Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/38486c-9de3-44ef-ab29-58f3f37ccdd9/1/os1DAbKJXx2YqFDlic58BjxTn00.mft
File: os1DAbKJXx2YqFDlic58BjxTn00.mft (raw, json)
Hash identifier: WCRv0L+BfX4GlmHB5mphTqAm2rLDhUVkLH6rWhw9ZeM=
Subject key identifier: 29:A8:C4:0C:EB:CA:6E:C7:57:13:A1:D6:EC:24:92:D2:84:41:9C:4F
Authority key identifier: A2:CD:43:01:B2:89:5F:1D:98:A8:50:E5:89:CE:7C:06:3C:53:9F:4D
Certificate issuer: /CN=a2cd4301b2895f1d98a850e589ce7c063c539f4d
Certificate serial: 0199FFFE4DC8353F86DCDC15B3A081D7B74B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/os1DAbKJXx2YqFDlic58BjxTn00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/38486c-9de3-44ef-ab29-58f3f37ccdd9/1/os1DAbKJXx2YqFDlic58BjxTn00.mft
Manifest number: 1249
Signing time: Mon 20 Oct 2025 05:01:20 +0000
Manifest this update: Mon 20 Oct 2025 05:01:20 +0000
Manifest next update: Tue 21 Oct 2025 05:01:20 +0000
Files and hashes: 1: KAKz0xo2XXEBIDI7U4s2tUakP98.roa (hash: nzwZHLIuL4E1A+Jcxn7qeWA8mqGxoFVori2v9JbkLPE=)
2: os1DAbKJXx2YqFDlic58BjxTn00.crl (hash: aoMDJ0gplwFwoZwOq2u92FYI/F4KzEXMPjc98uQtEfs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/38486c-9de3-44ef-ab29-58f3f37ccdd9/1/os1DAbKJXx2YqFDlic58BjxTn00.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/38486c-9de3-44ef-ab29-58f3f37ccdd9/1/os1DAbKJXx2YqFDlic58BjxTn00.mft
rsync://rpki.ripe.net/repository/DEFAULT/os1DAbKJXx2YqFDlic58BjxTn00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 05:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:fe:4d:c8:35:3f:86:dc:dc:15:b3:a0:81:d7:b7:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2cd4301b2895f1d98a850e589ce7c063c539f4d
Validity
Not Before: Oct 20 05:01:20 2025 GMT
Not After : Oct 21 05:01:20 2025 GMT
Subject: CN=29a8c40cebca6ec75713a1d6ec2492d284419c4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:08:d7:b6:76:89:fc:26:74:32:ff:93:de:f2:
d0:82:48:fc:62:03:7e:eb:b4:61:a8:c1:e5:6c:db:
34:4a:43:6a:92:53:70:6d:63:50:92:e8:82:8d:26:
20:07:0b:ef:b5:c4:de:92:13:f8:f0:2d:8f:1c:ba:
54:a3:d6:09:66:e7:c8:3d:ba:6d:8d:10:4b:19:48:
9d:0d:51:ce:a9:5b:9f:f1:6b:fe:7b:72:26:30:2e:
1a:87:ea:91:bd:45:4b:ed:3c:6a:09:e1:3e:5e:a9:
ca:df:2a:dd:0f:83:70:56:96:14:05:31:72:a0:eb:
d0:b6:86:ef:20:aa:5e:90:05:20:1e:af:a2:c9:d8:
3a:fd:41:b6:e1:af:eb:a5:e8:79:11:2a:14:84:c8:
53:f8:45:dd:1a:c6:ea:29:9d:b8:de:e6:47:ce:52:
9d:18:32:8e:43:43:2f:5d:5b:c1:68:81:e3:a0:fb:
6e:2a:d8:18:96:12:5f:b7:89:45:8a:c4:da:9b:b7:
fb:2d:95:49:63:7e:07:7e:c9:63:41:6b:49:8b:3b:
9d:f5:b9:be:2e:08:ed:11:74:94:05:01:7b:4a:97:
35:42:cc:ec:b0:f9:e2:f0:dd:b9:53:c0:89:5f:2f:
d2:0d:95:09:17:33:61:a7:20:6b:f6:32:e4:8a:63:
9a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A8:C4:0C:EB:CA:6E:C7:57:13:A1:D6:EC:24:92:D2:84:41:9C:4F
X509v3 Authority Key Identifier:
