Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.mft
File: 0KOFQs_bHubgdermsQHnu1sUxDY.mft (raw, json)
Hash identifier: kwCBwn/+F3uVMqBrWhMS4VTfDdcaOU5oMej3MgZk3s8=
Subject key identifier: 06:AD:C4:E6:6B:C9:9E:96:99:07:1D:F0:55:10:6D:B2:4B:1C:10:CF
Authority key identifier: D0:A3:85:42:CF:DB:1E:E6:E0:75:EA:E6:B1:01:E7:BB:5B:14:C4:36
Certificate issuer: /CN=d0a38542cfdb1ee6e075eae6b101e7bb5b14c436
Certificate serial: 019A71B7E969247603F5747298B9C1A4FC02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0KOFQs_bHubgdermsQHnu1sUxDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.mft
Manifest number: 13B7
Signing time: Tue 11 Nov 2025 07:01:09 +0000
Manifest this update: Tue 11 Nov 2025 07:01:09 +0000
Manifest next update: Wed 12 Nov 2025 07:01:09 +0000
Files and hashes: 1: 0KOFQs_bHubgdermsQHnu1sUxDY.crl (hash: 4YyMkGYKCDsnhgH9+3egG+z6YI7UNUrtDetkHm836ME=)
2: KrQvju8wsP_1pgegWQDfP_dBbsE.roa (hash: 41ILiMyCbiBXLBStCWRCt8ZnN2evNZdt0aku7rFi6gM=)
3: MT4hr9PSkUajZkci1pWS9v2orok.roa (hash: qezGbt2cfl90iVziKgXNGmy2fO9q+dUTbPbEn9xA5FQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.mft
rsync://rpki.ripe.net/repository/DEFAULT/0KOFQs_bHubgdermsQHnu1sUxDY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:e9:69:24:76:03:f5:74:72:98:b9:c1:a4:fc:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0a38542cfdb1ee6e075eae6b101e7bb5b14c436
Validity
Not Before: Nov 11 07:01:09 2025 GMT
Not After : Nov 12 07:01:09 2025 GMT
Subject: CN=06adc4e66bc99e9699071df055106db24b1c10cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1a:2c:31:da:03:75:53:45:cd:7e:c0:eb:a4:
a1:b8:1e:0d:92:22:04:dd:4a:a8:11:48:65:b4:22:
72:00:bc:84:1b:e9:0a:7e:06:2f:c5:9f:9c:8f:3d:
dd:3b:cc:43:cc:93:43:c2:d0:66:b8:47:fe:45:44:
28:3f:6e:f3:82:6f:3c:3b:33:cd:f0:fc:f9:92:4c:
3b:c3:c4:1e:c2:fe:6a:73:83:ec:7e:cb:9b:4d:dd:
56:e2:2d:89:c3:89:0e:f3:e3:41:ba:a6:c6:07:78:
e8:f1:06:ff:82:c7:c2:12:d3:98:db:1a:ed:b6:10:
6c:9d:59:87:c9:07:c1:f4:98:0d:2a:2b:26:bc:2e:
f0:a5:31:9c:93:e5:86:ad:04:42:5b:1c:9d:7c:92:
b7:7b:26:37:7f:4b:69:05:c3:fe:c8:85:7a:50:2b:
32:a7:8f:e2:f2:60:51:d1:61:e2:ea:1f:47:98:c4:
ab:86:08:ba:dd:b5:09:13:de:8d:43:ed:2b:b0:84:
b7:22:43:71:7f:9c:67:47:6f:3b:3d:f5:49:29:c8:
5d:e5:f2:03:dc:54:c0:00:37:b7:c1:22:95:53:db:
b7:51:58:46:23:59:1a:f5:58:01:1d:57:42:db:81:
37:64:6b:be:21:c1:ee:2b:87:66:ef:1d:a9:b5:e4:
e4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:AD:C4:E6:6B:C9:9E:96:99:07:1D:F0:55:10:6D:B2:4B:1C:10:CF
X509v3 Authority Key Identifier:
