Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.mft
File: O_pmNv5kQKzyk7dXBaeh3K2oQgs.mft (raw, json)
Hash identifier: 6FA1qa9SQblCwXXtLR5ytA0Lv4r57Wk02Ue7tfMCsJk=
Subject key identifier: DA:C1:AA:83:8B:41:2B:98:EB:AF:20:87:52:47:FF:C8:FB:51:48:46
Authority key identifier: 3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
Certificate issuer: /CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Certificate serial: 019A4D7377D07100D9AAA4E4525B89FAE85E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.mft
Manifest number: 1714
Signing time: Tue 04 Nov 2025 06:00:04 +0000
Manifest this update: Tue 04 Nov 2025 06:00:04 +0000
Manifest next update: Wed 05 Nov 2025 06:00:04 +0000
Files and hashes: 1: 9BmVkWHqnPagXm5os2wnNWK9INk.roa (hash: 8RngoNykTFTJnIq5oyzFYRTf3TP7cyLKV5cry6M5mgE=)
2: O_pmNv5kQKzyk7dXBaeh3K2oQgs.crl (hash: 8q5nUtgshoM9KGKP8qLp31u20zWEqdM9pZFdcDMgwIo=)
3: XMfgeWsouW7zDItYh1JZ2jjj45k.roa (hash: vbzvSSJRPNTDibm8O4OpKJZcb0gn8EqIPSb4vf2O1YQ=)
4: bfaBM6FlZYXa4nbuYDgVUb-kZ3Q.roa (hash: xgsMr2NauAKQSxWJwA/kjcmJfb7a4hHGqMdZNQtzfIo=)
5: ect9rt1iTOwU4l499MLwvhBDleI.roa (hash: uzI2RBjcPd1qUaeOmN2JzrZzLgn4U0x7LpGFh6u7YtQ=)
6: k4SuTTWtdBVQ_LKZQ1KA6lDONew.roa (hash: wlxEmhfh10lsvP/Vr0aaNNA3fnG6+QPuVB7G+98rWuk=)
7: n15MEYNvv2pMvnP0JWDh9ke-rMw.roa (hash: a5c2NX6rzpDN08ss2QyMsYiZjq6GT9uV8kCAFrcH1WA=)
8: wb50_D1ewkMOUFxLDz2rdaS7yFE.roa (hash: oMtAJWBhFmyN0NJmKrxaTP7Y/Gbn/GmAXozjV5Dt6I8=)
9: xEqqXsYbNZoaeb1j-5HleNNIZTs.roa (hash: DriMeptRhAZWNYYwFItNxlYBiBVqZaoh9EMF2d4ArFA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.mft
rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:73:77:d0:71:00:d9:aa:a4:e4:52:5b:89:fa:e8:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Validity
Not Before: Nov 4 06:00:04 2025 GMT
Not After : Nov 5 06:00:04 2025 GMT
Subject: CN=dac1aa838b412b98ebaf20875247ffc8fb514846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8e:d5:89:21:04:14:2f:e1:b7:01:3f:83:45:
75:50:f3:9f:53:a4:3a:ec:f1:4b:79:69:0d:32:61:
36:69:a4:b6:13:48:bd:a9:e5:76:1f:cc:5a:40:b8:
f4:03:63:4a:40:2c:33:5d:af:46:ad:35:e4:7e:93:
12:18:1d:2c:ca:94:9a:c9:b6:50:aa:14:76:a5:5d:
d8:c8:a9:13:bb:45:7d:00:98:f3:7e:ec:e4:59:81:
70:a2:35:ed:ee:66:4c:aa:d3:ab:5d:6d:55:62:06:
96:42:8c:d9:93:eb:29:78:b2:f6:aa:cb:64:6e:c3:
cd:e7:a2:cf:23:3c:79:d1:a7:46:54:df:95:46:0c:
bf:cf:5c:73:5f:6a:cb:f4:d9:76:33:55:19:a1:d3:
0e:5e:44:5f:5b:1b:8d:a2:f6:4c:10:5c:12:8d:7a:
e4:d6:51:18:32:de:04:90:f4:3c:e2:a3:2b:aa:20:
88:00:e9:79:40:1c:6c:4e:1e:64:29:29:19:74:e1:
0a:f5:a5:65:bb:26:70:d8:40:c1:a1:28:78:d0:f4:
83:72:94:e2:44:c5:45:1e:89:be:bc:d8:87:d5:7b:
84:37:eb:12:1a:22:70:71:68:78:d5:66:50:f5:8a:
69:9c:fa:4a:d5:5e:be:da:33:ca:ba:db:79:9a:65:
c0:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C1:AA:83:8B:41:2B:98:EB:AF:20:87:52:47:FF:C8:FB:51:48:46
X509v3 Authority Key Identifier:
keyid:3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:ec:a4:86:6a:64:b5:7c:8f:c9:ab:50:c6:b5:31:68:f1:a2:
04:f2:5f:7c:d4:a3:32:6f:16:d1:3d:63:49:f6:e9:bb:fd:95:
00:ae:b8:da:63:e5:54:e0:b8:ae:06:29:2c:d5:73:97:f2:ed:
00:3c:37:17:42:fb:44:d5:f7:52:59:c3:32:95:e7:72:92:eb:
ff:63:db:b4:a6:25:aa:b7:89:1b:cf:4b:dc:88:cd:89:5a:6b:
3c:91:c7:e3:5c:cc:73:26:c0:c4:6f:db:a0:69:1c:f6:6d:92:
f9:06:18:37:1a:ed:c3:5c:28:87:f7:2f:c2:ed:1b:db:dc:c2:
0c:d3:83:55:a8:27:33:99:40:46:f8:95:dc:2f:0a:dd:66:47:
f3:f5:1e:a6:44:d9:1f:f5:7d:8d:0b:bf:6b:a5:50:6e:46:0f:
6b:5d:af:21:ed:25:33:f6:f3:a5:24:07:10:b2:a5:7f:aa:c2:
d8:07:c7:2d:9a:a1:ed:65:68:89:0b:a0:5a:9f:24:85:4d:84:
94:f0:8e:89:67:43:0f:67:d3:4f:40:1b:ca:fb:0b:3d:ae:76:
18:19:ec:e0:dc:a4:35:69:f9:93:82:82:8d:12:8d:d2:63:12:
ad:09:10:b0:bf:de:78:6b:cd:21:73:46:88:00:16:f4:7e:a8:
4a:83:8c:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc3fQcQDZqqTkUluJ+uheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmE2NjM2ZmU2NDQwYWNmMjkzYjc1NzA1YTdhMWRjYWRh
ODQyMGIwHhcNMjUxMTA0MDYwMDA0WhcNMjUxMTA1MDYwMDA0WjAzMTEwLwYDVQQD
EyhkYWMxYWE4MzhiNDEyYjk4ZWJhZjIwODc1MjQ3ZmZjOGZiNTE0ODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsI7ViSEEFC/htwE/g0V1UPOfU6Q6
7PFLeWkNMmE2aaS2E0i9qeV2H8xaQLj0A2NKQCwzXa9GrTXkfpMSGB0sypSaybZQ
qhR2pV3YyKkTu0V9AJjzfuzkWYFwojXt7mZMqtOrXW1VYgaWQozZk+speLL2qstk
bsPN56LPIzx50adGVN+VRgy/z1xzX2rL9Nl2M1UZodMOXkRfWxuNovZMEFwSjXrk
1lEYMt4EkPQ84qMrqiCIAOl5QBxsTh5kKSkZdOEK9aVluyZw2EDBoSh40PSDcpTi
RMVFHom+vNiH1XuEN+sSGiJwcWh41WZQ9YppnPpK1V6+2jPKutt5mmXAewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNrBqoOLQSuY668gh1JH/8j7UUhGMB8GA1UdIwQY
MBaAFDv6Zjb+ZECs8pO3VwWnodytqEILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEt
OTJlYzUxNWM1OTVhLzEvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEtOTJlYzUxNWM1OTVh
LzEvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKOykhmpk
tXyPyatQxrUxaPGiBPJffNSjMm8W0T1jSfbpu/2VAK642mPlVOC4rgYpLNVzl/Lt
ADw3F0L7RNX3UlnDMpXncpLr/2PbtKYlqreJG89L3IjNiVprPJHH41zMcybAxG/b
oGkc9m2S+QYYNxrtw1woh/cvwu0b29zCDNODVagnM5lARviV3C8K3WZH8/UepkTZ
H/V9jQu/a6VQbkYPa12vIe0lM/bzpSQHELKlf6rC2AfHLZqh7WVoiQugWp8khU2E
lPCOiWdDD2fTT0AbyvsLPa52GBns4NykNWn5k4KCjRKN0mMSrQkQsL/eeGvNIXNG
iAAW9H6oSoOMqA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:57:16 2025 by rpki-client