Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
File: oCN2bGLetRKXFVcI7MtCHIsEeAo.mft (raw, json)
Hash identifier: 2kjO6S7zwzHeAGZmbMzQE62qCh6U3RT3877yMlvB12M=
Subject key identifier: F1:48:DB:A2:85:4B:E6:E9:C1:DD:50:97:99:52:61:6A:08:EB:EB:4A
Authority key identifier: A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A
Certificate issuer: /CN=a023766c62deb51297155708eccb421c8b04780a
Certificate serial: 0199FC58456D3876037557FBAEB92635F23B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
Manifest number: 1434
Signing time: Sun 19 Oct 2025 12:01:07 +0000
Manifest this update: Sun 19 Oct 2025 12:01:07 +0000
Manifest next update: Mon 20 Oct 2025 12:01:07 +0000
Files and hashes: 1: PsA85a4H5xNStqYehaGt_kPhY_U.roa (hash: CXsyF83m91+hpp7kQqr/RLoFFacqimzuhgmwugEeGmk=)
2: oCN2bGLetRKXFVcI7MtCHIsEeAo.crl (hash: 959NaX77OJUBWS2TsMielpVm+Wg+2UgjP/M9QOgAxOs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:58:45:6d:38:76:03:75:57:fb:ae:b9:26:35:f2:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a023766c62deb51297155708eccb421c8b04780a
Validity
Not Before: Oct 19 12:01:07 2025 GMT
Not After : Oct 20 12:01:07 2025 GMT
Subject: CN=f148dba2854be6e9c1dd50979952616a08ebeb4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:68:8a:5b:b9:65:bc:4e:c0:80:3c:45:5f:fe:
44:99:66:fc:37:17:c5:f6:d7:8f:a4:91:90:96:53:
79:c1:9b:0c:7d:70:81:cb:4d:aa:37:1b:2d:13:33:
f9:6c:3e:fc:4a:43:d3:88:78:e1:71:4f:b5:b1:70:
4b:0d:d0:de:32:bc:58:fa:a3:16:b0:2c:02:09:f0:
bd:5e:e6:74:2c:3e:7e:e7:d4:03:c1:96:8d:54:91:
bd:bf:34:5b:90:d9:34:7b:17:f1:15:a2:f6:d9:4d:
aa:3c:3e:b6:ae:33:a3:57:59:97:0a:9f:df:1c:91:
2c:a8:f6:85:e3:48:bc:ad:e2:12:e4:6c:b2:db:f7:
cb:54:fd:35:79:e8:5c:9b:c4:55:d0:33:0a:20:fa:
36:78:d2:cf:47:1c:88:b0:19:07:9f:0b:3f:a4:6b:
25:78:6f:12:19:88:6a:81:b3:72:ec:b6:b1:2f:d0:
11:54:be:cd:b5:be:8f:bf:3c:22:18:ae:cc:99:d1:
58:e7:e8:cf:40:32:c0:4d:1c:ac:7f:86:da:64:b1:
3b:49:55:a9:01:20:4e:16:7f:ea:77:2b:00:e5:8d:
cd:65:13:a3:71:db:4a:42:31:72:35:23:46:a5:f6:
c3:7c:fd:67:4c:c4:0f:95:a9:bc:be:bc:e3:f1:73:
d5:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:48:DB:A2:85:4B:E6:E9:C1:DD:50:97:99:52:61:6A:08:EB:EB:4A
X509v3 Authority Key Identifier:
keyid:A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:ae:87:27:7c:74:d3:3f:39:b0:a4:71:f5:85:f6:43:b3:e8:
34:ea:64:ae:9f:99:1b:1b:6b:0a:b0:84:c2:f3:38:ff:0b:30:
ba:55:bf:6a:54:8f:be:34:f8:ac:34:64:2f:e3:03:27:7d:98:
11:f3:ad:23:ea:14:65:ed:4c:7c:61:e5:48:1e:c5:e7:e2:98:
7f:d7:90:fa:32:3f:e6:bc:a6:f2:7a:fb:30:b0:ae:3f:2e:43:
bc:4d:0a:bc:06:9b:eb:45:bf:db:c1:37:68:ba:6d:f5:99:cd:
fd:b0:77:b2:49:bf:64:a7:45:6d:76:34:37:91:97:0d:57:bd:
11:2f:6a:4d:9e:3e:4d:31:73:87:cb:7b:52:57:cb:97:8d:e8:
4c:71:49:5b:cd:29:21:a6:ec:db:63:f3:dd:7b:29:a8:76:45:
c7:f9:6a:29:08:e0:2f:7d:04:ad:13:36:3e:7b:1b:73:9b:4b:
bf:bd:4b:33:98:d6:37:53:80:a1:64:a2:78:7a:3c:83:a8:4b:
b5:31:bd:86:2f:fc:41:53:c3:bb:3f:db:dc:29:c9:23:a6:ce:
84:52:16:15:5e:25:bc:9d:ff:f0:bc:98:0b:61:fd:d3:a7:d1:
0d:1c:e9:79:e5:5c:2b:f0:d3:6d:16:8a:57:24:de:ac:2f:3a:
f5:cd:cd:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WEVtOHYDdVf7rrkmNfI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjM3NjZjNjJkZWI1MTI5NzE1NTcwOGVjY2I0MjFjOGIw
NDc4MGEwHhcNMjUxMDE5MTIwMTA3WhcNMjUxMDIwMTIwMTA3WjAzMTEwLwYDVQQD
EyhmMTQ4ZGJhMjg1NGJlNmU5YzFkZDUwOTc5OTUyNjE2YTA4ZWJlYjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGiKW7llvE7AgDxFX/5EmWb8NxfF
9tePpJGQllN5wZsMfXCBy02qNxstEzP5bD78SkPTiHjhcU+1sXBLDdDeMrxY+qMW
sCwCCfC9XuZ0LD5+59QDwZaNVJG9vzRbkNk0exfxFaL22U2qPD62rjOjV1mXCp/f
HJEsqPaF40i8reIS5Gyy2/fLVP01eehcm8RV0DMKIPo2eNLPRxyIsBkHnws/pGsl
eG8SGYhqgbNy7LaxL9ARVL7Ntb6PvzwiGK7MmdFY5+jPQDLATRysf4baZLE7SVWp
ASBOFn/qdysA5Y3NZROjcdtKQjFyNSNGpfbDfP1nTMQPlam8vrzj8XPVoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPFI26KFS+bpwd1Ql5lSYWoI6+tKMB8GA1UdIwQY
MBaAFKAjdmxi3rUSlxVXCOzLQhyLBHgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAt
YTNhMTAwZWY4NmRlLzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAtYTNhMTAwZWY4NmRl
LzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXq6HJ3x0
0z85sKRx9YX2Q7PoNOpkrp+ZGxtrCrCEwvM4/wswulW/alSPvjT4rDRkL+MDJ32Y
EfOtI+oUZe1MfGHlSB7F5+KYf9eQ+jI/5rym8nr7MLCuPy5DvE0KvAab60W/28E3
aLpt9ZnN/bB3skm/ZKdFbXY0N5GXDVe9ES9qTZ4+TTFzh8t7UlfLl43oTHFJW80p
Iabs22Pz3XspqHZFx/lqKQjgL30ErRM2Pnsbc5tLv71LM5jWN1OAoWSieHo8g6hL
tTG9hi/8QVPDuz/b3CnJI6bOhFIWFV4lvJ3/8LyYC2H906fRDRzpeeVcK/DTbRaK
VyTerC869c3NsQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:30:44 2025 by rpki-client