keyid:A2:CD:43:01:B2:89:5F:1D:98:A8:50:E5:89:CE:7C:06:3C:53:9F:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/os1DAbKJXx2YqFDlic58BjxTn00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/38486c-9de3-44ef-ab29-58f3f37ccdd9/1/os1DAbKJXx2YqFDlic58BjxTn00.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/38486c-9de3-44ef-ab29-58f3f37ccdd9/1/os1DAbKJXx2YqFDlic58BjxTn00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c6:da:40:d0:c4:3f:50:24:e2:5e:62:1c:0e:f8:89:e7:10:c1:
c1:51:f4:dd:b3:44:a0:9a:4a:4b:32:57:e2:39:e3:b6:f2:b6:
1c:2b:86:e2:85:8d:c6:68:0a:9d:c7:c9:38:3f:72:87:83:35:
9c:ea:b8:31:c7:94:d8:e9:45:96:a7:07:b3:f1:65:52:d3:25:
3c:f3:d1:46:93:29:03:14:fd:78:66:dc:a2:43:05:c6:0c:19:
31:4d:11:60:ee:e2:e2:9e:70:ba:6b:5d:f1:24:06:4a:7b:39:
e0:a3:e0:4a:ac:d2:e2:74:da:b2:e9:45:1b:57:f9:96:36:0c:
58:41:3f:ae:54:84:a3:20:d8:5a:2b:cc:be:80:c4:8f:c6:f3:
3d:65:da:19:c7:28:7a:ae:b9:1c:70:8f:03:45:c0:72:0f:89:
5f:f9:dd:05:17:d5:d7:1b:6e:ce:ef:19:c2:be:ad:2b:92:88:
d7:af:45:03:5e:9f:e2:cc:cc:fb:19:99:8b:42:44:c5:f6:59:
32:43:e4:23:59:f1:8f:03:92:d6:8c:2a:6e:d9:2c:80:a7:e3:
3d:cc:cf:d6:b6:a3:de:ad:0f:0c:52:61:7d:14:cb:9b:fe:d1:
8b:40:6f:53:d7:cf:ef:53:d9:65:89:39:a1:d3:84:a6:f1:0b:
e4:fa:a4:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn//k3INT+G3NwVs6CB17dLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyY2Q0MzAxYjI4OTVmMWQ5OGE4NTBlNTg5Y2U3YzA2M2M1
MzlmNGQwHhcNMjUxMDIwMDUwMTIwWhcNMjUxMDIxMDUwMTIwWjAzMTEwLwYDVQQD
EygyOWE4YzQwY2ViY2E2ZWM3NTcxM2ExZDZlYzI0OTJkMjg0NDE5YzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QjXtnaJ/CZ0Mv+T3vLQgkj8YgN+
67RhqMHlbNs0SkNqklNwbWNQkuiCjSYgBwvvtcTekhP48C2PHLpUo9YJZufIPbpt
jRBLGUidDVHOqVuf8Wv+e3ImMC4ah+qRvUVL7TxqCeE+XqnK3yrdD4NwVpYUBTFy
oOvQtobvIKpekAUgHq+iydg6/UG24a/rpeh5ESoUhMhT+EXdGsbqKZ243uZHzlKd
GDKOQ0MvXVvBaIHjoPtuKtgYlhJft4lFisTam7f7LZVJY34HfsljQWtJizud9bm+
LgjtEXSUBQF7Spc1QszssPni8N25U8CJXy/SDZUJFzNhpyBr9jLkimOaUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCmoxAzrym7HVxOh1uwkktKEQZxPMB8GA1UdIwQY
MBaAFKLNQwGyiV8dmKhQ5YnOfAY8U59NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3MxREFiS0pYeDJZcUZEbGljNThCanhUbjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zODQ4NmMtOWRlMy00NGVmLWFiMjkt
NThmM2YzN2NjZGQ5LzEvb3MxREFiS0pYeDJZcUZEbGljNThCanhUbjAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8zODQ4NmMtOWRlMy00NGVmLWFiMjktNThmM2YzN2NjZGQ5
LzEvb3MxREFiS0pYeDJZcUZEbGljNThCanhUbjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxtpA0MQ/
UCTiXmIcDviJ5xDBwVH03bNEoJpKSzJX4jnjtvK2HCuG4oWNxmgKncfJOD9yh4M1
nOq4MceU2OlFlqcHs/FlUtMlPPPRRpMpAxT9eGbcokMFxgwZMU0RYO7i4p5wumtd
8SQGSns54KPgSqzS4nTasulFG1f5ljYMWEE/rlSEoyDYWivMvoDEj8bzPWXaGcco
eq65HHCPA0XAcg+JX/ndBRfV1xtuzu8Zwr6tK5KI169FA16f4szM+xmZi0JExfZZ
MkPkI1nxjwOS1owqbtksgKfjPczP1raj3q0PDFJhfRTLm/7Ri0BvU9fP71PZZYk5
odOEpvEL5Pqk0A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:55:39 2025 by rpki-client