Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/2b7dc2-c1de-4970-ab53-e5ada36fa1f3/1/oZUhxzUtHKw_mMdW_HprSzrpdT0.mft
File: oZUhxzUtHKw_mMdW_HprSzrpdT0.mft (raw, json)
Hash identifier: 60KyS6Jv2Ifid/sxnYyB2NlUzaIppVC19JC5i+fRr58=
Subject key identifier: 21:80:D9:01:3E:F4:EA:99:81:D9:59:37:11:FD:F4:9B:96:63:F1:D5
Authority key identifier: A1:95:21:C7:35:2D:1C:AC:3F:98:C7:56:FC:7A:6B:4B:3A:E9:75:3D
Certificate issuer: /CN=a19521c7352d1cac3f98c756fc7a6b4b3ae9753d
Certificate serial: 019A7149DDC3FD0CCA1357BC6872B814A6D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oZUhxzUtHKw_mMdW_HprSzrpdT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/2b7dc2-c1de-4970-ab53-e5ada36fa1f3/1/oZUhxzUtHKw_mMdW_HprSzrpdT0.mft
Manifest number: 1170
Signing time: Tue 11 Nov 2025 05:00:57 +0000
Manifest this update: Tue 11 Nov 2025 05:00:57 +0000
Manifest next update: Wed 12 Nov 2025 05:00:57 +0000
Files and hashes: 1: CrnwsA95yJmVEXlbmftIErRDbX8.roa (hash: 26F3HVvHxyFlycTNtQI23gW/r6OOmym9z31epdFUdl0=)
2: oZUhxzUtHKw_mMdW_HprSzrpdT0.crl (hash: zKPKTjlcMLqLtLRqA/75cE+QwAgfLya6IyqKyjlARC0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/2b7dc2-c1de-4970-ab53-e5ada36fa1f3/1/oZUhxzUtHKw_mMdW_HprSzrpdT0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/2b7dc2-c1de-4970-ab53-e5ada36fa1f3/1/oZUhxzUtHKw_mMdW_HprSzrpdT0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oZUhxzUtHKw_mMdW_HprSzrpdT0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:dd:c3:fd:0c:ca:13:57:bc:68:72:b8:14:a6:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a19521c7352d1cac3f98c756fc7a6b4b3ae9753d
Validity
Not Before: Nov 11 05:00:57 2025 GMT
Not After : Nov 12 05:00:57 2025 GMT
Subject: CN=2180d9013ef4ea9981d9593711fdf49b9663f1d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:00:fd:dc:b0:26:a7:70:3c:4c:cd:a2:af:e5:
38:10:e7:a2:f7:76:e8:34:32:da:30:39:27:8a:e3:
bc:79:fd:51:bf:fa:ae:a4:1f:64:85:4b:c3:65:31:
91:23:30:08:d9:dd:8d:8a:3e:45:8f:2a:43:4e:c1:
f4:aa:30:0f:85:d9:ce:cd:06:31:da:92:db:65:b9:
ca:2b:b2:d0:ef:21:fb:ac:ae:c6:12:02:cd:63:a4:
14:cb:81:b9:10:4b:c1:5c:2e:86:60:c0:df:c1:d6:
87:ee:a0:57:c3:d6:26:63:91:0d:60:39:cf:7c:61:
27:0a:f4:b5:25:42:b8:5c:9e:d5:a8:3e:11:21:16:
87:02:27:77:5d:3e:09:55:21:78:2b:b6:01:0b:e1:
97:7a:a4:ee:ef:40:33:40:d4:c1:5d:9e:df:f8:97:
11:b5:66:6a:b2:1a:c7:bc:a7:2a:03:e8:50:98:c9:
ed:dc:47:6a:e9:4f:01:e3:a7:be:95:f3:56:b4:e4:
72:05:f2:64:97:07:50:98:82:b1:7c:0c:0c:d9:3a:
84:b8:f7:d7:be:ff:f9:f9:32:9e:ee:3d:ca:bb:5f:
1f:60:91:7e:bc:fc:bc:5c:4d:b1:43:4c:e1:ac:d5:
85:78:84:aa:85:82:60:62:02:25:f9:03:95:6f:0d:
51:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:80:D9:01:3E:F4:EA:99:81:D9:59:37:11:FD:F4:9B:96:63:F1:D5
X509v3 Authority Key Identifier:
keyid:A1:95:21:C7:35:2D:1C:AC:3F:98:C7:56:FC:7A:6B:4B:3A:E9:75:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oZUhxzUtHKw_mMdW_HprSzrpdT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/2b7dc2-c1de-4970-ab53-e5ada36fa1f3/1/oZUhxzUtHKw_mMdW_HprSzrpdT0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/2b7dc2-c1de-4970-ab53-e5ada36fa1f3/1/oZUhxzUtHKw_mMdW_HprSzrpdT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:09:5d:b9:0b:11:8b:93:17:e1:8c:8f:70:6e:98:18:36:1b:
66:85:0d:65:2c:ad:ed:85:b5:f3:01:41:82:e4:25:b3:92:c3:
3b:1d:08:75:da:79:68:99:7a:ef:0e:59:b9:d7:c0:87:75:68:
98:77:a3:ae:78:91:fb:7b:81:2a:3e:2c:b2:87:5f:87:95:77:
c1:9d:67:5f:ac:9f:d3:c3:27:53:e0:fe:1a:5e:c1:ea:e0:01:
31:18:8a:ff:4e:78:24:62:f4:65:a2:9b:09:94:7a:ce:25:d9:
8a:ea:bf:a4:82:d1:ed:86:d9:41:52:b5:c6:a7:35:e1:e6:1e:
74:d6:d8:75:24:e6:fa:9d:ea:c0:72:65:e9:e5:fb:1f:76:9f:
aa:6e:0b:77:13:b8:a3:94:5c:4d:e2:37:9f:b8:0f:4c:aa:86:
16:76:3b:d5:22:e8:1d:58:77:90:b6:a6:42:8e:e8:19:59:2b:
d6:88:08:34:7a:be:ea:40:1b:aa:27:af:b7:62:f4:55:38:ca:
de:0d:72:c2:8a:69:73:95:82:3a:53:e7:ef:a8:ac:95:7b:bb:
82:1d:3a:8a:42:b7:f9:37:d7:0f:df:bd:98:b3:08:8d:cd:a5:
92:f0:5a:06:7e:00:a3:f7:f3:ea:62:12:f3:e9:c4:e1:d0:e8:
48:e1:20:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSd3D/QzKE1e8aHK4FKbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExOTUyMWM3MzUyZDFjYWMzZjk4Yzc1NmZjN2E2YjRiM2Fl
OTc1M2QwHhcNMjUxMTExMDUwMDU3WhcNMjUxMTEyMDUwMDU3WjAzMTEwLwYDVQQD
EygyMTgwZDkwMTNlZjRlYTk5ODFkOTU5MzcxMWZkZjQ5Yjk2NjNmMWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAD93LAmp3A8TM2ir+U4EOei93bo
NDLaMDkniuO8ef1Rv/qupB9khUvDZTGRIzAI2d2Nij5FjypDTsH0qjAPhdnOzQYx
2pLbZbnKK7LQ7yH7rK7GEgLNY6QUy4G5EEvBXC6GYMDfwdaH7qBXw9YmY5ENYDnP
fGEnCvS1JUK4XJ7VqD4RIRaHAid3XT4JVSF4K7YBC+GXeqTu70AzQNTBXZ7f+JcR
tWZqshrHvKcqA+hQmMnt3Edq6U8B46e+lfNWtORyBfJklwdQmIKxfAwM2TqEuPfX
vv/5+TKe7j3Ku18fYJF+vPy8XE2xQ0zhrNWFeISqhYJgYgIl+QOVbw1RPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCGA2QE+9OqZgdlZNxH99JuWY/HVMB8GA1UdIwQY
MBaAFKGVIcc1LRysP5jHVvx6a0s66XU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1pVaHh6VXRIS3dfbU1kV19IcHJTenJwZFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8yYjdkYzItYzFkZS00OTcwLWFiNTMt
ZTVhZGEzNmZhMWYzLzEvb1pVaHh6VXRIS3dfbU1kV19IcHJTenJwZFQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8yYjdkYzItYzFkZS00OTcwLWFiNTMtZTVhZGEzNmZhMWYz
LzEvb1pVaHh6VXRIS3dfbU1kV19IcHJTenJwZFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASAlduQsR
i5MX4YyPcG6YGDYbZoUNZSyt7YW18wFBguQls5LDOx0Iddp5aJl67w5ZudfAh3Vo
mHejrniR+3uBKj4ssodfh5V3wZ1nX6yf08MnU+D+Gl7B6uABMRiK/054JGL0ZaKb
CZR6ziXZiuq/pILR7YbZQVK1xqc14eYedNbYdSTm+p3qwHJl6eX7H3afqm4LdxO4
o5RcTeI3n7gPTKqGFnY71SLoHVh3kLamQo7oGVkr1ogINHq+6kAbqievt2L0VTjK
3g1ywoppc5WCOlPn76islXu7gh06ikK3+TfXD9+9mLMIjc2lkvBaBn4Ao/fz6mIS
8+nE4dDoSOEg/w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:12:18 2025 by rpki-client