Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
File: otP5vJZWutwm594auw-nLD1yjdg.mft (raw, json)
Hash identifier: d1RWtKXwU7eQTZbGLjws7aeyvq4iTld4XBb+Sk1zLEs=
Subject key identifier: DB:5E:93:75:00:C0:89:18:87:D5:58:78:56:D7:FD:C1:74:A4:93:B0
Authority key identifier: A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
Certificate issuer: /CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Certificate serial: 019A4F62C268E728C5D3AE34548C92009705
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
Manifest number: 0372
Signing time: Tue 04 Nov 2025 15:01:03 +0000
Manifest this update: Tue 04 Nov 2025 15:01:03 +0000
Manifest next update: Wed 05 Nov 2025 15:01:03 +0000
Files and hashes: 1: otP5vJZWutwm594auw-nLD1yjdg.crl (hash: sq2q6Pz5u97tDdpCBL32WqRkyyptMfH83SvHG5inETk=)
2: yntKueGdh_gRYfTjbFRGz4s6BD8.roa (hash: 8wVmYZSgIm0dCsPvd2oqoO7MS+FukiT5t5Ke1EaX2FA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:62:c2:68:e7:28:c5:d3:ae:34:54:8c:92:00:97:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Validity
Not Before: Nov 4 15:01:03 2025 GMT
Not After : Nov 5 15:01:03 2025 GMT
Subject: CN=db5e937500c0891887d5587856d7fdc174a493b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0f:da:2c:75:17:b9:1e:87:ee:33:8a:27:34:
27:fb:16:91:c2:14:1a:90:78:4e:7c:f9:5c:a5:70:
23:b7:91:50:90:a5:b5:84:ba:e1:46:66:bf:a7:66:
ea:ca:9d:95:d9:b1:71:e2:38:1b:92:49:0c:29:59:
fd:ed:48:90:b1:c5:f7:d9:fc:2f:68:7d:45:ac:5e:
ab:71:e9:9a:b1:83:5f:de:61:db:30:68:3e:7c:d9:
6f:22:18:02:44:cf:43:1a:99:80:0e:5e:d2:56:94:
b2:64:b0:81:fe:7f:ef:6b:3c:85:bd:f3:f1:c6:3c:
38:52:93:e9:52:00:de:0f:a1:b1:6f:0b:8e:6b:aa:
42:31:2a:e9:2a:ac:ac:3f:03:7a:46:2a:a5:61:a4:
0f:fd:20:92:b7:14:8d:c7:64:1b:cd:c8:3f:b1:a6:
74:6a:5b:d1:41:21:bf:2e:29:a8:0b:7a:cb:90:11:
52:7c:d2:bb:a8:51:b6:73:86:e2:30:05:da:43:75:
5b:c4:44:a0:9d:1d:f8:1b:50:8a:ce:b3:6a:27:40:
9a:16:66:b7:6d:77:5d:5a:63:49:06:39:3c:63:06:
83:ac:78:7b:74:e3:e6:f9:1b:18:b9:66:69:e0:61:
0f:52:3b:f5:2c:aa:62:4b:c4:ac:54:f1:c2:56:3f:
75:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:5E:93:75:00:C0:89:18:87:D5:58:78:56:D7:FD:C1:74:A4:93:B0
X509v3 Authority Key Identifier:
keyid:A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:7e:e9:c9:9d:c6:98:0e:62:fe:59:91:6d:e2:43:ed:3b:39:
cb:a2:0f:93:b0:9b:a8:97:b7:f4:ff:86:6f:d9:4b:ea:2a:dd:
f0:9b:b9:95:89:35:0f:9f:fc:31:73:1a:4c:62:db:13:1b:a0:
13:c9:a1:b8:e5:9c:3f:4f:3f:a9:29:fd:61:61:a4:c6:58:7e:
e5:cf:db:cb:0a:bc:08:38:75:3b:df:2b:43:56:ed:bd:48:e5:
36:a5:c0:43:a6:17:f5:3c:13:fe:b6:9b:86:f3:e9:86:e9:3a:
c2:81:cd:b7:1e:5c:11:7a:e6:6f:78:4f:13:33:13:36:ad:02:
0e:3f:fe:11:46:db:31:3e:4e:3c:2a:a7:f3:ef:cf:ac:34:45:
ab:fb:80:20:e4:85:12:c8:64:23:93:13:4b:8a:50:af:5b:1f:
df:66:f7:5d:3c:71:27:a1:6c:a1:a8:40:86:f1:0f:fd:7f:c0:
1f:b9:b4:88:e6:da:67:70:6d:14:83:15:97:3f:8e:0b:04:79:
c3:7d:44:ec:92:81:c6:89:41:4d:7d:bd:1f:6c:32:51:02:6b:
92:90:d0:dd:82:9d:94:33:bf:d2:67:b7:55:bb:ad:27:31:cf:
b3:38:87:a4:b5:34:a3:41:73:be:c7:a7:05:01:8f:f9:67:cd:
c6:f4:57:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYsJo5yjF0640VIySAJcFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDNmOWJjOTY1NmJhZGMyNmU3ZGUxYWJiMGZhNzJjM2Q3
MjhkZDgwHhcNMjUxMTA0MTUwMTAzWhcNMjUxMTA1MTUwMTAzWjAzMTEwLwYDVQQD
EyhkYjVlOTM3NTAwYzA4OTE4ODdkNTU4Nzg1NmQ3ZmRjMTc0YTQ5M2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQ/aLHUXuR6H7jOKJzQn+xaRwhQa
kHhOfPlcpXAjt5FQkKW1hLrhRma/p2bqyp2V2bFx4jgbkkkMKVn97UiQscX32fwv
aH1FrF6rcemasYNf3mHbMGg+fNlvIhgCRM9DGpmADl7SVpSyZLCB/n/vazyFvfPx
xjw4UpPpUgDeD6GxbwuOa6pCMSrpKqysPwN6RiqlYaQP/SCStxSNx2Qbzcg/saZ0
alvRQSG/LimoC3rLkBFSfNK7qFG2c4biMAXaQ3VbxESgnR34G1CKzrNqJ0CaFma3
bXddWmNJBjk8YwaDrHh7dOPm+RsYuWZp4GEPUjv1LKpiS8SsVPHCVj91vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNtek3UAwIkYh9VYeFbX/cF0pJOwMB8GA1UdIwQY
MBaAFKLT+byWVrrcJufeGrsPpyw9co3YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYt
ZDcxMWU4NGMyOWExLzEvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYtZDcxMWU4NGMyOWEx
LzEvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjX7pyZ3G
mA5i/lmRbeJD7Ts5y6IPk7CbqJe39P+Gb9lL6ird8Ju5lYk1D5/8MXMaTGLbExug
E8mhuOWcP08/qSn9YWGkxlh+5c/bywq8CDh1O98rQ1btvUjlNqXAQ6YX9TwT/rab
hvPphuk6woHNtx5cEXrmb3hPEzMTNq0CDj/+EUbbMT5OPCqn8+/PrDRFq/uAIOSF
EshkI5MTS4pQr1sf32b3XTxxJ6FsoahAhvEP/X/AH7m0iObaZ3BtFIMVlz+OCwR5
w31E7JKBxolBTX29H2wyUQJrkpDQ3YKdlDO/0me3VbutJzHPsziHpLU0o0Fzvsen
BQGP+WfNxvRXyg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:37:44 2025 by rpki-client