Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
File: oCN2bGLetRKXFVcI7MtCHIsEeAo.mft (raw, json)
Hash identifier: +ZeG0KGDcrtlLJBKhJZVx51PnOdOIrq32qzTHSsWu5E=
Subject key identifier: 38:87:E9:C3:AD:FC:82:87:F7:2F:A3:FA:1F:BE:AE:16:91:11:56:2C
Authority key identifier: A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A
Certificate issuer: /CN=a023766c62deb51297155708eccb421c8b04780a
Certificate serial: 019A4F6212401A6A8CEF9C71B7B90385E168
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
Manifest number: 145F
Signing time: Tue 04 Nov 2025 15:00:18 +0000
Manifest this update: Tue 04 Nov 2025 15:00:18 +0000
Manifest next update: Wed 05 Nov 2025 15:00:18 +0000
Files and hashes: 1: PsA85a4H5xNStqYehaGt_kPhY_U.roa (hash: CXsyF83m91+hpp7kQqr/RLoFFacqimzuhgmwugEeGmk=)
2: oCN2bGLetRKXFVcI7MtCHIsEeAo.crl (hash: uIy5WnOML8iZj8lQV8EggQJR+twmDA8WQ32vm63We9s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:62:12:40:1a:6a:8c:ef:9c:71:b7:b9:03:85:e1:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a023766c62deb51297155708eccb421c8b04780a
Validity
Not Before: Nov 4 15:00:18 2025 GMT
Not After : Nov 5 15:00:18 2025 GMT
Subject: CN=3887e9c3adfc8287f72fa3fa1fbeae169111562c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:56:f6:de:a3:ed:b6:22:c0:8c:81:09:5f:f0:
2c:7b:3f:0f:03:99:4a:53:f4:1e:de:cf:04:39:c3:
48:fb:6c:be:6d:ab:b0:4b:99:dc:fc:e8:20:d5:f7:
39:3e:08:37:f3:02:e6:3b:67:15:74:03:f6:cc:c1:
f7:89:fb:79:48:41:5b:9d:39:92:2b:11:ef:c6:f0:
2c:f4:30:b4:39:cb:bf:fe:df:a3:3b:ca:8e:e5:1d:
88:d3:55:ac:a2:79:30:c1:d8:5d:b0:a3:78:b2:53:
dc:f8:8d:2b:1c:f8:96:be:bc:a8:fe:8f:f3:8f:a0:
6b:15:6f:7e:c1:a6:c6:2a:3f:56:bf:bc:94:5b:c4:
b8:b1:74:54:2c:f5:9b:47:78:ab:14:40:0c:89:1c:
22:2f:2e:20:c3:92:96:ad:42:e9:b6:a3:17:3d:3b:
95:39:1d:83:85:07:67:5e:c5:16:da:82:63:44:b2:
67:8e:4f:70:2e:da:53:b5:86:98:ae:ab:68:cb:fc:
80:67:cc:49:4f:08:9d:ea:4b:dd:d0:0e:07:fd:15:
62:f4:da:15:cb:15:00:ff:e1:a8:66:bc:fe:ac:a8:
ae:22:94:c1:98:c0:ae:cd:c4:e3:ed:ac:30:7d:84:
d9:cd:08:34:9b:b3:7f:6d:fc:13:0d:af:6d:03:24:
b3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:87:E9:C3:AD:FC:82:87:F7:2F:A3:FA:1F:BE:AE:16:91:11:56:2C
X509v3 Authority Key Identifier:
keyid:A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9f:3b:15:cc:37:38:79:eb:d7:21:d4:6f:fd:31:26:97:07:71:
a9:bd:c4:1d:c6:ac:b0:a0:70:c4:09:b5:a7:0f:0a:a2:1f:3b:
84:a8:6f:85:62:cf:0c:66:ad:16:17:67:77:21:fd:ba:a9:b6:
e3:91:0c:43:8d:ad:8f:14:8a:94:b2:9b:61:b8:97:32:97:f1:
a7:8a:8c:0a:35:54:20:67:cf:77:be:1a:de:bd:15:c2:d5:15:
2f:b7:72:fd:db:01:91:06:8b:ec:01:c2:e9:9a:12:01:4a:2c:
66:33:96:3c:b9:43:c9:23:a0:f5:6a:62:78:c5:e2:00:99:8a:
f0:37:72:c9:b3:69:7c:7d:f3:16:e6:5c:3a:25:7e:c5:63:1b:
b8:dc:d1:5f:79:96:12:d4:19:22:a7:12:9e:6b:10:fb:7f:96:
84:39:8b:ab:21:9b:92:c1:f7:39:49:85:9c:5c:45:03:88:ad:
4a:87:ae:6a:24:74:40:ea:7f:1c:69:59:23:90:b2:7c:97:07:
a4:85:72:86:f7:fd:b8:bc:8f:be:c5:60:ea:31:6f:a1:07:a2:
c7:4b:ca:92:50:ba:67:20:2e:e1:ea:fa:54:63:8a:06:6c:a8:
d0:f9:04:d5:7b:bd:19:d0:a2:f8:13:19:0f:cb:d8:dc:a5:3f:
86:9a:88:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYhJAGmqM75xxt7kDheFoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjM3NjZjNjJkZWI1MTI5NzE1NTcwOGVjY2I0MjFjOGIw
NDc4MGEwHhcNMjUxMTA0MTUwMDE4WhcNMjUxMTA1MTUwMDE4WjAzMTEwLwYDVQQD
EygzODg3ZTljM2FkZmM4Mjg3ZjcyZmEzZmExZmJlYWUxNjkxMTE1NjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Fb23qPttiLAjIEJX/Asez8PA5lK
U/Qe3s8EOcNI+2y+bauwS5nc/Ogg1fc5Pgg38wLmO2cVdAP2zMH3ift5SEFbnTmS
KxHvxvAs9DC0Ocu//t+jO8qO5R2I01WsonkwwdhdsKN4slPc+I0rHPiWvryo/o/z
j6BrFW9+wabGKj9Wv7yUW8S4sXRULPWbR3irFEAMiRwiLy4gw5KWrULptqMXPTuV
OR2DhQdnXsUW2oJjRLJnjk9wLtpTtYaYrqtoy/yAZ8xJTwid6kvd0A4H/RVi9NoV
yxUA/+GoZrz+rKiuIpTBmMCuzcTj7awwfYTZzQg0m7N/bfwTDa9tAySz1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDiH6cOt/IKH9y+j+h++rhaREVYsMB8GA1UdIwQY
MBaAFKAjdmxi3rUSlxVXCOzLQhyLBHgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAt
YTNhMTAwZWY4NmRlLzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAtYTNhMTAwZWY4NmRl
LzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnzsVzDc4
eevXIdRv/TEmlwdxqb3EHcassKBwxAm1pw8Koh87hKhvhWLPDGatFhdndyH9uqm2
45EMQ42tjxSKlLKbYbiXMpfxp4qMCjVUIGfPd74a3r0VwtUVL7dy/dsBkQaL7AHC
6ZoSAUosZjOWPLlDySOg9WpieMXiAJmK8DdyybNpfH3zFuZcOiV+xWMbuNzRX3mW
EtQZIqcSnmsQ+3+WhDmLqyGbksH3OUmFnFxFA4itSoeuaiR0QOp/HGlZI5CyfJcH
pIVyhvf9uLyPvsVg6jFvoQeix0vKklC6ZyAu4er6VGOKBmyo0PkE1Xu9GdCi+BMZ
D8vY3KU/hpqIqA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:09:03 2025 by rpki-client