Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft
File: oUx52o8IwpnEYya3m55CTkmmh1s.mft (raw, json)
Hash identifier: 5l4NYm/bgq5aO77v8d3iIeD8PAt/KnMvhOlNGiavNII=
Subject key identifier: FD:21:DA:DE:06:82:7D:ED:F5:4A:D9:A1:C8:4C:84:48:D8:F6:32:AD
Authority key identifier: A1:4C:79:DA:8F:08:C2:99:C4:63:26:B7:9B:9E:42:4E:49:A6:87:5B
Certificate issuer: /CN=a14c79da8f08c299c46326b79b9e424e49a6875b
Certificate serial: 0199FBEB34B6FDA2F7492ABBC2CDAC41F622
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oUx52o8IwpnEYya3m55CTkmmh1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft
Manifest number: 1672
Signing time: Sun 19 Oct 2025 10:01:59 +0000
Manifest this update: Sun 19 Oct 2025 10:01:59 +0000
Manifest next update: Mon 20 Oct 2025 10:01:59 +0000
Files and hashes: 1: oUx52o8IwpnEYya3m55CTkmmh1s.crl (hash: vcwCCIsaGfwsUkKQhwU7IsoCRQ41y6OpA0PIgwwoMkA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft
rsync://rpki.ripe.net/repository/DEFAULT/oUx52o8IwpnEYya3m55CTkmmh1s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:34:b6:fd:a2:f7:49:2a:bb:c2:cd:ac:41:f6:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a14c79da8f08c299c46326b79b9e424e49a6875b
Validity
Not Before: Oct 19 10:01:59 2025 GMT
Not After : Oct 20 10:01:59 2025 GMT
Subject: CN=fd21dade06827dedf54ad9a1c84c8448d8f632ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:fd:c0:4c:ad:65:f9:d7:18:9b:2d:6d:97:08:
56:7d:4e:d5:b0:57:3e:5b:fc:98:a5:66:af:e9:3b:
7a:5b:03:02:c1:96:61:6b:ea:09:9a:ec:13:71:5c:
ea:ed:fe:ed:46:b9:60:9f:5d:cb:e4:84:c2:83:5b:
2d:95:ff:d6:e2:ce:cf:51:b5:b0:db:92:82:05:5c:
4d:06:5e:58:e6:f3:d3:a3:fe:ff:93:2f:83:8a:bb:
6d:c2:40:e5:ae:01:92:06:a8:df:13:47:fa:ce:9a:
c2:7c:da:3c:35:28:de:4c:5a:9c:9a:c6:11:20:4e:
16:8f:1d:1b:4c:38:2b:45:d3:fe:f9:85:3d:4e:0e:
67:fb:b9:48:47:66:0f:2f:50:89:42:54:2e:73:ac:
71:65:9a:bb:fd:24:b6:e8:8e:80:06:80:1e:b0:4c:
d5:f1:e2:f0:46:5b:27:1b:55:97:73:46:79:7e:06:
18:6e:fe:12:e1:dd:ab:ba:f4:5d:3e:a1:ad:f5:fa:
3a:9f:fa:f5:86:de:51:aa:24:6f:56:be:29:68:81:
d9:7d:5e:69:6a:a6:d5:3c:af:dd:4c:3a:46:01:d8:
ea:ef:ef:31:ef:15:04:82:7d:22:8e:bb:ac:3c:1b:
53:4e:1e:37:9e:ea:8f:b5:d6:6f:b4:bc:a6:5b:3b:
d0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:21:DA:DE:06:82:7D:ED:F5:4A:D9:A1:C8:4C:84:48:D8:F6:32:AD
X509v3 Authority Key Identifier:
keyid:A1:4C:79:DA:8F:08:C2:99:C4:63:26:B7:9B:9E:42:4E:49:A6:87:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUx52o8IwpnEYya3m55CTkmmh1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:d7:fe:c3:41:2a:eb:d7:c9:dc:bf:51:66:8b:c5:67:f9:2b:
b1:00:3e:ff:80:03:55:7d:04:39:2b:f6:15:ad:0e:f4:21:87:
44:87:b7:dc:64:fc:2c:08:5b:52:85:00:2e:87:d6:82:c8:ba:
df:b7:75:34:ce:fa:b0:c3:0b:3d:f5:3c:82:97:21:ef:db:b9:
80:f6:48:6d:e5:93:07:26:2b:91:fb:15:0f:67:b8:8c:55:ec:
57:fc:bc:9b:dc:11:51:46:ab:ae:40:b1:20:f6:df:32:9c:25:
fa:14:a4:1b:35:89:68:f8:1f:6a:6c:4d:34:98:b2:5f:9c:0a:
9f:05:3c:a1:e9:e6:62:10:26:d4:5c:89:ec:ad:02:3a:2b:ca:
8c:ff:5b:b0:7e:e3:10:43:49:a7:e0:c1:cb:af:e7:33:c4:b4:
6b:a6:12:f4:3a:5c:f8:ef:b3:e4:d7:8e:17:22:96:ff:fe:c8:
94:2f:79:eb:e2:a8:83:8e:74:cf:20:72:84:b8:63:79:fe:b8:
42:2a:8a:41:5d:8c:b5:12:ce:39:69:52:7c:04:6c:44:1f:a3:
64:83:d6:d7:f4:1b:41:d7:8b:c2:36:8d:90:f6:7e:1d:bd:a6:
85:bb:62:7f:aa:32:e8:0b:d4:f3:8a:d4:49:1b:3b:45:1b:bc:
f9:d9:f1:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76zS2/aL3SSq7ws2sQfYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNGM3OWRhOGYwOGMyOTljNDYzMjZiNzliOWU0MjRlNDlh
Njg3NWIwHhcNMjUxMDE5MTAwMTU5WhcNMjUxMDIwMTAwMTU5WjAzMTEwLwYDVQQD
EyhmZDIxZGFkZTA2ODI3ZGVkZjU0YWQ5YTFjODRjODQ0OGQ4ZjYzMmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhP3ATK1l+dcYmy1tlwhWfU7VsFc+
W/yYpWav6Tt6WwMCwZZha+oJmuwTcVzq7f7tRrlgn13L5ITCg1stlf/W4s7PUbWw
25KCBVxNBl5Y5vPTo/7/ky+DirttwkDlrgGSBqjfE0f6zprCfNo8NSjeTFqcmsYR
IE4Wjx0bTDgrRdP++YU9Tg5n+7lIR2YPL1CJQlQuc6xxZZq7/SS26I6ABoAesEzV
8eLwRlsnG1WXc0Z5fgYYbv4S4d2ruvRdPqGt9fo6n/r1ht5RqiRvVr4paIHZfV5p
aqbVPK/dTDpGAdjq7+8x7xUEgn0ijrusPBtTTh43nuqPtdZvtLymWzvQGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP0h2t4Ggn3t9UrZochMhEjY9jKtMB8GA1UdIwQY
MBaAFKFMedqPCMKZxGMmt5ueQk5JpodbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1V4NTJvOEl3cG5FWXlhM201NUNUa21taDFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yMmViNTMtNGY2MC00MTFiLTg0MDkt
ZDRjOTdmZjZlMTFlLzEvb1V4NTJvOEl3cG5FWXlhM201NUNUa21taDFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yMmViNTMtNGY2MC00MTFiLTg0MDktZDRjOTdmZjZlMTFl
LzEvb1V4NTJvOEl3cG5FWXlhM201NUNUa21taDFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgtf+w0Eq
69fJ3L9RZovFZ/krsQA+/4ADVX0EOSv2Fa0O9CGHRIe33GT8LAhbUoUALofWgsi6
37d1NM76sMMLPfU8gpch79u5gPZIbeWTByYrkfsVD2e4jFXsV/y8m9wRUUarrkCx
IPbfMpwl+hSkGzWJaPgfamxNNJiyX5wKnwU8oenmYhAm1FyJ7K0COivKjP9bsH7j
EENJp+DBy6/nM8S0a6YS9Dpc+O+z5NeOFyKW//7IlC956+Kog450zyByhLhjef64
QiqKQV2MtRLOOWlSfARsRB+jZIPW1/QbQdeLwjaNkPZ+Hb2mhbtif6oy6AvU84rU
SRs7RRu8+dnxPQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:24:28 2025 by rpki-client