Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
File: 1ots-3IKfJKhgMphS9sO2h8evp0.mft (raw, json)
Hash identifier: saEDD3NfuklJJpRdY2dSEX83rTGKhO+rodkbP/PEJlc=
Subject key identifier: 22:7E:AA:74:5F:6F:B9:01:D3:C0:80:DB:95:25:BF:EB:4C:B8:52:50
Authority key identifier: D6:8B:6C:FB:72:0A:7C:92:A1:80:CA:61:4B:DB:0E:DA:1F:1E:BE:9D
Certificate issuer: /CN=d68b6cfb720a7c92a180ca614bdb0eda1f1ebe9d
Certificate serial: 019A4D3D1F59EF07154797B567DB39090B93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
Manifest number: 0D0B
Signing time: Tue 04 Nov 2025 05:00:42 +0000
Manifest this update: Tue 04 Nov 2025 05:00:42 +0000
Manifest next update: Wed 05 Nov 2025 05:00:42 +0000
Files and hashes: 1: 1ots-3IKfJKhgMphS9sO2h8evp0.crl (hash: twNhKL7PjAhTbzzSSb63QBRG8FuXVSHbRsDHe82HYbw=)
2: iN4kY7sCfzKOl-coUiFvOhD6wg4.roa (hash: ZI3B1VaDQ0JfOlPoqiW79rOHU3ymg8mbnEbUM636Uvw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:3d:1f:59:ef:07:15:47:97:b5:67:db:39:09:0b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d68b6cfb720a7c92a180ca614bdb0eda1f1ebe9d
Validity
Not Before: Nov 4 05:00:42 2025 GMT
Not After : Nov 5 05:00:42 2025 GMT
Subject: CN=227eaa745f6fb901d3c080db9525bfeb4cb85250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fd:2b:e7:a5:47:bd:4d:ad:f9:54:f2:cd:c1:
2d:b7:af:81:ef:45:69:18:80:7f:4c:79:41:a5:43:
b1:44:0f:59:20:18:f7:92:5c:64:cf:bc:61:f4:55:
5a:0d:9b:b6:7d:2e:24:cb:ae:cc:44:a6:8e:31:f9:
cc:c1:62:1a:3a:67:c3:5b:c6:10:22:42:46:de:e6:
2f:f5:33:37:13:2b:f9:40:49:e6:f4:2d:f6:13:83:
ce:72:b2:b6:b8:ea:13:34:fb:72:a0:b9:c5:20:1e:
36:33:d1:19:54:55:8b:95:8a:47:a5:65:27:09:d0:
71:4d:11:3c:54:23:ea:90:44:b6:ae:70:9e:cb:14:
51:a4:92:30:00:17:f5:91:ca:98:f0:75:b8:1b:42:
c5:ce:fb:d3:d4:4b:e7:c1:9f:4d:ea:51:ba:da:56:
4e:30:9c:be:c2:91:ed:cf:11:5a:5a:85:fc:ba:c5:
41:ad:f1:d7:31:c2:97:92:53:3c:8f:c2:08:95:c1:
4c:b9:70:c0:e2:94:39:5c:75:d1:c8:2f:c1:32:5d:
b8:91:63:97:6b:6b:2d:da:96:28:32:56:67:bf:b8:
2f:0e:21:ec:cb:a3:aa:f4:7a:3a:ba:03:c1:02:6d:
1c:2b:42:7b:83:0d:f6:dc:26:91:b8:6b:96:bc:54:
c0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:7E:AA:74:5F:6F:B9:01:D3:C0:80:DB:95:25:BF:EB:4C:B8:52:50
X509v3 Authority Key Identifier:
keyid:D6:8B:6C:FB:72:0A:7C:92:A1:80:CA:61:4B:DB:0E:DA:1F:1E:BE:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:d9:38:f0:e1:47:bf:6e:55:1b:3b:b1:ec:46:2d:40:a7:96:
55:77:eb:06:f2:d4:9e:e1:00:f3:56:39:41:3f:2a:62:72:f3:
a3:fb:7d:99:3c:c8:c6:79:54:cf:4c:23:75:3a:e2:02:29:18:
8f:0e:04:03:ed:88:da:0c:66:1b:d8:46:17:65:f1:cf:16:40:
67:3a:96:d3:74:53:4d:f0:10:a9:e6:df:68:4e:2b:f1:27:a6:
b2:38:01:15:1e:32:23:97:43:5b:30:6a:74:11:44:1e:bb:04:
1c:05:c9:41:09:17:2d:a2:a5:f7:64:d9:50:df:52:8b:19:f7:
cf:48:dd:f8:df:46:3e:25:01:85:7c:93:8b:a4:61:aa:28:57:
b1:f9:3d:6d:dc:54:b0:90:10:a9:d5:1a:d6:ee:e8:39:72:e9:
7f:15:f2:23:5e:cf:0e:6e:c6:78:d0:5e:b0:09:cb:23:34:e9:
1e:ad:19:e7:14:ff:49:17:21:e0:1f:b8:bb:3f:64:50:8a:2f:
45:c5:37:80:64:69:0e:7f:bf:9b:8d:db:a2:42:41:92:5c:ab:
8e:3f:df:b8:df:ce:94:0a:ce:81:6b:b5:d2:cf:d3:0d:35:33:
3d:ce:cb:5e:1a:10:48:ba:49:8e:50:b0:ed:25:5e:f4:46:bd:
86:b4:c5:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNPR9Z7wcVR5e1Z9s5CQuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2OGI2Y2ZiNzIwYTdjOTJhMTgwY2E2MTRiZGIwZWRhMWYx
ZWJlOWQwHhcNMjUxMTA0MDUwMDQyWhcNMjUxMTA1MDUwMDQyWjAzMTEwLwYDVQQD
EygyMjdlYWE3NDVmNmZiOTAxZDNjMDgwZGI5NTI1YmZlYjRjYjg1MjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlv0r56VHvU2t+VTyzcEtt6+B70Vp
GIB/THlBpUOxRA9ZIBj3klxkz7xh9FVaDZu2fS4ky67MRKaOMfnMwWIaOmfDW8YQ
IkJG3uYv9TM3Eyv5QEnm9C32E4POcrK2uOoTNPtyoLnFIB42M9EZVFWLlYpHpWUn
CdBxTRE8VCPqkES2rnCeyxRRpJIwABf1kcqY8HW4G0LFzvvT1EvnwZ9N6lG62lZO
MJy+wpHtzxFaWoX8usVBrfHXMcKXklM8j8IIlcFMuXDA4pQ5XHXRyC/BMl24kWOX
a2st2pYoMlZnv7gvDiHsy6Oq9Ho6ugPBAm0cK0J7gw323CaRuGuWvFTAEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJ+qnRfb7kB08CA25Ulv+tMuFJQMB8GA1UdIwQY
MBaAFNaLbPtyCnySoYDKYUvbDtofHr6dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iNTk0NWQtNDkxNS00YmQ3LTkxYzEt
MzNlMzE5YTQ1NGVmLzEvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iNTk0NWQtNDkxNS00YmQ3LTkxYzEtMzNlMzE5YTQ1NGVm
LzEvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ9k48OFH
v25VGzux7EYtQKeWVXfrBvLUnuEA81Y5QT8qYnLzo/t9mTzIxnlUz0wjdTriAikY
jw4EA+2I2gxmG9hGF2XxzxZAZzqW03RTTfAQqebfaE4r8SemsjgBFR4yI5dDWzBq
dBFEHrsEHAXJQQkXLaKl92TZUN9Sixn3z0jd+N9GPiUBhXyTi6RhqihXsfk9bdxU
sJAQqdUa1u7oOXLpfxXyI17PDm7GeNBesAnLIzTpHq0Z5xT/SRch4B+4uz9kUIov
RcU3gGRpDn+/m43bokJBklyrjj/fuN/OlArOgWu10s/TDTUzPc7LXhoQSLpJjlCw
7SVe9Ea9hrTFrA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:40:27 2025 by rpki-client