Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.mft
File: OZETdfzEhZYSGQ6-zHrjcaAaam0.mft (raw, json)
Hash identifier: 6qlYBOj2bsAPmxRZQlybSRRB0isRN9J33El47x3ZIVs=
Subject key identifier: 16:85:AD:4A:03:62:AF:C2:E4:D8:89:E2:E6:0A:E0:4C:30:00:98:8C
Authority key identifier: 39:91:13:75:FC:C4:85:96:12:19:0E:BE:CC:7A:E3:71:A0:1A:6A:6D
Certificate issuer: /CN=39911375fcc4859612190ebecc7ae371a01a6a6d
Certificate serial: 019A4F9985076FC95DF5C5BC29EA9BE0BD36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.mft
Manifest number: 1036
Signing time: Tue 04 Nov 2025 16:00:52 +0000
Manifest this update: Tue 04 Nov 2025 16:00:52 +0000
Manifest next update: Wed 05 Nov 2025 16:00:52 +0000
Files and hashes: 1: OZETdfzEhZYSGQ6-zHrjcaAaam0.crl (hash: kdONflXe55Dn8aJIQZZhC26XfouoYdzkCFy0CtRzUMY=)
2: mV-huyQ7uf2YxiJ1JUpDypBxzhA.roa (hash: XQgQ9aC7Ey76psDYNwOwzM5lgNTkkh3rEJlv1Rte2h0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:99:85:07:6f:c9:5d:f5:c5:bc:29:ea:9b:e0:bd:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39911375fcc4859612190ebecc7ae371a01a6a6d
Validity
Not Before: Nov 4 16:00:52 2025 GMT
Not After : Nov 5 16:00:52 2025 GMT
Subject: CN=1685ad4a0362afc2e4d889e2e60ae04c3000988c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:59:c2:42:44:5f:c3:ec:a8:85:b1:8c:24:65:
1b:43:26:66:57:c2:18:53:36:4b:ed:96:65:02:c1:
00:0b:13:8c:1b:0d:95:d2:67:8e:44:47:c1:dc:e6:
dd:fb:68:cf:96:7c:2a:cb:cc:2f:43:fd:56:4b:66:
47:1e:92:c1:a1:2b:ef:78:37:bf:0e:1f:e0:26:62:
5d:c6:16:92:df:e6:7b:99:57:71:94:09:c5:59:59:
5e:e7:94:d7:ba:2e:10:ac:ff:29:ba:b8:ae:e2:03:
f5:ac:7d:fa:5d:fd:6f:83:a8:36:88:17:7d:05:c9:
d3:c5:ca:75:de:f1:dc:50:e3:9d:a4:4c:64:d1:4a:
de:ff:c2:ab:c1:cc:1e:13:bd:c6:d3:71:59:3e:38:
f1:82:e5:ee:82:cd:d9:d9:f8:ff:cb:e0:68:cd:5b:
3b:f8:ed:1c:44:86:2a:98:11:0b:7c:5b:8d:10:b8:
08:e8:21:6a:7f:42:85:4b:83:63:3a:ce:23:89:e1:
ac:5f:90:e5:b5:f4:ae:48:c3:c8:3b:a0:58:c3:04:
4a:a7:89:78:c4:b4:a5:16:21:9c:63:50:f4:92:6f:
8c:1e:8c:fe:33:ee:e3:6f:a6:79:54:1f:7e:b8:b9:
35:ac:14:68:74:23:2f:44:db:df:85:82:0e:2c:5e:
81:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:85:AD:4A:03:62:AF:C2:E4:D8:89:E2:E6:0A:E0:4C:30:00:98:8C
X509v3 Authority Key Identifier:
keyid:39:91:13:75:FC:C4:85:96:12:19:0E:BE:CC:7A:E3:71:A0:1A:6A:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d4:d3:dc:67:0e:ee:b2:de:0c:a3:24:7e:8a:10:3c:45:3a:56:
21:8f:6c:02:39:21:f7:69:35:51:ed:30:b0:48:0e:ee:b0:6d:
79:d5:f4:52:eb:07:4a:0f:2b:a2:8e:9a:16:d9:36:3a:58:17:
60:a5:82:d9:c2:50:8a:66:c0:20:7e:41:fb:b0:e5:40:9f:86:
82:0d:fc:dc:bf:64:e2:0d:9b:6a:91:c3:ff:66:f6:01:3c:b1:
7d:e8:8d:65:07:d5:6e:aa:5d:e2:96:04:1a:9d:ca:08:3c:fe:
8e:92:f5:91:e7:4d:82:a7:79:5a:e7:36:3e:35:87:cc:1c:40:
11:e9:06:87:e9:3d:e5:94:67:7b:36:7c:2b:31:8a:80:f2:69:
34:50:55:02:cd:e6:5b:08:23:ae:1a:a5:bb:8a:0b:61:24:12:
31:79:d7:e0:7a:61:ba:d3:dd:1c:2a:26:76:04:58:3b:cf:0f:
00:48:52:57:a7:bd:57:b4:44:bb:53:e2:f4:1c:51:31:57:a8:
91:84:b4:97:9b:ab:49:87:52:4a:db:9c:89:6c:1b:61:71:66:
14:78:5b:21:59:65:ef:3d:83:bd:98:27:0e:53:e1:51:dd:b9:
1b:54:9b:e3:ea:82:63:08:fd:29:b5:79:6f:16:04:39:39:cd:
71:03:e3:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmYUHb8ld9cW8Keqb4L02MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OTExMzc1ZmNjNDg1OTYxMjE5MGViZWNjN2FlMzcxYTAx
YTZhNmQwHhcNMjUxMTA0MTYwMDUyWhcNMjUxMTA1MTYwMDUyWjAzMTEwLwYDVQQD
EygxNjg1YWQ0YTAzNjJhZmMyZTRkODg5ZTJlNjBhZTA0YzMwMDA5ODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1nCQkRfw+yohbGMJGUbQyZmV8IY
UzZL7ZZlAsEACxOMGw2V0meOREfB3Obd+2jPlnwqy8wvQ/1WS2ZHHpLBoSvveDe/
Dh/gJmJdxhaS3+Z7mVdxlAnFWVle55TXui4QrP8puriu4gP1rH36Xf1vg6g2iBd9
BcnTxcp13vHcUOOdpExk0Ure/8KrwcweE73G03FZPjjxguXugs3Z2fj/y+BozVs7
+O0cRIYqmBELfFuNELgI6CFqf0KFS4NjOs4jieGsX5DltfSuSMPIO6BYwwRKp4l4
xLSlFiGcY1D0km+MHoz+M+7jb6Z5VB9+uLk1rBRodCMvRNvfhYIOLF6BrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBaFrUoDYq/C5NiJ4uYK4EwwAJiMMB8GA1UdIwQY
MBaAFDmRE3X8xIWWEhkOvsx643GgGmptMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1pFVGRmekVoWllTR1E2LXpIcmpjYUFhYW0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82MWMwYzUtNTI1Ny00NTNjLThlNzQt
OTMzZDkyZDAwMDBjLzEvT1pFVGRmekVoWllTR1E2LXpIcmpjYUFhYW0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82MWMwYzUtNTI1Ny00NTNjLThlNzQtOTMzZDkyZDAwMDBj
LzEvT1pFVGRmekVoWllTR1E2LXpIcmpjYUFhYW0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1NPcZw7u
st4MoyR+ihA8RTpWIY9sAjkh92k1Ue0wsEgO7rBtedX0UusHSg8roo6aFtk2OlgX
YKWC2cJQimbAIH5B+7DlQJ+Ggg383L9k4g2bapHD/2b2ATyxfeiNZQfVbqpd4pYE
Gp3KCDz+jpL1kedNgqd5Wuc2PjWHzBxAEekGh+k95ZRnezZ8KzGKgPJpNFBVAs3m
Wwgjrhqlu4oLYSQSMXnX4HphutPdHComdgRYO88PAEhSV6e9V7REu1Pi9BxRMVeo
kYS0l5urSYdSStuciWwbYXFmFHhbIVll7z2DvZgnDlPhUd25G1Sb4+qCYwj9KbV5
bxYEOTnNcQPjbw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:58:39 2025 by rpki-client