Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
File: otCM3GpDDvDaiCmRcla2rY0KNvk.mft (raw, json)
Hash identifier: qaKkBzmw183pE2rLTrKJaRDgO+87ZfZst94cfGJ8QeU=
Subject key identifier: E7:C7:0A:27:68:49:01:AA:F7:08:58:05:A4:C6:49:4B:9D:FA:D6:07
Authority key identifier: A2:D0:8C:DC:6A:43:0E:F0:DA:88:29:91:72:56:B6:AD:8D:0A:36:F9
Certificate issuer: /CN=a2d08cdc6a430ef0da8829917256b6ad8d0a36f9
Certificate serial: 019A71B869B0724BE7FFFFC6D9A14C8CC393
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
Manifest number: 0942
Signing time: Tue 11 Nov 2025 07:01:42 +0000
Manifest this update: Tue 11 Nov 2025 07:01:42 +0000
Manifest next update: Wed 12 Nov 2025 07:01:42 +0000
Files and hashes: 1: otCM3GpDDvDaiCmRcla2rY0KNvk.crl (hash: NtLSymH2N7EaIuMyGgl8SYONCJmD6SNvDrgZqjSpEnk=)
2: uWHHQqBwsm-RgF6BGlPrCIiU5u8.roa (hash: c70DUe86Dscr+BOk1RbQf+gmFBszpSvbzYy8111R1f4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:69:b0:72:4b:e7:ff:ff:c6:d9:a1:4c:8c:c3:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d08cdc6a430ef0da8829917256b6ad8d0a36f9
Validity
Not Before: Nov 11 07:01:42 2025 GMT
Not After : Nov 12 07:01:42 2025 GMT
Subject: CN=e7c70a27684901aaf7085805a4c6494b9dfad607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3a:e2:fb:07:82:16:14:fb:05:2f:2f:0a:e8:
ee:4b:db:30:ae:11:29:da:c2:fa:b0:33:57:ba:b4:
6c:0a:37:1f:8d:ff:5e:65:b0:8d:e1:ac:bd:91:08:
d0:5e:5e:23:73:4a:7a:73:8c:7c:c5:f3:43:21:9b:
ce:21:60:c9:97:68:5c:cb:22:ff:02:98:06:94:31:
a8:ff:ed:f8:35:95:7a:fa:7a:2b:4f:40:8e:7d:86:
7a:02:1a:76:0a:6e:86:4f:14:39:4b:5c:d8:48:eb:
56:12:23:5a:31:cf:ad:3d:5c:f8:84:da:98:64:7b:
1a:d8:1c:b2:9b:f8:19:18:18:e7:8c:d6:35:55:09:
21:86:97:7c:04:8b:d6:24:94:2e:e8:2e:44:b8:a7:
dd:94:41:ef:34:23:7e:e6:58:8b:18:a1:3b:54:e6:
d7:2a:76:ec:46:90:43:d3:f6:4e:5e:2e:5e:3c:4b:
80:ab:da:37:b4:5f:56:22:cf:b7:5d:e9:f0:f0:60:
36:35:85:fa:ae:8f:36:5d:7a:62:88:b5:b5:9c:39:
fc:d2:61:e0:32:c9:7a:63:20:54:09:c1:98:fc:1d:
08:c0:23:52:ee:6e:d6:b1:f4:50:71:c1:de:df:65:
bc:f8:dd:31:34:fe:f4:ce:b1:e3:f8:04:31:ec:a6:
77:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C7:0A:27:68:49:01:AA:F7:08:58:05:A4:C6:49:4B:9D:FA:D6:07
X509v3 Authority Key Identifier:
keyid:A2:D0:8C:DC:6A:43:0E:F0:DA:88:29:91:72:56:B6:AD:8D:0A:36:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
