Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft
File: OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft (raw, json)
Hash identifier: hm4PCqBUaazYbZeDOklqISSAPHoHIM7vxSfwY3smamE=
Subject key identifier: 92:EC:36:A7:33:12:1B:21:D0:2E:60:FE:64:A7:46:95:3F:1B:7E:88
Authority key identifier: 38:66:F7:38:50:05:D5:BE:61:01:72:73:88:E1:B3:27:1F:64:4D:E4
Certificate issuer: /CN=3866f7385005d5be6101727388e1b3271f644de4
Certificate serial: 019A5263155F2E7730EF2B9CDE9C448141FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OGb3OFAF1b5hAXJziOGzJx9kTeQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft
Manifest number: 0214
Signing time: Wed 05 Nov 2025 05:00:16 +0000
Manifest this update: Wed 05 Nov 2025 05:00:16 +0000
Manifest next update: Thu 06 Nov 2025 05:00:16 +0000
Files and hashes: 1: OGb3OFAF1b5hAXJziOGzJx9kTeQ.crl (hash: F2zugPThSUBycPFIbqxLvl+7uoT7+tO46XDj+EtkWuA=)
2: cvTvlJFXIrx4LNBKFN32BnQowu0.roa (hash: 2SQfqAvlePWceYDa/Gr4IqsSS7uQeMq3g8yyqM6DnK8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/OGb3OFAF1b5hAXJziOGzJx9kTeQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:63:15:5f:2e:77:30:ef:2b:9c:de:9c:44:81:41:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3866f7385005d5be6101727388e1b3271f644de4
Validity
Not Before: Nov 5 05:00:16 2025 GMT
Not After : Nov 6 05:00:16 2025 GMT
Subject: CN=92ec36a733121b21d02e60fe64a746953f1b7e88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:27:c6:07:b7:b9:66:8f:5c:42:8c:29:2f:4c:
8c:d0:f2:28:22:b3:a6:0d:cd:4a:11:f0:69:6f:73:
0e:e2:04:f1:54:35:21:82:a4:37:89:e7:4a:75:d9:
28:f1:26:33:4a:f6:a9:42:a1:9c:e8:95:a1:d8:7e:
ba:5b:60:de:8c:0b:77:1f:72:e8:19:0f:35:c5:85:
83:0b:59:75:1e:4c:fe:3f:39:1f:f2:b7:ed:bd:bd:
ba:ea:0c:1a:f4:21:ba:3c:be:e2:87:61:f3:75:7f:
02:96:15:f4:49:3f:ec:b1:d0:56:ca:91:7f:c5:10:
22:45:22:75:5b:25:a7:ad:b4:3a:00:32:86:ec:d2:
55:56:b2:f3:e6:c6:cc:1e:16:05:7e:d4:49:e6:a3:
fd:3b:06:7f:ae:b4:3a:57:d2:7c:49:54:c8:76:07:
65:c4:f0:4f:29:97:e8:e5:3b:53:9f:bb:d6:b6:bf:
2a:35:14:9a:26:82:b4:80:40:4d:be:a1:04:18:01:
bf:33:fc:32:22:65:9f:8f:c4:87:74:e3:36:49:55:
54:33:2e:9a:bf:91:c2:d1:8a:95:1b:b5:84:36:45:
13:f3:df:6e:c8:17:59:64:a2:7c:06:11:f1:09:8d:
19:88:bc:94:01:9c:5a:be:b4:0e:84:b2:cc:1a:e0:
6c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:EC:36:A7:33:12:1B:21:D0:2E:60:FE:64:A7:46:95:3F:1B:7E:88
X509v3 Authority Key Identifier:
keyid:38:66:F7:38:50:05:D5:BE:61:01:72:73:88:E1:B3:27:1F:64:4D:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGb3OFAF1b5hAXJziOGzJx9kTeQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:ba:48:91:17:a3:7e:bc:aa:38:03:9f:69:12:e2:bd:7f:9e:
69:ef:98:f7:e7:b2:95:b9:8a:ea:28:7c:ae:c2:84:c4:08:e7:
96:a5:70:72:e1:de:66:37:dd:5b:1b:e4:2d:24:8e:13:75:32:
5f:7b:5a:25:45:e7:fd:90:c5:c2:9a:ee:11:e1:b1:1f:c1:13:
8b:94:30:93:66:c4:f4:23:b5:94:5b:55:3e:44:54:e0:39:a0:
08:6c:ee:8d:ff:e2:d6:cd:e9:8b:82:09:6b:7a:09:77:f7:96:
49:55:dc:a5:d6:1d:aa:5c:ff:b8:ad:83:6d:59:5d:f4:10:0d:
04:bf:57:c7:35:ca:a6:1d:75:bf:e0:8b:c4:69:2b:49:72:25:
59:be:b2:39:9b:7d:96:62:0d:66:e0:a2:98:26:a3:fc:0b:c1:
6f:ee:ee:2b:84:23:6d:18:63:64:14:92:0a:73:b1:d2:67:82:
2c:3a:5a:c9:a0:e1:ac:0b:a0:22:dd:f4:97:85:32:42:87:01:
82:fe:e6:9a:9a:a3:ff:85:4b:d3:b5:17:09:c1:2e:d4:49:3d:
2f:d9:51:09:99:6a:72:77:b6:57:95:bb:b3:81:9b:f6:e5:ec:
21:5a:76:74:cd:20:02:04:4c:7c:df:4c:62:f5:35:2d:88:c7:
11:c2:97:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSYxVfLncw7yuc3pxEgUH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NjZmNzM4NTAwNWQ1YmU2MTAxNzI3Mzg4ZTFiMzI3MWY2
NDRkZTQwHhcNMjUxMTA1MDUwMDE2WhcNMjUxMTA2MDUwMDE2WjAzMTEwLwYDVQQD
Eyg5MmVjMzZhNzMzMTIxYjIxZDAyZTYwZmU2NGE3NDY5NTNmMWI3ZTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuifGB7e5Zo9cQowpL0yM0PIoIrOm
Dc1KEfBpb3MO4gTxVDUhgqQ3iedKddko8SYzSvapQqGc6JWh2H66W2DejAt3H3Lo
GQ81xYWDC1l1Hkz+Pzkf8rftvb266gwa9CG6PL7ih2HzdX8ClhX0ST/ssdBWypF/
xRAiRSJ1WyWnrbQ6ADKG7NJVVrLz5sbMHhYFftRJ5qP9OwZ/rrQ6V9J8SVTIdgdl
xPBPKZfo5TtTn7vWtr8qNRSaJoK0gEBNvqEEGAG/M/wyImWfj8SHdOM2SVVUMy6a
v5HC0YqVG7WENkUT899uyBdZZKJ8BhHxCY0ZiLyUAZxavrQOhLLMGuBsawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJLsNqczEhsh0C5g/mSnRpU/G36IMB8GA1UdIwQY
MBaAFDhm9zhQBdW+YQFyc4jhsycfZE3kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0diM09GQUYxYjVoQVhKemlPR3pKeDlrVGVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iMDYxOTctNjhkMi00MjllLWFjZTUt
ZTAxNWJmM2YzM2Q3LzEvT0diM09GQUYxYjVoQVhKemlPR3pKeDlrVGVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iMDYxOTctNjhkMi00MjllLWFjZTUtZTAxNWJmM2YzM2Q3
LzEvT0diM09GQUYxYjVoQVhKemlPR3pKeDlrVGVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN7pIkRej
fryqOAOfaRLivX+eae+Y9+eylbmK6ih8rsKExAjnlqVwcuHeZjfdWxvkLSSOE3Uy
X3taJUXn/ZDFwpruEeGxH8ETi5Qwk2bE9CO1lFtVPkRU4DmgCGzujf/i1s3pi4IJ
a3oJd/eWSVXcpdYdqlz/uK2DbVld9BANBL9XxzXKph11v+CLxGkrSXIlWb6yOZt9
lmINZuCimCaj/AvBb+7uK4QjbRhjZBSSCnOx0meCLDpayaDhrAugIt30l4UyQocB
gv7mmpqj/4VL07UXCcEu1Ek9L9lRCZlqcne2V5W7s4Gb9uXsIVp2dM0gAgRMfN9M
YvU1LYjHEcKXfQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:53:32 2025 by rpki-client