Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/7cabe0-6d84-47a7-acec-c7cad5020eef/1/oZ_WM6TT0hDez321fRIrZIuY7SU.mft
File: oZ_WM6TT0hDez321fRIrZIuY7SU.mft (raw, json)
Hash identifier: nM7kAioX3dFYeCJiBYirYHuEF14IzS4IJHmuMslIPW0=
Subject key identifier: 57:98:85:83:A3:BB:14:F3:B0:37:46:63:7D:7E:C1:F5:F5:79:71:1B
Authority key identifier: A1:9F:D6:33:A4:D3:D2:10:DE:CF:7D:B5:7D:12:2B:64:8B:98:ED:25
Certificate issuer: /CN=a19fd633a4d3d210decf7db57d122b648b98ed25
Certificate serial: 019A51506C317D0984B0F1CB532CAAAF66DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oZ_WM6TT0hDez321fRIrZIuY7SU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/7cabe0-6d84-47a7-acec-c7cad5020eef/1/oZ_WM6TT0hDez321fRIrZIuY7SU.mft
Manifest number: 0317
Signing time: Wed 05 Nov 2025 00:00:16 +0000
Manifest this update: Wed 05 Nov 2025 00:00:16 +0000
Manifest next update: Thu 06 Nov 2025 00:00:16 +0000
Files and hashes: 1: miHlM9LoOvhYbZQONUYiQ010Y0Y.roa (hash: lxFbzya4PF93jTfC+wdGWG8lRjQOoMqPwgxmgMabAZw=)
2: oZ_WM6TT0hDez321fRIrZIuY7SU.crl (hash: twZVMcajkL3abWTjpxRUkZDbVV6+Ov7lGswQUUlsfvw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/7cabe0-6d84-47a7-acec-c7cad5020eef/1/oZ_WM6TT0hDez321fRIrZIuY7SU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/7cabe0-6d84-47a7-acec-c7cad5020eef/1/oZ_WM6TT0hDez321fRIrZIuY7SU.mft
rsync://rpki.ripe.net/repository/DEFAULT/oZ_WM6TT0hDez321fRIrZIuY7SU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:50:6c:31:7d:09:84:b0:f1:cb:53:2c:aa:af:66:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a19fd633a4d3d210decf7db57d122b648b98ed25
Validity
Not Before: Nov 5 00:00:16 2025 GMT
Not After : Nov 6 00:00:16 2025 GMT
Subject: CN=57988583a3bb14f3b03746637d7ec1f5f579711b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e3:cd:17:3d:b7:60:72:1c:48:b8:95:86:1f:
63:a2:ba:a1:0b:39:5c:a8:14:d4:04:b0:ee:67:d1:
ca:f5:13:5c:f3:e4:5a:11:9e:4d:bd:e4:41:e7:25:
e6:26:44:f3:93:a5:82:cb:07:45:a7:62:32:54:dd:
72:ac:74:41:48:9e:b2:73:64:23:5c:1a:ab:0d:fb:
97:3e:fc:93:fe:fd:bd:83:ba:ef:2a:2c:a9:8f:0e:
3f:17:a3:ff:ef:d7:e1:64:65:0e:4c:3f:e2:cf:de:
17:c2:5d:df:22:67:ba:f3:e0:83:5a:a6:ad:c2:a4:
85:5e:1e:c4:e4:1f:20:82:08:a7:af:a3:a3:27:98:
3b:b7:3e:7e:a5:9b:8e:7c:f3:ed:f0:10:a4:d8:66:
e6:3a:8f:64:fc:74:a4:8f:a8:6f:cc:ca:55:24:7c:
ec:61:5e:bf:3e:70:42:18:f4:ca:74:8d:e8:e8:d2:
2d:1e:dd:eb:95:73:ef:ad:5a:75:b9:6b:af:d3:92:
78:88:59:7d:ea:11:7d:0d:63:ac:03:f7:81:93:12:
5b:7d:01:43:f3:04:c8:b3:67:89:08:47:1c:fc:54:
6f:06:62:6d:26:40:af:14:db:a3:bb:64:4e:0a:4b:
07:b4:8e:c2:b3:b1:a0:df:bd:79:19:cc:b7:43:fd:
2e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:98:85:83:A3:BB:14:F3:B0:37:46:63:7D:7E:C1:F5:F5:79:71:1B
X509v3 Authority Key Identifier:
