Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.mft
File: OFBtgKtZLee-CjMbv0-gBo1BQIo.mft (raw, json)
Hash identifier: BK2t15/MX+xOv/36ke1owWS03qKUSSk1+QZ4PGLSdm0=
Subject key identifier: 2A:57:02:9B:00:A0:44:64:8E:A2:93:AF:8A:7D:41:10:07:BF:9F:F0
Authority key identifier: 38:50:6D:80:AB:59:2D:E7:BE:0A:33:1B:BF:4F:A0:06:8D:41:40:8A
Certificate issuer: /CN=38506d80ab592de7be0a331bbf4fa0068d41408a
Certificate serial: 019A4E18ED6BE5DE08989267CC98F6E3CD98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFBtgKtZLee-CjMbv0-gBo1BQIo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.mft
Manifest number: 1601
Signing time: Tue 04 Nov 2025 09:00:47 +0000
Manifest this update: Tue 04 Nov 2025 09:00:47 +0000
Manifest next update: Wed 05 Nov 2025 09:00:47 +0000
Files and hashes: 1: 8fjGJEbNOKgjtgGvG0x5bdVrRFo.roa (hash: 6ZZJ4QGkpbcq3hIOVhgvm79JeONPbl5ojVu1zQKUgnU=)
2: LiZI8DHKt2cl3ZGAwMQs7hzSWLY.roa (hash: YZv7B4YQ18wMpKvjotc88oKaw7AFVr3K3Ln8F9meSnc=)
3: OFBtgKtZLee-CjMbv0-gBo1BQIo.crl (hash: 7+CRQBM+CZZyGC8OUHYxoa35zWdNWi+R30xdsaXKgRY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OFBtgKtZLee-CjMbv0-gBo1BQIo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:ed:6b:e5:de:08:98:92:67:cc:98:f6:e3:cd:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38506d80ab592de7be0a331bbf4fa0068d41408a
Validity
Not Before: Nov 4 09:00:47 2025 GMT
Not After : Nov 5 09:00:47 2025 GMT
Subject: CN=2a57029b00a044648ea293af8a7d411007bf9ff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ee:9e:84:5c:0b:b9:f0:5e:7e:ab:dc:25:77:
01:61:4a:57:a2:68:d7:5c:46:18:2a:8d:9b:b7:54:
b3:18:c7:e6:1c:87:bb:7e:32:ec:0e:cf:b5:66:cb:
03:4a:fc:b8:95:74:95:c3:4b:81:5e:ac:29:fa:57:
20:2a:8c:8a:0f:43:7d:af:81:47:90:32:e5:f1:ec:
d5:d7:40:b0:2a:88:0d:92:4a:8c:6b:11:0f:b3:3c:
0a:ae:5e:8a:46:ea:5b:1f:6e:fb:15:de:db:b7:42:
8c:20:d2:6c:6b:63:2c:f6:2f:0f:dd:ea:f2:f8:01:
80:2f:54:66:31:0d:d7:b2:06:f5:04:9b:48:33:04:
1e:98:e0:92:2e:93:8e:f8:dc:4e:dd:eb:8f:55:ba:
b5:03:5b:e6:73:e6:fa:9d:e4:3e:bd:b4:66:d8:02:
8e:96:82:9a:de:62:e0:79:44:a8:92:ca:cf:04:bd:
7a:a2:80:74:6d:04:c9:7e:21:cd:73:21:49:2b:1c:
92:d8:34:99:6f:0f:29:7c:b0:af:3a:cd:0e:fb:47:
3f:05:46:eb:99:ff:c2:59:e9:93:d5:b0:5c:54:5a:
47:12:bc:29:fd:fd:f0:71:54:2b:83:cc:c5:93:ed:
8c:34:83:20:e9:23:97:b9:22:5d:48:c8:f7:e5:89:
08:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:57:02:9B:00:A0:44:64:8E:A2:93:AF:8A:7D:41:10:07:BF:9F:F0
X509v3 Authority Key Identifier:
keyid:38:50:6D:80:AB:59:2D:E7:BE:0A:33:1B:BF:4F:A0:06:8D:41:40:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFBtgKtZLee-CjMbv0-gBo1BQIo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:f1:7a:b2:8a:3f:f6:88:10:47:a1:c4:cf:d5:21:a7:e0:85:
e4:66:9d:35:18:b4:e8:8c:83:94:bc:88:df:a6:10:d8:bf:42:
e1:b0:0b:33:08:f1:40:d1:82:ae:62:ed:ad:42:85:f3:f3:61:
a7:79:0d:fd:31:f4:7a:5d:83:57:f8:89:fe:53:13:57:f4:35:
d5:0f:f1:5e:df:08:5f:a8:cd:2e:71:31:2e:32:5e:ca:ae:77:
00:04:6d:d4:39:da:d8:ba:81:56:43:7e:ae:32:7e:0b:52:1c:
e6:3f:f7:ef:d2:f5:4e:dc:c2:20:ea:6f:54:db:8e:b4:de:1b:
7e:a4:95:74:89:52:79:32:da:eb:b7:4c:20:1c:9e:fb:81:79:
9b:83:c9:42:8b:6b:2c:51:e1:34:16:59:43:68:6e:64:a9:70:
d6:b0:79:e3:98:26:85:d5:cc:72:4d:f3:f2:2b:56:b2:9b:dd:
57:4f:21:7b:2b:a8:a8:03:b2:97:c5:fd:f3:de:9e:7b:80:2a:
71:25:f4:ab:b8:7d:cd:54:2a:7a:67:00:84:53:c9:12:36:3c:
71:e4:7e:b7:86:33:6e:5f:9c:be:53:de:d6:70:dc:bf:4b:0b:
7a:3a:9f:75:71:b2:87:3d:c1:c2:e8:b5:04:13:11:98:6f:fd:
8f:88:f2:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGO1r5d4ImJJnzJj2482YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NTA2ZDgwYWI1OTJkZTdiZTBhMzMxYmJmNGZhMDA2OGQ0
MTQwOGEwHhcNMjUxMTA0MDkwMDQ3WhcNMjUxMTA1MDkwMDQ3WjAzMTEwLwYDVQQD
EygyYTU3MDI5YjAwYTA0NDY0OGVhMjkzYWY4YTdkNDExMDA3YmY5ZmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAue6ehFwLufBefqvcJXcBYUpXomjX
XEYYKo2bt1SzGMfmHIe7fjLsDs+1ZssDSvy4lXSVw0uBXqwp+lcgKoyKD0N9r4FH
kDLl8ezV10CwKogNkkqMaxEPszwKrl6KRupbH277Fd7bt0KMINJsa2Ms9i8P3ery
+AGAL1RmMQ3Xsgb1BJtIMwQemOCSLpOO+NxO3euPVbq1A1vmc+b6neQ+vbRm2AKO
loKa3mLgeUSoksrPBL16ooB0bQTJfiHNcyFJKxyS2DSZbw8pfLCvOs0O+0c/BUbr
mf/CWemT1bBcVFpHErwp/f3wcVQrg8zFk+2MNIMg6SOXuSJdSMj35YkI0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpXApsAoERkjqKTr4p9QRAHv5/wMB8GA1UdIwQY
MBaAFDhQbYCrWS3nvgozG79PoAaNQUCKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ZCdGdLdFpMZWUtQ2pNYnYwLWdCbzFCUUlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9mOTRmNzgtZjI2Mi00MjA3LThmMTgt
OGRmOGFmMzAwMWJjLzEvT0ZCdGdLdFpMZWUtQ2pNYnYwLWdCbzFCUUlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9mOTRmNzgtZjI2Mi00MjA3LThmMTgtOGRmOGFmMzAwMWJj
LzEvT0ZCdGdLdFpMZWUtQ2pNYnYwLWdCbzFCUUlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhvF6soo/
9ogQR6HEz9Uhp+CF5GadNRi06IyDlLyI36YQ2L9C4bALMwjxQNGCrmLtrUKF8/Nh
p3kN/TH0el2DV/iJ/lMTV/Q11Q/xXt8IX6jNLnExLjJeyq53AARt1Dna2LqBVkN+
rjJ+C1Ic5j/379L1TtzCIOpvVNuOtN4bfqSVdIlSeTLa67dMIBye+4F5m4PJQotr
LFHhNBZZQ2huZKlw1rB545gmhdXMck3z8itWspvdV08heyuoqAOyl8X9896ee4Aq
cSX0q7h9zVQqemcAhFPJEjY8ceR+t4Yzbl+cvlPe1nDcv0sLejqfdXGyhz3Bwui1
BBMRmG/9j4jyBw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:36:38 2025 by rpki-client