Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
File: OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft (raw, json)
Hash identifier: DbFlphdF0VLOQyr/gd4mD2p7IEmyj1+mKasEATwu4cM=
Subject key identifier: 2E:70:09:F0:DB:E4:8D:7F:C7:B7:D7:4B:B0:FC:11:80:E7:96:A2:85
Authority key identifier: 39:F8:73:CD:39:39:20:3C:77:8A:8E:AA:F1:68:3E:94:64:AC:34:00
Certificate issuer: /CN=39f873cd3939203c778a8eaaf1683e9464ac3400
Certificate serial: 0199FF5986C898E4E0BF37319F2DF2653309
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
Manifest number: 025F
Signing time: Mon 20 Oct 2025 02:01:21 +0000
Manifest this update: Mon 20 Oct 2025 02:01:21 +0000
Manifest next update: Tue 21 Oct 2025 02:01:21 +0000
Files and hashes: 1: 4TBEbTwznRUyfO-99-DGzicdpVY.roa (hash: NUzc37NEChJ2ehR4MuI3RA+Wwr1maBIZ+yC3jO0gtfU=)
2: OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl (hash: b+v3HyLOKBvvrXQgN7FB3OWNI2T2qAR7lNdhO0XGr50=)
3: dsqp4bxyFCCs7RL2PZGSdi7KthE.roa (hash: LpothYWyfl3DUg9u8R+0xehBO2vE3vsq9xV0G0H4C0U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:59:86:c8:98:e4:e0:bf:37:31:9f:2d:f2:65:33:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f873cd3939203c778a8eaaf1683e9464ac3400
Validity
Not Before: Oct 20 02:01:21 2025 GMT
Not After : Oct 21 02:01:21 2025 GMT
Subject: CN=2e7009f0dbe48d7fc7b7d74bb0fc1180e796a285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:53:f0:a1:00:04:5b:9c:39:f7:ed:39:25:83:
37:71:fa:44:85:00:b8:55:1d:aa:68:4d:89:7b:cd:
4c:16:0b:7d:1a:ea:0d:2a:f7:cb:29:bc:a3:b9:b1:
59:fb:6f:e7:1a:f4:92:5b:a1:63:e3:da:f1:6b:f4:
58:06:3e:89:19:14:7d:14:83:b1:ad:bb:45:5f:c3:
fc:cf:8d:2f:9f:4f:19:87:26:8f:f1:00:d5:55:52:
1c:ca:74:19:25:39:ac:d7:2e:67:70:2a:20:8b:5e:
e1:fd:b8:4f:65:e7:c4:ca:5c:1e:c7:bc:95:a5:b4:
22:22:4b:1b:84:63:ef:22:5c:6b:9e:49:82:5c:95:
da:8d:ec:c1:39:dc:73:b2:dd:5f:77:18:b1:da:e4:
c1:97:49:8d:05:fa:0c:27:9e:c0:5c:30:24:9f:9d:
5d:91:49:5c:e0:ca:29:74:96:50:14:fa:50:de:6d:
60:3d:b1:9d:08:ea:00:9f:8d:5d:5b:e1:88:4d:a6:
9a:bf:ce:93:f8:0e:29:63:69:68:63:cb:27:8f:67:
bb:68:41:6f:8b:95:86:55:e5:27:76:c1:8a:3d:d6:
3b:15:d2:6c:1f:09:96:b6:d8:04:dd:8a:a4:99:4e:
5c:15:49:f6:ba:77:27:76:58:91:07:2f:89:a6:47:
65:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:70:09:F0:DB:E4:8D:7F:C7:B7:D7:4B:B0:FC:11:80:E7:96:A2:85
X509v3 Authority Key Identifier:
keyid:39:F8:73:CD:39:39:20:3C:77:8A:8E:AA:F1:68:3E:94:64:AC:34:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:08:73:3c:13:a8:df:b2:a4:9c:a2:b3:25:38:68:a9:85:e0:
f6:b6:cd:48:07:69:52:8b:99:f9:ce:95:bc:66:99:76:3e:68:
b1:1e:a6:b9:1b:20:70:65:c2:f6:1b:e8:59:f2:a0:43:41:7c:
6b:b2:94:b8:c8:9c:2f:9e:94:dc:bc:d7:7a:45:18:03:45:ca:
5c:1f:5e:cf:bb:f1:1e:54:a7:94:35:c4:52:22:9e:83:a5:e2:
38:1d:ed:10:b2:16:f5:dc:cf:2a:95:55:2b:5c:54:9f:c1:f6:
16:05:f0:c0:92:1d:ca:b5:dd:0d:1d:40:d7:91:31:30:74:85:
41:24:f6:af:3c:42:fe:74:4b:5f:61:79:3d:5f:01:fc:bd:29:
78:57:aa:42:c8:60:d1:98:e6:c4:e9:0b:36:fb:67:cd:c8:9a:
33:98:3e:b5:19:5a:18:17:2c:4d:5b:1b:06:fc:77:d1:48:b9:
e9:95:3c:e1:e7:9b:60:2a:43:ea:1d:6f:bc:6e:50:e6:2f:75:
04:60:a3:b3:8e:1f:5e:60:c5:c2:cf:43:e4:8c:10:a1:13:a3:
03:5c:7f:e6:6c:ce:e4:15:17:72:73:c9:b9:1c:6e:ec:20:4a:
e4:b5:3a:b6:3d:3c:be:3e:dd:d3:f4:62:2c:ba:11:0a:c7:a1:
69:7d:d7:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/WYbImOTgvzcxny3yZTMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Zjg3M2NkMzkzOTIwM2M3NzhhOGVhYWYxNjgzZTk0NjRh
YzM0MDAwHhcNMjUxMDIwMDIwMTIxWhcNMjUxMDIxMDIwMTIxWjAzMTEwLwYDVQQD
EygyZTcwMDlmMGRiZTQ4ZDdmYzdiN2Q3NGJiMGZjMTE4MGU3OTZhMjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1PwoQAEW5w59+05JYM3cfpEhQC4
VR2qaE2Je81MFgt9GuoNKvfLKbyjubFZ+2/nGvSSW6Fj49rxa/RYBj6JGRR9FIOx
rbtFX8P8z40vn08ZhyaP8QDVVVIcynQZJTms1y5ncCogi17h/bhPZefEylwex7yV
pbQiIksbhGPvIlxrnkmCXJXajezBOdxzst1fdxix2uTBl0mNBfoMJ57AXDAkn51d
kUlc4MopdJZQFPpQ3m1gPbGdCOoAn41dW+GITaaav86T+A4pY2loY8snj2e7aEFv
i5WGVeUndsGKPdY7FdJsHwmWttgE3YqkmU5cFUn2uncndliRBy+JpkdlgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC5wCfDb5I1/x7fXS7D8EYDnlqKFMB8GA1UdIwQY
MBaAFDn4c805OSA8d4qOqvFoPpRkrDQAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85MGU5MjMtMmYyZC00MDg2LTgxOWMt
NGU2NTViNWI2NDI3LzEvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85MGU5MjMtMmYyZC00MDg2LTgxOWMtNGU2NTViNWI2NDI3
LzEvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmAhzPBOo
37KknKKzJThoqYXg9rbNSAdpUouZ+c6VvGaZdj5osR6muRsgcGXC9hvoWfKgQ0F8
a7KUuMicL56U3LzXekUYA0XKXB9ez7vxHlSnlDXEUiKeg6XiOB3tELIW9dzPKpVV
K1xUn8H2FgXwwJIdyrXdDR1A15ExMHSFQST2rzxC/nRLX2F5PV8B/L0peFeqQshg
0ZjmxOkLNvtnzciaM5g+tRlaGBcsTVsbBvx30Ui56ZU84eebYCpD6h1vvG5Q5i91
BGCjs44fXmDFws9D5IwQoROjA1x/5mzO5BUXcnPJuRxu7CBK5LU6tj08vj7d0/Ri
LLoRCsehaX3Xlw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:44:28 2025 by rpki-client