Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/O1RMoOK-GOn9dOKBMkowsOotHVI.mft
File: O1RMoOK-GOn9dOKBMkowsOotHVI.mft (raw, json)
Hash identifier: gBtMjhf6RLLaFObuCuVUKb1SzbAWrRGnIyqdl89Sn7Q=
Subject key identifier: 26:29:8A:85:0C:EF:B1:1E:2F:9F:A7:F4:1C:05:40:2F:BC:2B:D7:27
Authority key identifier: 3B:54:4C:A0:E2:BE:18:E9:FD:74:E2:81:32:4A:30:B0:EA:2D:1D:52
Certificate issuer: /CN=3b544ca0e2be18e9fd74e281324a30b0ea2d1d52
Certificate serial: 019A4EF561FB24BB67EE2D4F2059D569B5EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O1RMoOK-GOn9dOKBMkowsOotHVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/O1RMoOK-GOn9dOKBMkowsOotHVI.mft
Manifest number: 0DB2
Signing time: Tue 04 Nov 2025 13:01:35 +0000
Manifest this update: Tue 04 Nov 2025 13:01:35 +0000
Manifest next update: Wed 05 Nov 2025 13:01:35 +0000
Files and hashes: 1: MdL7TM_8FI4FSNKpOGmHEkxh3Ic.roa (hash: kNSd9iF0Y8DMXrvxWEyFS2FyQT8gup1m11Nuuk6HbNM=)
2: O1RMoOK-GOn9dOKBMkowsOotHVI.crl (hash: QFry7HuykcvoOH9hXh9BTn1Ofac9Z1R9Ge3pN5q/d+M=)
3: cwI21tJzYqOr9HSPPCz6L9ZgwVI.roa (hash: XU/ushJjB+n9xmj9cQdOxUY6BAOcpjTXGMQ5mCVCcNA=)
4: nKxYgxU46C1nM-kLwKHXoqpeCuk.roa (hash: acmNPfWY5Vqfewon1zfQxYgK/f0iZyi1LFngzxJT1rE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/O1RMoOK-GOn9dOKBMkowsOotHVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/O1RMoOK-GOn9dOKBMkowsOotHVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/O1RMoOK-GOn9dOKBMkowsOotHVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 13:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:61:fb:24:bb:67:ee:2d:4f:20:59:d5:69:b5:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b544ca0e2be18e9fd74e281324a30b0ea2d1d52
Validity
Not Before: Nov 4 13:01:35 2025 GMT
Not After : Nov 5 13:01:35 2025 GMT
Subject: CN=26298a850cefb11e2f9fa7f41c05402fbc2bd727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:71:45:af:19:53:a8:a1:49:6b:02:0d:15:70:
92:59:6a:c5:55:27:86:f8:34:4c:43:5e:fe:a7:6e:
65:17:52:15:c9:76:8e:d5:5d:69:50:47:e2:2e:dd:
55:f1:76:cd:b2:0e:75:44:c3:2e:c4:3b:1b:ea:2a:
df:a0:96:42:81:bf:cd:06:8b:59:64:da:75:9d:09:
f2:ec:30:95:a0:d7:02:f8:f2:d3:28:25:81:53:3b:
e8:be:72:22:86:dc:58:04:10:85:5c:15:7c:2a:1a:
98:7b:81:6b:47:e6:d3:8d:5e:c9:52:bb:0f:23:4b:
65:3c:10:d3:05:78:ab:a6:1c:76:4d:9b:e5:e0:85:
a5:dc:0c:da:be:1e:2a:a4:67:f0:81:c5:52:ec:18:
6b:5e:60:13:c7:f8:8c:98:00:22:91:8f:db:64:5d:
ff:a5:ed:33:93:da:c4:18:65:54:17:ac:d0:c3:e4:
e2:54:11:e7:c5:ea:0f:74:c1:c1:92:49:0d:25:bd:
2a:d2:d7:96:b4:c0:2d:62:0d:96:e1:6f:68:f9:d0:
66:aa:ea:07:07:a5:04:79:c3:69:75:53:9c:63:e2:
d3:06:78:50:63:7e:e0:9b:17:cd:49:0d:bb:de:9f:
08:96:84:d6:ec:ab:e2:75:95:cd:08:f4:ad:3e:97:
e8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:29:8A:85:0C:EF:B1:1E:2F:9F:A7:F4:1C:05:40:2F:BC:2B:D7:27
X509v3 Authority Key Identifier:
keyid:3B:54:4C:A0:E2:BE:18:E9:FD:74:E2:81:32:4A:30:B0:EA:2D:1D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1RMoOK-GOn9dOKBMkowsOotHVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/O1RMoOK-GOn9dOKBMkowsOotHVI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/O1RMoOK-GOn9dOKBMkowsOotHVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:24:97:00:71:f3:7e:4b:09:44:44:f4:6e:22:f0:89:00:d2:
bf:04:a1:40:cb:a4:82:7f:69:0d:a4:83:15:da:91:7a:7a:0b:
5c:53:27:09:b8:52:de:81:22:c4:88:8c:2b:28:c2:6b:8c:9f:
ca:e3:b1:23:6b:da:1a:de:8d:4c:b7:9d:a1:e2:98:a1:02:62:
91:3e:28:f0:73:a6:31:97:be:92:a2:92:f6:d8:4d:ae:59:9f:
5a:83:ad:47:9f:10:45:30:c1:60:14:07:6e:0d:fc:e8:d4:ca:
7f:71:ba:80:6d:fa:b1:d0:a9:f1:a0:58:46:fc:8f:92:1a:b0:
87:06:af:e7:91:39:62:c1:13:26:ba:ee:58:aa:c6:33:a6:94:
e1:19:b7:0e:12:f9:5b:95:c0:da:e0:63:4b:64:57:8f:9f:49:
86:e9:33:ef:2c:c9:4b:a4:b5:f0:1f:08:4b:93:58:53:1d:9e:
39:9f:9a:0f:9d:bc:b4:5e:64:5b:98:c6:8d:8b:2a:69:94:97:
34:f2:2f:4c:a6:28:38:bb:35:6f:a3:97:14:1e:93:fa:0b:d5:
83:98:ee:59:f1:23:70:bd:0b:41:a2:25:4c:c3:04:c6:66:a0:
e2:95:d2:69:7e:24:f3:90:79:ce:5f:03:33:e5:fe:57:28:e7:
14:85:99:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9WH7JLtn7i1PIFnVabXuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTQ0Y2EwZTJiZTE4ZTlmZDc0ZTI4MTMyNGEzMGIwZWEy
ZDFkNTIwHhcNMjUxMTA0MTMwMTM1WhcNMjUxMTA1MTMwMTM1WjAzMTEwLwYDVQQD
EygyNjI5OGE4NTBjZWZiMTFlMmY5ZmE3ZjQxYzA1NDAyZmJjMmJkNzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4HFFrxlTqKFJawINFXCSWWrFVSeG
+DRMQ17+p25lF1IVyXaO1V1pUEfiLt1V8XbNsg51RMMuxDsb6irfoJZCgb/NBotZ
ZNp1nQny7DCVoNcC+PLTKCWBUzvovnIihtxYBBCFXBV8KhqYe4FrR+bTjV7JUrsP
I0tlPBDTBXirphx2TZvl4IWl3Azavh4qpGfwgcVS7BhrXmATx/iMmAAikY/bZF3/
pe0zk9rEGGVUF6zQw+TiVBHnxeoPdMHBkkkNJb0q0teWtMAtYg2W4W9o+dBmquoH
B6UEecNpdVOcY+LTBnhQY37gmxfNSQ273p8IloTW7KvidZXNCPStPpfocwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCYpioUM77EeL5+n9BwFQC+8K9cnMB8GA1UdIwQY
MBaAFDtUTKDivhjp/XTigTJKMLDqLR1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFSTW9PSy1HT245ZE9LQk1rb3dzT290SFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zMDMwYmItNDJjMi00ZTNjLTg1OWEt
ODc2YTlkNzYyOWY2LzEvTzFSTW9PSy1HT245ZE9LQk1rb3dzT290SFZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zMDMwYmItNDJjMi00ZTNjLTg1OWEtODc2YTlkNzYyOWY2
LzEvTzFSTW9PSy1HT245ZE9LQk1rb3dzT290SFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMiSXAHHz
fksJRET0biLwiQDSvwShQMukgn9pDaSDFdqRenoLXFMnCbhS3oEixIiMKyjCa4yf
yuOxI2vaGt6NTLedoeKYoQJikT4o8HOmMZe+kqKS9thNrlmfWoOtR58QRTDBYBQH
bg386NTKf3G6gG36sdCp8aBYRvyPkhqwhwav55E5YsETJrruWKrGM6aU4Rm3DhL5
W5XA2uBjS2RXj59Jhukz7yzJS6S18B8IS5NYUx2eOZ+aD528tF5kW5jGjYsqaZSX
NPIvTKYoOLs1b6OXFB6T+gvVg5juWfEjcL0LQaIlTMMExmag4pXSaX4k85B5zl8D
M+X+VyjnFIWZMQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:38:16 2025 by rpki-client