keyid:A1:9F:D6:33:A4:D3:D2:10:DE:CF:7D:B5:7D:12:2B:64:8B:98:ED:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oZ_WM6TT0hDez321fRIrZIuY7SU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/7cabe0-6d84-47a7-acec-c7cad5020eef/1/oZ_WM6TT0hDez321fRIrZIuY7SU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/7cabe0-6d84-47a7-acec-c7cad5020eef/1/oZ_WM6TT0hDez321fRIrZIuY7SU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:de:31:50:63:60:4c:19:d1:fc:b8:4e:c0:6f:9a:02:72:03:
16:78:61:80:44:2c:09:56:fe:f8:55:28:c0:d7:b6:e6:08:fd:
0a:58:3c:a8:4c:93:9c:ad:1a:d2:70:82:e6:c7:d1:ac:f2:05:
1f:2e:b5:4b:9b:76:3d:70:5f:67:95:41:96:47:4e:50:00:44:
d2:0e:87:a3:64:03:7b:73:3e:aa:e6:88:3b:e3:d5:7e:fa:b0:
c0:a2:4c:70:06:dc:3c:41:9a:f1:54:a7:a0:a2:b0:17:6f:68:
bf:df:c1:78:12:e4:83:a4:8f:3e:88:2a:2f:b5:65:3c:e5:64:
b9:4a:27:5a:2c:c9:e4:d3:d6:9e:63:c8:d5:d1:c4:d2:56:ae:
0b:fe:46:03:12:0d:c9:72:0b:11:f5:e7:0c:a0:cb:1e:54:10:
9b:e0:7c:88:74:14:07:1d:e2:21:d2:6d:79:0e:ef:69:a6:1a:
8f:f1:41:d9:77:ae:5a:20:3a:14:e3:c4:4d:e8:94:b3:69:2a:
ad:2e:a4:37:a2:a7:b8:3c:c1:f3:63:ee:58:65:71:b0:7c:7b:
33:bf:d8:4b:61:5d:42:c5:89:93:69:ca:a9:29:7a:a8:bd:b0:
ed:86:75:ed:dd:3a:db:85:63:e5:20:57:c3:a4:8f:5f:92:c3:
8a:8b:c5:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUGwxfQmEsPHLUyyqr2baMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExOWZkNjMzYTRkM2QyMTBkZWNmN2RiNTdkMTIyYjY0OGI5
OGVkMjUwHhcNMjUxMTA1MDAwMDE2WhcNMjUxMTA2MDAwMDE2WjAzMTEwLwYDVQQD
Eyg1Nzk4ODU4M2EzYmIxNGYzYjAzNzQ2NjM3ZDdlYzFmNWY1Nzk3MTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ePNFz23YHIcSLiVhh9jorqhCzlc
qBTUBLDuZ9HK9RNc8+RaEZ5NveRB5yXmJkTzk6WCywdFp2IyVN1yrHRBSJ6yc2Qj
XBqrDfuXPvyT/v29g7rvKiypjw4/F6P/79fhZGUOTD/iz94Xwl3fIme68+CDWqat
wqSFXh7E5B8ggginr6OjJ5g7tz5+pZuOfPPt8BCk2GbmOo9k/HSkj6hvzMpVJHzs
YV6/PnBCGPTKdI3o6NItHt3rlXPvrVp1uWuv05J4iFl96hF9DWOsA/eBkxJbfQFD
8wTIs2eJCEcc/FRvBmJtJkCvFNuju2ROCksHtI7Cs7Gg3715Gcy3Q/0uCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFeYhYOjuxTzsDdGY31+wfX1eXEbMB8GA1UdIwQY
MBaAFKGf1jOk09IQ3s99tX0SK2SLmO0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1pfV002VFQwaERlejMyMWZSSXJaSXVZN1NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83Y2FiZTAtNmQ4NC00N2E3LWFjZWMt
YzdjYWQ1MDIwZWVmLzEvb1pfV002VFQwaERlejMyMWZSSXJaSXVZN1NVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83Y2FiZTAtNmQ4NC00N2E3LWFjZWMtYzdjYWQ1MDIwZWVm
LzEvb1pfV002VFQwaERlejMyMWZSSXJaSXVZN1NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQN4xUGNg
TBnR/LhOwG+aAnIDFnhhgEQsCVb++FUowNe25gj9Clg8qEyTnK0a0nCC5sfRrPIF
Hy61S5t2PXBfZ5VBlkdOUABE0g6Ho2QDe3M+quaIO+PVfvqwwKJMcAbcPEGa8VSn
oKKwF29ov9/BeBLkg6SPPogqL7VlPOVkuUonWizJ5NPWnmPI1dHE0lauC/5GAxIN
yXILEfXnDKDLHlQQm+B8iHQUBx3iIdJteQ7vaaYaj/FB2XeuWiA6FOPETeiUs2kq
rS6kN6KnuDzB82PuWGVxsHx7M7/YS2FdQsWJk2nKqSl6qL2w7YZ17d0624Vj5SBX
w6SPX5LDiovFwQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:43:35 2025 by rpki-client