Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.mft
File: dOEz6h5A_BPgdOMncQpTRKlgtcA.mft (raw, json)
Hash identifier: m1czBjlsFzWipMDa76yKRnozPgBneQhX0TI1PzaCnjw=
Subject key identifier: EB:9D:1B:09:51:ED:16:86:D8:DB:92:C3:69:0C:82:48:29:51:28:E3
Authority key identifier: 74:E1:33:EA:1E:40:FC:13:E0:74:E3:27:71:0A:53:44:A9:60:B5:C0
Certificate issuer: /CN=74e133ea1e40fc13e074e327710a5344a960b5c0
Certificate serial: 019A0035D8B6C841390C96692A05D679E9B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.mft
Manifest number: 0D93
Signing time: Mon 20 Oct 2025 06:01:59 +0000
Manifest this update: Mon 20 Oct 2025 06:01:59 +0000
Manifest next update: Tue 21 Oct 2025 06:01:59 +0000
Files and hashes: 1: XXhZSJTw-3dSmsRY9bvXQqHBaIs.roa (hash: mmW0AxSNYmhmTbAA4XApc0Tjpzzlw3yy/NM/Jy4hxuI=)
2: dOEz6h5A_BPgdOMncQpTRKlgtcA.crl (hash: xomDJhj87+gAOSFNzm9hwyZQ34kmFrx7Oln2p1/4xIM=)
3: lQpPjj9gpOYnRRV52S0ec3Spick.roa (hash: 2/R15nQqw+pyTSeVtt80lTdeScEa1kOW3xe+Ueb0Hdo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 06:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:35:d8:b6:c8:41:39:0c:96:69:2a:05:d6:79:e9:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e133ea1e40fc13e074e327710a5344a960b5c0
Validity
Not Before: Oct 20 06:01:59 2025 GMT
Not After : Oct 21 06:01:59 2025 GMT
Subject: CN=eb9d1b0951ed1686d8db92c3690c8248295128e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2a:0e:c7:6a:2a:e2:8a:82:f9:6b:dc:18:ff:
4e:43:41:14:d7:1b:50:6c:57:7a:77:58:6e:43:5d:
43:21:fd:b8:f7:2c:cb:bc:92:54:93:bd:63:a6:81:
9c:79:48:3b:a2:d9:50:8e:6c:68:9c:d5:29:84:1a:
97:04:44:0d:8d:e7:2d:d8:7a:6c:c1:da:f6:b9:53:
6f:ab:36:2e:43:4a:aa:f7:14:11:c3:5f:b7:33:d5:
2c:58:a2:72:77:3e:1b:a5:a9:cd:e2:2a:db:42:25:
07:5b:76:c3:95:87:ff:f9:b2:a3:3b:ed:02:8d:5a:
5a:d5:25:ed:70:8f:68:d5:12:64:e1:aa:40:4f:cf:
16:90:ce:45:d5:d4:6e:d4:d7:3a:ec:24:30:d4:fc:
45:5f:13:e4:28:3a:0a:69:72:15:62:51:b2:04:77:
97:1a:7c:21:88:94:9d:31:ab:dd:38:a8:ad:56:5e:
52:b0:44:46:3f:1c:1b:60:89:4d:92:08:09:bc:61:
e7:27:d6:98:32:74:a4:04:1b:34:5c:21:ac:6f:44:
91:2e:78:b1:65:29:f1:68:7f:84:e5:a3:c2:7d:2d:
2a:fb:55:36:1c:a7:e0:b6:02:a5:c6:88:90:e2:09:
fc:9d:6c:72:0c:94:c9:64:f8:4e:8b:6b:ff:c0:4e:
bf:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:9D:1B:09:51:ED:16:86:D8:DB:92:C3:69:0C:82:48:29:51:28:E3
X509v3 Authority Key Identifier:
keyid:74:E1:33:EA:1E:40:FC:13:E0:74:E3:27:71:0A:53:44:A9:60:B5:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:e5:d0:bc:9a:a3:c7:90:a4:9c:04:a4:7c:b3:52:c6:b5:4a:
