Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft
File: o2n7GRvuUc3HQUppYxl_hrvzE6s.mft (raw, json)
Hash identifier: 0iDvKBr+IIquvqXy8XkmKgvIqAdnwxw7F1EKNryWK/Q=
Subject key identifier: 2C:EE:95:E4:71:22:F9:08:63:D7:56:27:33:DF:7F:2A:85:AA:40:26
Authority key identifier: A3:69:FB:19:1B:EE:51:CD:C7:41:4A:69:63:19:7F:86:BB:F3:13:AB
Certificate issuer: /CN=a369fb191bee51cdc7414a6963197f86bbf313ab
Certificate serial: 019A55D2425D9393DFF7815F86369B9565A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2n7GRvuUc3HQUppYxl_hrvzE6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft
Manifest number: 1171
Signing time: Wed 05 Nov 2025 21:00:34 +0000
Manifest this update: Wed 05 Nov 2025 21:00:34 +0000
Manifest next update: Thu 06 Nov 2025 21:00:34 +0000
Files and hashes: 1: DfIfeCsjxuTLGxOswS1IRTtCtFo.roa (hash: BfLaITLvBopGuXyhXf+VexAjyd8LBGCkT8+9wJK+KLI=)
2: o2n7GRvuUc3HQUppYxl_hrvzE6s.crl (hash: yxVEz8hVE4GJoq9Uq7OrKlvmWvzu0/LtODuH7h3Ahdk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/o2n7GRvuUc3HQUppYxl_hrvzE6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:55:d2:42:5d:93:93:df:f7:81:5f:86:36:9b:95:65:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a369fb191bee51cdc7414a6963197f86bbf313ab
Validity
Not Before: Nov 5 21:00:34 2025 GMT
Not After : Nov 6 21:00:34 2025 GMT
Subject: CN=2cee95e47122f90863d7562733df7f2a85aa4026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b5:80:c9:40:11:2c:b7:d5:fc:f7:b6:ca:b1:
32:54:46:e5:48:d0:06:7d:60:8c:36:c0:dc:4c:cb:
7a:7f:17:e0:30:02:39:b0:e1:8e:ec:bc:be:f3:cf:
e1:d3:d0:c2:f9:64:0a:ce:7e:c2:3f:bd:30:56:bb:
94:92:a1:97:60:c2:20:40:4a:e5:cb:e8:03:ba:a7:
c8:e8:89:40:09:8e:35:68:7e:63:7a:d3:73:ec:a1:
51:38:02:80:14:ee:bb:46:ac:cf:e3:41:f7:fe:eb:
fb:0f:71:c0:84:7d:e9:35:6f:1e:05:07:a0:d3:4c:
54:7d:dd:a6:90:a9:5b:00:0d:0f:fa:ed:fe:11:53:
b9:cd:fc:01:d2:aa:f8:82:39:ea:62:9e:d2:82:cd:
c5:68:d2:4d:cc:3b:19:a6:56:da:fa:9f:b5:db:68:
b4:25:4e:c4:73:b3:78:86:ea:1a:1f:a2:24:59:6f:
95:f0:5d:ef:4f:cb:62:4a:b5:b6:da:c3:1a:46:f1:
2d:8b:05:50:89:07:78:ff:75:8a:9b:7e:b0:2a:de:
7f:b9:7d:4d:bb:3c:8c:ad:e3:5c:59:a9:3e:00:4e:
2d:19:5a:af:b4:65:55:28:48:69:3b:0d:70:01:52:
04:4e:98:4f:86:60:dd:15:6f:42:67:d1:24:a7:c0:
62:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:EE:95:E4:71:22:F9:08:63:D7:56:27:33:DF:7F:2A:85:AA:40:26
X509v3 Authority Key Identifier:
keyid:A3:69:FB:19:1B:EE:51:CD:C7:41:4A:69:63:19:7F:86:BB:F3:13:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2n7GRvuUc3HQUppYxl_hrvzE6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:03:98:4c:7a:8f:99:86:a9:f3:4c:39:26:1c:35:b6:86:c5:
1a:a1:99:62:ad:60:a3:d4:da:87:c1:cd:9e:e7:05:58:6f:c3:
86:8c:6f:27:56:e1:c4:d6:22:ea:2e:b8:05:f0:b7:12:bf:08:
f2:2c:18:f9:7d:4c:df:3a:b2:0b:e4:7b:b3:97:26:ed:07:02:
73:70:6f:5e:0a:33:4e:64:3d:3b:c3:ce:32:6a:3b:56:40:e0:
3f:f1:63:da:f2:d2:55:89:51:11:71:fd:5d:16:a9:85:05:fb:
e3:6d:50:85:6b:dd:18:20:d0:da:7c:78:83:d2:c2:3d:07:e2:
c5:40:fb:2b:ea:94:3f:ec:db:f3:5a:f7:85:51:b2:66:43:ae:
f3:19:a4:4e:c6:f5:d5:92:ec:27:64:17:32:b4:ef:72:d4:4b:
60:47:29:c3:98:e8:be:ad:3f:3d:47:3d:ea:91:06:05:32:b8:
13:a3:42:5a:3c:dd:fc:58:2e:dd:ed:94:03:7e:17:4f:8f:cb:
b2:eb:d9:0b:f4:48:e0:20:b7:51:99:ef:78:73:ca:49:a1:13:
cf:71:75:43:89:75:e4:8f:05:15:2e:b6:06:fd:98:de:e6:56:
70:c5:10:c3:57:38:0a:ab:ce:00:e0:51:61:6d:65:34:b0:a7:
ba:2a:47:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpV0kJdk5Pf94FfhjablWWhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjlmYjE5MWJlZTUxY2RjNzQxNGE2OTYzMTk3Zjg2YmJm
MzEzYWIwHhcNMjUxMTA1MjEwMDM0WhcNMjUxMTA2MjEwMDM0WjAzMTEwLwYDVQQD
EygyY2VlOTVlNDcxMjJmOTA4NjNkNzU2MjczM2RmN2YyYTg1YWE0MDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLWAyUARLLfV/Pe2yrEyVEblSNAG
fWCMNsDcTMt6fxfgMAI5sOGO7Ly+88/h09DC+WQKzn7CP70wVruUkqGXYMIgQErl
y+gDuqfI6IlACY41aH5jetNz7KFROAKAFO67RqzP40H3/uv7D3HAhH3pNW8eBQeg
00xUfd2mkKlbAA0P+u3+EVO5zfwB0qr4gjnqYp7Sgs3FaNJNzDsZplba+p+122i0
JU7Ec7N4huoaH6IkWW+V8F3vT8tiSrW22sMaRvEtiwVQiQd4/3WKm36wKt5/uX1N
uzyMreNcWak+AE4tGVqvtGVVKEhpOw1wAVIETphPhmDdFW9CZ9Ekp8BisQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCzuleRxIvkIY9dWJzPffyqFqkAmMB8GA1UdIwQY
MBaAFKNp+xkb7lHNx0FKaWMZf4a78xOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJuN0dSdnVVYzNIUVVwcFl4bF9ocnZ6RTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yMGRhNjAtYzcxOS00YmUxLThlNGYt
ZTE4MDUyZjM4MWJiLzEvbzJuN0dSdnVVYzNIUVVwcFl4bF9ocnZ6RTZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yMGRhNjAtYzcxOS00YmUxLThlNGYtZTE4MDUyZjM4MWJi
LzEvbzJuN0dSdnVVYzNIUVVwcFl4bF9ocnZ6RTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaQOYTHqP
mYap80w5Jhw1tobFGqGZYq1go9Tah8HNnucFWG/DhoxvJ1bhxNYi6i64BfC3Er8I
8iwY+X1M3zqyC+R7s5cm7QcCc3BvXgozTmQ9O8POMmo7VkDgP/Fj2vLSVYlREXH9
XRaphQX7421QhWvdGCDQ2nx4g9LCPQfixUD7K+qUP+zb81r3hVGyZkOu8xmkTsb1
1ZLsJ2QXMrTvctRLYEcpw5jovq0/PUc96pEGBTK4E6NCWjzd/Fgu3e2UA34XT4/L
suvZC/RI4CC3UZnveHPKSaETz3F1Q4l15I8FFS62Bv2Y3uZWcMUQw1c4CqvOAOBR
YW1lNLCnuipHsg==
-----END CERTIFICATE-----
Generated at Thu Nov 6 03:04:32 2025 by rpki-client