keyid:D0:A3:85:42:CF:DB:1E:E6:E0:75:EA:E6:B1:01:E7:BB:5B:14:C4:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0KOFQs_bHubgdermsQHnu1sUxDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:ea:9f:f4:a3:d9:03:2e:88:ae:a7:76:2f:8a:dc:12:7e:df:
41:00:45:2e:65:31:93:67:6a:e2:88:ca:04:bb:b4:de:50:ed:
99:83:01:8d:4b:9d:e7:f1:47:d8:c0:48:53:77:56:73:a2:f8:
3d:26:cb:52:61:30:3b:0f:fe:c9:3b:92:3d:90:f0:fe:00:14:
39:bc:4a:01:59:04:ae:3b:15:61:41:b4:12:78:35:eb:6b:c6:
b9:f5:ce:ec:40:6a:cd:32:cb:fa:d0:d8:70:75:8e:d2:d7:18:
f0:98:9e:f1:83:78:39:06:9f:5c:5c:ea:d9:9d:9c:ba:12:de:
c4:df:23:c0:be:7a:2c:91:a3:04:68:e1:79:c4:0a:d4:26:9f:
48:51:c6:44:d5:9f:ac:89:9c:8c:9c:e7:4d:25:d4:29:e8:b3:
08:a0:77:b2:bf:4c:83:f0:16:7c:91:94:3c:a3:0b:68:dc:45:
bf:37:7a:4d:47:5b:24:a6:e5:ee:00:c9:a6:ad:01:cd:4b:21:
cc:56:b2:6e:65:c2:24:6e:81:19:c0:d4:0f:cb:7c:a6:e3:4b:
71:f5:bf:ff:68:79:14:49:02:22:77:67:84:7f:be:57:ca:c1:
31:51:f5:ed:34:2c:08:2b:78:c5:28:c5:41:ce:ee:f0:9d:90:
c2:2c:93:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+lpJHYD9XRymLnBpPwCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYTM4NTQyY2ZkYjFlZTZlMDc1ZWFlNmIxMDFlN2JiNWIx
NGM0MzYwHhcNMjUxMTExMDcwMTA5WhcNMjUxMTEyMDcwMTA5WjAzMTEwLwYDVQQD
EygwNmFkYzRlNjZiYzk5ZTk2OTkwNzFkZjA1NTEwNmRiMjRiMWMxMGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBosMdoDdVNFzX7A66ShuB4NkiIE
3UqoEUhltCJyALyEG+kKfgYvxZ+cjz3dO8xDzJNDwtBmuEf+RUQoP27zgm88OzPN
8Pz5kkw7w8Qewv5qc4PsfsubTd1W4i2Jw4kO8+NBuqbGB3jo8Qb/gsfCEtOY2xrt
thBsnVmHyQfB9JgNKismvC7wpTGck+WGrQRCWxydfJK3eyY3f0tpBcP+yIV6UCsy
p4/i8mBR0WHi6h9HmMSrhgi63bUJE96NQ+0rsIS3IkNxf5xnR287PfVJKchd5fID
3FTAADe3wSKVU9u3UVhGI1ka9VgBHVdC24E3ZGu+IcHuK4dm7x2pteTkPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAatxOZryZ6WmQcd8FUQbbJLHBDPMB8GA1UdIwQY
MBaAFNCjhULP2x7m4HXq5rEB57tbFMQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEtPRlFzX2JIdWJnZGVybXNRSG51MXNVeERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8zZjA0YzktZTZlMS00NTA2LWI4ZmEt
NDBkMTkxMWZhN2YzLzEvMEtPRlFzX2JIdWJnZGVybXNRSG51MXNVeERZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8zZjA0YzktZTZlMS00NTA2LWI4ZmEtNDBkMTkxMWZhN2Yz
LzEvMEtPRlFzX2JIdWJnZGVybXNRSG51MXNVeERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKeqf9KPZ
Ay6Irqd2L4rcEn7fQQBFLmUxk2dq4ojKBLu03lDtmYMBjUud5/FH2MBIU3dWc6L4
PSbLUmEwOw/+yTuSPZDw/gAUObxKAVkErjsVYUG0Eng162vGufXO7EBqzTLL+tDY
cHWO0tcY8Jie8YN4OQafXFzq2Z2cuhLexN8jwL56LJGjBGjhecQK1CafSFHGRNWf
rImcjJznTSXUKeizCKB3sr9Mg/AWfJGUPKMLaNxFvzd6TUdbJKbl7gDJpq0BzUsh
zFaybmXCJG6BGcDUD8t8puNLcfW//2h5FEkCIndnhH++V8rBMVH17TQsCCt4xSjF
Qc7u8J2QwiyTfg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:09:47 2025 by rpki-client