
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft
File: OTioGkQSd0HZSaNVpH88tZk4mng.mft (raw, json)
Hash identifier: 1wMQd6+HKoAEGJNGOi8uOAGJOlynpdhLOg+9pMnfhOw=
Subject key identifier: 17:A1:88:AE:90:E0:88:77:39:5F:BD:0E:8C:4F:A7:5F:D0:B9:F8:60
Authority key identifier: 39:38:A8:1A:44:12:77:41:D9:49:A3:55:A4:7F:3C:B5:99:38:9A:78
Certificate issuer: /CN=3938a81a44127741d949a355a47f3cb599389a78
Certificate serial: 0199FC58D7129935D1EF24B245FFEAFAC479
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft
Manifest number: 1135
Signing time: Sun 19 Oct 2025 12:01:44 +0000
Manifest this update: Sun 19 Oct 2025 12:01:44 +0000
Manifest next update: Mon 20 Oct 2025 12:01:44 +0000
Files and hashes: 1: OTioGkQSd0HZSaNVpH88tZk4mng.crl (hash: amidLwv2Gf32QFhxFo0Xkmu9gZnYmOYsPUzzIIgwlD8=)
2: SyALsZDSYtge1NmYRoKzwbP5Vv8.roa (hash: rjh76rxbo7HoAknp3g/P2hhQiBIAvMqHmifN8tVtg/g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft
rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:58:d7:12:99:35:d1:ef:24:b2:45:ff:ea:fa:c4:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3938a81a44127741d949a355a47f3cb599389a78
Validity
Not Before: Oct 19 12:01:44 2025 GMT
Not After : Oct 20 12:01:44 2025 GMT
Subject: CN=17a188ae90e08877395fbd0e8c4fa75fd0b9f860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f8:5f:dd:1e:ba:9a:6a:c3:59:e1:b9:c6:b7:
4a:8a:6d:f2:1c:a8:8a:e0:7f:f8:df:a6:50:e6:5b:
c9:67:23:87:3d:33:79:ab:38:39:d8:ec:cf:02:73:
0c:74:d2:ab:91:ac:a8:7b:14:18:32:4b:90:8b:14:
a7:cb:7a:cd:5e:b6:25:dc:b4:ac:1a:81:82:f0:4b:
05:ae:6c:e5:05:31:87:47:31:bd:43:1d:d3:5e:db:
cd:08:c2:3b:69:bd:aa:4b:00:d4:3c:3e:79:24:2d:
db:37:f0:97:91:45:30:8c:1b:91:2e:8c:2e:6c:75:
9d:f8:5e:d0:00:2f:f2:c8:73:9d:d0:5a:5f:a3:d0:
d3:ef:71:d5:28:f1:fa:a0:64:ff:10:70:e6:02:34:
9c:f7:3f:01:b0:59:08:43:18:69:90:40:9d:2b:13:
6c:1d:13:80:9c:91:02:76:b6:c1:c4:7a:88:99:c1:
27:74:36:23:d7:9f:66:21:13:38:f3:8e:8b:b8:da:
32:3e:a5:17:0c:7e:d3:6b:45:a4:b7:2a:13:45:52:
ee:6f:0d:1e:70:eb:1a:32:de:2e:cf:8a:02:e7:1c:
11:7d:c8:80:81:f7:95:39:18:c9:ad:0b:cf:ba:1e:
ce:f4:0a:53:90:01:87:9d:4c:b5:f0:54:97:07:c8:
16:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:A1:88:AE:90:E0:88:77:39:5F:BD:0E:8C:4F:A7:5F:D0:B9:F8:60
X509v3 Authority Key Identifier:
keyid:39:38:A8:1A:44:12:77:41:D9:49:A3:55:A4:7F:3C:B5:99:38:9A:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:76:cd:73:f2:90:23:9f:13:f2:30:83:b8:5b:ce:b3:f4:00:
d0:da:b2:c5:4d:fd:a7:b3:04:39:0f:ba:f3:14:e2:97:5c:12:
fc:a3:79:d2:35:99:e3:55:c1:94:45:68:29:e6:13:62:72:c5:
28:c7:b4:cf:bf:74:b6:b0:0b:39:96:88:ee:45:93:a2:7f:ca:
eb:28:a8:bc:bc:ce:9a:fe:cb:68:49:67:7d:39:a4:17:65:40:
61:32:95:f3:07:1e:f8:4c:26:aa:42:c9:ff:1a:c3:1e:7e:cb:
1d:70:19:5e:52:72:fa:2a:59:2c:02:52:62:99:5e:8a:b4:d0:
c7:17:58:98:43:9e:0e:cb:40:15:6a:4f:60:fe:68:e9:cd:6b:
cb:4a:29:8b:05:39:f1:e6:2c:1c:01:2b:26:44:0a:b2:9a:19:
f7:f1:b1:c6:6d:cf:1c:fc:7b:e3:75:43:97:a3:25:9e:04:8f:
36:3e:cc:8d:55:21:50:10:79:f3:7b:82:ba:c0:4e:07:51:bd:
52:7b:b9:ee:c8:6f:fa:c7:3a:cc:71:0a:a8:0d:0e:24:d1:49:
00:fc:14:18:7a:38:99:06:f3:6d:f9:80:96:cd:ab:e6:d5:f0:
97:ef:c1:a8:42:82:a5:58:6a:12:81:7a:4f:c4:e0:b9:ab:9b:
ba:b9:bf:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WNcSmTXR7ySyRf/q+sR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MzhhODFhNDQxMjc3NDFkOTQ5YTM1NWE0N2YzY2I1OTkz
ODlhNzgwHhcNMjUxMDE5MTIwMTQ0WhcNMjUxMDIwMTIwMTQ0WjAzMTEwLwYDVQQD
EygxN2ExODhhZTkwZTA4ODc3Mzk1ZmJkMGU4YzRmYTc1ZmQwYjlmODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/hf3R66mmrDWeG5xrdKim3yHKiK
4H/436ZQ5lvJZyOHPTN5qzg52OzPAnMMdNKrkayoexQYMkuQixSny3rNXrYl3LSs
GoGC8EsFrmzlBTGHRzG9Qx3TXtvNCMI7ab2qSwDUPD55JC3bN/CXkUUwjBuRLowu
bHWd+F7QAC/yyHOd0Fpfo9DT73HVKPH6oGT/EHDmAjSc9z8BsFkIQxhpkECdKxNs
HROAnJECdrbBxHqImcEndDYj159mIRM4846LuNoyPqUXDH7Ta0WktyoTRVLubw0e
cOsaMt4uz4oC5xwRfciAgfeVORjJrQvPuh7O9ApTkAGHnUy18FSXB8gWlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBehiK6Q4Ih3OV+9DoxPp1/QufhgMB8GA1UdIwQY
MBaAFDk4qBpEEndB2UmjVaR/PLWZOJp4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wMmNhYjUtNTliNC00ZDkwLWE1ZGIt
ZmQyMTRjYWNmYjYyLzEvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wMmNhYjUtNTliNC00ZDkwLWE1ZGItZmQyMTRjYWNmYjYy
LzEvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX3bNc/KQ
I58T8jCDuFvOs/QA0NqyxU39p7MEOQ+68xTil1wS/KN50jWZ41XBlEVoKeYTYnLF
KMe0z790trALOZaI7kWTon/K6yiovLzOmv7LaElnfTmkF2VAYTKV8wce+EwmqkLJ
/xrDHn7LHXAZXlJy+ipZLAJSYpleirTQxxdYmEOeDstAFWpPYP5o6c1ry0opiwU5
8eYsHAErJkQKspoZ9/Gxxm3PHPx743VDl6MlngSPNj7MjVUhUBB583uCusBOB1G9
Unu57shv+sc6zHEKqA0OJNFJAPwUGHo4mQbzbfmAls2r5tXwl+/BqEKCpVhqEoF6
T8Tguauburm/HA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:45:38 2025 by rpki-client