Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
File: OXqyKGxnhx2rRXpygyl_yMaIpK8.mft (raw, json)
Hash identifier: l3meksgT5oybQdlBjmdVRH1zUtyi7zMw7haL5tEbcSE=
Subject key identifier: 9A:58:1A:62:D7:A5:1A:76:91:5A:6E:F2:EB:18:A9:2D:5E:D5:A3:4E
Authority key identifier: 39:7A:B2:28:6C:67:87:1D:AB:45:7A:72:83:29:7F:C8:C6:88:A4:AF
Certificate issuer: /CN=397ab2286c67871dab457a7283297fc8c688a4af
Certificate serial: 019A4DAAD2A2BFAE32A582C57E63E4E4C0DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
Manifest number: 1709
Signing time: Tue 04 Nov 2025 07:00:31 +0000
Manifest this update: Tue 04 Nov 2025 07:00:31 +0000
Manifest next update: Wed 05 Nov 2025 07:00:31 +0000
Files and hashes: 1: OXqyKGxnhx2rRXpygyl_yMaIpK8.crl (hash: ehc2vrsvZuELHV6SVh2BdjGTqtqGQAJEsIU6PWobZe8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:aa:d2:a2:bf:ae:32:a5:82:c5:7e:63:e4:e4:c0:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=397ab2286c67871dab457a7283297fc8c688a4af
Validity
Not Before: Nov 4 07:00:31 2025 GMT
Not After : Nov 5 07:00:31 2025 GMT
Subject: CN=9a581a62d7a51a76915a6ef2eb18a92d5ed5a34e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bf:3e:f8:86:ee:61:47:a4:9e:80:62:f9:9d:
af:18:ab:c1:4c:f8:07:da:ca:41:05:29:1e:59:4b:
24:36:d7:7e:e8:1b:b3:74:97:8b:29:69:76:83:3e:
ad:b1:35:78:e6:02:6f:73:c9:5c:94:84:fd:12:eb:
99:f9:5c:aa:f6:20:34:ae:17:62:8a:76:b1:bc:9c:
a1:d7:84:c2:25:e5:75:d5:a0:9a:bf:ac:80:19:46:
94:f1:70:17:56:9c:8c:7f:f6:09:28:23:25:b0:08:
ff:8d:4b:a3:af:45:ac:7a:26:62:ea:4a:09:48:3e:
7d:40:b9:6e:41:f5:bc:d8:85:54:64:31:57:36:1d:
14:96:be:0e:97:ce:7c:43:f7:8c:e5:44:36:b8:61:
98:81:83:8e:d1:f2:20:70:0e:4f:20:85:f7:c0:9d:
e1:a7:ce:8d:43:4e:67:26:1c:03:78:0e:8a:a8:30:
2c:c7:05:df:44:16:70:64:63:f9:2d:8b:7b:19:80:
c8:30:f3:5d:81:12:e8:41:18:86:1d:e1:f9:9a:7c:
77:e2:36:18:2a:70:28:02:96:f7:06:a6:4e:be:f5:
8d:59:d5:dd:17:fb:a1:ad:35:db:b7:a0:7f:65:fb:
56:51:5f:2d:aa:c6:86:f0:d8:7e:4e:ee:b0:b8:e0:
3b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:58:1A:62:D7:A5:1A:76:91:5A:6E:F2:EB:18:A9:2D:5E:D5:A3:4E
X509v3 Authority Key Identifier:
keyid:39:7A:B2:28:6C:67:87:1D:AB:45:7A:72:83:29:7F:C8:C6:88:A4:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ad:e2:dd:27:83:db:ac:9b:85:54:b8:8f:8f:a3:fc:4a:f9:27:
e6:80:02:57:26:1a:bb:77:dc:2a:29:78:07:02:e0:f4:18:1a:
03:9f:67:ee:8c:6e:4c:8b:c6:91:27:e8:85:70:20:56:37:c2:
f8:fb:8f:15:97:80:4c:3d:fc:47:25:17:8c:8b:32:3a:f4:80:
0f:9e:50:51:85:65:83:21:ac:46:23:75:ed:de:d9:ff:b0:73:
5f:2b:c9:62:33:b8:60:e2:18:70:9b:78:51:87:8b:f7:88:97:
b5:51:a2:b5:f2:48:e9:4f:f0:90:44:fb:d6:2a:eb:7f:57:9b:
51:ce:c6:b4:0f:46:39:17:70:9d:84:03:4f:2e:98:67:f7:ee:
d2:d6:3a:8b:16:97:aa:92:1c:67:8e:de:86:c8:0c:0d:24:be:
8c:ec:47:e3:c1:d5:5a:c2:52:22:09:0f:ec:7c:c6:e2:2d:25:
c9:79:c2:09:6e:a1:59:db:1a:8a:bd:e7:ca:b5:e6:48:82:ea:
fa:66:7a:f1:83:d4:25:ad:ac:15:1a:6d:26:a0:1f:d0:b3:06:
02:9d:92:58:b3:37:43:c4:90:8d:45:43:e0:ec:12:14:cc:c6:
9f:84:33:bd:af:8b:af:a0:d2:2c:88:fd:8a:f0:0c:1b:52:ee:
97:7d:6c:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqtKiv64ypYLFfmPk5MDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5N2FiMjI4NmM2Nzg3MWRhYjQ1N2E3MjgzMjk3ZmM4YzY4
OGE0YWYwHhcNMjUxMTA0MDcwMDMxWhcNMjUxMTA1MDcwMDMxWjAzMTEwLwYDVQQD
Eyg5YTU4MWE2MmQ3YTUxYTc2OTE1YTZlZjJlYjE4YTkyZDVlZDVhMzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwL8++IbuYUeknoBi+Z2vGKvBTPgH
2spBBSkeWUskNtd+6BuzdJeLKWl2gz6tsTV45gJvc8lclIT9EuuZ+Vyq9iA0rhdi
inaxvJyh14TCJeV11aCav6yAGUaU8XAXVpyMf/YJKCMlsAj/jUujr0WseiZi6koJ
SD59QLluQfW82IVUZDFXNh0Ulr4Ol858Q/eM5UQ2uGGYgYOO0fIgcA5PIIX3wJ3h
p86NQ05nJhwDeA6KqDAsxwXfRBZwZGP5LYt7GYDIMPNdgRLoQRiGHeH5mnx34jYY
KnAoApb3BqZOvvWNWdXdF/uhrTXbt6B/ZftWUV8tqsaG8Nh+Tu6wuOA7/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJpYGmLXpRp2kVpu8usYqS1e1aNOMB8GA1UdIwQY
MBaAFDl6sihsZ4cdq0V6coMpf8jGiKSvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8yYjIxMjQtODc5NC00YThiLTk5MzAt
MzMyM2ZkMDYwYjliLzEvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8yYjIxMjQtODc5NC00YThiLTk5MzAtMzMyM2ZkMDYwYjli
LzEvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAreLdJ4Pb
rJuFVLiPj6P8Svkn5oACVyYau3fcKil4BwLg9BgaA59n7oxuTIvGkSfohXAgVjfC
+PuPFZeATD38RyUXjIsyOvSAD55QUYVlgyGsRiN17d7Z/7BzXyvJYjO4YOIYcJt4
UYeL94iXtVGitfJI6U/wkET71irrf1ebUc7GtA9GORdwnYQDTy6YZ/fu0tY6ixaX
qpIcZ47ehsgMDSS+jOxH48HVWsJSIgkP7HzG4i0lyXnCCW6hWdsair3nyrXmSILq
+mZ68YPUJa2sFRptJqAf0LMGAp2SWLM3Q8SQjUVD4OwSFMzGn4Qzva+Lr6DSLIj9
ivAMG1Lul31sPg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:42:33 2025 by rpki-client