Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.mft
File: OxRinHZc4axPaIlW47kPatjEtYI.mft (raw, json)
Hash identifier: Z4EwQ3aXa00cSq5ExlXkgu3d8sCBiE2blwgl8Y3Hsu4=
Subject key identifier: 5D:B4:23:FB:C9:07:26:F0:07:69:63:EA:33:C3:12:ED:60:DD:BE:0F
Authority key identifier: 3B:14:62:9C:76:5C:E1:AC:4F:68:89:56:E3:B9:0F:6A:D8:C4:B5:82
Certificate issuer: /CN=3b14629c765ce1ac4f688956e3b90f6ad8c4b582
Certificate serial: 019A4F98D219DA42B7F36737AAA043B37837
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OxRinHZc4axPaIlW47kPatjEtYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.mft
Manifest number: 16A1
Signing time: Tue 04 Nov 2025 16:00:06 +0000
Manifest this update: Tue 04 Nov 2025 16:00:06 +0000
Manifest next update: Wed 05 Nov 2025 16:00:06 +0000
Files and hashes: 1: C_zGKKe9EmjFWVKBb9utgZ7LvBo.roa (hash: DBtQlC6QblgPpVW+sAN+YH267kvW3kiRyXFujtkor/8=)
2: OxRinHZc4axPaIlW47kPatjEtYI.crl (hash: dECKW5LSmBBrgYSGFZ7sBgLSrxkDEn44k52UkqxS3BI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/OxRinHZc4axPaIlW47kPatjEtYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:98:d2:19:da:42:b7:f3:67:37:aa:a0:43:b3:78:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b14629c765ce1ac4f688956e3b90f6ad8c4b582
Validity
Not Before: Nov 4 16:00:06 2025 GMT
Not After : Nov 5 16:00:06 2025 GMT
Subject: CN=5db423fbc90726f0076963ea33c312ed60ddbe0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c0:6f:7e:ab:ce:25:6a:22:04:7b:df:b0:30:
7b:c6:78:43:fa:47:4b:55:1f:94:07:27:93:0b:17:
b7:a6:c2:b9:9b:eb:83:60:dc:0a:22:64:4a:64:f1:
3e:30:c2:32:37:de:64:70:9c:20:c2:b2:55:80:9a:
03:08:e0:b9:5b:a8:4f:3b:5b:b5:97:62:10:10:11:
3e:9c:4d:35:1c:0f:df:9e:e1:31:93:43:5c:81:ba:
e9:06:d9:8b:43:93:ca:bd:0f:60:ba:d8:f1:6e:c1:
68:8c:f4:7c:6d:fd:dc:f0:e3:cc:d5:32:79:6c:27:
e1:99:bb:cb:4d:15:0b:12:21:da:1d:fb:35:c5:66:
3f:de:4c:66:b0:5b:f7:d8:4e:5f:c8:17:b1:36:ad:
c9:93:e1:f1:fc:db:3c:b8:ba:9b:e2:1e:53:e4:eb:
e3:2c:02:66:e8:41:79:85:1c:47:70:b2:e5:94:5f:
99:53:8c:35:d8:3a:37:13:d7:3a:58:63:1a:88:20:
db:62:98:57:31:c4:ec:99:f7:d0:c5:96:62:75:c8:
d4:01:fe:a5:28:95:e4:17:e2:aa:54:a4:32:e5:fe:
f2:41:e8:1c:fa:0c:57:64:75:a3:9b:4a:f8:c0:d9:
3a:93:cf:53:ff:64:e1:2a:77:bf:07:30:6b:76:32:
bd:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B4:23:FB:C9:07:26:F0:07:69:63:EA:33:C3:12:ED:60:DD:BE:0F
X509v3 Authority Key Identifier:
keyid:3B:14:62:9C:76:5C:E1:AC:4F:68:89:56:E3:B9:0F:6A:D8:C4:B5:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OxRinHZc4axPaIlW47kPatjEtYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
