Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/9ab4c9-0c10-4671-bdd4-730fcd0e5dca/1/OPI3mLZzk-QDnj-VVeIU1nN8E1E.mft
File: OPI3mLZzk-QDnj-VVeIU1nN8E1E.mft (raw, json)
Hash identifier: 0Y2O609WqHDpm1s+dda7cqS6D5N+eFHg6khn1cq7dv8=
Subject key identifier: 1C:7B:44:46:BE:C3:9E:A2:F0:41:5E:CB:22:C2:77:0C:2B:9E:99:AC
Authority key identifier: 38:F2:37:98:B6:73:93:E4:03:9E:3F:95:55:E2:14:D6:73:7C:13:51
Certificate issuer: /CN=38f23798b67393e4039e3f9555e214d6737c1351
Certificate serial: 019A4E4FAFEAEE30F3B7CF2F7C06D948B0BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OPI3mLZzk-QDnj-VVeIU1nN8E1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/9ab4c9-0c10-4671-bdd4-730fcd0e5dca/1/OPI3mLZzk-QDnj-VVeIU1nN8E1E.mft
Manifest number: 170F
Signing time: Tue 04 Nov 2025 10:00:36 +0000
Manifest this update: Tue 04 Nov 2025 10:00:36 +0000
Manifest next update: Wed 05 Nov 2025 10:00:36 +0000
Files and hashes: 1: OPI3mLZzk-QDnj-VVeIU1nN8E1E.crl (hash: luVUu4DDg+4L+jlyhDd2drLUm8nCrDp90pmHFEQfQBU=)
2: Vpoq5ZpSGDP-ZXCmZlKnhArAK_Q.roa (hash: 38YyvusiUhw1DBRUCOnZouY1Y0JBlQCEkMbtx6PZeK4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/9ab4c9-0c10-4671-bdd4-730fcd0e5dca/1/OPI3mLZzk-QDnj-VVeIU1nN8E1E.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/9ab4c9-0c10-4671-bdd4-730fcd0e5dca/1/OPI3mLZzk-QDnj-VVeIU1nN8E1E.mft
rsync://rpki.ripe.net/repository/DEFAULT/OPI3mLZzk-QDnj-VVeIU1nN8E1E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:4f:af:ea:ee:30:f3:b7:cf:2f:7c:06:d9:48:b0:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38f23798b67393e4039e3f9555e214d6737c1351
Validity
Not Before: Nov 4 10:00:36 2025 GMT
Not After : Nov 5 10:00:36 2025 GMT
Subject: CN=1c7b4446bec39ea2f0415ecb22c2770c2b9e99ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:be:af:a1:dc:9f:e7:d3:10:e7:95:5a:db:86:
0c:e4:f8:bf:cf:2b:47:96:96:da:a3:1d:03:86:fd:
9f:04:9b:9d:9a:ac:45:06:dc:f4:7a:11:b4:49:51:
a2:bf:b1:76:06:53:e0:90:28:98:6f:63:33:72:70:
c4:b2:04:64:67:30:da:78:77:de:ea:df:85:42:a8:
13:d1:25:6d:fd:c8:20:c6:29:0a:07:ae:e9:26:ec:
43:5c:07:26:9a:2a:6c:41:a5:07:cd:7c:f3:0f:25:
55:1b:bd:6e:12:a1:67:59:37:d1:09:86:07:f8:6f:
eb:f2:93:3d:d6:66:71:24:49:14:b4:41:4a:aa:10:
cb:fc:10:4c:20:97:02:c2:46:51:d1:d5:7e:24:60:
78:3c:aa:94:60:bf:af:0a:b3:0f:c8:f2:63:40:d9:
4c:83:7c:47:a5:a7:0f:b8:6e:8e:6a:67:c6:56:71:
e1:a9:1d:56:54:ce:1b:f6:4d:08:ae:c0:27:84:d3:
1d:1f:9c:8b:7e:cb:bb:16:0c:25:18:6a:12:d3:cf:
9c:db:80:02:3f:9e:0e:e8:6d:5c:85:9f:bd:35:c4:
d3:a5:5f:e1:cb:e6:c0:3d:ed:30:f1:d2:03:76:01:
26:30:bc:8a:58:3d:33:1b:2f:da:02:e9:86:b8:20:
dd:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:7B:44:46:BE:C3:9E:A2:F0:41:5E:CB:22:C2:77:0C:2B:9E:99:AC
X509v3 Authority Key Identifier:
keyid:38:F2:37:98:B6:73:93:E4:03:9E:3F:95:55:E2:14:D6:73:7C:13:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPI3mLZzk-QDnj-VVeIU1nN8E1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/9ab4c9-0c10-4671-bdd4-730fcd0e5dca/1/OPI3mLZzk-QDnj-VVeIU1nN8E1E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/9ab4c9-0c10-4671-bdd4-730fcd0e5dca/1/OPI3mLZzk-QDnj-VVeIU1nN8E1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:72:f6:e2:25:da:e6:4c:a4:e7:f2:bd:fa:11:32:2c:f2:32:
91:52:c4:8e:08:a2:da:08:5c:a9:76:a9:b6:11:29:86:b0:4f:
e8:b9:1d:21:67:73:4b:bb:8e:e4:08:bc:d3:f1:ad:f7:55:5a:
8a:be:71:82:ec:98:46:32:4c:c2:ba:d5:30:64:11:7b:0c:1d:
25:1c:cb:10:e8:e6:df:66:0d:95:b3:63:a2:25:d8:2d:71:71:
33:35:72:b2:b2:70:db:74:80:46:7c:81:5d:aa:93:33:61:30:
18:4a:6e:cb:5e:c7:6b:29:f7:ad:e5:5f:6f:43:f0:8c:7c:b5:
01:1a:af:9a:d5:4d:f5:45:0b:4e:11:ea:75:52:c1:90:14:24:
78:07:9f:ce:c9:e1:7a:28:f7:06:e7:9b:92:37:80:13:a8:eb:
6e:8a:53:15:df:b6:2f:a7:a6:20:16:8b:b1:5d:85:76:cd:a7:
bb:94:c8:27:d8:58:3a:f3:3c:56:ea:54:05:7e:6c:0c:b4:78:
46:fc:02:ba:84:16:4d:ab:4b:57:2b:52:65:d1:66:f5:7e:64:
1e:52:d3:02:a2:b8:a6:87:0e:56:27:2f:ae:75:4b:8d:dc:d6:
e0:80:fc:22:2c:3c:32:28:1f:99:77:c3:eb:44:c8:91:99:18:
a7:2e:50:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT6/q7jDzt88vfAbZSLC+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZjIzNzk4YjY3MzkzZTQwMzllM2Y5NTU1ZTIxNGQ2NzM3
YzEzNTEwHhcNMjUxMTA0MTAwMDM2WhcNMjUxMTA1MTAwMDM2WjAzMTEwLwYDVQQD
EygxYzdiNDQ0NmJlYzM5ZWEyZjA0MTVlY2IyMmMyNzcwYzJiOWU5OWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvL6vodyf59MQ55Va24YM5Pi/zytH
lpbaox0Dhv2fBJudmqxFBtz0ehG0SVGiv7F2BlPgkCiYb2MzcnDEsgRkZzDaeHfe
6t+FQqgT0SVt/cggxikKB67pJuxDXAcmmipsQaUHzXzzDyVVG71uEqFnWTfRCYYH
+G/r8pM91mZxJEkUtEFKqhDL/BBMIJcCwkZR0dV+JGB4PKqUYL+vCrMPyPJjQNlM
g3xHpacPuG6OamfGVnHhqR1WVM4b9k0IrsAnhNMdH5yLfsu7FgwlGGoS08+c24AC
P54O6G1chZ+9NcTTpV/hy+bAPe0w8dIDdgEmMLyKWD0zGy/aAumGuCDdpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBx7REa+w56i8EFeyyLCdwwrnpmsMB8GA1UdIwQY
MBaAFDjyN5i2c5PkA54/lVXiFNZzfBNRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1BJM21MWnprLVFEbmotVlZlSVUxbk44RTFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy85YWI0YzktMGMxMC00NjcxLWJkZDQt
NzMwZmNkMGU1ZGNhLzEvT1BJM21MWnprLVFEbmotVlZlSVUxbk44RTFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy85YWI0YzktMGMxMC00NjcxLWJkZDQtNzMwZmNkMGU1ZGNh
LzEvT1BJM21MWnprLVFEbmotVlZlSVUxbk44RTFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADXL24iXa
5kyk5/K9+hEyLPIykVLEjgii2ghcqXapthEphrBP6LkdIWdzS7uO5Ai80/Gt91Va
ir5xguyYRjJMwrrVMGQRewwdJRzLEOjm32YNlbNjoiXYLXFxMzVysrJw23SARnyB
XaqTM2EwGEpuy17Hayn3reVfb0PwjHy1ARqvmtVN9UULThHqdVLBkBQkeAefzsnh
eij3BuebkjeAE6jrbopTFd+2L6emIBaLsV2Fds2nu5TIJ9hYOvM8VupUBX5sDLR4
RvwCuoQWTatLVytSZdFm9X5kHlLTAqK4pocOVicvrnVLjdzW4ID8Iiw8MigfmXfD
60TIkZkYpy5Q/g==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:09:34 2025 by rpki-client