Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
File: OpL12TZ1K68tDfcTKZSZzs-p9I0.mft (raw, json)
Hash identifier: tFAHxjshCrF4JfE85EGZfi80u/A22GDQ0jtnZ0IJ+mE=
Subject key identifier: DC:7E:DE:62:C6:65:87:41:FC:39:A6:98:FE:47:34:39:F3:23:97:D9
Authority key identifier: 3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
Certificate issuer: /CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Certificate serial: 019A51F58627CA40AC889C2C31B6FDE63057
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
Manifest number: 1715
Signing time: Wed 05 Nov 2025 03:00:36 +0000
Manifest this update: Wed 05 Nov 2025 03:00:36 +0000
Manifest next update: Thu 06 Nov 2025 03:00:36 +0000
Files and hashes: 1: NJaotZFnvbCZC6dKCr_vEzEYn6M.roa (hash: dqeYK6phWm8PSJhw0mmBUevUz1KleMZYBxhoQuo4/mw=)
2: OpL12TZ1K68tDfcTKZSZzs-p9I0.crl (hash: ZLO0vOtmHgmTZW2anL/rml7rLruVtKLZtDcwUel/TeQ=)
3: abyvfDmy4Q3zVDJIfxfSkrtZdLo.roa (hash: IZm94vPLNr133XeI56Dl5DQUBKwgG1pbFRgf8ws+6Pw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:f5:86:27:ca:40:ac:88:9c:2c:31:b6:fd:e6:30:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Validity
Not Before: Nov 5 03:00:36 2025 GMT
Not After : Nov 6 03:00:36 2025 GMT
Subject: CN=dc7ede62c6658741fc39a698fe473439f32397d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f5:3d:68:de:8e:39:4f:20:9d:12:59:37:46:
47:8f:bc:96:15:93:96:06:24:d0:be:96:8f:35:7a:
22:82:63:a6:75:33:7d:43:fe:16:e3:7b:ab:69:73:
89:c0:d0:a6:25:c4:f6:12:49:65:c8:e5:fa:07:eb:
b0:42:87:1f:e0:11:8e:5d:de:fc:7f:52:1d:e3:66:
d4:a9:bb:af:3b:e3:d3:8f:44:7a:83:66:9b:4a:68:
15:cb:46:58:d2:02:79:33:5c:97:f4:d6:98:43:a1:
d6:50:41:35:54:1a:01:95:ed:ca:b1:74:78:69:ac:
f0:e9:e2:52:d2:e8:55:0d:ef:81:37:55:3d:61:04:
75:61:65:40:74:27:b1:a1:2a:44:a8:e6:98:b7:d9:
52:62:e7:f0:53:50:d3:4b:5b:02:e7:17:28:88:c9:
e8:80:c3:4c:2f:b4:73:04:f0:5d:36:63:93:0a:c4:
c2:ad:60:e3:b5:f0:ce:4d:04:7a:10:95:3f:5d:d1:
50:47:4f:6b:d5:8b:83:d4:2b:ed:1e:12:77:db:24:
57:62:f1:df:24:92:fb:00:bc:29:9a:31:82:90:04:
49:c7:fe:5f:1c:90:e8:28:61:e2:a2:6c:75:93:72:
66:52:2a:82:52:14:ec:55:37:40:33:f2:7b:e8:16:
75:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:7E:DE:62:C6:65:87:41:FC:39:A6:98:FE:47:34:39:F3:23:97:D9
X509v3 Authority Key Identifier:
keyid:3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:60:75:c9:8c:65:89:bb:df:96:53:1c:76:84:69:a2:11:7f:
10:24:c4:eb:5e:18:b4:5f:96:93:f7:4e:92:a8:07:37:01:f0:
4e:12:96:65:ce:ae:1e:35:d9:26:d3:30:f6:19:4c:61:02:f0:
60:30:e4:49:b7:c1:dd:7c:07:d7:7e:83:f7:eb:2e:3b:55:6a:
7d:4b:fd:11:45:96:0e:36:cc:50:1f:1c:5b:e4:ec:73:be:18:
f0:01:c7:85:0e:28:79:43:ad:47:72:2f:75:92:2c:6d:8a:4d:
ec:d8:f9:7d:d9:4a:84:cb:f0:95:6b:57:4f:dc:a2:81:78:08:
34:7b:7f:bf:e9:0d:eb:73:24:d2:d6:4e:69:0b:e4:6f:b3:e4:
8f:a7:74:a6:38:20:6b:bc:ed:f3:c5:0c:e7:5a:4e:53:87:64:
0d:05:61:2b:28:a5:0f:2f:53:db:3f:c5:8e:6d:72:95:c6:ae:
36:65:e5:f2:c1:16:f2:95:29:67:47:8c:f8:9c:68:66:1a:2d:
8d:f6:43:7d:a0:a3:54:a7:b8:10:81:17:e5:1c:e3:09:5f:09:
95:b2:ba:31:08:af:cf:d9:2c:ad:4e:7b:73:a7:f5:c0:42:d1:
f4:fd:78:f8:98:e2:9a:b2:60:6f:c8:0c:b9:40:02:46:a5:12:
ac:b9:b4:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpR9YYnykCsiJwsMbb95jBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOTJmNWQ5MzY3NTJiYWYyZDBkZjcxMzI5OTQ5OWNlY2Zh
OWY0OGQwHhcNMjUxMTA1MDMwMDM2WhcNMjUxMTA2MDMwMDM2WjAzMTEwLwYDVQQD
EyhkYzdlZGU2MmM2NjU4NzQxZmMzOWE2OThmZTQ3MzQzOWYzMjM5N2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPU9aN6OOU8gnRJZN0ZHj7yWFZOW
BiTQvpaPNXoigmOmdTN9Q/4W43uraXOJwNCmJcT2EkllyOX6B+uwQocf4BGOXd78
f1Id42bUqbuvO+PTj0R6g2abSmgVy0ZY0gJ5M1yX9NaYQ6HWUEE1VBoBle3KsXR4
aazw6eJS0uhVDe+BN1U9YQR1YWVAdCexoSpEqOaYt9lSYufwU1DTS1sC5xcoiMno
gMNML7RzBPBdNmOTCsTCrWDjtfDOTQR6EJU/XdFQR09r1YuD1CvtHhJ32yRXYvHf
JJL7ALwpmjGCkARJx/5fHJDoKGHiomx1k3JmUiqCUhTsVTdAM/J76BZ1ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNx+3mLGZYdB/DmmmP5HNDnzI5fZMB8GA1UdIwQY
MBaAFDqS9dk2dSuvLQ33EymUmc7PqfSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTIt
MTY5NmIyNDZjZDUwLzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTItMTY5NmIyNDZjZDUw
LzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABGB1yYxl
ibvfllMcdoRpohF/ECTE614YtF+Wk/dOkqgHNwHwThKWZc6uHjXZJtMw9hlMYQLw
YDDkSbfB3XwH136D9+suO1VqfUv9EUWWDjbMUB8cW+Tsc74Y8AHHhQ4oeUOtR3Iv
dZIsbYpN7Nj5fdlKhMvwlWtXT9yigXgINHt/v+kN63Mk0tZOaQvkb7Pkj6d0pjgg
a7zt88UM51pOU4dkDQVhKyilDy9T2z/Fjm1ylcauNmXl8sEW8pUpZ0eM+JxoZhot
jfZDfaCjVKe4EIEX5RzjCV8JlbK6MQivz9ksrU57c6f1wELR9P14+JjimrJgb8gM
uUACRqUSrLm0Tw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:03:11 2025 by rpki-client