Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft
File: OzdnJSANjYwAzw91FK8l_zYjEPA.mft (raw, json)
Hash identifier: lW9S1efMQR8BxeDn84eaJOa8ymj1p01PFan0ctu6Ogk=
Subject key identifier: 02:B5:62:B2:DC:86:2D:EA:C4:B2:B0:A1:F7:3C:82:32:DE:3A:EA:61
Authority key identifier: 3B:37:67:25:20:0D:8D:8C:00:CF:0F:75:14:AF:25:FF:36:23:10:F0
Certificate issuer: /CN=3b376725200d8d8c00cf0f7514af25ff362310f0
Certificate serial: 019A4EF5A35437C2DADBF00CE501A1CF355D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OzdnJSANjYwAzw91FK8l_zYjEPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft
Manifest number: 170E
Signing time: Tue 04 Nov 2025 13:01:52 +0000
Manifest this update: Tue 04 Nov 2025 13:01:52 +0000
Manifest next update: Wed 05 Nov 2025 13:01:52 +0000
Files and hashes: 1: OzdnJSANjYwAzw91FK8l_zYjEPA.crl (hash: 8LZ0k7xTNB+E0iwuAMm3vZNgnC4gnZa+fe+KXuyhmEY=)
2: mY9DqP6sBYRDAuWwviu5NNB6lIA.roa (hash: Jpwfq6zWzFUKhEKM7+C1EDuHC9fqQSYeca6cvS8lEYo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OzdnJSANjYwAzw91FK8l_zYjEPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:a3:54:37:c2:da:db:f0:0c:e5:01:a1:cf:35:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b376725200d8d8c00cf0f7514af25ff362310f0
Validity
Not Before: Nov 4 13:01:52 2025 GMT
Not After : Nov 5 13:01:52 2025 GMT
Subject: CN=02b562b2dc862deac4b2b0a1f73c8232de3aea61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:7b:fb:0d:69:2e:34:fe:4e:1e:d2:a7:07:c9:
dd:c9:86:12:29:6d:33:30:f8:5a:97:18:f7:b2:82:
f4:c3:0f:a6:d9:15:34:51:2b:09:b6:02:e8:b2:5c:
7e:b4:7a:9f:8b:25:49:01:f5:94:0f:00:a8:e2:6e:
2e:69:19:53:f3:52:7a:b3:5c:8d:11:05:72:7f:b9:
7b:4e:7a:d6:de:1a:36:6e:a6:6f:f9:bb:39:61:e8:
35:15:b2:72:65:93:f2:f8:10:6b:8d:21:92:17:7e:
ba:6a:ac:5b:d1:18:7f:70:d0:95:14:99:a2:0f:8f:
5d:92:af:c1:bd:e6:22:5d:7c:fe:b6:c2:f4:7e:cf:
56:4f:75:12:9b:86:68:26:e7:05:b9:1d:82:50:8c:
9c:7d:0e:ce:18:fd:6b:4b:ce:62:38:d3:bd:d1:32:
34:9d:33:00:ef:13:95:fc:07:54:ec:a2:a1:56:32:
2c:db:96:53:ab:95:1d:97:a3:31:2d:76:1e:9a:f6:
9e:bd:a8:5f:39:d3:ae:a7:f0:57:f8:71:cb:72:f8:
95:b6:ca:57:6b:7d:f7:37:e2:45:33:3f:5e:ae:ee:
90:30:56:84:18:ce:37:49:93:f9:63:4e:00:0f:1b:
73:08:28:ac:20:9c:bb:9f:46:6d:10:6e:bf:3b:e7:
b4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:B5:62:B2:DC:86:2D:EA:C4:B2:B0:A1:F7:3C:82:32:DE:3A:EA:61
X509v3 Authority Key Identifier:
keyid:3B:37:67:25:20:0D:8D:8C:00:CF:0F:75:14:AF:25:FF:36:23:10:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OzdnJSANjYwAzw91FK8l_zYjEPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:9d:5f:ce:ed:42:12:05:3b:b4:5d:43:a8:fe:af:9c:ff:36:
c5:4b:62:1e:16:3e:a8:59:1f:a6:86:6f:35:fb:bd:d9:97:a2:
9f:db:3f:9e:3b:f1:23:47:bb:ec:53:45:ed:92:19:40:d9:b8:
43:7c:df:a4:cb:79:3b:fa:82:17:31:08:d8:1e:64:9e:d4:6f:
94:29:bd:7c:4c:1d:b3:5d:90:97:d6:f7:de:66:d2:26:fa:03:
32:03:d7:e2:ae:49:c7:8f:60:40:14:f7:f9:0a:78:af:ac:e5:
09:ff:26:77:0e:2c:2e:0b:d1:11:a8:2c:e6:3d:13:db:c1:b9:
8e:d1:fe:42:da:02:96:2a:78:1b:89:d4:61:ef:8f:5e:9e:95:
ea:53:90:32:23:d3:46:1f:3d:16:d6:ee:5d:2f:ad:aa:8a:04:
a2:59:2c:07:8d:57:e8:ee:23:37:24:da:77:b2:6b:f8:28:a1:
6d:64:0b:dd:73:12:a4:88:cc:1b:a5:40:07:1d:2f:ea:32:e4:
49:79:16:c2:85:f1:b8:01:8e:de:4d:df:72:b3:55:e8:d0:15:
d4:45:df:5a:8e:cf:d8:3d:87:53:da:1c:7a:63:7b:ff:7b:e3:
50:58:2c:6a:97:1f:57:33:98:dc:30:a5:25:de:ae:29:82:1d:
0e:1d:f6:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9aNUN8La2/AM5QGhzzVdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMzc2NzI1MjAwZDhkOGMwMGNmMGY3NTE0YWYyNWZmMzYy
MzEwZjAwHhcNMjUxMTA0MTMwMTUyWhcNMjUxMTA1MTMwMTUyWjAzMTEwLwYDVQQD
EygwMmI1NjJiMmRjODYyZGVhYzRiMmIwYTFmNzNjODIzMmRlM2FlYTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nv7DWkuNP5OHtKnB8ndyYYSKW0z
MPhalxj3soL0ww+m2RU0USsJtgLoslx+tHqfiyVJAfWUDwCo4m4uaRlT81J6s1yN
EQVyf7l7TnrW3ho2bqZv+bs5Yeg1FbJyZZPy+BBrjSGSF366aqxb0Rh/cNCVFJmi
D49dkq/BveYiXXz+tsL0fs9WT3USm4ZoJucFuR2CUIycfQ7OGP1rS85iONO90TI0
nTMA7xOV/AdU7KKhVjIs25ZTq5Udl6MxLXYemvaevahfOdOup/BX+HHLcviVtspX
a333N+JFMz9eru6QMFaEGM43SZP5Y04ADxtzCCisIJy7n0ZtEG6/O+e0gQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAK1YrLchi3qxLKwofc8gjLeOuphMB8GA1UdIwQY
MBaAFDs3ZyUgDY2MAM8PdRSvJf82IxDwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3pkbkpTQU5qWXdBenc5MUZLOGxfellqRVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9lNTRhNjMtMzZiNC00Njg0LTkxNTkt
MjkyMDk4ZGEyZTM5LzEvT3pkbkpTQU5qWXdBenc5MUZLOGxfellqRVBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9lNTRhNjMtMzZiNC00Njg0LTkxNTktMjkyMDk4ZGEyZTM5
LzEvT3pkbkpTQU5qWXdBenc5MUZLOGxfellqRVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPZ1fzu1C
EgU7tF1DqP6vnP82xUtiHhY+qFkfpoZvNfu92Zein9s/njvxI0e77FNF7ZIZQNm4
Q3zfpMt5O/qCFzEI2B5kntRvlCm9fEwds12Ql9b33mbSJvoDMgPX4q5Jx49gQBT3
+Qp4r6zlCf8mdw4sLgvREags5j0T28G5jtH+QtoClip4G4nUYe+PXp6V6lOQMiPT
Rh89FtbuXS+tqooEolksB41X6O4jNyTad7Jr+CihbWQL3XMSpIjMG6VABx0v6jLk
SXkWwoXxuAGO3k3fcrNV6NAV1EXfWo7P2D2HU9ocemN7/3vjUFgsapcfVzOY3DCl
Jd6uKYIdDh32mQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:53:11 2025 by rpki-client