs11Dohq4lHqzubQjhh/mIg9qAJSM6RHZ4x7ciJRcUkL4R6qpJCvSiDZUqDI
HbIFPQ0rwDl2o9rOFW2RJatYtid9TRvQ/2iDikaLjsSANz4gXBIr4GzyB01O9vir
x/H42acq84aDM02jGumkoAjLQUYSuMu/AWT9gklo3X+o6+nOl3YH26A56jujQOtR
ZMZRsNJ8L1phyQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:47:23 2025 by rpki-client