Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft
File: oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft (raw, json)
Hash identifier: cOAkM+4Y1V9G4gixa1+aIGcCA1tVqHWLjE2APlZbQfI=
Subject key identifier: 89:0E:B6:47:DC:2F:13:E1:B3:22:67:10:F5:F4:53:64:B8:52:B2:35
Authority key identifier: A2:20:DD:A6:48:43:A4:EE:36:4B:08:93:56:CA:87:99:58:30:FD:77
Certificate issuer: /CN=a220dda64843a4ee364b089356ca87995830fd77
Certificate serial: 019A54BF96550A92317F41FC7B61BCE32BCA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oiDdpkhDpO42SwiTVsqHmVgw_Xc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft
Manifest number: 0E37
Signing time: Wed 05 Nov 2025 16:00:33 +0000
Manifest this update: Wed 05 Nov 2025 16:00:33 +0000
Manifest next update: Thu 06 Nov 2025 16:00:33 +0000
Files and hashes: 1: f3Wn9TOfcfxB3VYXWanqfMC6WRI.roa (hash: CJSEzeKkH+A8u48zVCzb/MrI7FvV/Beze1CPp3UTLZU=)
2: oiDdpkhDpO42SwiTVsqHmVgw_Xc.crl (hash: /Upd5qfgAdqXrdhXAzzRucwOQLbI5tPHVMEYs3K+JG0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft
rsync://rpki.ripe.net/repository/DEFAULT/oiDdpkhDpO42SwiTVsqHmVgw_Xc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:bf:96:55:0a:92:31:7f:41:fc:7b:61:bc:e3:2b:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a220dda64843a4ee364b089356ca87995830fd77
Validity
Not Before: Nov 5 16:00:33 2025 GMT
Not After : Nov 6 16:00:33 2025 GMT
Subject: CN=890eb647dc2f13e1b3226710f5f45364b852b235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:0c:22:12:b2:99:ab:f8:4c:a2:8b:34:36:dc:
6f:70:4e:5f:2a:2c:c4:5c:33:83:f0:0b:35:dd:62:
a7:3a:4b:65:dd:21:61:3e:05:56:d0:45:7b:c1:e9:
c4:47:13:3a:d5:c1:69:12:de:ff:ec:d9:bf:71:d7:
4d:05:6a:87:15:8a:0f:14:ed:9e:de:e7:46:a1:db:
5a:e4:38:8b:be:cf:c4:49:96:80:08:6e:1d:7b:1a:
6a:18:8f:95:e8:42:e2:73:3e:30:2e:b8:ee:81:fd:
d4:25:6f:67:1c:25:5e:64:3a:e8:94:3d:b2:3a:ac:
73:83:47:2b:a8:1b:3c:5b:63:d0:78:54:38:e1:49:
88:35:e6:13:0d:b3:b2:36:2c:18:09:ee:20:b4:9a:
28:cc:7e:f5:64:60:a6:8e:bf:a6:12:8d:87:74:22:
56:d5:89:63:75:f9:6c:51:2f:c0:9b:be:f9:78:34:
40:28:02:00:43:26:84:94:53:95:c2:12:cf:75:d3:
96:de:05:4c:1b:ef:92:25:c2:fb:a4:00:f8:a9:04:
6d:ed:87:3e:90:5f:87:9f:3a:33:d9:d6:88:6c:ff:
b0:dc:b1:5c:6a:ab:ec:90:55:7d:35:52:bf:02:34:
ee:79:9b:70:1d:41:0f:ff:93:c3:0d:9c:ca:92:c9:
ea:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0E:B6:47:DC:2F:13:E1:B3:22:67:10:F5:F4:53:64:B8:52:B2:35
X509v3 Authority Key Identifier:
keyid:A2:20:DD:A6:48:43:A4:EE:36:4B:08:93:56:CA:87:99:58:30:FD:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oiDdpkhDpO42SwiTVsqHmVgw_Xc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:62:44:9a:f5:c1:9f:34:7b:da:24:3d:45:95:76:5f:2f:fe:
7b:55:c1:39:ab:eb:14:e7:c3:c0:26:e9:0d:84:95:d7:f8:f7:
27:cc:2f:cd:1b:b9:24:87:c9:e9:02:a8:30:8b:7c:89:1f:e2:
c1:30:bf:7f:ae:a6:5d:6b:44:22:2e:c7:98:4e:d0:05:b1:c3:
c3:80:4c:f0:de:1d:69:3b:1c:77:f5:70:da:9f:a8:2e:33:1a:
3b:ab:99:f2:e3:5b:a1:ae:e2:ae:ac:14:8e:14:13:73:a7:a5:
87:b8:ee:2b:23:2d:95:d1:c6:e1:b4:8e:52:6d:0a:b5:65:d4:
69:6d:40:f6:81:e1:3f:01:0c:d5:5f:c1:4b:54:ac:25:99:7a:
64:59:b0:8c:84:a2:e4:e8:fe:14:a0:5d:76:1f:51:57:31:15:
8a:71:f9:bb:bb:6f:7a:a8:b9:55:98:95:a9:96:82:ad:5a:46:
85:2e:b2:25:95:e3:71:fa:09:38:cd:a4:c9:a8:fb:e8:5d:c3:
3d:a0:84:fa:dc:cc:3a:95:e1:e7:4b:6a:b1:3e:ac:e1:de:bb:
bf:f5:60:ff:3a:61:42:27:70:f2:ea:df:80:a1:5b:9f:59:9f:
cb:30:71:f3:3e:16:5b:32:77:70:f2:b1:aa:d3:47:24:3a:42:
ce:78:1b:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUv5ZVCpIxf0H8e2G84yvKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMjBkZGE2NDg0M2E0ZWUzNjRiMDg5MzU2Y2E4Nzk5NTgz
MGZkNzcwHhcNMjUxMTA1MTYwMDMzWhcNMjUxMTA2MTYwMDMzWjAzMTEwLwYDVQQD
Eyg4OTBlYjY0N2RjMmYxM2UxYjMyMjY3MTBmNWY0NTM2NGI4NTJiMjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wwiErKZq/hMoos0NtxvcE5fKizE
XDOD8As13WKnOktl3SFhPgVW0EV7wenERxM61cFpEt7/7Nm/cddNBWqHFYoPFO2e
3udGodta5DiLvs/ESZaACG4dexpqGI+V6ELicz4wLrjugf3UJW9nHCVeZDrolD2y
Oqxzg0crqBs8W2PQeFQ44UmINeYTDbOyNiwYCe4gtJoozH71ZGCmjr+mEo2HdCJW
1YljdflsUS/Am775eDRAKAIAQyaElFOVwhLPddOW3gVMG++SJcL7pAD4qQRt7Yc+
kF+Hnzoz2daIbP+w3LFcaqvskFV9NVK/AjTueZtwHUEP/5PDDZzKksnqowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIkOtkfcLxPhsyJnEPX0U2S4UrI1MB8GA1UdIwQY
MBaAFKIg3aZIQ6TuNksIk1bKh5lYMP13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mZmE2ZDQtNTA4OS00NWE3LWEzOGYt
ZjVmODE0NTY1MWQzLzEvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mZmE2ZDQtNTA4OS00NWE3LWEzOGYtZjVmODE0NTY1MWQz
LzEvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbmJEmvXB
nzR72iQ9RZV2Xy/+e1XBOavrFOfDwCbpDYSV1/j3J8wvzRu5JIfJ6QKoMIt8iR/i
wTC/f66mXWtEIi7HmE7QBbHDw4BM8N4daTscd/Vw2p+oLjMaO6uZ8uNboa7irqwU
jhQTc6elh7juKyMtldHG4bSOUm0KtWXUaW1A9oHhPwEM1V/BS1SsJZl6ZFmwjISi
5Oj+FKBddh9RVzEVinH5u7tveqi5VZiVqZaCrVpGhS6yJZXjcfoJOM2kyaj76F3D
PaCE+tzMOpXh50tqsT6s4d67v/Vg/zphQidw8urfgKFbn1mfyzBx8z4WWzJ3cPKx
qtNHJDpCzngbtg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 19:44:46 2025 by rpki-client