Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/fc7657-063e-4af7-89e6-f9fea34b6b01/1/OYhH9wo15xCETpu4omK-3bQLfMk.mft
File: OYhH9wo15xCETpu4omK-3bQLfMk.mft (raw, json)
Hash identifier: gDfMIchOLBbrcH5DJt0tZWDgzLpb8dTm15+PurkdChQ=
Subject key identifier: 10:BC:15:9C:82:FE:59:9D:81:5A:B0:F6:BE:A3:F6:13:A6:68:C2:6C
Authority key identifier: 39:88:47:F7:0A:35:E7:10:84:4E:9B:B8:A2:62:BE:DD:B4:0B:7C:C9
Certificate issuer: /CN=398847f70a35e710844e9bb8a262beddb40b7cc9
Certificate serial: 019A71130DA44DE39D65B32FE7210E680BA5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OYhH9wo15xCETpu4omK-3bQLfMk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/fc7657-063e-4af7-89e6-f9fea34b6b01/1/OYhH9wo15xCETpu4omK-3bQLfMk.mft
Manifest number: 04E2
Signing time: Tue 11 Nov 2025 04:01:05 +0000
Manifest this update: Tue 11 Nov 2025 04:01:05 +0000
Manifest next update: Wed 12 Nov 2025 04:01:05 +0000
Files and hashes: 1: AKsS4j3-VaOHBWSMj23g7vx6Zz4.roa (hash: U4YaSKjxHoIRGGCP7ydVCxsh9Cu5QYl71iaS4zOmA2c=)
2: OYhH9wo15xCETpu4omK-3bQLfMk.crl (hash: /CxIyb3n9zDkGkQo1a0qsxr0NjlJfXuVbNPJmxZDpZA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/fc7657-063e-4af7-89e6-f9fea34b6b01/1/OYhH9wo15xCETpu4omK-3bQLfMk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/fc7657-063e-4af7-89e6-f9fea34b6b01/1/OYhH9wo15xCETpu4omK-3bQLfMk.mft
rsync://rpki.ripe.net/repository/DEFAULT/OYhH9wo15xCETpu4omK-3bQLfMk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:0d:a4:4d:e3:9d:65:b3:2f:e7:21:0e:68:0b:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=398847f70a35e710844e9bb8a262beddb40b7cc9
Validity
Not Before: Nov 11 04:01:05 2025 GMT
Not After : Nov 12 04:01:05 2025 GMT
Subject: CN=10bc159c82fe599d815ab0f6bea3f613a668c26c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9b:a3:5b:cd:dc:f2:06:82:20:1c:d5:7a:1f:
36:0d:cc:0c:ea:f2:43:da:fb:f5:0f:e1:62:36:9c:
38:36:f8:a9:ad:e2:24:51:35:29:7d:8f:d8:e9:e6:
d8:70:a6:4f:12:74:ba:7b:ef:b4:b1:23:92:6a:c7:
f1:de:fc:19:74:e9:96:54:35:c1:38:a5:54:48:43:
78:72:fd:f3:bf:d2:82:49:6f:43:0f:12:40:f3:6e:
08:76:e7:7e:b1:2f:a5:ab:f6:7f:6a:8f:df:4c:88:
c2:7f:a5:ca:d4:6f:b7:78:d3:59:c5:20:8e:f1:e0:
d5:ae:d8:06:58:ef:a2:6f:8e:92:26:f6:b3:bc:b7:
d1:6c:2c:6a:53:62:26:5a:42:d0:fe:c2:92:48:c9:
f0:e4:dd:08:fc:13:92:07:86:df:a0:fa:ba:1c:f2:
bf:a4:d2:0b:19:31:d4:4f:b4:0a:5d:f5:36:c4:08:
75:6e:60:bb:fd:a6:3b:f0:a9:53:a7:13:fd:2b:23:
80:53:17:c7:03:0a:0e:ec:93:b3:c6:35:f2:d0:82:
1b:92:b1:e0:08:a1:74:aa:30:23:4a:9b:d4:cf:dc:
00:e0:af:c7:bf:ea:0b:d3:f5:de:9c:55:77:fb:89:
94:c5:d1:b9:c8:ec:87:b5:90:03:89:4f:02:d1:58:
d9:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:BC:15:9C:82:FE:59:9D:81:5A:B0:F6:BE:A3:F6:13:A6:68:C2:6C
X509v3 Authority Key Identifier:
