Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/78fea9-efac-4983-ac2b-df45054dd934/1/O9VD0EZeovb-uCjxhQSwP0A6xmk.mft
File: O9VD0EZeovb-uCjxhQSwP0A6xmk.mft (raw, json)
Hash identifier: Lor+zMj7XsAp6cS8G4TJD4gHNwG2uz/UOFJ9+GRvUz0=
Subject key identifier: 0F:95:13:60:AA:E8:E9:7C:D3:0D:5C:5E:0B:2C:1A:57:A1:4E:68:CE
Authority key identifier: 3B:D5:43:D0:46:5E:A2:F6:FE:B8:28:F1:85:04:B0:3F:40:3A:C6:69
Certificate issuer: /CN=3bd543d0465ea2f6feb828f18504b03f403ac669
Certificate serial: 019A4EF55EAC0A488C411625316B8073D1E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9VD0EZeovb-uCjxhQSwP0A6xmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/78fea9-efac-4983-ac2b-df45054dd934/1/O9VD0EZeovb-uCjxhQSwP0A6xmk.mft
Manifest number: 1147
Signing time: Tue 04 Nov 2025 13:01:34 +0000
Manifest this update: Tue 04 Nov 2025 13:01:34 +0000
Manifest next update: Wed 05 Nov 2025 13:01:34 +0000
Files and hashes: 1: O9VD0EZeovb-uCjxhQSwP0A6xmk.crl (hash: whQu23965NCMUOxudtsxug+qLgbfGKcjdApDwSe4O+A=)
2: x4WRkvTk4Qfvxow9VzZXx3rDXCk.roa (hash: RyOgBcFttRpc6DEmQeaGYO0tOWZlEQp1Uhl8vvwB5VE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/78fea9-efac-4983-ac2b-df45054dd934/1/O9VD0EZeovb-uCjxhQSwP0A6xmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/78fea9-efac-4983-ac2b-df45054dd934/1/O9VD0EZeovb-uCjxhQSwP0A6xmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O9VD0EZeovb-uCjxhQSwP0A6xmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:5e:ac:0a:48:8c:41:16:25:31:6b:80:73:d1:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bd543d0465ea2f6feb828f18504b03f403ac669
Validity
Not Before: Nov 4 13:01:34 2025 GMT
Not After : Nov 5 13:01:34 2025 GMT
Subject: CN=0f951360aae8e97cd30d5c5e0b2c1a57a14e68ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ed:20:e4:bf:7b:c0:13:fe:79:04:cb:54:32:
93:dd:a5:64:01:77:2e:fe:68:de:be:51:01:a7:ec:
ed:df:69:da:54:d4:74:4a:89:d1:b0:79:7e:d3:24:
d6:56:95:21:c2:fb:da:9e:70:0e:cf:23:39:36:c8:
dc:88:06:f7:86:4a:d3:49:25:b6:f2:48:1b:53:82:
cc:f1:22:23:88:e4:ef:3b:be:83:b7:ca:d6:4e:5c:
80:82:8e:7b:44:08:ea:86:37:fe:be:38:7b:0b:af:
0f:d2:d3:0c:d7:b1:30:86:0f:47:b0:0f:af:2e:b8:
f1:5a:db:82:93:9e:74:c9:b4:6a:8d:d9:31:2e:5c:
e8:65:a0:af:9d:10:53:3a:0d:99:b5:bd:39:ac:99:
d6:8f:56:4d:61:46:4d:a8:17:15:30:2c:55:a7:4b:
da:e1:5f:bc:1e:2d:35:76:d4:97:65:28:39:45:cf:
43:37:94:fe:a4:e7:f6:2e:7c:1b:7b:ed:a9:1f:bb:
13:48:f6:cd:5a:aa:64:1f:f3:47:7b:b8:9c:05:bd:
f3:a7:d0:49:a2:21:50:2a:bb:fd:24:2e:d5:3f:48:
f3:92:76:0b:f6:75:33:e3:57:af:c8:e4:28:43:d1:
67:5b:5f:e8:9d:2a:3a:38:6f:a7:4f:99:c3:2b:71:
76:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:95:13:60:AA:E8:E9:7C:D3:0D:5C:5E:0B:2C:1A:57:A1:4E:68:CE
X509v3 Authority Key Identifier:
keyid:3B:D5:43:D0:46:5E:A2:F6:FE:B8:28:F1:85:04:B0:3F:40:3A:C6:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9VD0EZeovb-uCjxhQSwP0A6xmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/78fea9-efac-4983-ac2b-df45054dd934/1/O9VD0EZeovb-uCjxhQSwP0A6xmk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/78fea9-efac-4983-ac2b-df45054dd934/1/O9VD0EZeovb-uCjxhQSwP0A6xmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:40:26:30:a7:56:8a:e2:f6:a0:53:3b:a2:8b:8c:4b:27:60:
42:a8:dd:a5:df:86:1b:21:88:4d:e6:77:bc:05:11:43:85:54:
88:d4:93:e7:ea:bc:ed:cd:d2:11:c6:cd:86:0f:15:87:06:5d:
9e:25:17:06:06:43:08:01:47:f0:44:f4:06:c6:c9:1f:50:37:
6a:10:3d:af:fc:05:c1:94:e2:be:05:40:09:c8:52:ef:03:4e:
26:23:87:80:b4:7c:56:43:0d:45:c8:02:e7:af:20:2d:2b:3c:
67:e7:d3:54:11:4e:8c:32:9d:4b:e4:cf:b3:59:ca:7c:d3:cf:
15:6a:e4:42:d0:82:f4:0e:29:50:8c:de:ba:2e:f6:6b:b7:f0:
99:5a:28:6b:36:46:de:18:d7:71:b0:98:12:56:b5:12:3b:1a:
0c:2c:49:a4:27:a2:65:30:b2:06:b1:53:c7:94:dd:aa:2f:26:
b8:4b:ff:8a:23:4b:89:82:82:8d:fe:92:04:c2:10:d7:d4:59:
0e:9a:88:bb:2b:be:eb:cd:55:3c:ad:8d:e7:77:25:5a:37:62:
b8:8a:b8:38:98:26:94:d0:1f:66:7a:0b:83:89:fb:83:04:d2:
b1:2c:34:3b:f6:69:83:60:9f:72:2b:87:21:97:08:f7:64:f8:
3d:1f:9f:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9V6sCkiMQRYlMWuAc9HlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZDU0M2QwNDY1ZWEyZjZmZWI4MjhmMTg1MDRiMDNmNDAz
YWM2NjkwHhcNMjUxMTA0MTMwMTM0WhcNMjUxMTA1MTMwMTM0WjAzMTEwLwYDVQQD
EygwZjk1MTM2MGFhZThlOTdjZDMwZDVjNWUwYjJjMWE1N2ExNGU2OGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxe0g5L97wBP+eQTLVDKT3aVkAXcu
/mjevlEBp+zt32naVNR0SonRsHl+0yTWVpUhwvvannAOzyM5NsjciAb3hkrTSSW2
8kgbU4LM8SIjiOTvO76Dt8rWTlyAgo57RAjqhjf+vjh7C68P0tMM17Ewhg9HsA+v
LrjxWtuCk550ybRqjdkxLlzoZaCvnRBTOg2Ztb05rJnWj1ZNYUZNqBcVMCxVp0va
4V+8Hi01dtSXZSg5Rc9DN5T+pOf2Lnwbe+2pH7sTSPbNWqpkH/NHe7icBb3zp9BJ
oiFQKrv9JC7VP0jzknYL9nUz41evyOQoQ9FnW1/onSo6OG+nT5nDK3F2xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+VE2Cq6Ol80w1cXgssGlehTmjOMB8GA1UdIwQY
MBaAFDvVQ9BGXqL2/rgo8YUEsD9AOsZpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzlWRDBFWmVvdmItdUNqeGhRU3dQMEE2eG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83OGZlYTktZWZhYy00OTgzLWFjMmIt
ZGY0NTA1NGRkOTM0LzEvTzlWRDBFWmVvdmItdUNqeGhRU3dQMEE2eG1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83OGZlYTktZWZhYy00OTgzLWFjMmItZGY0NTA1NGRkOTM0
LzEvTzlWRDBFWmVvdmItdUNqeGhRU3dQMEE2eG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAkAmMKdW
iuL2oFM7oouMSydgQqjdpd+GGyGITeZ3vAURQ4VUiNST5+q87c3SEcbNhg8VhwZd
niUXBgZDCAFH8ET0BsbJH1A3ahA9r/wFwZTivgVACchS7wNOJiOHgLR8VkMNRcgC
568gLSs8Z+fTVBFOjDKdS+TPs1nKfNPPFWrkQtCC9A4pUIzeui72a7fwmVooazZG
3hjXcbCYEla1EjsaDCxJpCeiZTCyBrFTx5Tdqi8muEv/iiNLiYKCjf6SBMIQ19RZ
DpqIuyu+681VPK2N53clWjdiuIq4OJgmlNAfZnoLg4n7gwTSsSw0O/Zpg2CfciuH
IZcI92T4PR+fzg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:12:20 2025 by rpki-client