Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fc0ed1-5666-4bb7-bb7c-7b627582fd2d/1/O2HIth_0q5daL2xn0LzmN5Ni4v4.mft
File: O2HIth_0q5daL2xn0LzmN5Ni4v4.mft (raw, json)
Hash identifier: mfaT+BcMsEhnLDeExqIOE0MT/1nOKAimU8JQkI2td8I=
Subject key identifier: 84:2B:F9:71:70:B0:51:95:74:F5:C8:F0:7D:C4:27:9C:F3:C2:85:41
Authority key identifier: 3B:61:C8:B6:1F:F4:AB:97:5A:2F:6C:67:D0:BC:E6:37:93:62:E2:FE
Certificate issuer: /CN=3b61c8b61ff4ab975a2f6c67d0bce6379362e2fe
Certificate serial: 019A500718BAD421CD7276F8DA7646697276
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O2HIth_0q5daL2xn0LzmN5Ni4v4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fc0ed1-5666-4bb7-bb7c-7b627582fd2d/1/O2HIth_0q5daL2xn0LzmN5Ni4v4.mft
Manifest number: 0A22
Signing time: Tue 04 Nov 2025 18:00:33 +0000
Manifest this update: Tue 04 Nov 2025 18:00:33 +0000
Manifest next update: Wed 05 Nov 2025 18:00:33 +0000
Files and hashes: 1: O2HIth_0q5daL2xn0LzmN5Ni4v4.crl (hash: MMOEXod/sQj5kTeCQkGDPcGi2y17iTcu6ANx8oJ70JQ=)
2: zPHYYf64cnazRpEP2DM-tC5zi20.roa (hash: KRY5tyMHgi4pvRx1DdmJaDKEtzRxICuicXJ6HWfF+Yg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fc0ed1-5666-4bb7-bb7c-7b627582fd2d/1/O2HIth_0q5daL2xn0LzmN5Ni4v4.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fc0ed1-5666-4bb7-bb7c-7b627582fd2d/1/O2HIth_0q5daL2xn0LzmN5Ni4v4.mft
rsync://rpki.ripe.net/repository/DEFAULT/O2HIth_0q5daL2xn0LzmN5Ni4v4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:07:18:ba:d4:21:cd:72:76:f8:da:76:46:69:72:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b61c8b61ff4ab975a2f6c67d0bce6379362e2fe
Validity
Not Before: Nov 4 18:00:33 2025 GMT
Not After : Nov 5 18:00:33 2025 GMT
Subject: CN=842bf97170b0519574f5c8f07dc4279cf3c28541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7a:87:f9:c5:fe:dd:e3:c6:12:e3:a2:10:c1:
c5:b4:5e:05:82:33:67:85:a0:9d:16:25:22:fd:2e:
52:86:64:8d:30:43:1d:42:d8:25:ca:93:5e:ec:36:
74:20:89:8d:2f:30:84:41:fb:1d:88:fc:cf:6f:b4:
3a:dd:11:17:7e:24:2a:a5:43:cb:31:10:17:9c:e0:
0a:08:ac:44:7a:04:1b:af:cf:ff:c8:18:4e:a7:8e:
a1:c3:9b:f0:42:70:e5:00:fb:f7:98:b8:ed:7a:87:
c0:9c:f8:46:61:8b:6d:7a:ed:b1:52:33:68:de:13:
b8:27:a7:84:ee:fb:77:4a:52:34:02:9b:77:46:61:
e7:5e:3f:4d:9d:6e:b0:bf:89:03:55:87:b1:81:dd:
e2:2d:e3:1d:7e:2e:50:01:64:69:be:e3:f8:24:66:
df:b5:fe:f4:be:a1:04:8f:99:c2:3d:b4:d5:0d:00:
04:13:67:16:04:5d:28:0d:3a:cc:0a:38:40:97:dd:
da:44:ca:0a:42:61:af:2a:c1:bd:73:6f:d2:e2:53:
bb:ea:7c:97:14:0e:7a:b3:b6:7f:d4:b0:8e:12:3e:
28:87:c3:27:43:56:00:21:f5:81:9e:5c:a0:e2:45:
c0:0f:cd:4c:89:c5:fe:20:95:37:2f:8c:ab:75:52:
64:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:2B:F9:71:70:B0:51:95:74:F5:C8:F0:7D:C4:27:9C:F3:C2:85:41
X509v3 Authority Key Identifier:
