Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
File: OC-G8tvQd2xOUZycmuT60EJvOf8.mft (raw, json)
Hash identifier: roA/Q+T+WQ9H5Q60dbZHB9+C+HVvzqRUDnBZnWdymzA=
Subject key identifier: DC:DF:A5:4C:46:37:ED:B4:DA:D7:3D:48:D3:FB:B0:5B:36:DB:7F:3B
Authority key identifier: 38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF
Certificate issuer: /CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff
Certificate serial: 019A4F99597AF2CE73E2A2E11574BB4225A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
Manifest number: 02EC
Signing time: Tue 04 Nov 2025 16:00:41 +0000
Manifest this update: Tue 04 Nov 2025 16:00:41 +0000
Manifest next update: Wed 05 Nov 2025 16:00:41 +0000
Files and hashes: 1: OC-G8tvQd2xOUZycmuT60EJvOf8.crl (hash: EJinxRe3N733RHFl0tj2zpBOoAG/z1riOHH/WwJHM9E=)
2: b1pNAkro7aHA3V-NejpmqoURwAk.roa (hash: spfghQnj6hS6URb2NmqLLwW6s6Py+YxHJ+ws3VJ1shQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:99:59:7a:f2:ce:73:e2:a2:e1:15:74:bb:42:25:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff
Validity
Not Before: Nov 4 16:00:41 2025 GMT
Not After : Nov 5 16:00:41 2025 GMT
Subject: CN=dcdfa54c4637edb4dad73d48d3fbb05b36db7f3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:8a:eb:ac:fc:a5:3c:2b:73:4d:83:6a:80:09:
65:ee:3a:a8:57:2f:13:45:ab:dd:a3:fd:93:6a:6f:
17:6b:59:35:95:15:35:1b:2e:1a:ef:fa:1f:bd:a4:
84:1a:06:92:06:e5:24:7b:9d:b8:cb:d0:6d:97:c9:
4f:ee:86:64:bc:09:c2:96:b2:3b:29:25:29:d1:e5:
79:a0:f5:0a:38:89:a2:77:09:7b:6d:37:e8:c9:68:
b0:71:71:6d:35:dd:34:c2:cb:26:43:51:19:71:e0:
51:89:06:8c:33:0f:b1:77:f5:c8:45:56:de:f3:54:
34:c5:4c:b7:5f:0a:63:83:28:9d:b9:c0:0c:d9:14:
7f:7e:7c:85:4e:c1:d0:d1:56:3e:08:6c:b4:d8:f1:
c2:d4:c0:22:eb:07:0a:b1:03:7a:fe:22:d2:82:d8:
c8:be:31:52:b0:c6:87:8b:93:ca:98:7e:45:9d:a0:
39:8e:ee:da:b6:2d:a4:f8:76:33:ec:01:f2:c6:fc:
46:5d:a9:84:f3:6b:f1:ce:07:8a:6f:e0:e6:e8:68:
e2:2b:de:59:19:ee:c3:9a:84:96:50:ef:d2:68:2b:
83:3b:87:93:a2:4e:78:87:60:62:cc:da:cc:27:bf:
e1:47:d5:c9:7f:8d:59:93:88:0d:09:e5:19:b0:04:
93:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:DF:A5:4C:46:37:ED:B4:DA:D7:3D:48:D3:FB:B0:5B:36:DB:7F:3B
X509v3 Authority Key Identifier:
keyid:38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:ff:0a:67:70:ea:bb:37:a8:79:a0:37:a1:cf:32:f7:fc:a3:
7d:4d:b5:4c:c7:fe:c8:1c:14:e8:ce:07:3a:13:14:aa:50:26:
a9:56:32:68:c4:63:3a:5a:6a:12:ae:a3:a1:d3:db:d7:37:52:
f2:a9:90:f9:03:de:3e:67:2d:6c:e3:2f:69:57:b9:2a:18:61:
a6:55:ce:75:7c:d7:ad:f1:20:cb:3b:13:34:92:14:5a:06:06:
be:01:45:c5:79:ff:6a:4a:42:1b:9a:99:a2:2a:c5:58:ce:e3:
cc:7a:8d:b7:ad:98:7a:0b:9e:80:af:6d:04:bf:59:28:bf:5a:
fd:12:c3:7e:32:2b:e6:8f:dd:05:1d:3a:0d:17:04:8f:e4:df:
a9:52:d4:fd:6e:98:f4:3b:74:13:e8:45:3a:5a:0f:f9:fd:ac:
0b:06:59:4c:c6:33:22:a3:2e:e6:b9:1b:b9:0e:03:77:a3:97:
7b:a0:ed:c2:1e:27:e4:41:ab:a2:5b:87:58:12:73:3c:6b:01:
33:d6:fd:d9:7f:78:af:60:1d:6d:49:fd:9a:78:bc:b6:40:b5:
36:ae:65:30:dd:3a:a1:e2:e8:bd:ac:f9:7c:fb:f5:94:fd:43:
ed:e4:2c:df:bc:ed:e9:8e:83:ed:aa:27:89:3d:4e:b7:ec:7f:
62:8b:f7:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmVl68s5z4qLhFXS7QiWpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmY4NmYyZGJkMDc3NmM0ZTUxOWM5YzlhZTRmYWQwNDI2
ZjM5ZmYwHhcNMjUxMTA0MTYwMDQxWhcNMjUxMTA1MTYwMDQxWjAzMTEwLwYDVQQD
EyhkY2RmYTU0YzQ2MzdlZGI0ZGFkNzNkNDhkM2ZiYjA1YjM2ZGI3ZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IrrrPylPCtzTYNqgAll7jqoVy8T
Ravdo/2Tam8Xa1k1lRU1Gy4a7/ofvaSEGgaSBuUke524y9Btl8lP7oZkvAnClrI7
KSUp0eV5oPUKOImidwl7bTfoyWiwcXFtNd00wssmQ1EZceBRiQaMMw+xd/XIRVbe
81Q0xUy3XwpjgyiducAM2RR/fnyFTsHQ0VY+CGy02PHC1MAi6wcKsQN6/iLSgtjI
vjFSsMaHi5PKmH5FnaA5ju7ati2k+HYz7AHyxvxGXamE82vxzgeKb+Dm6GjiK95Z
Ge7DmoSWUO/SaCuDO4eTok54h2BizNrMJ7/hR9XJf41Zk4gNCeUZsASTPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNzfpUxGN+202tc9SNP7sFs22387MB8GA1UdIwQY
MBaAFDgvhvLb0HdsTlGcnJrk+tBCbzn/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2Mjgt
MjAzNTYzZjg0NWJiLzEvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2MjgtMjAzNTYzZjg0NWJi
LzEvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJv8KZ3Dq
uzeoeaA3oc8y9/yjfU21TMf+yBwU6M4HOhMUqlAmqVYyaMRjOlpqEq6jodPb1zdS
8qmQ+QPePmctbOMvaVe5KhhhplXOdXzXrfEgyzsTNJIUWgYGvgFFxXn/akpCG5qZ
oirFWM7jzHqNt62YeguegK9tBL9ZKL9a/RLDfjIr5o/dBR06DRcEj+TfqVLU/W6Y
9Dt0E+hFOloP+f2sCwZZTMYzIqMu5rkbuQ4Dd6OXe6Dtwh4n5EGroluHWBJzPGsB
M9b92X94r2AdbUn9mni8tkC1Nq5lMN06oeLovaz5fPv1lP1D7eQs37zt6Y6D7aon
iT1Ot+x/Yov30w==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:48:40 2025 by rpki-client