Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
File: otCM3GpDDvDaiCmRcla2rY0KNvk.mft (raw, json)
Hash identifier: EwvvALqXq/W7zw+z73qcJ+x8UGv4YUimRfxemZfox94=
Subject key identifier: 36:7C:94:36:D5:4F:12:29:8C:F2:29:2E:27:77:BF:71:F6:F9:B7:6E
Authority key identifier: A2:D0:8C:DC:6A:43:0E:F0:DA:88:29:91:72:56:B6:AD:8D:0A:36:F9
Certificate issuer: /CN=a2d08cdc6a430ef0da8829917256b6ad8d0a36f9
Certificate serial: 0199FBEB4C97466C0BFB9A2903C0D2964301
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
Manifest number: 0905
Signing time: Sun 19 Oct 2025 10:02:05 +0000
Manifest this update: Sun 19 Oct 2025 10:02:05 +0000
Manifest next update: Mon 20 Oct 2025 10:02:05 +0000
Files and hashes: 1: otCM3GpDDvDaiCmRcla2rY0KNvk.crl (hash: f7679F1hwPnlrEmAH9GVOhTECuvxS4QzElEGKtCjG/0=)
2: uWHHQqBwsm-RgF6BGlPrCIiU5u8.roa (hash: c70DUe86Dscr+BOk1RbQf+gmFBszpSvbzYy8111R1f4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:02:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:4c:97:46:6c:0b:fb:9a:29:03:c0:d2:96:43:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d08cdc6a430ef0da8829917256b6ad8d0a36f9
Validity
Not Before: Oct 19 10:02:05 2025 GMT
Not After : Oct 20 10:02:05 2025 GMT
Subject: CN=367c9436d54f12298cf2292e2777bf71f6f9b76e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0b:d6:92:c4:70:59:af:f4:e8:37:c1:68:01:
1f:b1:1d:f2:df:39:7e:41:11:c5:a8:3a:51:bc:db:
34:45:f2:76:9c:9c:6a:6c:62:97:2b:71:16:d4:c4:
fd:65:cf:bd:c0:57:ef:7e:09:02:11:77:03:fb:61:
4c:55:c5:99:cc:16:1f:7d:0b:19:ed:06:03:97:09:
db:da:8d:7f:9c:1b:56:b7:19:72:0c:6d:15:c6:5d:
c0:9c:2f:69:68:d7:b7:a0:d6:60:96:73:ee:a6:51:
21:64:5a:dd:cd:97:f0:5a:9f:ea:35:80:68:fd:66:
d0:34:ba:31:ff:05:46:e7:43:b5:6a:34:3e:66:d4:
df:f8:a3:73:7f:59:fa:30:23:46:c9:3f:1b:28:9f:
01:83:55:90:5a:90:d3:2c:17:63:93:12:56:8d:f0:
04:b8:06:3a:ff:92:bc:98:2e:88:89:94:c2:19:8a:
21:bb:0a:af:fe:53:92:6c:8c:4f:77:f7:82:90:f4:
cd:7a:fb:c7:a5:ae:f1:8c:b1:8a:e1:af:0e:2b:e8:
dc:b9:7d:fd:a6:ef:c6:5e:62:53:7d:fc:5a:e0:34:
93:2d:2f:1e:f4:f0:8c:87:05:34:4c:bd:d1:2c:4e:
7e:53:ec:a4:94:4b:86:42:ae:18:a0:4d:15:ff:c1:
ac:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:7C:94:36:D5:4F:12:29:8C:F2:29:2E:27:77:BF:71:F6:F9:B7:6E
X509v3 Authority Key Identifier:
keyid:A2:D0:8C:DC:6A:43:0E:F0:DA:88:29:91:72:56:B6:AD:8D:0A:36:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:79:60:06:14:9c:f9:95:ad:e2:8c:41:de:a5:71:e1:f8:ad:
30:78:5e:94:c8:ef:34:37:36:11:e9:9a:6f:74:8a:fc:65:93:
88:ef:e1:6d:1b:ab:b7:e2:ef:63:65:22:1b:c3:89:61:2b:ef:
3c:08:35:60:fa:29:bc:05:f4:f1:99:1f:1a:93:c6:0f:8a:b2:
f5:bf:6c:1e:29:1a:55:5b:67:d3:b6:8c:95:fa:2e:46:89:5a:
d4:1e:08:38:d0:bc:fe:2a:8b:55:a2:cd:69:3b:eb:d4:c4:d8:
6e:20:95:13:9a:f6:2e:7a:71:be:a0:df:e2:14:61:11:47:57:
dd:d8:3e:92:c0:92:fb:96:d1:8e:55:91:a5:ff:40:f8:08:06:
a4:4a:d7:e2:bf:26:10:b3:7d:7a:db:d4:4f:79:c5:ab:3e:9d:
bc:a9:c7:a5:f1:38:9d:5e:14:1c:e6:5e:70:44:e6:c6:38:7a:
6f:87:59:f9:e9:38:3e:8b:60:9b:ae:85:6a:a2:71:7d:f1:90:
f1:b4:29:82:d6:2c:56:28:5f:9d:58:8f:f4:32:0f:94:24:b5:
54:31:a9:ea:b3:38:43:f4:a6:c6:af:9e:23:d9:12:e5:2a:5f:
60:32:b4:da:61:0f:78:84:7e:55:87:d6:2e:21:b6:6b:5c:44:
23:60:8f:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn760yXRmwL+5opA8DSlkMBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDA4Y2RjNmE0MzBlZjBkYTg4Mjk5MTcyNTZiNmFkOGQw
YTM2ZjkwHhcNMjUxMDE5MTAwMjA1WhcNMjUxMDIwMTAwMjA1WjAzMTEwLwYDVQQD
EygzNjdjOTQzNmQ1NGYxMjI5OGNmMjI5MmUyNzc3YmY3MWY2ZjliNzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgvWksRwWa/06DfBaAEfsR3y3zl+
QRHFqDpRvNs0RfJ2nJxqbGKXK3EW1MT9Zc+9wFfvfgkCEXcD+2FMVcWZzBYffQsZ
7QYDlwnb2o1/nBtWtxlyDG0Vxl3AnC9paNe3oNZglnPuplEhZFrdzZfwWp/qNYBo
/WbQNLox/wVG50O1ajQ+ZtTf+KNzf1n6MCNGyT8bKJ8Bg1WQWpDTLBdjkxJWjfAE
uAY6/5K8mC6IiZTCGYohuwqv/lOSbIxPd/eCkPTNevvHpa7xjLGK4a8OK+jcuX39
pu/GXmJTffxa4DSTLS8e9PCMhwU0TL3RLE5+U+yklEuGQq4YoE0V/8Gs2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDZ8lDbVTxIpjPIpLid3v3H2+bduMB8GA1UdIwQY
MBaAFKLQjNxqQw7w2ogpkXJWtq2NCjb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9iYzE5Y2MtMGY1My00ZDEwLWFmOTMt
ZGMwMWExOWIyODU2LzEvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9iYzE5Y2MtMGY1My00ZDEwLWFmOTMtZGMwMWExOWIyODU2
LzEvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd3lgBhSc
+ZWt4oxB3qVx4fitMHhelMjvNDc2Eemab3SK/GWTiO/hbRurt+LvY2UiG8OJYSvv
PAg1YPopvAX08ZkfGpPGD4qy9b9sHikaVVtn07aMlfouRola1B4IONC8/iqLVaLN
aTvr1MTYbiCVE5r2LnpxvqDf4hRhEUdX3dg+ksCS+5bRjlWRpf9A+AgGpErX4r8m
ELN9etvUT3nFqz6dvKnHpfE4nV4UHOZecETmxjh6b4dZ+ek4Potgm66FaqJxffGQ
8bQpgtYsVihfnViP9DIPlCS1VDGp6rM4Q/Smxq+eI9kS5SpfYDK02mEPeIR+VYfW
LiG2a1xEI2CPOA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:56:04 2025 by rpki-client