Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/aa270a-c089-4778-9343-b7362edbd8ac/1/oMjNqBTnd9n-FUuS6ZWc4SCwrVg.mft
File: oMjNqBTnd9n-FUuS6ZWc4SCwrVg.mft (raw, json)
Hash identifier: /rE6h8XQH8bZc1flTXxdX34Wfmg0cujTE91bXcl4H4A=
Subject key identifier: 64:08:A0:0A:7D:85:08:7B:EB:7C:64:2C:D5:B3:15:DC:6F:B1:F4:59
Authority key identifier: A0:C8:CD:A8:14:E7:77:D9:FE:15:4B:92:E9:95:9C:E1:20:B0:AD:58
Certificate issuer: /CN=a0c8cda814e777d9fe154b92e9959ce120b0ad58
Certificate serial: 019A4E4F56DA6FEAA191E58F6C79C28333B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oMjNqBTnd9n-FUuS6ZWc4SCwrVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/aa270a-c089-4778-9343-b7362edbd8ac/1/oMjNqBTnd9n-FUuS6ZWc4SCwrVg.mft
Manifest number: 170A
Signing time: Tue 04 Nov 2025 10:00:13 +0000
Manifest this update: Tue 04 Nov 2025 10:00:13 +0000
Manifest next update: Wed 05 Nov 2025 10:00:13 +0000
Files and hashes: 1: RW4un6mRBfPzHloV5RnOReMxV4M.roa (hash: 6KtCB53EZaTt4rkvk3WW5xLU60zG4n/pYxl9BtxsfPs=)
2: oMjNqBTnd9n-FUuS6ZWc4SCwrVg.crl (hash: fxUFZfrT41badeugZFLaZgCJiL7OvAsz5fsNi3iVXEw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/aa270a-c089-4778-9343-b7362edbd8ac/1/oMjNqBTnd9n-FUuS6ZWc4SCwrVg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/aa270a-c089-4778-9343-b7362edbd8ac/1/oMjNqBTnd9n-FUuS6ZWc4SCwrVg.mft
rsync://rpki.ripe.net/repository/DEFAULT/oMjNqBTnd9n-FUuS6ZWc4SCwrVg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:4f:56:da:6f:ea:a1:91:e5:8f:6c:79:c2:83:33:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0c8cda814e777d9fe154b92e9959ce120b0ad58
Validity
Not Before: Nov 4 10:00:13 2025 GMT
Not After : Nov 5 10:00:13 2025 GMT
Subject: CN=6408a00a7d85087beb7c642cd5b315dc6fb1f459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9e:25:bd:11:d2:af:05:d8:a6:fc:83:5f:d3:
70:a3:ca:5b:b8:6d:7c:ca:73:5d:cf:36:d5:42:00:
84:46:c9:19:93:d9:1f:e9:0e:b4:12:a7:a7:fd:a5:
96:9a:51:d1:b6:1e:39:45:74:30:8c:e1:27:a9:b8:
43:00:cd:4a:cb:42:9e:c3:3b:33:a9:51:90:6f:4f:
f2:fe:0e:0c:96:b4:89:f8:51:6a:ce:0c:99:a9:cf:
18:c8:1f:b1:f0:a0:d3:84:1f:e2:87:39:6b:32:0f:
20:a7:e9:26:f4:61:e9:3b:b8:8f:e0:e6:66:00:db:
8e:72:28:6d:00:83:ac:cb:01:f9:ce:58:b4:bd:c0:
1b:39:b9:43:6f:44:dc:1b:d8:41:e0:8a:85:9e:25:
60:6b:1d:72:3a:60:be:91:30:4e:e6:cd:05:87:ce:
ee:a5:98:48:e5:ed:05:d1:53:bc:52:30:80:bf:2d:
a7:37:20:25:af:2b:26:ca:5a:fd:8d:b1:22:ad:56:
dd:34:b7:61:e2:72:23:78:06:1e:a1:0c:18:8b:d3:
17:05:90:0c:8f:b1:cc:90:cd:7b:47:1d:83:0a:19:
66:d9:75:57:72:1c:26:7a:80:6f:63:84:fd:0d:c2:
82:e4:08:61:d9:7e:d4:85:77:2c:fc:75:96:b8:0e:
68:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:08:A0:0A:7D:85:08:7B:EB:7C:64:2C:D5:B3:15:DC:6F:B1:F4:59
X509v3 Authority Key Identifier:
keyid:A0:C8:CD:A8:14:E7:77:D9:FE:15:4B:92:E9:95:9C:E1:20:B0:AD:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oMjNqBTnd9n-FUuS6ZWc4SCwrVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/aa270a-c089-4778-9343-b7362edbd8ac/1/oMjNqBTnd9n-FUuS6ZWc4SCwrVg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/aa270a-c089-4778-9343-b7362edbd8ac/1/oMjNqBTnd9n-FUuS6ZWc4SCwrVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
94:ff:b0:eb:50:4b:df:be:bd:69:ca:6c:1b:ad:c6:a9:b8:ac:
0a:24:7b:10:86:36:80:31:1c:0d:0c:e0:94:fb:98:cf:49:35:
b8:09:c7:1d:a9:2f:92:d3:48:38:a4:f9:4e:e9:a7:98:87:8b:
fb:e6:cc:bd:3a:c6:b6:3f:47:e5:3c:c2:1b:39:6e:28:0a:53:
84:24:bf:26:0c:3c:bd:cc:31:51:61:13:a5:2d:3f:23:e2:e9:
ef:b7:15:94:c8:cb:34:59:66:d6:10:75:b6:5e:7f:90:14:09:
11:5d:55:f5:c1:27:60:71:7b:7c:9c:20:03:eb:62:0b:2c:c3:
2e:de:29:be:c6:81:ca:dc:94:c6:8d:f8:d9:4d:f3:12:a7:05:
3f:43:63:f1:bc:57:6c:9e:77:4b:d5:1c:e8:d8:b1:af:d0:28:
b7:58:c5:5e:02:75:05:10:2d:99:b5:0e:77:8a:84:dc:8f:11:
79:99:28:75:16:7e:0e:03:16:c0:34:1d:2a:27:84:26:44:94:
3b:9f:23:21:75:a1:1f:ef:bf:83:fe:a8:2a:8d:c7:16:a0:85:
dd:a6:52:a7:28:c9:39:99:05:7f:a7:35:b0:cb:41:1d:26:58:
24:47:81:b6:20:ab:f1:cf:a3:14:5d:8d:e4:67:7f:af:33:e7:
07:25:55:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT1bab+qhkeWPbHnCgzO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYzhjZGE4MTRlNzc3ZDlmZTE1NGI5MmU5OTU5Y2UxMjBi
MGFkNTgwHhcNMjUxMTA0MTAwMDEzWhcNMjUxMTA1MTAwMDEzWjAzMTEwLwYDVQQD
Eyg2NDA4YTAwYTdkODUwODdiZWI3YzY0MmNkNWIzMTVkYzZmYjFmNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJ4lvRHSrwXYpvyDX9Nwo8pbuG18
ynNdzzbVQgCERskZk9kf6Q60Eqen/aWWmlHRth45RXQwjOEnqbhDAM1Ky0Kewzsz
qVGQb0/y/g4MlrSJ+FFqzgyZqc8YyB+x8KDThB/ihzlrMg8gp+km9GHpO7iP4OZm
ANuOcihtAIOsywH5zli0vcAbOblDb0TcG9hB4IqFniVgax1yOmC+kTBO5s0Fh87u
pZhI5e0F0VO8UjCAvy2nNyAlrysmylr9jbEirVbdNLdh4nIjeAYeoQwYi9MXBZAM
j7HMkM17Rx2DChlm2XVXchwmeoBvY4T9DcKC5Ahh2X7UhXcs/HWWuA5oUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGQIoAp9hQh763xkLNWzFdxvsfRZMB8GA1UdIwQY
MBaAFKDIzagU53fZ/hVLkumVnOEgsK1YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb01qTnFCVG5kOW4tRlV1UzZaV2M0U0N3clZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9hYTI3MGEtYzA4OS00Nzc4LTkzNDMt
YjczNjJlZGJkOGFjLzEvb01qTnFCVG5kOW4tRlV1UzZaV2M0U0N3clZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9hYTI3MGEtYzA4OS00Nzc4LTkzNDMtYjczNjJlZGJkOGFj
LzEvb01qTnFCVG5kOW4tRlV1UzZaV2M0U0N3clZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlP+w61BL
3769acpsG63GqbisCiR7EIY2gDEcDQzglPuYz0k1uAnHHakvktNIOKT5TumnmIeL
++bMvTrGtj9H5TzCGzluKApThCS/Jgw8vcwxUWETpS0/I+Lp77cVlMjLNFlm1hB1
tl5/kBQJEV1V9cEnYHF7fJwgA+tiCyzDLt4pvsaBytyUxo342U3zEqcFP0Nj8bxX
bJ53S9Uc6Nixr9Aot1jFXgJ1BRAtmbUOd4qE3I8ReZkodRZ+DgMWwDQdKieEJkSU
O58jIXWhH++/g/6oKo3HFqCF3aZSpyjJOZkFf6c1sMtBHSZYJEeBtiCr8c+jFF2N
5Gd/rzPnByVVjA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:55:25 2025 by rpki-client