Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/oE3odQHH0wgsdmWfTevZQohDtMs.mft
File: oE3odQHH0wgsdmWfTevZQohDtMs.mft (raw, json)
Hash identifier: 1ZK/u2p90liknrD/EAHWFSxmQ9ycVD49dxyH+AvE6BE=
Subject key identifier: 72:D7:E1:92:9B:4E:E1:CA:74:2B:8B:74:23:EC:DB:68:56:BF:8B:6E
Authority key identifier: A0:4D:E8:75:01:C7:D3:08:2C:76:65:9F:4D:EB:D9:42:88:43:B4:CB
Certificate issuer: /CN=a04de87501c7d3082c76659f4debd9428843b4cb
Certificate serial: 0199FCC678FE2D1104DED65CB2FE563246D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oE3odQHH0wgsdmWfTevZQohDtMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/oE3odQHH0wgsdmWfTevZQohDtMs.mft
Manifest number: 12C5
Signing time: Sun 19 Oct 2025 14:01:29 +0000
Manifest this update: Sun 19 Oct 2025 14:01:29 +0000
Manifest next update: Mon 20 Oct 2025 14:01:29 +0000
Files and hashes: 1: 3oKx6h0eBr3yZ2nfockvN65K1_o.roa (hash: geWao+6sgTP3cLFpfRuFIKY1lyLCLqYJA9Pcg4p46Gs=)
2: oE3odQHH0wgsdmWfTevZQohDtMs.crl (hash: EflnGWHZcW7Acpeq1xcrDvTUuPT1AxOWsZEHh2FTobI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/oE3odQHH0wgsdmWfTevZQohDtMs.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/oE3odQHH0wgsdmWfTevZQohDtMs.mft
rsync://rpki.ripe.net/repository/DEFAULT/oE3odQHH0wgsdmWfTevZQohDtMs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:c6:78:fe:2d:11:04:de:d6:5c:b2:fe:56:32:46:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a04de87501c7d3082c76659f4debd9428843b4cb
Validity
Not Before: Oct 19 14:01:29 2025 GMT
Not After : Oct 20 14:01:29 2025 GMT
Subject: CN=72d7e1929b4ee1ca742b8b7423ecdb6856bf8b6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:63:52:9e:8a:1f:d1:46:14:42:17:d0:25:a2:
e0:29:b2:90:47:d5:f0:b1:cb:23:f1:4f:a8:57:d2:
96:17:6d:80:ed:1b:8d:48:4f:25:a4:3c:9b:f8:78:
17:9b:65:2b:bd:a7:d7:33:e4:d4:a6:c6:50:37:e6:
12:93:5b:8d:e4:01:28:c9:04:59:01:1a:db:df:21:
3d:0a:79:b7:9c:ca:76:04:e3:6e:27:83:8c:dc:61:
8a:bb:85:df:25:31:8c:23:c2:64:9e:9e:a5:ac:22:
c2:70:6e:9d:51:ca:7d:16:c7:92:32:58:fe:f1:0c:
53:6a:b7:dd:98:99:55:64:df:d3:8b:3b:1c:54:bc:
fa:58:01:a3:fc:15:c9:0a:29:3a:4d:91:22:97:81:
c6:db:9c:63:58:ba:d8:4d:a8:7b:81:b7:4c:ed:d0:
21:b2:2d:08:f3:5c:0a:c8:c8:c1:ba:1a:e5:1d:06:
d3:65:93:37:3f:6c:b3:cb:ea:98:cb:fe:0f:bf:6b:
fb:81:07:c4:59:9c:4b:ce:02:c9:8c:fc:ad:df:35:
e2:65:64:4e:0c:89:77:22:6b:eb:08:7f:7e:d5:bf:
24:f1:a6:0b:f1:a2:20:73:f1:f6:ab:17:0f:ee:db:
03:19:57:78:68:00:a1:0d:d9:6f:75:22:f3:49:9a:
9c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D7:E1:92:9B:4E:E1:CA:74:2B:8B:74:23:EC:DB:68:56:BF:8B:6E
X509v3 Authority Key Identifier:
keyid:A0:4D:E8:75:01:C7:D3:08:2C:76:65:9F:4D:EB:D9:42:88:43:B4:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oE3odQHH0wgsdmWfTevZQohDtMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/oE3odQHH0wgsdmWfTevZQohDtMs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/oE3odQHH0wgsdmWfTevZQohDtMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:01:14:9c:85:ef:23:79:aa:2a:a8:5d:9c:2b:ac:dd:cd:52:
5a:95:27:58:75:f5:4c:c7:11:d5:a1:d2:02:94:c0:b3:a1:96:
40:10:bd:c0:c4:63:2a:16:c9:b8:77:24:8d:99:6d:79:91:dd:
12:aa:0a:80:c6:c0:e9:8d:71:e4:78:2d:78:83:d4:17:d7:b9:
38:40:fa:89:a7:b5:09:b2:bb:9e:c3:35:ec:2e:0e:7f:45:07:
2d:89:2b:ba:d2:c1:45:4a:35:5c:10:0b:40:e6:d0:90:d6:cc:
14:c7:55:42:e4:9f:a6:8a:ac:45:74:a5:ea:44:a1:85:7d:7e:
fc:4f:15:ee:c4:68:ee:aa:db:91:4c:f7:ce:b1:ba:bc:e6:e3:
5b:d1:fd:54:85:5e:91:32:80:95:20:15:33:1a:9f:6d:26:00:
eb:67:6f:6a:f0:90:98:c4:4c:28:e3:0c:b1:a7:63:79:17:6b:
6e:d0:e0:df:73:36:02:e2:95:ec:aa:ec:86:83:42:f7:b9:51:
ae:fb:c7:78:fd:79:0f:3c:d1:62:b5:c6:88:7d:c1:65:ef:85:
fd:a7:c0:6b:81:09:08:d9:c4:bc:5b:98:67:c4:c7:25:7b:f6:
81:45:f5:45:41:84:c0:2a:77:16:ef:25:32:46:14:16:07:fc:
e7:13:40:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xnj+LREE3tZcsv5WMkbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNGRlODc1MDFjN2QzMDgyYzc2NjU5ZjRkZWJkOTQyODg0
M2I0Y2IwHhcNMjUxMDE5MTQwMTI5WhcNMjUxMDIwMTQwMTI5WjAzMTEwLwYDVQQD
Eyg3MmQ3ZTE5MjliNGVlMWNhNzQyYjhiNzQyM2VjZGI2ODU2YmY4YjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGNSnoof0UYUQhfQJaLgKbKQR9Xw
scsj8U+oV9KWF22A7RuNSE8lpDyb+HgXm2UrvafXM+TUpsZQN+YSk1uN5AEoyQRZ
ARrb3yE9Cnm3nMp2BONuJ4OM3GGKu4XfJTGMI8Jknp6lrCLCcG6dUcp9FseSMlj+
8QxTarfdmJlVZN/TizscVLz6WAGj/BXJCik6TZEil4HG25xjWLrYTah7gbdM7dAh
si0I81wKyMjBuhrlHQbTZZM3P2yzy+qYy/4Pv2v7gQfEWZxLzgLJjPyt3zXiZWRO
DIl3ImvrCH9+1b8k8aYL8aIgc/H2qxcP7tsDGVd4aAChDdlvdSLzSZqcHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLX4ZKbTuHKdCuLdCPs22hWv4tuMB8GA1UdIwQY
MBaAFKBN6HUBx9MILHZln03r2UKIQ7TLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0Uzb2RRSEgwd2dzZG1XZlRldlpRb2hEdE1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80NjVjOTAtNzBmYi00MDE1LWI5Njkt
NzQ4Zjc4NzgzODhhLzEvb0Uzb2RRSEgwd2dzZG1XZlRldlpRb2hEdE1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80NjVjOTAtNzBmYi00MDE1LWI5NjktNzQ4Zjc4NzgzODhh
LzEvb0Uzb2RRSEgwd2dzZG1XZlRldlpRb2hEdE1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYwEUnIXv
I3mqKqhdnCus3c1SWpUnWHX1TMcR1aHSApTAs6GWQBC9wMRjKhbJuHckjZlteZHd
EqoKgMbA6Y1x5HgteIPUF9e5OED6iae1CbK7nsM17C4Of0UHLYkrutLBRUo1XBAL
QObQkNbMFMdVQuSfpoqsRXSl6kShhX1+/E8V7sRo7qrbkUz3zrG6vObjW9H9VIVe
kTKAlSAVMxqfbSYA62dvavCQmMRMKOMMsadjeRdrbtDg33M2AuKV7KrshoNC97lR
rvvHeP15DzzRYrXGiH3BZe+F/afAa4EJCNnEvFuYZ8THJXv2gUX1RUGEwCp3Fu8l
MkYUFgf85xNAlw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:29:48 2025 by rpki-client