Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/0181f8-4fa4-4697-a272-333b6d4ea45b/1/2OtznG09xxpiBsjzcSQm_1MqCv4.mft
File: 2OtznG09xxpiBsjzcSQm_1MqCv4.mft (raw, json)
Hash identifier: 3lpdZ1z2x7493exkv9frPXHP3FzmCa3x7D7B6kymK1U=
Subject key identifier: EB:38:4D:85:F7:C8:9C:0E:0F:A2:1D:3A:C9:46:AB:58:B3:33:C8:E1
Authority key identifier: D8:EB:73:9C:6D:3D:C7:1A:62:06:C8:F3:71:24:26:FF:53:2A:0A:FE
Certificate issuer: /CN=d8eb739c6d3dc71a6206c8f3712426ff532a0afe
Certificate serial: 019A54F64DD8BE3ED0D218B1FA9F51E80920
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2OtznG09xxpiBsjzcSQm_1MqCv4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/0181f8-4fa4-4697-a272-333b6d4ea45b/1/2OtznG09xxpiBsjzcSQm_1MqCv4.mft
Manifest number: 80
Signing time: Wed 05 Nov 2025 17:00:19 +0000
Manifest this update: Wed 05 Nov 2025 17:00:19 +0000
Manifest next update: Thu 06 Nov 2025 17:00:19 +0000
Files and hashes: 1: 2OtznG09xxpiBsjzcSQm_1MqCv4.crl (hash: BpWkAXMR1ka2+WNIXxlljiOE4UwSrPU/bKQevOVmop8=)
2: wuqKrfx0UPDoVQxdKV8k97AGu4E.roa (hash: QvAJVSN4EtHNESjcwxnKTv7sFwnj2Nb91/xIZcXw158=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/0181f8-4fa4-4697-a272-333b6d4ea45b/1/2OtznG09xxpiBsjzcSQm_1MqCv4.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/0181f8-4fa4-4697-a272-333b6d4ea45b/1/2OtznG09xxpiBsjzcSQm_1MqCv4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2OtznG09xxpiBsjzcSQm_1MqCv4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:f6:4d:d8:be:3e:d0:d2:18:b1:fa:9f:51:e8:09:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8eb739c6d3dc71a6206c8f3712426ff532a0afe
Validity
Not Before: Nov 5 17:00:19 2025 GMT
Not After : Nov 6 17:00:19 2025 GMT
Subject: CN=eb384d85f7c89c0e0fa21d3ac946ab58b333c8e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e6:d8:bc:f9:27:18:fa:d6:66:f5:19:52:e4:
da:0e:a3:03:89:e1:78:2e:62:1e:df:d7:50:31:ba:
3c:b2:a3:93:ec:16:1a:46:35:1e:4c:54:b1:25:73:
92:3e:aa:07:62:6f:e3:84:0c:69:9f:b5:a2:0f:56:
5f:04:5e:c2:bd:7c:88:15:ad:30:ac:47:ff:79:b2:
86:c0:52:1f:61:5f:be:4c:f0:6f:6f:46:70:50:43:
d8:1c:aa:e2:e9:f4:f9:68:4c:a7:ab:a2:7a:ad:a6:
d9:8c:22:4b:cf:f9:b4:f1:4a:a1:13:01:64:63:ca:
bd:2f:19:6e:31:6a:0f:10:f7:e2:77:38:ad:fc:8e:
1a:96:da:99:52:fd:79:b4:dd:4d:99:13:d7:2f:3e:
aa:9a:0c:f5:55:37:c0:73:2c:b9:91:5d:b7:d2:2f:
77:91:89:46:15:e6:1c:3e:09:39:bd:b3:07:bd:98:
38:6c:a9:36:ea:b1:97:ce:18:01:b4:0e:eb:ec:ea:
09:79:79:f3:a8:f2:43:df:86:d1:62:f6:b5:6e:dc:
00:5b:4a:27:8b:4f:23:da:54:a9:c0:1e:00:01:05:
c1:59:c4:d7:31:05:ef:b3:b8:01:1e:ab:48:1a:df:
a5:74:54:64:b0:11:9c:06:68:15:22:03:02:93:5b:
8e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:38:4D:85:F7:C8:9C:0E:0F:A2:1D:3A:C9:46:AB:58:B3:33:C8:E1
X509v3 Authority Key Identifier:
keyid:D8:EB:73:9C:6D:3D:C7:1A:62:06:C8:F3:71:24:26:FF:53:2A:0A:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2OtznG09xxpiBsjzcSQm_1MqCv4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/0181f8-4fa4-4697-a272-333b6d4ea45b/1/2OtznG09xxpiBsjzcSQm_1MqCv4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/0181f8-4fa4-4697-a272-333b6d4ea45b/1/2OtznG09xxpiBsjzcSQm_1MqCv4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:35:f2:36:02:76:d8:eb:64:26:54:2b:f6:bb:42:dd:af:d2:
df:cd:b2:a4:87:34:40:29:50:32:62:d0:1f:03:e6:50:1e:3e:
95:95:ae:76:04:29:95:1f:2a:e7:3d:24:4c:8e:cc:6a:65:14:
6f:14:44:d4:c3:71:be:eb:30:17:80:c7:22:3f:5c:8c:c8:84:
0a:0f:47:b2:b3:6f:b0:77:82:12:63:a2:67:5c:e0:d3:2b:bd:
f1:b2:23:77:bd:a9:69:f0:56:0b:cb:46:bb:b7:b8:9d:b3:9a:
43:40:20:4e:e4:7e:ca:73:be:f2:1e:6f:13:d6:0a:9b:84:3f:
11:85:29:0f:0a:20:2c:78:73:77:7a:e8:6f:a1:76:ef:54:f7:
89:e3:64:a7:db:da:c8:c7:d6:02:46:4b:82:bd:d9:ad:84:1e:
8f:14:79:5e:cd:e3:16:71:e1:82:80:08:3d:5b:89:7d:73:2e:
bf:00:d4:a6:44:08:37:1e:6a:fe:49:f1:42:f3:96:c6:7b:f2:
a6:ea:ea:67:9b:51:0f:a3:d7:54:28:5a:5a:08:3d:a2:d3:18:
03:e2:36:72:ca:6c:bf:0d:16:4d:a4:70:ce:97:e3:d0:56:06:
86:d7:d8:71:56:43:cc:79:2e:6c:40:a2:89:37:61:0a:bb:2e:
53:62:58:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpU9k3Yvj7Q0hix+p9R6AkgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWI3MzljNmQzZGM3MWE2MjA2YzhmMzcxMjQyNmZmNTMy
YTBhZmUwHhcNMjUxMTA1MTcwMDE5WhcNMjUxMTA2MTcwMDE5WjAzMTEwLwYDVQQD
EyhlYjM4NGQ4NWY3Yzg5YzBlMGZhMjFkM2FjOTQ2YWI1OGIzMzNjOGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxObYvPknGPrWZvUZUuTaDqMDieF4
LmIe39dQMbo8sqOT7BYaRjUeTFSxJXOSPqoHYm/jhAxpn7WiD1ZfBF7CvXyIFa0w
rEf/ebKGwFIfYV++TPBvb0ZwUEPYHKri6fT5aEynq6J6rabZjCJLz/m08UqhEwFk
Y8q9LxluMWoPEPfidzit/I4altqZUv15tN1NmRPXLz6qmgz1VTfAcyy5kV230i93
kYlGFeYcPgk5vbMHvZg4bKk26rGXzhgBtA7r7OoJeXnzqPJD34bRYva1btwAW0on
i08j2lSpwB4AAQXBWcTXMQXvs7gBHqtIGt+ldFRksBGcBmgVIgMCk1uOswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOs4TYX3yJwOD6IdOslGq1izM8jhMB8GA1UdIwQY
MBaAFNjrc5xtPccaYgbI83EkJv9TKgr+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk90em5HMDl4eHBpQnNqemNTUW1fMU1xQ3Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8wMTgxZjgtNGZhNC00Njk3LWEyNzIt
MzMzYjZkNGVhNDViLzEvMk90em5HMDl4eHBpQnNqemNTUW1fMU1xQ3Y0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8wMTgxZjgtNGZhNC00Njk3LWEyNzItMzMzYjZkNGVhNDVi
LzEvMk90em5HMDl4eHBpQnNqemNTUW1fMU1xQ3Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVTXyNgJ2
2OtkJlQr9rtC3a/S382ypIc0QClQMmLQHwPmUB4+lZWudgQplR8q5z0kTI7MamUU
bxRE1MNxvuswF4DHIj9cjMiECg9HsrNvsHeCEmOiZ1zg0yu98bIjd72pafBWC8tG
u7e4nbOaQ0AgTuR+ynO+8h5vE9YKm4Q/EYUpDwogLHhzd3rob6F271T3ieNkp9va
yMfWAkZLgr3ZrYQejxR5Xs3jFnHhgoAIPVuJfXMuvwDUpkQINx5q/knxQvOWxnvy
purqZ5tRD6PXVChaWgg9otMYA+I2cspsvw0WTaRwzpfj0FYGhtfYcVZDzHkubECi
iTdhCrsuU2JYAA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 19:04:39 2025 by rpki-client