Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/d612a3-4631-47de-940d-8be0d97682ab/1/4OOXbZ7LgwmoGB-9AlylL-8WGZk.mft
File: 4OOXbZ7LgwmoGB-9AlylL-8WGZk.mft (raw, json)
Hash identifier: bIjBPqfW9VW9hI1PMWVhUKd8Eh/IocK1QQTymsWLugM=
Subject key identifier: AF:2A:20:0C:51:7F:3D:2D:28:A5:FF:3B:A2:BF:68:8A:3C:D3:0E:88
Authority key identifier: E0:E3:97:6D:9E:CB:83:09:A8:18:1F:BD:02:5C:A5:2F:EF:16:19:99
Certificate issuer: /CN=e0e3976d9ecb8309a8181fbd025ca52fef161999
Certificate serial: 0199FD347FEFE2A3523EC86DEF6E117D72F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4OOXbZ7LgwmoGB-9AlylL-8WGZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/d612a3-4631-47de-940d-8be0d97682ab/1/4OOXbZ7LgwmoGB-9AlylL-8WGZk.mft
Manifest number: 0AFE
Signing time: Sun 19 Oct 2025 16:01:40 +0000
Manifest this update: Sun 19 Oct 2025 16:01:40 +0000
Manifest next update: Mon 20 Oct 2025 16:01:40 +0000
Files and hashes: 1: 2sQZrECcWQMz0yagYBj0rHZBNaA.roa (hash: ifVTyTkvryP5hww8yzaeOkfdrWnESnsheNSv99i7IM8=)
2: 4OOXbZ7LgwmoGB-9AlylL-8WGZk.crl (hash: Kbdj4ssntXJpiRyIjcqab0QOLEay7pV0BtLGSfKDZns=)
3: cK4llrkBdLlV4HeILjRyQ98esEM.roa (hash: MuU2BWlfRFj75k9zGngWfQu7w/ZtaYOQ1aHN3Tj8NDI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/d612a3-4631-47de-940d-8be0d97682ab/1/4OOXbZ7LgwmoGB-9AlylL-8WGZk.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/d612a3-4631-47de-940d-8be0d97682ab/1/4OOXbZ7LgwmoGB-9AlylL-8WGZk.mft
rsync://rpki.ripe.net/repository/DEFAULT/4OOXbZ7LgwmoGB-9AlylL-8WGZk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:34:7f:ef:e2:a3:52:3e:c8:6d:ef:6e:11:7d:72:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0e3976d9ecb8309a8181fbd025ca52fef161999
Validity
Not Before: Oct 19 16:01:40 2025 GMT
Not After : Oct 20 16:01:40 2025 GMT
Subject: CN=af2a200c517f3d2d28a5ff3ba2bf688a3cd30e88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0e:20:35:84:71:63:df:c0:4b:0d:cf:5a:46:
ab:d9:83:70:2b:11:c6:27:4b:2a:d6:5a:33:9f:3c:
c6:e0:4f:d0:3b:19:d8:28:15:e9:36:fe:52:8e:71:
7f:c4:cf:b0:0c:a3:fe:ea:ea:28:74:47:53:a5:43:
b1:13:40:39:d9:5b:61:9c:cd:be:92:66:30:c2:ce:
59:50:ae:bb:cc:36:f1:12:d3:97:4e:df:4b:54:bd:
c2:cf:c8:5d:4b:4a:73:3e:5e:64:d6:0a:5a:70:a4:
22:93:06:ba:49:b0:a2:ef:c4:18:66:ee:a2:f9:0b:
0f:21:2f:44:80:d8:d3:29:f9:b0:00:48:96:34:f5:
73:77:a8:2e:e6:b9:d7:b8:12:e5:2b:39:17:f5:ca:
c1:a0:12:5d:f9:0e:01:a8:8d:e7:8b:c3:38:01:97:
18:5b:0c:2b:c2:37:15:3e:4d:81:c6:78:82:f9:3e:
24:c2:5b:16:18:32:e4:5f:fc:39:08:6f:e0:06:b8:
18:ef:2b:df:c9:27:f0:b9:9c:21:62:d8:88:7c:9c:
72:28:7d:a9:8f:df:67:4b:71:19:c9:f7:d7:04:76:
f5:b3:70:3b:0c:1f:0d:af:7b:a0:bd:89:80:30:0f:
e8:64:39:65:ef:27:85:d7:83:81:65:3b:1b:b8:c4:
bd:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:2A:20:0C:51:7F:3D:2D:28:A5:FF:3B:A2:BF:68:8A:3C:D3:0E:88
X509v3 Authority Key Identifier:
keyid:E0:E3:97:6D:9E:CB:83:09:A8:18:1F:BD:02:5C:A5:2F:EF:16:19:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4OOXbZ7LgwmoGB-9AlylL-8WGZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/d612a3-4631-47de-940d-8be0d97682ab/1/4OOXbZ7LgwmoGB-9AlylL-8WGZk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/d612a3-4631-47de-940d-8be0d97682ab/1/4OOXbZ7LgwmoGB-9AlylL-8WGZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:3f:72:1e:8a:15:d0:67:1b:09:b4:d6:a4:4d:f3:59:5a:4b:
c2:87:a6:b7:6c:4c:be:1d:1c:11:b6:78:45:1c:1d:e0:ab:ba:
ed:57:c7:7c:27:1d:a0:42:19:a5:5d:c2:d5:73:52:77:e7:ff:
cd:f1:0c:c6:03:db:2a:66:9c:f3:9a:7f:3d:c8:26:11:86:06:
93:70:d6:f2:50:81:32:a0:87:22:f3:d0:0a:49:ab:a7:2a:01:
04:e4:1b:2c:7f:ad:1a:87:3b:88:68:5e:a7:5f:39:ac:a0:1a:
cf:ff:b1:79:12:4f:d6:85:ff:06:3b:3a:26:7b:4b:2e:31:1b:
c6:b2:bb:8c:11:17:3b:58:bf:fd:63:d4:96:45:ea:81:46:61:
0f:e8:26:2d:38:c7:38:94:85:21:1f:c4:a2:64:6f:89:d1:f4:
2f:bc:d1:e5:69:79:c1:48:55:99:0f:35:de:4f:ac:2f:79:35:
60:11:3a:a8:8f:84:18:98:32:80:52:25:d1:99:50:13:98:67:
13:05:f5:54:12:da:d0:ed:73:96:4c:36:34:62:37:42:48:a0:
c2:86:bc:a2:be:f4:73:89:3b:33:99:58:e5:5a:51:0d:82:4c:
5b:f2:01:cc:0f:3f:42:4a:3b:34:8d:6c:f0:7c:51:5c:e3:6d:
ed:bb:2b:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NH/v4qNSPsht724RfXL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZTM5NzZkOWVjYjgzMDlhODE4MWZiZDAyNWNhNTJmZWYx
NjE5OTkwHhcNMjUxMDE5MTYwMTQwWhcNMjUxMDIwMTYwMTQwWjAzMTEwLwYDVQQD
EyhhZjJhMjAwYzUxN2YzZDJkMjhhNWZmM2JhMmJmNjg4YTNjZDMwZTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvw4gNYRxY9/ASw3PWkar2YNwKxHG
J0sq1loznzzG4E/QOxnYKBXpNv5SjnF/xM+wDKP+6uoodEdTpUOxE0A52VthnM2+
kmYwws5ZUK67zDbxEtOXTt9LVL3Cz8hdS0pzPl5k1gpacKQikwa6SbCi78QYZu6i
+QsPIS9EgNjTKfmwAEiWNPVzd6gu5rnXuBLlKzkX9crBoBJd+Q4BqI3ni8M4AZcY
WwwrwjcVPk2BxniC+T4kwlsWGDLkX/w5CG/gBrgY7yvfySfwuZwhYtiIfJxyKH2p
j99nS3EZyffXBHb1s3A7DB8Nr3ugvYmAMA/oZDll7yeF14OBZTsbuMS9xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8qIAxRfz0tKKX/O6K/aIo80w6IMB8GA1UdIwQY
MBaAFODjl22ey4MJqBgfvQJcpS/vFhmZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE9PWGJaN0xnd21vR0ItOUFseWxMLThXR1prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9kNjEyYTMtNDYzMS00N2RlLTk0MGQt
OGJlMGQ5NzY4MmFiLzEvNE9PWGJaN0xnd21vR0ItOUFseWxMLThXR1prLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9kNjEyYTMtNDYzMS00N2RlLTk0MGQtOGJlMGQ5NzY4MmFi
LzEvNE9PWGJaN0xnd21vR0ItOUFseWxMLThXR1prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAND9yHooV
0GcbCbTWpE3zWVpLwoemt2xMvh0cEbZ4RRwd4Ku67VfHfCcdoEIZpV3C1XNSd+f/
zfEMxgPbKmac85p/PcgmEYYGk3DW8lCBMqCHIvPQCkmrpyoBBOQbLH+tGoc7iGhe
p185rKAaz/+xeRJP1oX/Bjs6JntLLjEbxrK7jBEXO1i//WPUlkXqgUZhD+gmLTjH
OJSFIR/EomRvidH0L7zR5Wl5wUhVmQ813k+sL3k1YBE6qI+EGJgygFIl0ZlQE5hn
EwX1VBLa0O1zlkw2NGI3Qkigwoa8or70c4k7M5lY5VpRDYJMW/IBzA8/Qko7NI1s
8HxRXONt7bsr2g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:29:45 2025 by rpki-client