Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft
File: OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft (raw, json)
Hash identifier: KXKsIRoCAqA73yXpH5ACzKOEHzjlS6o2dYoPK0bCkLE=
Subject key identifier: 18:BA:D5:EF:14:3B:EE:00:A5:06:E1:D4:0A:1D:1B:66:5A:DA:FC:78
Authority key identifier: 38:B9:12:A1:EA:B1:8E:B7:29:74:5E:89:78:13:8B:25:C4:40:77:61
Certificate issuer: /CN=38b912a1eab18eb729745e8978138b25c4407761
Certificate serial: 0199FC58B96FCCB652F94D10D9B866F66188
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLkSoeqxjrcpdF6JeBOLJcRAd2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft
Manifest number: 0DC4
Signing time: Sun 19 Oct 2025 12:01:36 +0000
Manifest this update: Sun 19 Oct 2025 12:01:36 +0000
Manifest next update: Mon 20 Oct 2025 12:01:36 +0000
Files and hashes: 1: FVz1Gs3goS-mz1CP7z4LNut0fHE.roa (hash: +EzGyBevLVejen0VLkmFtejit+8sBRd5jz7yFu64Sbw=)
2: OLkSoeqxjrcpdF6JeBOLJcRAd2E.crl (hash: XGo+GKk/s8fpRyjgIWhDBEs4tRAj5cAgQGj9yeYsp8Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLkSoeqxjrcpdF6JeBOLJcRAd2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:58:b9:6f:cc:b6:52:f9:4d:10:d9:b8:66:f6:61:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b912a1eab18eb729745e8978138b25c4407761
Validity
Not Before: Oct 19 12:01:36 2025 GMT
Not After : Oct 20 12:01:36 2025 GMT
Subject: CN=18bad5ef143bee00a506e1d40a1d1b665adafc78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f2:4e:58:19:ed:2c:73:12:10:dc:8c:72:10:
8e:92:36:f1:92:f4:9a:89:d9:b2:e4:f3:69:ad:a8:
25:c8:ef:fd:07:4d:66:06:c4:00:5b:d5:bd:ca:26:
57:a2:58:e6:ff:6b:09:09:c0:6f:a7:38:0c:c7:f3:
c6:f5:b0:86:08:a0:2d:19:7b:17:05:c6:08:78:7a:
97:82:1c:88:71:e3:70:15:44:8d:6c:ca:9d:39:1b:
8c:cb:fd:e7:61:be:0a:1b:6d:3d:98:b0:55:89:b6:
b4:24:f9:a7:b2:fe:18:e4:b5:22:19:bc:f9:98:63:
bb:42:ef:67:f1:4c:60:dd:52:f1:38:9d:0b:6b:02:
e7:8e:8e:57:c2:05:a4:f5:6b:02:3b:a8:28:a2:5f:
c8:f6:78:1f:b5:c0:a0:19:ac:88:a5:71:b7:34:2c:
fe:f4:a1:75:bd:92:53:38:dd:72:32:c2:15:97:3d:
99:21:47:e9:c7:0b:a3:54:3e:ef:e1:79:9f:07:f2:
82:a1:05:cb:d1:f5:17:fb:7f:f9:a0:73:86:43:d4:
53:c3:67:4a:3a:ea:f0:06:5b:b8:d0:60:be:dd:ea:
6d:26:8b:11:0a:5a:43:04:5d:e8:89:5b:52:c4:e3:
99:f8:fc:90:69:72:49:ac:d7:f2:2e:9b:86:eb:d6:
e3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:BA:D5:EF:14:3B:EE:00:A5:06:E1:D4:0A:1D:1B:66:5A:DA:FC:78
X509v3 Authority Key Identifier:
keyid:38:B9:12:A1:EA:B1:8E:B7:29:74:5E:89:78:13:8B:25:C4:40:77:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLkSoeqxjrcpdF6JeBOLJcRAd2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b7:d4:21:ec:08:25:05:5a:84:46:2a:eb:ee:3d:17:74:33:7e:
8f:ea:4e:52:85:e0:af:89:e2:bd:7e:05:8f:97:37:cf:12:84:
73:d2:2f:02:40:b5:d6:bc:e4:52:08:07:d1:4d:31:b9:b6:c1:
cc:fe:de:0b:35:c8:95:86:d8:aa:0c:4c:94:c1:4c:df:d0:7d:
81:13:cc:7b:09:ec:d2:5c:34:ea:1b:3c:84:95:57:f0:bf:5b:
39:af:1d:12:40:a0:23:db:76:de:ed:11:4c:12:48:ab:b9:77:
20:d9:e8:e9:00:3d:d6:8a:6d:06:f1:5a:b5:9e:f9:3f:fd:11:
7a:0c:b6:e2:97:75:ab:23:b3:14:db:6d:c9:24:04:90:df:4d:
59:09:eb:f7:89:a1:ee:65:f0:8a:2f:7c:1a:50:6b:ad:db:1d:
bc:75:55:b5:24:cb:82:e0:d1:71:16:8a:28:fe:23:19:08:b8:
4c:53:db:7b:0a:fc:2b:27:3e:ee:5d:eb:fe:57:47:50:dc:90:
5f:ef:ed:95:06:82:05:85:6b:bb:5a:f0:5a:e0:f3:fd:cb:30:
6c:91:b2:5e:ea:af:cd:4b:7e:0d:8c:51:1c:e0:53:79:25:01:
ac:ac:bc:81:2e:19:c4:f6:0c:20:d7:62:a6:f2:f6:cf:56:3f:
93:6f:a6:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WLlvzLZS+U0Q2bhm9mGIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjkxMmExZWFiMThlYjcyOTc0NWU4OTc4MTM4YjI1YzQ0
MDc3NjEwHhcNMjUxMDE5MTIwMTM2WhcNMjUxMDIwMTIwMTM2WjAzMTEwLwYDVQQD
EygxOGJhZDVlZjE0M2JlZTAwYTUwNmUxZDQwYTFkMWI2NjVhZGFmYzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfJOWBntLHMSENyMchCOkjbxkvSa
idmy5PNpraglyO/9B01mBsQAW9W9yiZXoljm/2sJCcBvpzgMx/PG9bCGCKAtGXsX
BcYIeHqXghyIceNwFUSNbMqdORuMy/3nYb4KG209mLBViba0JPmnsv4Y5LUiGbz5
mGO7Qu9n8Uxg3VLxOJ0LawLnjo5XwgWk9WsCO6gool/I9ngftcCgGayIpXG3NCz+
9KF1vZJTON1yMsIVlz2ZIUfpxwujVD7v4XmfB/KCoQXL0fUX+3/5oHOGQ9RTw2dK
OurwBlu40GC+3eptJosRClpDBF3oiVtSxOOZ+PyQaXJJrNfyLpuG69bjYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBi61e8UO+4ApQbh1AodG2Za2vx4MB8GA1UdIwQY
MBaAFDi5EqHqsY63KXReiXgTiyXEQHdhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xrU29lcXhqcmNwZEY2SmVCT0xKY1JBZDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8zZmFlOTYtNGFhZS00NTQ0LWJlZjIt
YzFkNTIxMTY2YmVjLzEvT0xrU29lcXhqcmNwZEY2SmVCT0xKY1JBZDJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8zZmFlOTYtNGFhZS00NTQ0LWJlZjItYzFkNTIxMTY2YmVj
LzEvT0xrU29lcXhqcmNwZEY2SmVCT0xKY1JBZDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt9Qh7Agl
BVqERirr7j0XdDN+j+pOUoXgr4nivX4Fj5c3zxKEc9IvAkC11rzkUggH0U0xubbB
zP7eCzXIlYbYqgxMlMFM39B9gRPMewns0lw06hs8hJVX8L9bOa8dEkCgI9t23u0R
TBJIq7l3INno6QA91optBvFatZ75P/0Regy24pd1qyOzFNttySQEkN9NWQnr94mh
7mXwii98GlBrrdsdvHVVtSTLguDRcRaKKP4jGQi4TFPbewr8Kyc+7l3r/ldHUNyQ
X+/tlQaCBYVru1rwWuDz/cswbJGyXuqvzUt+DYxRHOBTeSUBrKy8gS4ZxPYMINdi
pvL2z1Y/k2+mlQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:42:09 2025 by rpki-client