Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.mft
File: oHFXHI4QtBnXo7824Qhf_VzXipg.mft (raw, json)
Hash identifier: nAQSb4QTtJnQo8TkUjekNwGOL1dYXHvtprKVK1PRtQU=
Subject key identifier: 70:AD:13:46:AE:8E:3C:DF:6E:92:AD:1F:9B:86:D8:AE:C5:71:46:81
Authority key identifier: A0:71:57:1C:8E:10:B4:19:D7:A3:BF:36:E1:08:5F:FD:5C:D7:8A:98
Certificate issuer: /CN=a071571c8e10b419d7a3bf36e1085ffd5cd78a98
Certificate serial: 0199FEEBD6226B48BBDE285A50A6028CD6EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oHFXHI4QtBnXo7824Qhf_VzXipg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.mft
Manifest number: 10AB
Signing time: Mon 20 Oct 2025 00:01:32 +0000
Manifest this update: Mon 20 Oct 2025 00:01:32 +0000
Manifest next update: Tue 21 Oct 2025 00:01:32 +0000
Files and hashes: 1: _RMv1Q7O2CnoWhcrAcn90ZX5USk.roa (hash: I2FYErDanPUJADaKO92Q6jyRK2EK15cN4Qdxt/bs9vQ=)
2: oHFXHI4QtBnXo7824Qhf_VzXipg.crl (hash: RGtVQGF9ppr0ztk4ddulpdrIdgQ12ZL/qRxmylaWiVE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.mft
rsync://rpki.ripe.net/repository/DEFAULT/oHFXHI4QtBnXo7824Qhf_VzXipg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:eb:d6:22:6b:48:bb:de:28:5a:50:a6:02:8c:d6:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a071571c8e10b419d7a3bf36e1085ffd5cd78a98
Validity
Not Before: Oct 20 00:01:32 2025 GMT
Not After : Oct 21 00:01:32 2025 GMT
Subject: CN=70ad1346ae8e3cdf6e92ad1f9b86d8aec5714681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:38:86:99:2c:a5:e6:d2:83:44:ec:dc:11:bf:
0c:52:50:0e:70:8d:96:15:d9:d0:72:4c:fd:f5:7c:
56:85:66:29:be:fd:f2:25:64:43:3b:b1:3b:7a:01:
89:57:81:21:20:1e:d9:c6:06:db:40:c3:c6:19:77:
42:68:f8:59:af:30:cf:18:c7:21:8f:0a:e4:f1:55:
a6:8d:1f:53:39:ba:26:66:ab:a5:78:e3:b0:a4:04:
aa:e8:b9:fa:15:55:6c:a3:17:da:fa:ca:df:c8:62:
7a:ad:bb:46:5a:f4:b2:69:9b:a6:0e:36:94:99:40:
54:45:51:99:e0:59:2e:03:66:f7:39:66:23:55:1d:
75:55:a8:0f:06:56:4e:e4:9b:4b:3e:ae:78:c1:9a:
b7:75:d6:b0:12:b3:24:98:ff:59:f5:28:b0:4c:ce:
82:32:c7:8f:e3:1b:30:43:b2:37:27:3f:01:eb:fa:
5f:b2:c6:43:fd:7a:bd:16:7e:9c:da:d4:19:31:f2:
ca:b2:a0:d5:c9:d4:03:8e:43:d1:b8:fe:12:0a:15:
44:34:cd:62:ae:65:25:2d:9a:3a:c0:a1:dc:20:9a:
01:55:0f:9b:e5:48:2c:69:e4:28:c3:54:5f:4d:e2:
71:40:16:08:ee:87:9c:99:7d:87:1f:34:b3:90:bb:
12:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:AD:13:46:AE:8E:3C:DF:6E:92:AD:1F:9B:86:D8:AE:C5:71:46:81
X509v3 Authority Key Identifier:
keyid:A0:71:57:1C:8E:10:B4:19:D7:A3:BF:36:E1:08:5F:FD:5C:D7:8A:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oHFXHI4QtBnXo7824Qhf_VzXipg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:d5:3e:95:1d:9e:1d:95:5d:a4:4b:4e:69:be:55:c2:fd:97:
b9:19:46:70:96:6a:32:53:dc:e4:c1:fd:41:8a:62:40:f3:ae:
a9:70:81:74:b4:d1:04:c7:1c:72:66:54:6e:0f:ff:9e:6b:b3:
cc:66:16:da:da:b7:f8:9f:82:47:09:08:e1:02:de:48:66:43:
73:a2:86:06:32:3d:54:aa:a7:84:05:03:6a:d0:df:77:2b:e9:
7c:1d:69:bf:67:bb:12:9a:d2:7c:44:91:a1:a9:6a:ea:66:75:
a2:85:ce:56:92:5b:1f:84:6c:b1:8f:e0:3e:65:25:28:b8:68:
50:fd:48:d8:c6:44:54:d6:2e:87:4b:64:11:0e:4d:55:25:d0:
24:3b:57:d4:95:0d:b4:c1:03:56:ec:2b:17:eb:5d:bc:27:05:
ef:6a:6b:b1:18:c7:a2:88:bc:7c:fe:2e:f4:e8:b7:0b:cc:86:
83:6f:db:91:f0:10:ca:a3:70:d8:34:d4:09:f9:f9:9f:99:f2:
5d:36:53:f8:c7:9b:f3:a3:66:c3:11:14:3b:60:a6:a4:44:b8:
0c:6d:ca:1a:7a:d7:bd:73:b9:d1:5f:af:41:cd:be:d5:d0:87:
fc:c2:6c:b7:34:82:9c:08:03:7e:68:52:e6:38:d6:c7:73:12:
38:0b:54:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+69Yia0i73ihaUKYCjNbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNzE1NzFjOGUxMGI0MTlkN2EzYmYzNmUxMDg1ZmZkNWNk
NzhhOTgwHhcNMjUxMDIwMDAwMTMyWhcNMjUxMDIxMDAwMTMyWjAzMTEwLwYDVQQD
Eyg3MGFkMTM0NmFlOGUzY2RmNmU5MmFkMWY5Yjg2ZDhhZWM1NzE0NjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TiGmSyl5tKDROzcEb8MUlAOcI2W
FdnQckz99XxWhWYpvv3yJWRDO7E7egGJV4EhIB7ZxgbbQMPGGXdCaPhZrzDPGMch
jwrk8VWmjR9TObomZquleOOwpASq6Ln6FVVsoxfa+srfyGJ6rbtGWvSyaZumDjaU
mUBURVGZ4FkuA2b3OWYjVR11VagPBlZO5JtLPq54wZq3ddawErMkmP9Z9SiwTM6C
MseP4xswQ7I3Jz8B6/pfssZD/Xq9Fn6c2tQZMfLKsqDVydQDjkPRuP4SChVENM1i
rmUlLZo6wKHcIJoBVQ+b5UgsaeQow1RfTeJxQBYI7oecmX2HHzSzkLsSXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHCtE0aujjzfbpKtH5uG2K7FcUaBMB8GA1UdIwQY
MBaAFKBxVxyOELQZ16O/NuEIX/1c14qYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0hGWEhJNFF0Qm5Ybzc4MjRRaGZfVnpYaXBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9jMjgyOWYtYjNlZC00NGQzLWE1Y2Yt
MGMxZjY5YjdhZWU3LzEvb0hGWEhJNFF0Qm5Ybzc4MjRRaGZfVnpYaXBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9jMjgyOWYtYjNlZC00NGQzLWE1Y2YtMGMxZjY5YjdhZWU3
LzEvb0hGWEhJNFF0Qm5Ybzc4MjRRaGZfVnpYaXBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABtU+lR2e
HZVdpEtOab5Vwv2XuRlGcJZqMlPc5MH9QYpiQPOuqXCBdLTRBMcccmZUbg//nmuz
zGYW2tq3+J+CRwkI4QLeSGZDc6KGBjI9VKqnhAUDatDfdyvpfB1pv2e7EprSfESR
oalq6mZ1ooXOVpJbH4RssY/gPmUlKLhoUP1I2MZEVNYuh0tkEQ5NVSXQJDtX1JUN
tMEDVuwrF+tdvCcF72prsRjHooi8fP4u9Oi3C8yGg2/bkfAQyqNw2DTUCfn5n5ny
XTZT+Meb86NmwxEUO2CmpES4DG3KGnrXvXO50V+vQc2+1dCH/MJstzSCnAgDfmhS
5jjWx3MSOAtUEA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:27:42 2025 by rpki-client