Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/b57892-cd3d-4f06-91f7-55387bfb5e66/1/dotOLq79y-wVupnop6IcieSyzL0.mft
File: dotOLq79y-wVupnop6IcieSyzL0.mft (raw, json)
Hash identifier: pgRlaNTS6UBnAuMOVauu7yWIn7yJpTaHpu3FO4FsYxw=
Subject key identifier: A3:3F:92:62:66:2B:F1:7C:2A:BA:2F:52:3E:FF:E9:69:85:99:BB:AA
Authority key identifier: 76:8B:4E:2E:AE:FD:CB:EC:15:BA:99:E8:A7:A2:1C:89:E4:B2:CC:BD
Certificate issuer: /CN=768b4e2eaefdcbec15ba99e8a7a21c89e4b2ccbd
Certificate serial: 0199FBEC18EB81FADED0D252A7964EA4B1C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dotOLq79y-wVupnop6IcieSyzL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/b57892-cd3d-4f06-91f7-55387bfb5e66/1/dotOLq79y-wVupnop6IcieSyzL0.mft
Manifest number: 024D
Signing time: Sun 19 Oct 2025 10:02:58 +0000
Manifest this update: Sun 19 Oct 2025 10:02:58 +0000
Manifest next update: Mon 20 Oct 2025 10:02:58 +0000
Files and hashes: 1: 2d_NXZtW0ODYRMQ4wdJe7FkxoW0.roa (hash: PhAe9DgdWLVDbJJiZelbxMyByKXlfBNEMtHqWSG1jZ8=)
2: dotOLq79y-wVupnop6IcieSyzL0.crl (hash: a3ONGkGubKeZP6KqGX5qFgkauLf0Ds781q9YM3LlAAY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/b57892-cd3d-4f06-91f7-55387bfb5e66/1/dotOLq79y-wVupnop6IcieSyzL0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/b57892-cd3d-4f06-91f7-55387bfb5e66/1/dotOLq79y-wVupnop6IcieSyzL0.mft
rsync://rpki.ripe.net/repository/DEFAULT/dotOLq79y-wVupnop6IcieSyzL0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:ec:18:eb:81:fa:de:d0:d2:52:a7:96:4e:a4:b1:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=768b4e2eaefdcbec15ba99e8a7a21c89e4b2ccbd
Validity
Not Before: Oct 19 10:02:58 2025 GMT
Not After : Oct 20 10:02:58 2025 GMT
Subject: CN=a33f9262662bf17c2aba2f523effe9698599bbaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a4:f6:f6:71:42:8b:06:d3:ab:8a:53:bd:80:
6f:2e:83:0e:54:51:38:80:9a:dc:e1:28:2b:5d:75:
4a:57:ed:0a:ec:81:0e:34:c1:4b:17:5f:0f:33:39:
e3:ba:5e:11:19:47:ef:4a:b1:9b:ec:48:4d:64:0a:
3a:68:57:3b:0a:ae:24:93:f5:71:11:da:00:d3:d2:
03:9f:87:10:3c:59:c1:95:bb:8e:4a:3c:1e:62:1b:
b4:93:d0:e2:d4:b6:40:ee:ce:a5:a8:50:af:2e:d1:
1e:c0:6b:e1:7f:17:90:8e:79:b6:1b:3f:cf:0a:7b:
07:9c:a3:89:2c:87:99:8b:59:b1:75:b0:d1:17:16:
7e:31:40:01:4b:b0:ce:7b:ca:1c:4c:d1:26:6b:7b:
e8:aa:15:a4:51:c6:23:cf:a0:11:9a:c0:2f:f1:c8:
75:87:1c:99:65:1d:15:f7:e3:1c:d8:4c:18:b8:d1:
63:c7:9d:c7:d5:ba:b6:d1:41:a2:53:e9:36:2e:1f:
23:45:d6:d3:29:02:ab:08:6e:d3:13:47:69:2d:a4:
8c:70:a4:2f:31:2b:ab:7f:e4:08:ea:b3:2e:8c:9e:
78:09:d5:08:44:eb:02:af:a1:76:f1:1f:54:48:73:
08:bc:56:4f:87:1a:1e:53:72:05:5b:77:1a:df:32:
7e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:3F:92:62:66:2B:F1:7C:2A:BA:2F:52:3E:FF:E9:69:85:99:BB:AA
X509v3 Authority Key Identifier:
