Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/1dffe1-c8ff-466b-9dc2-bfc6f48e96ab/1/OTSIZ9yylWrKZdCDSORA1HJ6N0M.mft
File: OTSIZ9yylWrKZdCDSORA1HJ6N0M.mft (raw, json)
Hash identifier: hdEFeIddGI/nJm1f68Tl2kAkmMbWaDLzIhyBYaJ/QBQ=
Subject key identifier: D0:25:35:F2:48:F8:FC:00:12:CD:1E:DA:08:AD:06:49:7C:B2:1E:5A
Authority key identifier: 39:34:88:67:DC:B2:95:6A:CA:65:D0:83:48:E4:40:D4:72:7A:37:43
Certificate issuer: /CN=39348867dcb2956aca65d08348e440d4727a3743
Certificate serial: 019A55D2953F115B7835F719F984EA96CF95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTSIZ9yylWrKZdCDSORA1HJ6N0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/1dffe1-c8ff-466b-9dc2-bfc6f48e96ab/1/OTSIZ9yylWrKZdCDSORA1HJ6N0M.mft
Manifest number: 04B4
Signing time: Wed 05 Nov 2025 21:00:55 +0000
Manifest this update: Wed 05 Nov 2025 21:00:55 +0000
Manifest next update: Thu 06 Nov 2025 21:00:55 +0000
Files and hashes: 1: OTSIZ9yylWrKZdCDSORA1HJ6N0M.crl (hash: TyIS5+uGghajNWzkytQi7mgOK7zwnxnaVJ48uWoVnSQ=)
2: c6YXeFcziXYV8oA7IxxFWWIl7jo.roa (hash: 772kO8FIL8B9L379YEWTLwC21iJYKEhsMHuMIDdHwY4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/1dffe1-c8ff-466b-9dc2-bfc6f48e96ab/1/OTSIZ9yylWrKZdCDSORA1HJ6N0M.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/1dffe1-c8ff-466b-9dc2-bfc6f48e96ab/1/OTSIZ9yylWrKZdCDSORA1HJ6N0M.mft
rsync://rpki.ripe.net/repository/DEFAULT/OTSIZ9yylWrKZdCDSORA1HJ6N0M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:55:d2:95:3f:11:5b:78:35:f7:19:f9:84:ea:96:cf:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39348867dcb2956aca65d08348e440d4727a3743
Validity
Not Before: Nov 5 21:00:55 2025 GMT
Not After : Nov 6 21:00:55 2025 GMT
Subject: CN=d02535f248f8fc0012cd1eda08ad06497cb21e5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ca:8e:80:3f:8b:d5:9f:56:dc:5e:55:f0:03:
90:17:cf:57:4e:a1:b8:02:0a:70:4d:be:61:72:09:
35:a9:a5:96:7f:97:38:ed:aa:c0:0a:25:fb:a0:bb:
8e:fc:1c:a7:15:f6:03:12:3b:40:d7:8b:39:d3:c3:
7f:b8:4f:52:26:9e:94:fd:a1:9c:bf:71:f3:8a:19:
89:75:28:4a:a4:fb:ce:89:13:62:b6:e1:2e:8b:fc:
fe:b1:3d:0e:28:85:83:45:3b:19:46:9b:0b:a2:34:
95:22:a5:7a:5a:b6:81:3d:b3:1a:e9:b4:81:80:5a:
a6:97:84:fe:57:77:64:7c:1a:a0:94:40:6c:b4:4f:
24:28:1c:d6:62:20:8f:54:1d:fb:36:64:30:87:53:
8d:01:55:ae:e7:cb:2b:92:5f:f6:9b:8a:11:2a:69:
07:24:77:16:55:9f:3f:68:44:bd:83:21:a7:a8:85:
f9:7d:1c:c4:29:1c:fe:50:ab:5b:7e:e9:7e:40:84:
b2:bc:f8:2e:b1:9a:81:c6:ac:23:77:84:7b:cd:57:
de:6c:a1:8e:f3:cc:a7:6d:84:35:86:0b:df:18:dc:
89:3e:bb:10:0f:87:db:0e:2e:c5:2a:5f:38:fd:3d:
39:12:e3:f4:59:fa:23:28:d1:ec:14:a8:55:1d:2f:
ee:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:25:35:F2:48:F8:FC:00:12:CD:1E:DA:08:AD:06:49:7C:B2:1E:5A
X509v3 Authority Key Identifier:
keyid:39:34:88:67:DC:B2:95:6A:CA:65:D0:83:48:E4:40:D4:72:7A:37:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTSIZ9yylWrKZdCDSORA1HJ6N0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/1dffe1-c8ff-466b-9dc2-bfc6f48e96ab/1/OTSIZ9yylWrKZdCDSORA1HJ6N0M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/1dffe1-c8ff-466b-9dc2-bfc6f48e96ab/1/OTSIZ9yylWrKZdCDSORA1HJ6N0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:23:c1:87:59:b6:be:bb:60:98:36:0a:37:c3:0d:b6:b4:ed:
51:c1:7c:11:8f:ff:e7:cb:24:60:97:21:f5:67:3c:81:66:e1:
c0:9b:49:34:e0:6b:94:23:ee:80:16:51:a4:ec:17:e5:00:d3:
74:cf:2a:ba:09:76:30:41:86:70:2b:9b:6c:16:2d:a4:be:b5:
cd:d2:1d:ec:64:44:37:49:03:75:37:52:8e:e5:39:78:aa:1f:
7f:b0:9c:53:3c:5d:4b:dd:68:6f:6f:fc:77:1e:a1:c3:5e:92:
92:81:8e:ab:16:63:5f:7b:be:2b:ba:30:39:33:60:65:ed:3f:
55:e8:22:d8:7b:67:78:01:4d:5f:d6:d0:d9:26:af:79:c8:61:
bf:c4:f3:b9:e4:58:aa:50:72:a2:94:b8:e2:c0:b0:26:fe:c9:
b0:4a:06:a8:56:49:be:32:9b:86:98:35:a5:f1:f9:fd:6f:d4:
4f:e6:a2:5d:f7:f7:78:02:3a:09:6b:d5:92:a3:c7:74:10:15:
9d:8e:ed:1e:13:0f:55:e3:68:4b:c4:72:85:9f:3d:ae:bc:56:
a5:df:fe:bc:3a:23:7c:0f:69:c0:94:01:4b:85:d3:63:1f:6e:
f0:99:1e:ae:51:d3:64:9b:46:70:ce:49:80:5e:8e:04:ee:2f:
bf:45:21:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpV0pU/EVt4NfcZ+YTqls+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MzQ4ODY3ZGNiMjk1NmFjYTY1ZDA4MzQ4ZTQ0MGQ0NzI3
YTM3NDMwHhcNMjUxMTA1MjEwMDU1WhcNMjUxMTA2MjEwMDU1WjAzMTEwLwYDVQQD
EyhkMDI1MzVmMjQ4ZjhmYzAwMTJjZDFlZGEwOGFkMDY0OTdjYjIxZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8qOgD+L1Z9W3F5V8AOQF89XTqG4
AgpwTb5hcgk1qaWWf5c47arACiX7oLuO/BynFfYDEjtA14s508N/uE9SJp6U/aGc
v3HzihmJdShKpPvOiRNituEui/z+sT0OKIWDRTsZRpsLojSVIqV6WraBPbMa6bSB
gFqml4T+V3dkfBqglEBstE8kKBzWYiCPVB37NmQwh1ONAVWu58srkl/2m4oRKmkH
JHcWVZ8/aES9gyGnqIX5fRzEKRz+UKtbful+QISyvPgusZqBxqwjd4R7zVfebKGO
88ynbYQ1hgvfGNyJPrsQD4fbDi7FKl84/T05EuP0WfojKNHsFKhVHS/uCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNAlNfJI+PwAEs0e2gitBkl8sh5aMB8GA1UdIwQY
MBaAFDk0iGfcspVqymXQg0jkQNRyejdDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1RTSVo5eXlsV3JLWmRDRFNPUkExSEo2TjBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8xZGZmZTEtYzhmZi00NjZiLTlkYzIt
YmZjNmY0OGU5NmFiLzEvT1RTSVo5eXlsV3JLWmRDRFNPUkExSEo2TjBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8xZGZmZTEtYzhmZi00NjZiLTlkYzItYmZjNmY0OGU5NmFi
LzEvT1RTSVo5eXlsV3JLWmRDRFNPUkExSEo2TjBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbiPBh1m2
vrtgmDYKN8MNtrTtUcF8EY//58skYJch9Wc8gWbhwJtJNOBrlCPugBZRpOwX5QDT
dM8qugl2MEGGcCubbBYtpL61zdId7GREN0kDdTdSjuU5eKoff7CcUzxdS91ob2/8
dx6hw16SkoGOqxZjX3u+K7owOTNgZe0/Vegi2HtneAFNX9bQ2Savechhv8TzueRY
qlByopS44sCwJv7JsEoGqFZJvjKbhpg1pfH5/W/UT+aiXff3eAI6CWvVkqPHdBAV
nY7tHhMPVeNoS8RyhZ89rrxWpd/+vDojfA9pwJQBS4XTYx9u8JkerlHTZJtGcM5J
gF6OBO4vv0UhBA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 23:52:26 2025 by rpki-client