
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
File: O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft (raw, json)
Hash identifier: msWvG/XZZpRFmcSFelnGIcEqLLUuMVD9QR8ed1pWDwo=
Subject key identifier: 95:2B:5A:40:EA:98:BE:9C:D8:5C:A1:FB:17:00:7A:9F:6E:AB:CA:73
Authority key identifier: 3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62
Certificate issuer: /CN=3b55e7feb907137299f5792c36395efba9b34b62
Certificate serial: 0199FC8F19E24AF7460ACB33BE311BAAEBE2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
Manifest number: 0F89
Signing time: Sun 19 Oct 2025 13:01:00 +0000
Manifest this update: Sun 19 Oct 2025 13:01:00 +0000
Manifest next update: Mon 20 Oct 2025 13:01:00 +0000
Files and hashes: 1: O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl (hash: ik7DnhMBfKm9+5qamg5M9XwSwnzH27B7uHT+eLbVekM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:8f:19:e2:4a:f7:46:0a:cb:33:be:31:1b:aa:eb:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b55e7feb907137299f5792c36395efba9b34b62
Validity
Not Before: Oct 19 13:01:00 2025 GMT
Not After : Oct 20 13:01:00 2025 GMT
Subject: CN=952b5a40ea98be9cd85ca1fb17007a9f6eabca73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:86:84:08:36:de:03:72:d0:ab:27:58:49:f5:
65:e1:64:e3:6a:72:69:37:c8:d3:21:d3:fc:52:ff:
63:67:bd:d3:5e:e6:b4:aa:c7:1a:84:98:60:be:1a:
07:1f:31:87:32:0b:02:96:6b:e7:ba:4f:29:6a:f4:
bc:77:a0:21:4b:e6:d3:53:79:49:07:0d:1e:41:f6:
80:36:a7:e6:e6:b0:df:18:94:08:da:d2:1e:ae:1c:
ab:e3:2b:cf:2a:04:f8:1d:e6:f5:10:a2:b4:7c:f8:
9a:48:97:8e:8a:7c:4c:c5:68:7f:5d:af:1d:e0:76:
86:ec:c9:bb:df:74:da:9f:d2:79:6c:14:76:04:88:
c7:5d:e7:78:bd:94:22:ce:0c:56:68:ac:15:cd:31:
d3:c3:68:78:e6:3c:18:56:a8:4c:05:20:77:7a:16:
1e:b5:12:99:6f:11:0d:12:4a:28:db:3e:9f:35:27:
13:a7:5b:26:f9:2c:54:64:7c:9d:57:fa:cf:d8:59:
ef:a6:4f:b5:66:8c:b0:7e:f7:3f:16:76:28:b1:a8:
b1:a6:a6:60:39:26:3f:f3:25:d7:11:d9:a3:df:a2:
59:55:15:cd:24:6f:80:c2:e3:0a:36:2a:3b:93:c3:
ad:fa:11:8d:dc:ed:27:e2:6e:6f:9f:ea:f8:fd:63:
54:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:2B:5A:40:EA:98:BE:9C:D8:5C:A1:FB:17:00:7A:9F:6E:AB:CA:73
X509v3 Authority Key Identifier:
keyid:3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:b1:43:0b:65:b4:93:17:e9:a2:fb:dd:0c:59:fb:21:5e:77:
85:31:b2:b9:65:43:d3:e3:fa:6b:9f:75:45:4a:57:09:8a:cc:
77:00:7a:7b:bb:86:e7:54:39:db:2a:db:6c:56:63:75:e0:69:
f7:50:e9:bb:c5:43:57:48:b5:0b:45:3b:c1:ae:bd:4a:5c:a8:
55:ef:a2:ea:06:a1:69:c6:ef:be:7d:09:bc:ef:b5:e9:59:c1:
6e:c9:6b:10:0b:86:4b:2e:27:ca:d7:69:11:32:fc:0a:c4:24:
da:9e:71:96:cc:a8:61:3f:1c:90:75:91:df:bd:7a:4d:e1:bf:
01:e6:80:55:d0:6b:5a:a1:d8:f0:b5:1b:15:19:9b:6c:9e:e2:
11:9c:53:22:a7:b3:93:c9:c3:82:bf:19:0b:6d:1a:8b:16:2b:
1d:1f:07:e1:87:21:e7:b5:95:aa:73:22:c3:26:f5:b1:f9:e1:
20:3b:39:6f:7e:47:a3:f9:c0:a6:34:17:7c:b9:d6:94:1c:e9:
4d:66:64:d5:3a:8e:2d:be:ea:68:0e:25:b9:e9:e2:c1:47:fb:
2c:77:40:48:59:37:8d:f0:36:22:f2:15:aa:10:f9:21:a4:eb:
f7:df:aa:59:76:8f:81:3a:80:3d:35:5c:b1:84:87:fc:b6:5a:
f6:48:23:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8jxniSvdGCsszvjEbquviMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTVlN2ZlYjkwNzEzNzI5OWY1NzkyYzM2Mzk1ZWZiYTli
MzRiNjIwHhcNMjUxMDE5MTMwMTAwWhcNMjUxMDIwMTMwMTAwWjAzMTEwLwYDVQQD
Eyg5NTJiNWE0MGVhOThiZTljZDg1Y2ExZmIxNzAwN2E5ZjZlYWJjYTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYaECDbeA3LQqydYSfVl4WTjanJp
N8jTIdP8Uv9jZ73TXua0qscahJhgvhoHHzGHMgsClmvnuk8pavS8d6AhS+bTU3lJ
Bw0eQfaANqfm5rDfGJQI2tIerhyr4yvPKgT4Heb1EKK0fPiaSJeOinxMxWh/Xa8d
4HaG7Mm733Tan9J5bBR2BIjHXed4vZQizgxWaKwVzTHTw2h45jwYVqhMBSB3ehYe
tRKZbxENEkoo2z6fNScTp1sm+SxUZHydV/rP2Fnvpk+1Zoywfvc/FnYosaixpqZg
OSY/8yXXEdmj36JZVRXNJG+AwuMKNio7k8Ot+hGN3O0n4m5vn+r4/WNU8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJUrWkDqmL6c2Fyh+xcAep9uq8pzMB8GA1UdIwQY
MBaAFDtV5/65BxNymfV5LDY5Xvups0tiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAt
YTQ0MWUyNGJlMDM2LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAtYTQ0MWUyNGJlMDM2
LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATLFDC2W0
kxfpovvdDFn7IV53hTGyuWVD0+P6a591RUpXCYrMdwB6e7uG51Q52yrbbFZjdeBp
91Dpu8VDV0i1C0U7wa69SlyoVe+i6gahacbvvn0JvO+16VnBbslrEAuGSy4nytdp
ETL8CsQk2p5xlsyoYT8ckHWR3716TeG/AeaAVdBrWqHY8LUbFRmbbJ7iEZxTIqez
k8nDgr8ZC20aixYrHR8H4Ych57WVqnMiwyb1sfnhIDs5b35Ho/nApjQXfLnWlBzp
TWZk1TqOLb7qaA4lueniwUf7LHdASFk3jfA2IvIVqhD5IaTr99+qWXaPgTqAPTVc
sYSH/LZa9kgjKQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:18:40 2025 by rpki-client