45:ae:72:5f:23:8a:b4:9d:0d:ed:e8:e2:bd:8c:90:ca:0e:d0:
5a:f2:60:db:2e:02:e5:93:84:59:80:a9:7b:06:8a:99:b6:c8:
8f:3e:03:c2:be:ec:b4:2b:c7:48:c1:e3:53:a6:06:2b:b8:2a:
f4:af:5d:ab:d8:e5:2c:5e:4c:b8:b9:f5:75:b1:f1:9d:38:c5:
fe:0d:13:d6:5d:fb:ec:9d:c3:84:45:c6:02:e7:01:ba:7d:e2:
81:31:58:cc:f3:10:e7:b1:a6:ec:aa:6c:f2:b9:0b:89:0f:db:
1c:8d:ad:49:90:cb:94:63:31:24:de:07:81:8d:c1:1f:48:6e:
fc:77:1b:df:b7:0a:71:fc:70:f2:19:52:20:dc:bc:68:ac:50:
9a:de:94:ce:c3:02:d4:2a:d1:d0:b4:c2:a1:62:d8:99:a0:8c:
74:64:81:b9:ba:7a:64:77:6f:e8:7b:ec:03:a9:d4:da:5f:4f:
40:1c:08:43:b1:21:c9:6f:1b:81:27:73:b5:df:bd:8d:28:ff:
d3:9c:4a:52:c0:27:34:eb:25:e0:3e:ff:52:13:fe:9f:50:b2:
e9:90:7f:a7:9f:85:12:35:29:c5:65:21:f0:8a:13:d1:f9:9b:
36:8f:9c:2c:6c:26:ab:36:da:02:4c:7d:fe:19:69:c1:7a:06:
03:32:7a:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmNIZ2kK382c3qqBDs3g3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMTQ2MjljNzY1Y2UxYWM0ZjY4ODk1NmUzYjkwZjZhZDhj
NGI1ODIwHhcNMjUxMTA0MTYwMDA2WhcNMjUxMTA1MTYwMDA2WjAzMTEwLwYDVQQD
Eyg1ZGI0MjNmYmM5MDcyNmYwMDc2OTYzZWEzM2MzMTJlZDYwZGRiZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8BvfqvOJWoiBHvfsDB7xnhD+kdL
VR+UByeTCxe3psK5m+uDYNwKImRKZPE+MMIyN95kcJwgwrJVgJoDCOC5W6hPO1u1
l2IQEBE+nE01HA/fnuExk0NcgbrpBtmLQ5PKvQ9gutjxbsFojPR8bf3c8OPM1TJ5
bCfhmbvLTRULEiHaHfs1xWY/3kxmsFv32E5fyBexNq3Jk+Hx/Ns8uLqb4h5T5Ovj
LAJm6EF5hRxHcLLllF+ZU4w12Do3E9c6WGMaiCDbYphXMcTsmffQxZZidcjUAf6l
KJXkF+KqVKQy5f7yQegc+gxXZHWjm0r4wNk6k89T/2ThKne/BzBrdjK9/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF20I/vJBybwB2lj6jPDEu1g3b4PMB8GA1UdIwQY
MBaAFDsUYpx2XOGsT2iJVuO5D2rYxLWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3hSaW5IWmM0YXhQYUlsVzQ3a1BhdGpFdFlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9hMzdmOWMtMWU2YS00NjY1LWEwZTIt
ZmUzMTEwMGQwODFmLzEvT3hSaW5IWmM0YXhQYUlsVzQ3a1BhdGpFdFlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9hMzdmOWMtMWU2YS00NjY1LWEwZTItZmUzMTEwMGQwODFm
LzEvT3hSaW5IWmM0YXhQYUlsVzQ3a1BhdGpFdFlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARa5yXyOK
tJ0N7ejivYyQyg7QWvJg2y4C5ZOEWYCpewaKmbbIjz4Dwr7stCvHSMHjU6YGK7gq
9K9dq9jlLF5MuLn1dbHxnTjF/g0T1l377J3DhEXGAucBun3igTFYzPMQ57Gm7Kps
8rkLiQ/bHI2tSZDLlGMxJN4HgY3BH0hu/Hcb37cKcfxw8hlSINy8aKxQmt6UzsMC
1CrR0LTCoWLYmaCMdGSBubp6ZHdv6HvsA6nU2l9PQBwIQ7EhyW8bgSdztd+9jSj/
05xKUsAnNOsl4D7/UhP+n1Cy6ZB/p5+FEjUpxWUh8IoT0fmbNo+cLGwmqzbaAkx9
/hlpwXoGAzJ6Tg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:21:54 2025 by rpki-client