Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft
File: OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft (raw, json)
Hash identifier: AF8QWWKSwZflFpVJnnx/WZjQow3eabHlbp7vI6U/zdA=
Subject key identifier: 74:29:C8:D1:9A:82:9C:70:33:53:1B:77:41:33:8D:E7:C4:1D:B0:99
Authority key identifier: 38:5C:F4:93:9B:EE:EA:EA:F4:40:9C:28:40:EB:34:4C:AB:08:50:E0
Certificate issuer: /CN=385cf4939beeeaeaf4409c2840eb344cab0850e0
Certificate serial: 0199FAD7B70E0E7C5B6078C54EAA765103CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFz0k5vu6ur0QJwoQOs0TKsIUOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft
Manifest number: 0C28
Signing time: Sun 19 Oct 2025 05:01:04 +0000
Manifest this update: Sun 19 Oct 2025 05:01:04 +0000
Manifest next update: Mon 20 Oct 2025 05:01:04 +0000
Files and hashes: 1: KI_OzKHWNWDApgfZA8fhKRHWYNw.roa (hash: KgInzOYraW/0zKTqbj1OirpA4x6saReBh+LdfK4ZXdI=)
2: OFz0k5vu6ur0QJwoQOs0TKsIUOA.crl (hash: jr+8bIBPlH3rWP7jJoIj0ddLpuRrpQXcKY32Ozi2YjA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OFz0k5vu6ur0QJwoQOs0TKsIUOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 05:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fa:d7:b7:0e:0e:7c:5b:60:78:c5:4e:aa:76:51:03:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385cf4939beeeaeaf4409c2840eb344cab0850e0
Validity
Not Before: Oct 19 05:01:04 2025 GMT
Not After : Oct 20 05:01:04 2025 GMT
Subject: CN=7429c8d19a829c7033531b7741338de7c41db099
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d9:68:fa:4c:19:e8:d2:ad:28:df:44:ae:21:
5d:f2:85:48:91:6b:dc:77:a8:26:0c:c6:b5:6d:7e:
4c:2a:4e:6d:65:39:d3:de:11:69:52:8a:df:c0:4b:
26:a8:12:45:79:af:41:ec:3c:02:72:70:59:55:6a:
d2:f1:31:dc:6b:41:91:3f:62:87:d0:cc:5c:0d:c2:
9f:ff:83:6e:b7:02:7c:a9:2c:bd:32:2e:b9:51:b6:
d8:62:80:80:36:79:0b:37:eb:ec:f0:58:e8:bd:7e:
24:06:06:82:4b:02:7f:13:52:29:4b:77:dd:92:03:
f6:0d:5b:6e:69:b3:7b:d3:ba:f0:97:47:54:30:19:
5d:3b:6c:a4:69:54:5b:ea:b9:a4:8a:b6:3d:31:dc:
80:33:d2:98:59:9b:1f:03:d8:c5:9f:d4:b5:84:81:
3f:f8:6a:c9:d4:d4:54:86:99:5b:f5:e4:09:37:45:
05:2a:95:3d:f6:b7:a4:29:9a:de:ea:ca:32:91:f4:
eb:2d:0d:47:2c:4b:b3:8b:06:90:1f:f2:b7:97:e7:
5f:ee:64:42:6e:2c:5a:32:7a:62:9e:dd:78:66:77:
e1:9a:fd:26:7e:43:23:ab:be:1f:42:b2:9f:aa:ea:
95:14:86:e7:d5:1b:12:1f:87:9c:14:75:5d:4a:92:
c2:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:29:C8:D1:9A:82:9C:70:33:53:1B:77:41:33:8D:E7:C4:1D:B0:99
X509v3 Authority Key Identifier:
keyid:38:5C:F4:93:9B:EE:EA:EA:F4:40:9C:28:40:EB:34:4C:AB:08:50:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFz0k5vu6ur0QJwoQOs0TKsIUOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:22:72:c1:09:20:56:e2:ea:3e:57:f2:96:a5:86:d5:62:0a:
e8:10:23:f5:ca:db:4b:c4:b5:cc:c1:0d:8f:c2:34:c2:56:37:
f1:fa:f3:72:59:f5:a8:88:ca:c5:ee:32:53:67:3b:cc:30:cc:
30:a0:f0:18:c1:5b:50:1a:37:64:d6:0e:4c:d8:e2:b0:5d:bb:
21:8d:6a:85:67:59:30:44:c1:18:4b:d5:ef:aa:67:ea:90:a6:
17:26:e2:9e:84:a9:32:fe:25:f3:a8:d3:fa:79:0e:7d:c0:f3:
d5:2c:15:c6:74:0f:39:15:6a:dd:dd:c8:02:d0:33:21:15:8e:
67:93:bb:ec:32:c9:43:1d:c8:a8:38:c5:d9:bb:03:2e:fd:af:
bc:f7:6e:67:f7:5b:41:ac:0f:7f:52:9e:45:aa:a7:d8:51:8a:
2b:61:5b:33:9a:19:07:12:33:fa:06:1a:6c:66:21:55:78:13:
3f:46:19:0d:2d:70:46:58:11:56:81:9f:8d:cc:c6:3a:1c:55:
24:c1:6a:c5:1d:87:e2:6d:c0:09:70:61:d2:0c:bc:16:45:2c:
64:84:47:07:e8:26:e2:52:0e:19:67:98:74:db:af:5e:56:aa:
43:40:ab:59:03:89:2f:8a:b8:c0:e2:ff:64:69:19:24:b7:3c:
f9:ff:61:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn617cODnxbYHjFTqp2UQPOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NWNmNDkzOWJlZWVhZWFmNDQwOWMyODQwZWIzNDRjYWIw
ODUwZTAwHhcNMjUxMDE5MDUwMTA0WhcNMjUxMDIwMDUwMTA0WjAzMTEwLwYDVQQD
Eyg3NDI5YzhkMTlhODI5YzcwMzM1MzFiNzc0MTMzOGRlN2M0MWRiMDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNlo+kwZ6NKtKN9EriFd8oVIkWvc
d6gmDMa1bX5MKk5tZTnT3hFpUorfwEsmqBJFea9B7DwCcnBZVWrS8THca0GRP2KH
0MxcDcKf/4NutwJ8qSy9Mi65UbbYYoCANnkLN+vs8FjovX4kBgaCSwJ/E1IpS3fd
kgP2DVtuabN707rwl0dUMBldO2ykaVRb6rmkirY9MdyAM9KYWZsfA9jFn9S1hIE/
+GrJ1NRUhplb9eQJN0UFKpU99rekKZre6soykfTrLQ1HLEuziwaQH/K3l+df7mRC
bixaMnpint14Znfhmv0mfkMjq74fQrKfquqVFIbn1RsSH4ecFHVdSpLCawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHQpyNGagpxwM1Mbd0EzjefEHbCZMB8GA1UdIwQY
MBaAFDhc9JOb7urq9ECcKEDrNEyrCFDgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Z6MGs1dnU2dXIwUUp3b1FPczBUS3NJVU9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8zNWI2YmQtMTRiNi00M2RjLTgzODQt
N2I3NjE1ZmYwZTk2LzEvT0Z6MGs1dnU2dXIwUUp3b1FPczBUS3NJVU9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8zNWI2YmQtMTRiNi00M2RjLTgzODQtN2I3NjE1ZmYwZTk2
LzEvT0Z6MGs1dnU2dXIwUUp3b1FPczBUS3NJVU9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANyJywQkg
VuLqPlfylqWG1WIK6BAj9crbS8S1zMENj8I0wlY38frzcln1qIjKxe4yU2c7zDDM
MKDwGMFbUBo3ZNYOTNjisF27IY1qhWdZMETBGEvV76pn6pCmFybinoSpMv4l86jT
+nkOfcDz1SwVxnQPORVq3d3IAtAzIRWOZ5O77DLJQx3IqDjF2bsDLv2vvPduZ/db
QawPf1KeRaqn2FGKK2FbM5oZBxIz+gYabGYhVXgTP0YZDS1wRlgRVoGfjczGOhxV
JMFqxR2H4m3ACXBh0gy8FkUsZIRHB+gm4lIOGWeYdNuvXlaqQ0CrWQOJL4q4wOL/
ZGkZJLc8+f9hvA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:06:08 2025 by rpki-client