Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
File: OXqyKGxnhx2rRXpygyl_yMaIpK8.mft (raw, json)
Hash identifier: WeO1M+VRaXgablZk1vhybJZ4Bu9X3zKBvid+Uu4kYO0=
Subject key identifier: 46:82:B4:29:81:D3:1F:22:4A:FC:0D:40:2F:2F:EB:58:5E:25:AE:F4
Authority key identifier: 39:7A:B2:28:6C:67:87:1D:AB:45:7A:72:83:29:7F:C8:C6:88:A4:AF
Certificate issuer: /CN=397ab2286c67871dab457a7283297fc8c688a4af
Certificate serial: 019A006C0C4F41FCBCB4750DF4D18B56D664
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
Manifest number: 16E1
Signing time: Mon 20 Oct 2025 07:01:12 +0000
Manifest this update: Mon 20 Oct 2025 07:01:12 +0000
Manifest next update: Tue 21 Oct 2025 07:01:12 +0000
Files and hashes: 1: OXqyKGxnhx2rRXpygyl_yMaIpK8.crl (hash: 5W9QxT61Qz0SlMBDuibrxb/Rao2GoCP6jXpWUq2wFY0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:6c:0c:4f:41:fc:bc:b4:75:0d:f4:d1:8b:56:d6:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=397ab2286c67871dab457a7283297fc8c688a4af
Validity
Not Before: Oct 20 07:01:12 2025 GMT
Not After : Oct 21 07:01:12 2025 GMT
Subject: CN=4682b42981d31f224afc0d402f2feb585e25aef4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:dc:09:4d:6b:f9:4b:2b:53:c8:1d:18:c5:49:
5f:75:57:07:d8:ec:61:6f:53:1a:08:20:fc:8d:c9:
3c:d1:b2:34:d1:f0:d8:f3:64:e4:46:51:6f:f4:91:
5a:7f:4c:ce:fd:c9:14:c7:a7:a9:b2:81:4b:f5:d6:
20:e9:b6:3d:15:9e:82:78:aa:44:15:21:79:7c:ca:
18:60:1d:95:4e:5c:a4:21:4c:31:5f:c4:7f:b0:eb:
17:47:87:59:6f:61:99:07:9e:f9:d9:24:33:8d:e9:
2f:99:39:4d:85:28:f6:5e:35:fb:71:8e:08:6d:ba:
8a:4d:4f:08:cc:65:05:95:20:67:eb:af:d2:1e:7a:
b5:82:05:78:93:7e:69:0c:ee:8e:27:31:d9:52:7a:
c5:a5:2d:b2:5b:de:1f:d2:97:0c:63:34:52:5e:94:
b1:2a:c7:50:9d:03:5a:f1:46:bd:cd:50:e5:e2:f8:
fa:0d:d0:05:73:c8:c3:2d:a2:68:2b:9d:a6:6e:f0:
11:09:88:ef:06:13:a8:2c:d2:89:40:86:84:68:43:
ea:62:c3:19:13:57:18:96:57:5f:c0:c2:59:af:c5:
0e:ba:de:8a:be:ad:b3:4b:29:ef:75:e7:df:86:04:
f4:46:f1:86:da:97:18:73:10:9c:7f:02:b5:13:2f:
d8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:82:B4:29:81:D3:1F:22:4A:FC:0D:40:2F:2F:EB:58:5E:25:AE:F4
X509v3 Authority Key Identifier:
keyid:39:7A:B2:28:6C:67:87:1D:AB:45:7A:72:83:29:7F:C8:C6:88:A4:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a9:1a:79:d6:82:2f:80:cc:d9:4e:88:82:6a:10:3c:c6:19:df:
33:91:89:21:d2:b9:97:9f:b1:a0:63:9e:cc:01:4c:2b:ce:3a:
8e:28:17:db:57:bd:bd:63:8d:b2:fd:0a:11:03:81:f3:98:39:
7b:2f:55:38:8b:c3:16:39:ac:fc:86:f5:d0:58:6f:2b:11:a2:
a6:e1:46:90:d0:6d:4c:f5:a0:21:36:01:74:9a:ea:d8:ab:44:
25:46:be:41:a7:82:c8:f5:fe:c9:7d:e9:9d:4e:af:33:1e:4a:
57:74:4f:bb:a3:f2:0b:c1:9b:2e:07:5f:68:81:47:62:0b:79:
e8:8c:39:ab:7d:08:b3:67:f0:ce:6a:61:ed:1c:fe:4c:c0:b8:
f2:fe:bb:b4:cf:b7:27:3b:80:64:77:8e:c1:4a:96:57:c1:b7:
78:21:28:6a:d5:c8:54:d4:16:12:37:e6:36:f8:89:99:9d:8b:
d6:0a:ad:91:6d:4e:c8:25:b5:ff:af:6b:d1:6b:2b:47:02:e6:
03:36:d3:03:27:68:13:90:60:68:eb:f9:b8:c4:ee:2a:67:be:
60:11:04:d7:f4:7d:fa:19:20:7a:bd:1f:d5:3e:87:d7:0c:a6:
ce:90:55:46:e0:1e:13:3f:fd:28:76:db:78:8e:db:cb:aa:ac:
07:61:9c:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAbAxPQfy8tHUN9NGLVtZkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5N2FiMjI4NmM2Nzg3MWRhYjQ1N2E3MjgzMjk3ZmM4YzY4
OGE0YWYwHhcNMjUxMDIwMDcwMTEyWhcNMjUxMDIxMDcwMTEyWjAzMTEwLwYDVQQD
Eyg0NjgyYjQyOTgxZDMxZjIyNGFmYzBkNDAyZjJmZWI1ODVlMjVhZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutwJTWv5SytTyB0YxUlfdVcH2Oxh
b1MaCCD8jck80bI00fDY82TkRlFv9JFaf0zO/ckUx6epsoFL9dYg6bY9FZ6CeKpE
FSF5fMoYYB2VTlykIUwxX8R/sOsXR4dZb2GZB5752SQzjekvmTlNhSj2XjX7cY4I
bbqKTU8IzGUFlSBn66/SHnq1ggV4k35pDO6OJzHZUnrFpS2yW94f0pcMYzRSXpSx
KsdQnQNa8Ua9zVDl4vj6DdAFc8jDLaJoK52mbvARCYjvBhOoLNKJQIaEaEPqYsMZ
E1cYlldfwMJZr8UOut6Kvq2zSynvdeffhgT0RvGG2pcYcxCcfwK1Ey/YfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEaCtCmB0x8iSvwNQC8v61heJa70MB8GA1UdIwQY
MBaAFDl6sihsZ4cdq0V6coMpf8jGiKSvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8yYjIxMjQtODc5NC00YThiLTk5MzAt
MzMyM2ZkMDYwYjliLzEvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8yYjIxMjQtODc5NC00YThiLTk5MzAtMzMyM2ZkMDYwYjli
LzEvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqRp51oIv
gMzZToiCahA8xhnfM5GJIdK5l5+xoGOezAFMK846jigX21e9vWONsv0KEQOB85g5
ey9VOIvDFjms/Ib10FhvKxGipuFGkNBtTPWgITYBdJrq2KtEJUa+QaeCyPX+yX3p
nU6vMx5KV3RPu6PyC8GbLgdfaIFHYgt56Iw5q30Is2fwzmph7Rz+TMC48v67tM+3
JzuAZHeOwUqWV8G3eCEoatXIVNQWEjfmNviJmZ2L1gqtkW1OyCW1/69r0WsrRwLm
AzbTAydoE5BgaOv5uMTuKme+YBEE1/R9+hkger0f1T6H1wymzpBVRuAeEz/9KHbb
eI7by6qsB2GcrQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:30:27 2025 by rpki-client