a7:80:7a:ac:75:49:1e:4e:e0:e6:aa:c1:c1:63:44:86:ef:af:
38:e6:0b:03:44:52:d2:66:43:18:ef:2c:30:e7:ed:0a:97:fd:
1e:2b:ee:52:68:1d:d1:7f:91:9c:b5:90:e4:da:f1:12:75:76:
fb:4f:e0:68:d9:54:30:d8:6b:df:b0:ad:04:ab:8d:f6:cd:64:
05:fd:08:0f:01:e4:1b:e9:b9:f4:5f:c4:3d:6f:59:69:00:0e:
25:f5:26:21:7b:fc:e5:70:f7:d4:52:10:e7:a5:83:42:0a:84:
8f:19:53:ea:95:e2:56:12:f5:69:c9:cd:47:17:c9:da:71:d7:
77:2d:97:db:58:8b:eb:cb:d4:b7:20:9c:e3:86:36:32:a0:e6:
f5:da:2d:6c:f4:04:39:6f:d7:79:c2:47:a3:52:c4:b1:0f:75:
dc:de:c1:87:12:57:44:0a:26:99:44:0a:ef:02:fa:ac:75:fa:
21:6d:4d:df:03:67:f0:b4:eb:2b:a0:e4:a4:70:74:10:b1:21:
d5:23:7f:62:0f:68:99:04:ef:05:94:0e:c3:8a:61:69:c4:2f:
11:6d:51:31:39:ef:89:0d:ae:60:bb:cd:fc:04:f1:a1:15:17:
b6:e7:55:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANdi2yEE5DJZpKgXWeem5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTEzM2VhMWU0MGZjMTNlMDc0ZTMyNzcxMGE1MzQ0YTk2
MGI1YzAwHhcNMjUxMDIwMDYwMTU5WhcNMjUxMDIxMDYwMTU5WjAzMTEwLwYDVQQD
EyhlYjlkMWIwOTUxZWQxNjg2ZDhkYjkyYzM2OTBjODI0ODI5NTEyOGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvioOx2oq4oqC+WvcGP9OQ0EU1xtQ
bFd6d1huQ11DIf249yzLvJJUk71jpoGceUg7otlQjmxonNUphBqXBEQNject2Hps
wdr2uVNvqzYuQ0qq9xQRw1+3M9UsWKJydz4bpanN4irbQiUHW3bDlYf/+bKjO+0C
jVpa1SXtcI9o1RJk4apAT88WkM5F1dRu1Nc67CQw1PxFXxPkKDoKaXIVYlGyBHeX
GnwhiJSdMavdOKitVl5SsERGPxwbYIlNkggJvGHnJ9aYMnSkBBs0XCGsb0SRLnix
ZSnxaH+E5aPCfS0q+1U2HKfgtgKlxoiQ4gn8nWxyDJTJZPhOi2v/wE6/CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOudGwlR7RaG2NuSw2kMgkgpUSjjMB8GA1UdIwQY
MBaAFHThM+oeQPwT4HTjJ3EKU0SpYLXAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9FejZoNUFfQlBnZE9NbmNRcFRSS2xndGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8xZjU1ODctY2I5Mi00OTE3LThjZjMt
MmNiOWUyMTcyZjk3LzEvZE9FejZoNUFfQlBnZE9NbmNRcFRSS2xndGNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8xZjU1ODctY2I5Mi00OTE3LThjZjMtMmNiOWUyMTcyZjk3
LzEvZE9FejZoNUFfQlBnZE9NbmNRcFRSS2xndGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi+XQvJqj
x5CknASkfLNSxrVKp4B6rHVJHk7g5qrBwWNEhu+vOOYLA0RS0mZDGO8sMOftCpf9
HivuUmgd0X+RnLWQ5NrxEnV2+0/gaNlUMNhr37CtBKuN9s1kBf0IDwHkG+m59F/E
PW9ZaQAOJfUmIXv85XD31FIQ56WDQgqEjxlT6pXiVhL1acnNRxfJ2nHXdy2X21iL
68vUtyCc44Y2MqDm9dotbPQEOW/XecJHo1LEsQ913N7BhxJXRAommUQK7wL6rHX6
IW1N3wNn8LTrK6DkpHB0ELEh1SN/Yg9omQTvBZQOw4phacQvEW1RMTnviQ2uYLvN
/ATxoRUXtudVEg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:32:38 2025 by rpki-client