Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft
File: OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft (raw, json)
Hash identifier: 48qmbWKWaLnD5yZNy1UssMxyhmUTwINlA2Vi/nihysM=
Subject key identifier: 38:94:60:A4:C3:F3:73:2F:39:CC:5F:24:8E:1C:03:19:38:B4:D3:DB
Authority key identifier: 39:9D:C1:36:19:AA:BA:7F:22:2C:EA:CB:05:F1:BB:AC:59:BD:3A:9A
Certificate issuer: /CN=399dc13619aaba7f222ceacb05f1bbac59bd3a9a
Certificate serial: 019A4E189B2F2A20F61540C46E4271E766CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft
Manifest number: 0E8F
Signing time: Tue 04 Nov 2025 09:00:26 +0000
Manifest this update: Tue 04 Nov 2025 09:00:26 +0000
Manifest next update: Wed 05 Nov 2025 09:00:26 +0000
Files and hashes: 1: OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl (hash: f13M+4VZk09BaVjMJ9P4FIvomlmKrW7SQdyaHRR0bQs=)
2: m3UPJQ_Zh7wapyw5537rzzPo3os.roa (hash: EUy+4/7WXUAZtQJhe/6fh4vD4Ks9aUtYKkwAIbRuQrA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:9b:2f:2a:20:f6:15:40:c4:6e:42:71:e7:66:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=399dc13619aaba7f222ceacb05f1bbac59bd3a9a
Validity
Not Before: Nov 4 09:00:26 2025 GMT
Not After : Nov 5 09:00:26 2025 GMT
Subject: CN=389460a4c3f3732f39cc5f248e1c031938b4d3db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4f:a0:80:11:9e:ef:64:0c:4c:d1:0a:b8:8c:
11:9c:4e:b4:05:06:23:2f:2b:e1:f4:9b:cd:e8:29:
3e:94:44:4a:c9:cc:c8:b5:90:a0:1c:76:b2:a9:48:
33:c9:a3:71:8d:7b:b1:ef:11:5b:40:e7:cd:97:db:
c0:66:12:40:b3:30:ad:97:85:37:0b:90:a7:cb:0e:
79:c0:f0:1c:08:dd:ef:99:7f:3c:40:f3:e0:8f:61:
2e:2a:b6:85:08:ed:4e:68:6f:ba:0f:d8:01:e1:4b:
fc:c7:8e:12:e6:8e:cb:b0:80:a2:cd:d9:18:19:18:
42:5b:61:63:3e:dc:2e:5b:9a:de:49:f3:8d:7a:d1:
62:69:1c:d7:79:e2:db:a4:22:aa:76:ad:4b:bc:b2:
93:3f:dd:5c:a9:c2:4b:1c:e2:65:e2:66:b6:17:dc:
3a:98:5f:81:4e:29:53:48:62:90:db:12:d7:f2:a2:
5e:f5:8a:5a:16:2e:2c:1e:f1:c8:9b:0e:d6:d4:7d:
1c:58:ae:28:a0:bd:b4:15:fd:40:bb:3e:13:65:23:
fb:84:1e:2f:6a:3d:42:db:8e:37:e9:14:79:25:86:
29:ae:90:c9:25:f8:06:85:1c:f9:08:95:fe:23:40:
ef:db:25:69:6c:50:a4:89:4c:74:be:6c:ef:78:8e:
24:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:94:60:A4:C3:F3:73:2F:39:CC:5F:24:8E:1C:03:19:38:B4:D3:DB
X509v3 Authority Key Identifier:
keyid:39:9D:C1:36:19:AA:BA:7F:22:2C:EA:CB:05:F1:BB:AC:59:BD:3A:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b2:18:4a:cd:fa:15:72:53:5b:49:d1:16:1f:6e:c6:03:09:6c:
ef:b1:89:eb:b3:e0:74:7f:38:3c:11:21:cb:a6:cf:e7:33:b0:
a8:63:82:07:3a:4a:d3:69:2e:7b:47:b0:e0:b6:fd:4f:20:54:
9b:7c:40:c8:70:30:c3:84:03:62:60:46:ce:8e:4b:81:eb:e3:
73:ec:5d:0e:ca:b1:08:a6:6f:5c:9a:45:bb:bb:e2:0e:f4:1e:
1e:76:77:b7:02:66:dc:fc:36:3d:38:64:d6:c7:bb:f0:13:c4:
11:7c:8a:22:da:a7:34:08:5a:db:6e:5f:d4:24:7f:76:c2:f0:
8e:de:ed:6f:4f:3b:fe:85:21:75:c1:2c:94:0c:a7:cb:9e:45:
c8:85:c6:7e:5c:41:b4:dc:ac:bd:5c:73:e6:ca:a4:db:ed:be:
18:c8:99:ce:39:d5:3d:09:b1:ec:43:a2:ea:cb:c3:41:31:d3:
1d:19:30:ff:09:54:7d:89:57:56:2e:97:9a:89:65:aa:af:a3:
ae:6e:fb:39:8d:dc:41:4f:fd:08:96:15:8d:4e:50:96:d8:f7:
3b:37:cb:6e:27:44:3b:79:12:7f:b7:42:4b:9a:d3:97:07:02:
41:2d:52:10:35:d7:2b:da:5b:d1:56:b2:ba:59:04:02:e2:26:
97:78:05:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGJsvKiD2FUDEbkJx52bMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OWRjMTM2MTlhYWJhN2YyMjJjZWFjYjA1ZjFiYmFjNTli
ZDNhOWEwHhcNMjUxMTA0MDkwMDI2WhcNMjUxMTA1MDkwMDI2WjAzMTEwLwYDVQQD
EygzODk0NjBhNGMzZjM3MzJmMzljYzVmMjQ4ZTFjMDMxOTM4YjRkM2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0E+ggBGe72QMTNEKuIwRnE60BQYj
Lyvh9JvN6Ck+lERKyczItZCgHHayqUgzyaNxjXux7xFbQOfNl9vAZhJAszCtl4U3
C5Cnyw55wPAcCN3vmX88QPPgj2EuKraFCO1OaG+6D9gB4Uv8x44S5o7LsICizdkY
GRhCW2FjPtwuW5reSfONetFiaRzXeeLbpCKqdq1LvLKTP91cqcJLHOJl4ma2F9w6
mF+BTilTSGKQ2xLX8qJe9YpaFi4sHvHImw7W1H0cWK4ooL20Ff1Auz4TZSP7hB4v
aj1C24436RR5JYYprpDJJfgGhRz5CJX+I0Dv2yVpbFCkiUx0vmzveI4kwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDiUYKTD83MvOcxfJI4cAxk4tNPbMB8GA1UdIwQY
MBaAFDmdwTYZqrp/IizqywXxu6xZvTqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9lZmEyMjUtMTZkYy00ZjQzLWFhZTkt
MDAzMmZkYzU0NTBiLzEvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9lZmEyMjUtMTZkYy00ZjQzLWFhZTktMDAzMmZkYzU0NTBi
LzEvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAshhKzfoV
clNbSdEWH27GAwls77GJ67PgdH84PBEhy6bP5zOwqGOCBzpK02kue0ew4Lb9TyBU
m3xAyHAww4QDYmBGzo5Lgevjc+xdDsqxCKZvXJpFu7viDvQeHnZ3twJm3Pw2PThk
1se78BPEEXyKItqnNAha225f1CR/dsLwjt7tb087/oUhdcEslAyny55FyIXGflxB
tNysvVxz5sqk2+2+GMiZzjnVPQmx7EOi6svDQTHTHRkw/wlUfYlXVi6Xmollqq+j
rm77OY3cQU/9CJYVjU5Qltj3OzfLbidEO3kSf7dCS5rTlwcCQS1SEDXXK9pb0Vay
ulkEAuIml3gFtQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:19:53 2025 by rpki-client