Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0269c5-268c-45e9-8067-0f7a40b5f6f3/1/O2MTmh9PiMMM7iIckUajbbVU_3A.mft
File: O2MTmh9PiMMM7iIckUajbbVU_3A.mft (raw, json)
Hash identifier: vyC5WXvmvQrZlDBR54yXPtrY9L5lZChxVWRxnC1Gp34=
Subject key identifier: F9:EC:70:3A:13:25:3E:02:33:F9:45:76:13:34:21:C2:9F:93:C7:2C
Authority key identifier: 3B:63:13:9A:1F:4F:88:C3:0C:EE:22:1C:91:46:A3:6D:B5:54:FF:70
Certificate issuer: /CN=3b63139a1f4f88c30cee221c9146a36db554ff70
Certificate serial: 019A71B8B9FDE9B8C4EABDDE4E27E6DE92D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O2MTmh9PiMMM7iIckUajbbVU_3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/0269c5-268c-45e9-8067-0f7a40b5f6f3/1/O2MTmh9PiMMM7iIckUajbbVU_3A.mft
Manifest number: 09B9
Signing time: Tue 11 Nov 2025 07:02:02 +0000
Manifest this update: Tue 11 Nov 2025 07:02:02 +0000
Manifest next update: Wed 12 Nov 2025 07:02:02 +0000
Files and hashes: 1: JoFwTwAv-_c9ZLWMyBNEWDPvfas.roa (hash: ErYlkkNh49mz7B2O46c+uSN3yYpaocdKkRzHsCd2I3A=)
2: O2MTmh9PiMMM7iIckUajbbVU_3A.crl (hash: GNx9dhZfTwrAHQmY2sJ82ayki8k7lIZY0LEyHd7A6S8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/0269c5-268c-45e9-8067-0f7a40b5f6f3/1/O2MTmh9PiMMM7iIckUajbbVU_3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/0269c5-268c-45e9-8067-0f7a40b5f6f3/1/O2MTmh9PiMMM7iIckUajbbVU_3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/O2MTmh9PiMMM7iIckUajbbVU_3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:b9:fd:e9:b8:c4:ea:bd:de:4e:27:e6:de:92:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b63139a1f4f88c30cee221c9146a36db554ff70
Validity
Not Before: Nov 11 07:02:02 2025 GMT
Not After : Nov 12 07:02:02 2025 GMT
Subject: CN=f9ec703a13253e0233f94576133421c29f93c72c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:70:0b:6e:0e:b8:11:bd:3b:5f:94:a9:4f:b0:
fd:8a:ac:10:98:1d:96:37:d0:17:aa:14:ab:4d:74:
15:90:98:18:a4:fe:8d:38:82:c2:19:ab:a9:fa:53:
97:27:a4:9a:21:ee:6a:ca:b9:d8:d3:da:bf:43:f1:
db:54:1b:6a:20:79:f4:d7:97:dc:62:56:0f:48:71:
02:dc:35:c3:aa:07:b7:33:00:77:8d:61:9a:bc:95:
fb:2d:79:5b:4c:30:d7:d7:98:01:0a:2b:53:4c:c5:
cb:e1:71:6d:03:09:ce:ac:89:8b:e0:fc:c8:df:04:
0f:c3:af:91:99:af:38:41:18:3b:a0:d3:e7:b7:ea:
a0:77:86:2e:84:fe:eb:e8:8a:20:b3:14:0d:1e:ad:
54:7c:cf:52:86:66:bc:eb:20:57:6f:0a:c9:26:76:
2b:60:be:fb:58:83:00:8f:10:b2:f7:87:fc:b9:db:
e3:dd:c3:1a:e8:0b:9e:58:c8:11:f4:87:ae:61:94:
bc:7d:7c:99:65:cf:5f:bd:a8:36:92:99:e0:2e:c9:
b6:d7:89:e6:6c:b0:81:eb:88:a9:e8:d8:18:d6:c1:
89:ae:d6:84:35:79:a9:85:af:44:6e:91:cc:e6:88:
6b:a8:81:3d:31:f5:f7:d1:bf:2f:df:54:b3:c0:e9:
7a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:EC:70:3A:13:25:3E:02:33:F9:45:76:13:34:21:C2:9F:93:C7:2C
X509v3 Authority Key Identifier:
keyid:3B:63:13:9A:1F:4F:88:C3:0C:EE:22:1C:91:46:A3:6D:B5:54:FF:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O2MTmh9PiMMM7iIckUajbbVU_3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0269c5-268c-45e9-8067-0f7a40b5f6f3/1/O2MTmh9PiMMM7iIckUajbbVU_3A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0269c5-268c-45e9-8067-0f7a40b5f6f3/1/O2MTmh9PiMMM7iIckUajbbVU_3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:a4:a8:f6:fa:72:3c:41:5d:70:40:9d:f9:89:b4:a5:76:98:
27:86:68:77:25:2f:17:3f:bc:50:a4:ef:64:44:a5:d8:86:f7:
72:08:c6:05:22:fa:d6:a9:a7:88:4c:a3:6f:1d:e8:43:ca:08:
9f:2d:08:98:c8:1e:c3:b1:37:f3:a5:a8:79:3f:72:e4:bd:a2:
78:d9:9b:3b:2c:4f:49:ec:1a:34:e9:d3:9b:24:0d:db:9f:6f:
15:ad:18:9a:6d:12:ab:9c:49:10:85:3d:83:c5:d6:c5:36:05:
7f:13:c1:c5:aa:2e:dc:ff:db:fd:7b:f8:bd:77:db:c4:a6:71:
ff:ea:5d:fe:d3:4a:cc:bd:6b:0f:67:d6:f0:cb:9f:52:7b:57:
47:68:2d:1b:1b:8c:30:7d:b5:db:d9:88:0a:20:b6:48:95:0d:
c0:1e:68:c5:bf:23:cf:96:97:39:43:0a:5f:2d:6c:1f:9e:c7:
52:f1:a9:7a:35:c7:f8:ea:6b:55:59:1b:86:e0:06:db:37:86:
ba:bc:d2:9f:04:1f:79:5e:e5:e8:16:c7:43:77:77:2a:79:3b:
0f:97:de:d2:6b:eb:d9:c6:bb:b2:5c:5d:7f:b2:00:0d:01:95:
b6:3a:f2:49:6c:3f:ad:d6:95:04:a4:f4:68:6c:fc:81:09:bc:
bb:a0:b7:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuLn96bjE6r3eTifm3pLXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNjMxMzlhMWY0Zjg4YzMwY2VlMjIxYzkxNDZhMzZkYjU1
NGZmNzAwHhcNMjUxMTExMDcwMjAyWhcNMjUxMTEyMDcwMjAyWjAzMTEwLwYDVQQD
EyhmOWVjNzAzYTEzMjUzZTAyMzNmOTQ1NzYxMzM0MjFjMjlmOTNjNzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnALbg64Eb07X5SpT7D9iqwQmB2W
N9AXqhSrTXQVkJgYpP6NOILCGaup+lOXJ6SaIe5qyrnY09q/Q/HbVBtqIHn015fc
YlYPSHEC3DXDqge3MwB3jWGavJX7LXlbTDDX15gBCitTTMXL4XFtAwnOrImL4PzI
3wQPw6+Rma84QRg7oNPnt+qgd4YuhP7r6IogsxQNHq1UfM9Shma86yBXbwrJJnYr
YL77WIMAjxCy94f8udvj3cMa6AueWMgR9IeuYZS8fXyZZc9fvag2kpngLsm214nm
bLCB64ip6NgY1sGJrtaENXmpha9EbpHM5ohrqIE9MfX30b8v31SzwOl6IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPnscDoTJT4CM/lFdhM0IcKfk8csMB8GA1UdIwQY
MBaAFDtjE5ofT4jDDO4iHJFGo221VP9wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzJNVG1oOVBpTU1NN2lJY2tVYWpiYlZVXzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMjY5YzUtMjY4Yy00NWU5LTgwNjct
MGY3YTQwYjVmNmYzLzEvTzJNVG1oOVBpTU1NN2lJY2tVYWpiYlZVXzNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMjY5YzUtMjY4Yy00NWU5LTgwNjctMGY3YTQwYjVmNmYz
LzEvTzJNVG1oOVBpTU1NN2lJY2tVYWpiYlZVXzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMKSo9vpy
PEFdcECd+Ym0pXaYJ4ZodyUvFz+8UKTvZESl2Ib3cgjGBSL61qmniEyjbx3oQ8oI
ny0ImMgew7E386WoeT9y5L2ieNmbOyxPSewaNOnTmyQN259vFa0Ymm0Sq5xJEIU9
g8XWxTYFfxPBxaou3P/b/Xv4vXfbxKZx/+pd/tNKzL1rD2fW8MufUntXR2gtGxuM
MH2129mICiC2SJUNwB5oxb8jz5aXOUMKXy1sH57HUvGpejXH+OprVVkbhuAG2zeG
urzSnwQfeV7l6BbHQ3d3Knk7D5fe0mvr2ca7slxdf7IADQGVtjrySWw/rdaVBKT0
aGz8gQm8u6C3ZQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:38:48 2025 by rpki-client