Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/f9e257-0162-4def-96ad-dec9796f6223/1/o2iDBf7VyZdgrsfIlMa6IeTq1nU.mft
File: o2iDBf7VyZdgrsfIlMa6IeTq1nU.mft (raw, json)
Hash identifier: hRs66OEDtlB4DhiD+MZ13gSoX9/aE1s6/dUyE6ut3K4=
Subject key identifier: 97:C7:3B:38:72:C5:66:D1:AE:21:CB:C4:B5:4E:BE:1F:EA:4A:1B:50
Authority key identifier: A3:68:83:05:FE:D5:C9:97:60:AE:C7:C8:94:C6:BA:21:E4:EA:D6:75
Certificate issuer: /CN=a3688305fed5c99760aec7c894c6ba21e4ead675
Certificate serial: 019A533EE6CA81D3F68CC64CD5CF94347533
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2iDBf7VyZdgrsfIlMa6IeTq1nU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/f9e257-0162-4def-96ad-dec9796f6223/1/o2iDBf7VyZdgrsfIlMa6IeTq1nU.mft
Manifest number: 120F
Signing time: Wed 05 Nov 2025 09:00:22 +0000
Manifest this update: Wed 05 Nov 2025 09:00:22 +0000
Manifest next update: Thu 06 Nov 2025 09:00:22 +0000
Files and hashes: 1: 29zZRujAn8DGdUDp5utUkmVO-uo.roa (hash: pdGXIGI1eFN6x7W6e3AuHm1Q9j3iH8yigptYTm3P3QA=)
2: o2iDBf7VyZdgrsfIlMa6IeTq1nU.crl (hash: v+2hVhzk2ZNze5ACynrM8dSAvGxN2hjPmA/eyOMPvzc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/f9e257-0162-4def-96ad-dec9796f6223/1/o2iDBf7VyZdgrsfIlMa6IeTq1nU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/f9e257-0162-4def-96ad-dec9796f6223/1/o2iDBf7VyZdgrsfIlMa6IeTq1nU.mft
rsync://rpki.ripe.net/repository/DEFAULT/o2iDBf7VyZdgrsfIlMa6IeTq1nU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:3e:e6:ca:81:d3:f6:8c:c6:4c:d5:cf:94:34:75:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3688305fed5c99760aec7c894c6ba21e4ead675
Validity
Not Before: Nov 5 09:00:22 2025 GMT
Not After : Nov 6 09:00:22 2025 GMT
Subject: CN=97c73b3872c566d1ae21cbc4b54ebe1fea4a1b50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c1:b3:3e:30:7a:f1:de:0e:35:07:f2:96:52:
4d:16:e8:a9:78:73:fd:4a:00:40:f4:ba:21:b0:e9:
af:0d:f8:6a:e8:56:8d:1d:ca:a3:fc:ea:cc:4a:1e:
ab:7d:8f:19:f5:01:af:79:59:89:83:4c:a5:06:ed:
da:ac:2e:f1:73:56:37:90:9d:d8:31:76:ce:f1:5a:
99:18:ee:cc:a3:46:c0:c9:21:81:a6:c0:31:42:75:
f6:98:49:6a:b7:04:8a:36:2c:3a:c9:06:8f:3f:2a:
10:42:b3:27:f1:34:59:96:9a:71:86:2e:38:db:1c:
c7:6f:bf:0b:6e:1e:c3:65:71:f8:da:73:3c:ef:ea:
1f:e1:60:65:3b:74:04:f6:b3:25:01:59:69:5f:5a:
d6:40:c1:aa:3f:f0:3c:44:76:2b:48:0c:5a:5f:a2:
06:d1:f2:16:d8:40:52:50:94:e0:0e:72:34:63:8f:
d8:98:e5:7b:1e:4d:7c:37:2a:b6:d0:da:4b:2a:34:
44:23:96:36:ce:41:12:3f:99:ae:18:18:5b:43:84:
fc:e3:46:72:b7:b7:d8:42:e1:ec:15:05:e5:d0:64:
bd:5d:b5:3a:13:4b:19:00:70:76:03:18:f9:25:49:
94:e7:83:93:7a:d7:f3:b4:f7:43:48:32:be:95:9c:
74:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C7:3B:38:72:C5:66:D1:AE:21:CB:C4:B5:4E:BE:1F:EA:4A:1B:50
X509v3 Authority Key Identifier:
keyid:A3:68:83:05:FE:D5:C9:97:60:AE:C7:C8:94:C6:BA:21:E4:EA:D6:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2iDBf7VyZdgrsfIlMa6IeTq1nU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/f9e257-0162-4def-96ad-dec9796f6223/1/o2iDBf7VyZdgrsfIlMa6IeTq1nU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/f9e257-0162-4def-96ad-dec9796f6223/1/o2iDBf7VyZdgrsfIlMa6IeTq1nU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:d8:ee:19:da:bb:c5:40:fa:46:92:03:38:16:bc:92:95:3d:
99:d6:93:30:80:10:21:13:31:30:22:e1:1f:48:36:d8:f1:c1:
50:ee:be:1d:56:78:b2:fb:91:ca:d7:3c:76:82:4c:ea:b6:1c:
6c:66:5e:1a:78:23:a6:48:ba:04:99:a0:30:93:4e:91:2a:ef:
52:bd:3a:96:d5:de:bd:af:75:22:53:95:54:ac:86:b2:e8:21:
d1:2f:5d:a2:03:49:42:ad:c4:40:8a:df:30:95:bc:d3:fc:25:
7d:76:ef:ca:2b:12:55:4b:b3:10:52:10:89:08:db:3e:03:cf:
6c:c6:fa:ef:fb:49:29:d6:31:86:b5:39:87:80:50:e4:d8:49:
52:4b:af:e5:f7:73:22:b6:aa:f0:78:f7:ed:95:8d:ba:20:70:
69:12:c9:82:95:e7:79:b4:97:5e:e2:62:94:68:f8:21:1f:c6:
31:93:ed:50:19:b9:0c:0f:74:01:13:f9:13:7b:dd:1c:d6:4a:
bf:3c:5b:8c:5b:d9:df:27:91:08:fc:49:53:19:94:80:62:52:
a9:68:82:8b:99:7c:d0:e5:5e:8a:26:15:b4:d7:54:7e:e6:c5:
f8:42:dd:c5:cf:43:7a:2a:0b:a5:54:bd:17:f6:aa:f4:3f:c1:
b5:36:c0:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTPubKgdP2jMZM1c+UNHUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjg4MzA1ZmVkNWM5OTc2MGFlYzdjODk0YzZiYTIxZTRl
YWQ2NzUwHhcNMjUxMTA1MDkwMDIyWhcNMjUxMTA2MDkwMDIyWjAzMTEwLwYDVQQD
Eyg5N2M3M2IzODcyYzU2NmQxYWUyMWNiYzRiNTRlYmUxZmVhNGExYjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMGzPjB68d4ONQfyllJNFuipeHP9
SgBA9LohsOmvDfhq6FaNHcqj/OrMSh6rfY8Z9QGveVmJg0ylBu3arC7xc1Y3kJ3Y
MXbO8VqZGO7Mo0bAySGBpsAxQnX2mElqtwSKNiw6yQaPPyoQQrMn8TRZlppxhi44
2xzHb78Lbh7DZXH42nM87+of4WBlO3QE9rMlAVlpX1rWQMGqP/A8RHYrSAxaX6IG
0fIW2EBSUJTgDnI0Y4/YmOV7Hk18Nyq20NpLKjREI5Y2zkESP5muGBhbQ4T840Zy
t7fYQuHsFQXl0GS9XbU6E0sZAHB2Axj5JUmU54OTetfztPdDSDK+lZx0yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJfHOzhyxWbRriHLxLVOvh/qShtQMB8GA1UdIwQY
MBaAFKNogwX+1cmXYK7HyJTGuiHk6tZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJpREJmN1Z5WmRncnNmSWxNYTZJZVRxMW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9mOWUyNTctMDE2Mi00ZGVmLTk2YWQt
ZGVjOTc5NmY2MjIzLzEvbzJpREJmN1Z5WmRncnNmSWxNYTZJZVRxMW5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9mOWUyNTctMDE2Mi00ZGVmLTk2YWQtZGVjOTc5NmY2MjIz
LzEvbzJpREJmN1Z5WmRncnNmSWxNYTZJZVRxMW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVtjuGdq7
xUD6RpIDOBa8kpU9mdaTMIAQIRMxMCLhH0g22PHBUO6+HVZ4svuRytc8doJM6rYc
bGZeGngjpki6BJmgMJNOkSrvUr06ltXeva91IlOVVKyGsugh0S9dogNJQq3EQIrf
MJW80/wlfXbvyisSVUuzEFIQiQjbPgPPbMb67/tJKdYxhrU5h4BQ5NhJUkuv5fdz
Iraq8Hj37ZWNuiBwaRLJgpXnebSXXuJilGj4IR/GMZPtUBm5DA90ARP5E3vdHNZK
vzxbjFvZ3yeRCPxJUxmUgGJSqWiCi5l80OVeiiYVtNdUfubF+ELdxc9DeioLpVS9
F/aq9D/BtTbAfw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:11:33 2025 by rpki-client