Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.mft
File: dOEz6h5A_BPgdOMncQpTRKlgtcA.mft (raw, json)
Hash identifier: PtWYtzTvQLCy/JdMUeosbPPcb/149fEI6MCq8J9bTDM=
Subject key identifier: 43:AC:6B:5D:D3:8C:BB:9F:03:59:EF:88:76:9E:87:71:83:8D:CE:0F
Authority key identifier: 74:E1:33:EA:1E:40:FC:13:E0:74:E3:27:71:0A:53:44:A9:60:B5:C0
Certificate issuer: /CN=74e133ea1e40fc13e074e327710a5344a960b5c0
Certificate serial: 0199FE46F2E8F39B59652C7DE120B9AA0FB1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.mft
Manifest number: 0D92
Signing time: Sun 19 Oct 2025 21:01:26 +0000
Manifest this update: Sun 19 Oct 2025 21:01:26 +0000
Manifest next update: Mon 20 Oct 2025 21:01:26 +0000
Files and hashes: 1: XXhZSJTw-3dSmsRY9bvXQqHBaIs.roa (hash: mmW0AxSNYmhmTbAA4XApc0Tjpzzlw3yy/NM/Jy4hxuI=)
2: dOEz6h5A_BPgdOMncQpTRKlgtcA.crl (hash: 8gnAm/flbmkLNxnKXaGnYX3+nCSEwkAC9be+8XBzZfI=)
3: lQpPjj9gpOYnRRV52S0ec3Spick.roa (hash: 2/R15nQqw+pyTSeVtt80lTdeScEa1kOW3xe+Ueb0Hdo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:46:f2:e8:f3:9b:59:65:2c:7d:e1:20:b9:aa:0f:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e133ea1e40fc13e074e327710a5344a960b5c0
Validity
Not Before: Oct 19 21:01:26 2025 GMT
Not After : Oct 20 21:01:26 2025 GMT
Subject: CN=43ac6b5dd38cbb9f0359ef88769e8771838dce0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0b:79:cc:8c:39:a2:90:0a:d0:10:79:b7:cd:
76:4b:30:c9:17:80:db:7e:51:5d:8e:52:5e:72:c3:
95:23:09:8b:81:2e:46:da:a4:cf:01:08:4a:fc:aa:
02:56:0c:16:5c:b1:1b:1c:3e:4f:ba:21:92:55:a7:
77:6a:97:c2:67:44:1c:2a:5e:87:a4:a6:9b:c2:41:
51:7b:e0:f3:3b:b5:fa:02:d5:3b:6a:78:b1:92:e6:
ab:79:96:94:89:df:c2:42:5b:14:48:fa:9d:ab:db:
ee:09:ab:5d:80:56:ba:a6:99:b4:b4:eb:f8:12:d7:
a2:ba:87:a6:11:7b:27:b9:25:6d:1f:43:e0:9b:ea:
43:4d:3d:23:dd:b2:d4:39:11:0e:f0:75:4a:54:38:
71:d8:9a:75:7b:99:50:ec:17:f0:de:21:fd:60:cc:
97:3f:27:82:e4:ce:52:95:0b:89:fe:48:34:0a:60:
cd:56:03:12:4f:15:4f:df:4c:32:6b:1e:34:2d:dc:
e8:56:55:f1:fa:1c:7c:11:f5:29:a1:4a:05:25:9f:
80:f5:21:65:f9:6e:52:1b:d0:d2:8b:19:d2:c1:44:
e7:e0:69:bd:e8:d3:b9:4e:e9:84:2d:85:85:93:9b:
66:4c:24:11:4d:b6:cd:cf:4e:88:b6:e1:0f:ea:33:
42:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:AC:6B:5D:D3:8C:BB:9F:03:59:EF:88:76:9E:87:71:83:8D:CE:0F
X509v3 Authority Key Identifier:
keyid:74:E1:33:EA:1E:40:FC:13:E0:74:E3:27:71:0A:53:44:A9:60:B5:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:94:46:c0:47:35:04:7e:ff:97:00:04:c2:44:92:19:27:86:
f5:e2:85:c9:7b:bc:1d:05:cf:0f:a7:5c:c5:b3:22:04:79:9e:
99:3f:08:60:11:5d:8a:f4:6f:49:5a:6a:c3:ba:f0:9f:33:30:
00:a4:97:e4:50:73:b5:2e:8f:dd:91:36:3d:fc:29:05:e3:10:
e6:58:62:5a:78:0b:20:32:f0:8f:ee:43:d0:af:84:70:ce:bc:
1e:06:58:c4:db:75:29:83:3c:47:6a:95:fc:8e:4c:7b:e3:08:
53:5c:26:56:3d:d8:e8:5b:84:29:75:ce:72:62:2e:cf:ed:0a:
0b:89:55:b6:3e:3f:be:8e:ff:e0:f1:f7:85:bb:d7:9d:9c:f4:
70:3d:ea:e0:92:e7:9a:fb:57:4c:0a:f9:fb:ee:da:52:8c:41:
02:76:8c:2f:21:a9:1a:aa:ef:16:1d:29:15:d5:cd:8d:f5:3f:
01:1f:91:c5:d0:c8:07:01:4b:95:c0:39:d9:5d:77:fc:b3:10:
38:37:56:e4:9f:82:1b:2f:b5:03:eb:a5:d0:06:b8:2f:91:01:
4f:77:de:d0:03:14:0e:34:67:31:c1:db:7d:1f:d9:f2:73:aa:
9f:80:0f:cf:41:41:82:b6:f2:94:a8:7d:9d:4b:97:fa:cb:1b:
10:3b:74:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+RvLo85tZZSx94SC5qg+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTEzM2VhMWU0MGZjMTNlMDc0ZTMyNzcxMGE1MzQ0YTk2
MGI1YzAwHhcNMjUxMDE5MjEwMTI2WhcNMjUxMDIwMjEwMTI2WjAzMTEwLwYDVQQD
Eyg0M2FjNmI1ZGQzOGNiYjlmMDM1OWVmODg3NjllODc3MTgzOGRjZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogt5zIw5opAK0BB5t812SzDJF4Db
flFdjlJecsOVIwmLgS5G2qTPAQhK/KoCVgwWXLEbHD5PuiGSVad3apfCZ0QcKl6H
pKabwkFRe+DzO7X6AtU7anixkuareZaUid/CQlsUSPqdq9vuCatdgFa6ppm0tOv4
EteiuoemEXsnuSVtH0Pgm+pDTT0j3bLUOREO8HVKVDhx2Jp1e5lQ7Bfw3iH9YMyX
PyeC5M5SlQuJ/kg0CmDNVgMSTxVP30wyax40LdzoVlXx+hx8EfUpoUoFJZ+A9SFl
+W5SG9DSixnSwUTn4Gm96NO5TumELYWFk5tmTCQRTbbNz06ItuEP6jNC+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEOsa13TjLufA1nviHaeh3GDjc4PMB8GA1UdIwQY
MBaAFHThM+oeQPwT4HTjJ3EKU0SpYLXAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9FejZoNUFfQlBnZE9NbmNRcFRSS2xndGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8xZjU1ODctY2I5Mi00OTE3LThjZjMt
MmNiOWUyMTcyZjk3LzEvZE9FejZoNUFfQlBnZE9NbmNRcFRSS2xndGNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8xZjU1ODctY2I5Mi00OTE3LThjZjMtMmNiOWUyMTcyZjk3
LzEvZE9FejZoNUFfQlBnZE9NbmNRcFRSS2xndGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL5RGwEc1
BH7/lwAEwkSSGSeG9eKFyXu8HQXPD6dcxbMiBHmemT8IYBFdivRvSVpqw7rwnzMw
AKSX5FBztS6P3ZE2PfwpBeMQ5lhiWngLIDLwj+5D0K+EcM68HgZYxNt1KYM8R2qV
/I5Me+MIU1wmVj3Y6FuEKXXOcmIuz+0KC4lVtj4/vo7/4PH3hbvXnZz0cD3q4JLn
mvtXTAr5++7aUoxBAnaMLyGpGqrvFh0pFdXNjfU/AR+RxdDIBwFLlcA52V13/LMQ
ODdW5J+CGy+1A+ul0Aa4L5EBT3fe0AMUDjRnMcHbfR/Z8nOqn4APz0FBgrbylKh9
nUuX+ssbEDt0Sw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:48:07 2025 by rpki-client