keyid:3B:61:C8:B6:1F:F4:AB:97:5A:2F:6C:67:D0:BC:E6:37:93:62:E2:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O2HIth_0q5daL2xn0LzmN5Ni4v4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fc0ed1-5666-4bb7-bb7c-7b627582fd2d/1/O2HIth_0q5daL2xn0LzmN5Ni4v4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fc0ed1-5666-4bb7-bb7c-7b627582fd2d/1/O2HIth_0q5daL2xn0LzmN5Ni4v4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:7f:f2:97:67:b0:64:ed:5a:d5:3f:37:4a:b1:7f:c4:b9:69:
1b:93:d6:ec:ec:d9:f7:28:45:91:0f:ce:e6:c6:80:3c:08:12:
24:41:48:43:7d:8e:94:de:50:7e:27:aa:1e:16:98:24:10:fa:
b7:97:9a:12:9d:15:60:4d:70:18:39:94:5a:77:ac:48:7a:b5:
58:73:84:12:48:21:c8:a0:f0:d1:ed:cb:46:ab:e6:43:7e:93:
54:3a:17:50:fb:e3:0f:56:0f:77:c4:c9:23:83:69:59:37:df:
41:bc:13:30:5d:8f:17:96:bb:11:8d:e4:58:5b:3e:76:26:cd:
ce:4a:08:6a:6b:2a:01:a6:0d:88:42:43:66:36:67:b6:c1:37:
c3:12:12:0d:23:ca:58:8d:7a:1e:6a:ea:57:20:1a:88:13:07:
f2:0b:bd:9a:95:3a:1c:8b:d9:11:de:18:3d:5b:c8:04:5a:60:
31:f1:33:5a:5a:3d:d0:01:23:2b:b9:3f:d1:c6:fb:82:2e:34:
bb:eb:3a:42:56:e2:3d:bd:82:bc:dc:c3:80:26:89:ec:d6:98:
9b:28:0b:8f:1c:83:8b:c1:b8:cb:63:28:70:7a:b9:36:f1:81:
9f:b2:40:47:c6:27:0c:80:c2:18:53:56:b0:0a:5e:0b:81:24:
b2:23:5a:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQBxi61CHNcnb42nZGaXJ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNjFjOGI2MWZmNGFiOTc1YTJmNmM2N2QwYmNlNjM3OTM2
MmUyZmUwHhcNMjUxMTA0MTgwMDMzWhcNMjUxMTA1MTgwMDMzWjAzMTEwLwYDVQQD
Eyg4NDJiZjk3MTcwYjA1MTk1NzRmNWM4ZjA3ZGM0Mjc5Y2YzYzI4NTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznqH+cX+3ePGEuOiEMHFtF4FgjNn
haCdFiUi/S5ShmSNMEMdQtglypNe7DZ0IImNLzCEQfsdiPzPb7Q63REXfiQqpUPL
MRAXnOAKCKxEegQbr8//yBhOp46hw5vwQnDlAPv3mLjteofAnPhGYYtteu2xUjNo
3hO4J6eE7vt3SlI0Apt3RmHnXj9NnW6wv4kDVYexgd3iLeMdfi5QAWRpvuP4JGbf
tf70vqEEj5nCPbTVDQAEE2cWBF0oDTrMCjhAl93aRMoKQmGvKsG9c2/S4lO76nyX
FA56s7Z/1LCOEj4oh8MnQ1YAIfWBnlyg4kXAD81MicX+IJU3L4yrdVJkCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQr+XFwsFGVdPXI8H3EJ5zzwoVBMB8GA1UdIwQY
MBaAFDthyLYf9KuXWi9sZ9C85jeTYuL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzJISXRoXzBxNWRhTDJ4bjBMem1ONU5pNHY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mYzBlZDEtNTY2Ni00YmI3LWJiN2Mt
N2I2Mjc1ODJmZDJkLzEvTzJISXRoXzBxNWRhTDJ4bjBMem1ONU5pNHY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mYzBlZDEtNTY2Ni00YmI3LWJiN2MtN2I2Mjc1ODJmZDJk
LzEvTzJISXRoXzBxNWRhTDJ4bjBMem1ONU5pNHY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVn/yl2ew
ZO1a1T83SrF/xLlpG5PW7OzZ9yhFkQ/O5saAPAgSJEFIQ32OlN5QfieqHhaYJBD6
t5eaEp0VYE1wGDmUWnesSHq1WHOEEkghyKDw0e3LRqvmQ36TVDoXUPvjD1YPd8TJ
I4NpWTffQbwTMF2PF5a7EY3kWFs+dibNzkoIamsqAaYNiEJDZjZntsE3wxISDSPK
WI16HmrqVyAaiBMH8gu9mpU6HIvZEd4YPVvIBFpgMfEzWlo90AEjK7k/0cb7gi40
u+s6QlbiPb2CvNzDgCaJ7NaYmygLjxyDi8G4y2MocHq5NvGBn7JAR8YnDIDCGFNW
sApeC4EksiNaXQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:10:33 2025 by rpki-client