94:62:0a:6d:d3:b2:ef:5a:f1:53:31:cc:a1:21:18:e8:60:18:
b2:bb:d3:68:cc:b5:dc:d2:eb:85:e7:e9:72:8a:f0:cf:f8:88:
00:19:a2:1f:9f:f2:b8:06:ed:2c:bf:52:04:56:ac:ca:f0:3f:
46:5a:8d:4b:34:b4:1c:38:69:75:8d:4b:a4:51:42:d2:3b:02:
45:ee:c7:74:af:2e:2f:a1:6d:24:e8:d6:09:26:2e:82:df:8a:
9d:d1:75:5e:03:20:76:60:e1:f5:da:b5:3b:94:58:55:a3:a5:
b3:11:26:54:40:dd:e7:17:31:4e:8f:ea:79:1d:21:3f:5f:b2:
f9:ec:bc:12:1e:5f:24:1f:23:c2:f7:ca:71:b5:ea:a9:f9:3f:
ce:8a:27:56:cc:13:81:ae:e8:ad:10:c1:13:79:3e:e9:5f:07:
e4:f7:da:83:4e:2f:28:33:26:04:47:17:43:46:67:f9:c9:85:
73:d5:11:cb:90:2e:cb:25:9f:75:5b:0b:cb:f5:f7:f1:33:61:
c8:eb:4f:05:d1:e1:8e:82:ff:90:1e:92:1f:35:ad:4a:c3:e3:
37:f2:5a:44:d7:bb:09:16:c7:80:91:8d:7c:8f:de:6b:01:d7:
46:7b:0d:72:c8:33:58:e5:8a:c9:54:46:69:94:0e:62:4c:bc:
0d:a8:02:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuGmwckvn///G2aFMjMOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDA4Y2RjNmE0MzBlZjBkYTg4Mjk5MTcyNTZiNmFkOGQw
YTM2ZjkwHhcNMjUxMTExMDcwMTQyWhcNMjUxMTEyMDcwMTQyWjAzMTEwLwYDVQQD
EyhlN2M3MGEyNzY4NDkwMWFhZjcwODU4MDVhNGM2NDk0YjlkZmFkNjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzri+weCFhT7BS8vCujuS9swrhEp
2sL6sDNXurRsCjcfjf9eZbCN4ay9kQjQXl4jc0p6c4x8xfNDIZvOIWDJl2hcyyL/
ApgGlDGo/+34NZV6+norT0COfYZ6Ahp2Cm6GTxQ5S1zYSOtWEiNaMc+tPVz4hNqY
ZHsa2Byym/gZGBjnjNY1VQkhhpd8BIvWJJQu6C5EuKfdlEHvNCN+5liLGKE7VObX
KnbsRpBD0/ZOXi5ePEuAq9o3tF9WIs+3Xenw8GA2NYX6ro82XXpiiLW1nDn80mHg
Msl6YyBUCcGY/B0IwCNS7m7WsfRQccHe32W8+N0xNP70zrHj+AQx7KZ3cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOfHCidoSQGq9whYBaTGSUud+tYHMB8GA1UdIwQY
MBaAFKLQjNxqQw7w2ogpkXJWtq2NCjb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9iYzE5Y2MtMGY1My00ZDEwLWFmOTMt
ZGMwMWExOWIyODU2LzEvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9iYzE5Y2MtMGY1My00ZDEwLWFmOTMtZGMwMWExOWIyODU2
LzEvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlGIKbdOy
71rxUzHMoSEY6GAYsrvTaMy13NLrhefpcorwz/iIABmiH5/yuAbtLL9SBFasyvA/
RlqNSzS0HDhpdY1LpFFC0jsCRe7HdK8uL6FtJOjWCSYugt+KndF1XgMgdmDh9dq1
O5RYVaOlsxEmVEDd5xcxTo/qeR0hP1+y+ey8Eh5fJB8jwvfKcbXqqfk/zoonVswT
ga7orRDBE3k+6V8H5Pfag04vKDMmBEcXQ0Zn+cmFc9URy5AuyyWfdVsLy/X38TNh
yOtPBdHhjoL/kB6SHzWtSsPjN/JaRNe7CRbHgJGNfI/eawHXRnsNcsgzWOWKyVRG
aZQOYky8DagCpw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:17 2025 by rpki-client