keyid:76:8B:4E:2E:AE:FD:CB:EC:15:BA:99:E8:A7:A2:1C:89:E4:B2:CC:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dotOLq79y-wVupnop6IcieSyzL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/b57892-cd3d-4f06-91f7-55387bfb5e66/1/dotOLq79y-wVupnop6IcieSyzL0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/b57892-cd3d-4f06-91f7-55387bfb5e66/1/dotOLq79y-wVupnop6IcieSyzL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:22:a4:00:b3:a3:b3:6c:2c:87:98:d5:c0:b7:c8:19:90:2f:
f9:50:a4:b2:fa:b7:e9:80:18:72:16:bd:69:b9:90:60:32:a4:
90:3b:80:75:24:e5:56:f5:b9:e7:17:32:b3:21:3f:d9:b0:de:
42:2c:7b:28:38:f4:94:df:88:c7:77:d1:64:a9:12:81:b4:fa:
12:10:cb:78:a7:fc:e9:d0:31:64:c1:23:f2:2e:e9:15:96:c9:
00:02:25:85:f4:42:ec:30:d6:ff:02:ca:32:0b:d9:5a:80:25:
ca:85:ed:b0:5c:60:37:6e:77:b0:08:e8:71:c6:f5:74:75:71:
00:71:09:e2:e8:2a:cd:40:fd:b4:8a:64:cf:3b:0a:4e:a9:29:
d4:82:af:b7:5c:ee:05:fe:8e:4f:54:66:81:9a:c9:f0:8f:07:
f7:52:05:44:8f:ee:19:e5:2a:a1:84:d0:86:02:d9:4e:46:82:
2e:d9:e0:72:61:e1:df:38:0f:fd:09:60:56:f1:66:f4:0c:d7:
99:b2:9a:d4:c6:af:30:82:01:67:37:20:82:82:19:9f:81:f8:
d8:36:b9:dd:22:0f:ea:5b:85:4d:73:7a:c7:25:c9:d4:68:cf:
f6:43:d5:76:4e:1d:c0:9f:74:3a:37:4c:b4:3e:62:9a:1f:f2:
ef:5a:34:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77Bjrgfre0NJSp5ZOpLHCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2OGI0ZTJlYWVmZGNiZWMxNWJhOTllOGE3YTIxYzg5ZTRi
MmNjYmQwHhcNMjUxMDE5MTAwMjU4WhcNMjUxMDIwMTAwMjU4WjAzMTEwLwYDVQQD
EyhhMzNmOTI2MjY2MmJmMTdjMmFiYTJmNTIzZWZmZTk2OTg1OTliYmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16T29nFCiwbTq4pTvYBvLoMOVFE4
gJrc4SgrXXVKV+0K7IEONMFLF18PMznjul4RGUfvSrGb7EhNZAo6aFc7Cq4kk/Vx
EdoA09IDn4cQPFnBlbuOSjweYhu0k9Di1LZA7s6lqFCvLtEewGvhfxeQjnm2Gz/P
CnsHnKOJLIeZi1mxdbDRFxZ+MUABS7DOe8ocTNEma3voqhWkUcYjz6ARmsAv8ch1
hxyZZR0V9+Mc2EwYuNFjx53H1bq20UGiU+k2Lh8jRdbTKQKrCG7TE0dpLaSMcKQv
MSurf+QI6rMujJ54CdUIROsCr6F28R9USHMIvFZPhxoeU3IFW3ca3zJ+DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKM/kmJmK/F8KrovUj7/6WmFmbuqMB8GA1UdIwQY
MBaAFHaLTi6u/cvsFbqZ6KeiHInkssy9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG90T0xxNzl5LXdWdXBub3A2SWNpZVN5ekwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9iNTc4OTItY2QzZC00ZjA2LTkxZjct
NTUzODdiZmI1ZTY2LzEvZG90T0xxNzl5LXdWdXBub3A2SWNpZVN5ekwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9iNTc4OTItY2QzZC00ZjA2LTkxZjctNTUzODdiZmI1ZTY2
LzEvZG90T0xxNzl5LXdWdXBub3A2SWNpZVN5ekwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKyKkALOj
s2wsh5jVwLfIGZAv+VCksvq36YAYcha9abmQYDKkkDuAdSTlVvW55xcysyE/2bDe
Qix7KDj0lN+Ix3fRZKkSgbT6EhDLeKf86dAxZMEj8i7pFZbJAAIlhfRC7DDW/wLK
MgvZWoAlyoXtsFxgN253sAjoccb1dHVxAHEJ4ugqzUD9tIpkzzsKTqkp1IKvt1zu
Bf6OT1RmgZrJ8I8H91IFRI/uGeUqoYTQhgLZTkaCLtngcmHh3zgP/QlgVvFm9AzX
mbKa1MavMIIBZzcggoIZn4H42Da53SIP6luFTXN6xyXJ1GjP9kPVdk4dwJ90OjdM
tD5imh/y71o09Q==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:07:39 2025 by rpki-client