keyid:39:88:47:F7:0A:35:E7:10:84:4E:9B:B8:A2:62:BE:DD:B4:0B:7C:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYhH9wo15xCETpu4omK-3bQLfMk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/fc7657-063e-4af7-89e6-f9fea34b6b01/1/OYhH9wo15xCETpu4omK-3bQLfMk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/fc7657-063e-4af7-89e6-f9fea34b6b01/1/OYhH9wo15xCETpu4omK-3bQLfMk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:df:51:a1:ff:ce:3c:fc:67:cd:2c:85:2b:35:03:e1:88:7e:
a8:82:c8:51:76:17:df:bb:54:24:b1:d8:ad:e5:94:9b:25:95:
d2:a5:21:6f:a6:e2:56:27:dc:b1:2b:50:75:df:73:5a:e6:2e:
1e:8f:cf:e7:75:41:3c:ab:63:98:50:ae:7c:e5:cb:91:be:a7:
c0:1c:81:32:d1:a6:15:a3:38:c2:b7:68:2f:37:a2:9b:ea:6c:
e9:08:03:1e:89:fe:24:89:05:bc:eb:05:b0:31:fb:62:1d:6f:
3e:45:5f:a4:ba:f9:4a:d6:9f:2e:1f:bc:08:3c:f7:00:cc:3e:
86:fc:da:fa:2c:30:b7:25:04:8e:cb:2e:c4:aa:59:38:b2:f9:
48:a9:75:89:fb:c0:45:e2:c6:8b:a8:24:f2:27:d0:51:46:5a:
fa:f4:80:40:82:76:b9:a1:62:9f:89:d4:da:1e:f5:61:72:09:
0f:c9:13:ec:f9:b2:ba:dd:a3:06:df:8a:1b:b1:4c:75:f4:f6:
99:5e:bf:dd:05:9b:ee:c7:ac:ea:fd:cb:f7:a9:a8:ac:72:cc:
56:6d:14:7e:ea:45:0f:e5:97:6b:66:c2:96:89:48:79:0b:7e:
27:c0:91:89:b4:a7:2e:50:ed:2a:83:ce:e3:e7:ac:96:02:2c:
92:b2:f5:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEw2kTeOdZbMv5yEOaAulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ODg0N2Y3MGEzNWU3MTA4NDRlOWJiOGEyNjJiZWRkYjQw
YjdjYzkwHhcNMjUxMTExMDQwMTA1WhcNMjUxMTEyMDQwMTA1WjAzMTEwLwYDVQQD
EygxMGJjMTU5YzgyZmU1OTlkODE1YWIwZjZiZWEzZjYxM2E2NjhjMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5ujW83c8gaCIBzVeh82DcwM6vJD
2vv1D+FiNpw4NvipreIkUTUpfY/Y6ebYcKZPEnS6e++0sSOSasfx3vwZdOmWVDXB
OKVUSEN4cv3zv9KCSW9DDxJA824Idud+sS+lq/Z/ao/fTIjCf6XK1G+3eNNZxSCO
8eDVrtgGWO+ib46SJvazvLfRbCxqU2ImWkLQ/sKSSMnw5N0I/BOSB4bfoPq6HPK/
pNILGTHUT7QKXfU2xAh1bmC7/aY78KlTpxP9KyOAUxfHAwoO7JOzxjXy0IIbkrHg
CKF0qjAjSpvUz9wA4K/Hv+oL0/XenFV3+4mUxdG5yOyHtZADiU8C0VjZ6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBC8FZyC/lmdgVqw9r6j9hOmaMJsMB8GA1UdIwQY
MBaAFDmIR/cKNecQhE6buKJivt20C3zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1loSDl3bzE1eENFVHB1NG9tSy0zYlFMZk1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9mYzc2NTctMDYzZS00YWY3LTg5ZTYt
ZjlmZWEzNGI2YjAxLzEvT1loSDl3bzE1eENFVHB1NG9tSy0zYlFMZk1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9mYzc2NTctMDYzZS00YWY3LTg5ZTYtZjlmZWEzNGI2YjAx
LzEvT1loSDl3bzE1eENFVHB1NG9tSy0zYlFMZk1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUt9Rof/O
PPxnzSyFKzUD4Yh+qILIUXYX37tUJLHYreWUmyWV0qUhb6biVifcsStQdd9zWuYu
Ho/P53VBPKtjmFCufOXLkb6nwByBMtGmFaM4wrdoLzeim+ps6QgDHon+JIkFvOsF
sDH7Yh1vPkVfpLr5StafLh+8CDz3AMw+hvza+iwwtyUEjssuxKpZOLL5SKl1ifvA
ReLGi6gk8ifQUUZa+vSAQIJ2uaFin4nU2h71YXIJD8kT7Pmyut2jBt+KG7FMdfT2
mV6/3QWb7ses6v3L96morHLMVm0UfupFD+WXa2bClolIeQt+J8CRibSnLlDtKoPO
4+eslgIskrL1XQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:38:13 2025 by rpki-client