Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
File: oCN2bGLetRKXFVcI7MtCHIsEeAo.mft (raw, json)
Hash identifier: zzxyJtIneAWS/v+GanU5SNSrovvnv/o5N18bgUmC7q4=
Subject key identifier: 8B:A0:7F:D1:FC:D2:60:51:A5:51:70:E5:A4:C4:0D:30:A1:ED:F2:75
Authority key identifier: A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A
Certificate issuer: /CN=a023766c62deb51297155708eccb421c8b04780a
Certificate serial: 019A7225D398A1CC152964CD9B7DCCBE3A93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
Manifest number: 1471
Signing time: Tue 11 Nov 2025 09:01:12 +0000
Manifest this update: Tue 11 Nov 2025 09:01:12 +0000
Manifest next update: Wed 12 Nov 2025 09:01:12 +0000
Files and hashes: 1: PsA85a4H5xNStqYehaGt_kPhY_U.roa (hash: CXsyF83m91+hpp7kQqr/RLoFFacqimzuhgmwugEeGmk=)
2: oCN2bGLetRKXFVcI7MtCHIsEeAo.crl (hash: hrXO8//Xq+Y24A5Nh6kNnlXco7+j5xk9OmgxTP+Oulo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:d3:98:a1:cc:15:29:64:cd:9b:7d:cc:be:3a:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a023766c62deb51297155708eccb421c8b04780a
Validity
Not Before: Nov 11 09:01:12 2025 GMT
Not After : Nov 12 09:01:12 2025 GMT
Subject: CN=8ba07fd1fcd26051a55170e5a4c40d30a1edf275
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d3:d9:5b:d7:54:ba:77:39:48:97:a7:d3:b8:
52:0c:f6:4c:28:df:94:f5:7c:0f:21:bf:74:a6:c9:
48:31:2b:91:56:03:0b:e2:4e:70:b5:45:75:cd:b2:
b4:e3:b7:d2:7a:7f:6d:64:72:3f:bf:2c:bb:df:19:
6d:ea:18:76:bf:21:a8:d5:fb:4c:34:22:10:ed:54:
5b:f5:81:33:b7:c8:19:69:fe:dc:c0:94:f1:9c:c0:
10:64:7f:83:7c:ba:e0:a3:bf:e9:6e:61:3d:c3:3e:
d3:43:18:d0:a5:73:ef:cd:6c:d4:0d:23:85:a6:a0:
08:d8:67:df:9d:b8:9d:98:99:02:87:9c:ba:28:1a:
76:56:0f:fd:95:0a:c0:64:0b:4d:02:6f:f6:f7:1b:
01:e7:5d:ed:f5:4b:79:80:a4:e2:32:7f:b1:c6:47:
54:5d:da:75:42:dd:60:63:3f:71:b9:a2:b3:9a:ab:
91:8b:31:10:48:f0:b4:d8:05:63:0b:e4:36:bb:63:
9f:63:71:0e:32:88:fe:87:74:af:1d:4b:c7:72:f1:
32:8e:e1:f5:6a:35:15:d1:83:43:99:7a:94:cb:dd:
b8:c4:9d:5c:07:4e:69:5c:83:15:69:72:e6:71:5d:
55:01:37:f2:7c:1f:37:8a:bb:4a:a8:68:a5:d0:3b:
ef:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:A0:7F:D1:FC:D2:60:51:A5:51:70:E5:A4:C4:0D:30:A1:ED:F2:75
X509v3 Authority Key Identifier:
keyid:A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a8:2a:f7:ee:c3:16:28:cd:88:65:91:40:20:e3:ab:ab:c9:03:
87:f0:2f:dd:19:39:a7:65:7e:74:9a:ec:ad:d9:1c:8b:62:14:
fa:39:0f:87:bd:98:6e:2a:2f:d5:9e:b7:f2:26:06:64:7c:4c:
21:fa:58:c3:45:4c:f8:f8:f3:9f:7a:b8:ba:99:36:49:6b:40:
cf:6f:cc:5e:78:c4:02:e5:47:49:b3:1c:8c:47:1c:5d:bd:23:
7f:30:72:a4:4b:57:05:97:06:10:fe:eb:37:8e:0a:8d:d2:f6:
5c:b6:e5:1e:90:b6:1d:d9:82:be:f6:d1:72:06:4c:2e:a5:c1:
ac:48:35:ee:66:ab:a1:3a:13:e8:77:2c:52:ba:43:f0:e3:c5:
59:9a:35:3c:60:15:97:3a:dc:39:11:11:54:cc:07:7d:a7:87:
9d:81:e4:44:64:31:56:f5:4a:ca:b3:91:67:d8:c1:ec:c7:9b:
9d:0d:c0:d4:c6:80:5a:0f:34:24:6a:82:07:3c:fd:da:60:d3:
fa:90:b6:d9:86:8e:0c:b5:2c:3a:45:97:4a:05:f7:05:87:de:
6c:23:d2:45:6d:bd:51:73:c0:e2:11:33:22:2d:79:cc:0d:b3:
87:d4:6a:1d:c6:d9:b5:58:cc:18:bb:c7:73:ea:11:1c:4c:7b:
4e:c8:39:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJdOYocwVKWTNm33MvjqTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjM3NjZjNjJkZWI1MTI5NzE1NTcwOGVjY2I0MjFjOGIw
NDc4MGEwHhcNMjUxMTExMDkwMTEyWhcNMjUxMTEyMDkwMTEyWjAzMTEwLwYDVQQD
Eyg4YmEwN2ZkMWZjZDI2MDUxYTU1MTcwZTVhNGM0MGQzMGExZWRmMjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NPZW9dUunc5SJen07hSDPZMKN+U
9XwPIb90pslIMSuRVgML4k5wtUV1zbK047fSen9tZHI/vyy73xlt6hh2vyGo1ftM
NCIQ7VRb9YEzt8gZaf7cwJTxnMAQZH+DfLrgo7/pbmE9wz7TQxjQpXPvzWzUDSOF
pqAI2GffnbidmJkCh5y6KBp2Vg/9lQrAZAtNAm/29xsB513t9Ut5gKTiMn+xxkdU
Xdp1Qt1gYz9xuaKzmquRizEQSPC02AVjC+Q2u2OfY3EOMoj+h3SvHUvHcvEyjuH1
ajUV0YNDmXqUy924xJ1cB05pXIMVaXLmcV1VATfyfB83irtKqGil0DvvjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIugf9H80mBRpVFw5aTEDTCh7fJ1MB8GA1UdIwQY
MBaAFKAjdmxi3rUSlxVXCOzLQhyLBHgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAt
YTNhMTAwZWY4NmRlLzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAtYTNhMTAwZWY4NmRl
LzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqCr37sMW
KM2IZZFAIOOrq8kDh/Av3Rk5p2V+dJrsrdkci2IU+jkPh72Ybiov1Z638iYGZHxM
IfpYw0VM+Pjzn3q4upk2SWtAz2/MXnjEAuVHSbMcjEccXb0jfzBypEtXBZcGEP7r
N44KjdL2XLblHpC2HdmCvvbRcgZMLqXBrEg17maroToT6HcsUrpD8OPFWZo1PGAV
lzrcORERVMwHfaeHnYHkRGQxVvVKyrORZ9jB7MebnQ3A1MaAWg80JGqCBzz92mDT
+pC22YaODLUsOkWXSgX3BYfebCPSRW29UXPA4hEzIi15zA2zh9RqHcbZtVjMGLvH
c+oRHEx7Tsg5fA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:52:32 2025 by rpki-client