Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
File: o_60EOB9CI-2UbkTdJuBJX47mVI.mft (raw, json)
Hash identifier: WN2Usq0+bipuXLN9ZmIKn9EKxtFgKnMhGICJMgPPz4A=
Subject key identifier: 22:0A:0F:7D:86:26:97:11:98:C0:4D:F5:E0:4E:DF:60:72:F8:F1:A2
Authority key identifier: A3:FE:B4:10:E0:7D:08:8F:B6:51:B9:13:74:9B:81:25:7E:3B:99:52
Certificate issuer: /CN=a3feb410e07d088fb651b913749b81257e3b9952
Certificate serial: 019A4EF50FEC7F696689DBE2DB32B4406E89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
Manifest number: 1157
Signing time: Tue 04 Nov 2025 13:01:14 +0000
Manifest this update: Tue 04 Nov 2025 13:01:14 +0000
Manifest next update: Wed 05 Nov 2025 13:01:14 +0000
Files and hashes: 1: o_60EOB9CI-2UbkTdJuBJX47mVI.crl (hash: 9UV4CKLc18XvSztXDwNu2KsCdah7PPnaCRjsxEuYMxA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 13:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:0f:ec:7f:69:66:89:db:e2:db:32:b4:40:6e:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3feb410e07d088fb651b913749b81257e3b9952
Validity
Not Before: Nov 4 13:01:14 2025 GMT
Not After : Nov 5 13:01:14 2025 GMT
Subject: CN=220a0f7d8626971198c04df5e04edf6072f8f1a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0d:59:6d:26:95:d4:46:9e:32:59:0a:1f:97:
41:b3:a9:1c:05:ff:f9:ec:c1:15:16:7f:81:a9:c2:
db:d3:35:91:eb:0a:c0:2a:4b:a7:59:3b:1f:7e:61:
c1:01:03:4c:0c:dc:4b:b3:f5:21:33:3a:8b:97:34:
25:a5:0e:b0:10:c1:74:b2:34:b1:d9:27:bb:cc:31:
87:fa:37:2f:03:bc:b0:b1:f0:98:90:5e:07:46:21:
4f:59:2d:f0:dc:30:3e:5f:13:00:95:e0:f2:46:a6:
9b:d9:2a:f4:e8:4e:d6:60:30:2c:4b:cb:c1:3a:3d:
d5:9e:9f:80:50:3d:2f:6e:6f:c1:5a:b9:a8:7e:c4:
e9:b4:b7:8c:2d:e2:a4:e2:43:ec:56:a4:96:c6:74:
52:97:3b:f8:0d:fa:72:e3:c5:af:de:cf:10:b5:6f:
6d:cc:1e:65:ed:5f:af:92:03:59:ee:da:a6:f1:c1:
1f:fb:ab:6b:80:8e:6f:83:e8:cc:a8:c0:ec:57:ae:
4a:01:3b:ab:21:d0:18:24:52:6e:c6:26:c5:a2:da:
36:01:9d:e4:df:e0:f3:97:43:bf:17:a7:b8:74:7f:
d5:b9:f4:c1:a2:b4:69:1f:02:20:81:d0:3d:70:73:
01:cb:e4:85:66:78:62:41:d5:6a:17:4c:12:49:78:
13:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:0A:0F:7D:86:26:97:11:98:C0:4D:F5:E0:4E:DF:60:72:F8:F1:A2
X509v3 Authority Key Identifier:
keyid:A3:FE:B4:10:E0:7D:08:8F:B6:51:B9:13:74:9B:81:25:7E:3B:99:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9f:f4:34:c2:a5:33:9b:5d:a8:47:67:6d:11:63:9a:d8:06:66:
a5:67:25:d9:e1:6e:b9:5b:26:6f:dd:1f:fd:bb:21:08:4a:1e:
75:07:9d:0b:ea:a3:84:09:e8:cb:65:32:1c:80:88:04:95:1a:
71:2b:73:dd:93:d6:fc:e8:68:12:91:f9:7d:69:b5:e7:9c:6d:
05:28:13:8d:b8:56:0f:98:a9:65:35:68:6e:a4:ae:0c:6f:63:
09:f7:a5:9f:49:f2:91:cf:73:ff:7d:dd:25:fd:a7:ee:7f:fc:
d9:50:5e:64:31:01:58:38:ae:42:5f:13:02:8c:23:59:63:be:
1d:e6:ee:04:71:0c:51:5f:da:93:d5:ce:b7:20:0d:07:0c:c1:
39:1d:b3:3f:9f:3a:11:47:dc:85:49:a2:4a:6e:7a:94:0a:bb:
ce:1c:c0:fa:d9:b3:ae:89:5b:81:b1:cf:33:e2:8a:3f:72:b4:
5f:64:21:65:45:e8:cc:5c:f0:44:86:78:d8:c8:de:cf:e8:63:
16:b5:c6:9e:ca:a3:09:d4:bb:05:21:f7:23:34:d1:56:1b:2d:
3e:70:33:96:f3:a0:0a:cc:f1:21:6f:89:66:57:cb:ef:f8:80:
aa:65:5d:27:27:00:23:fd:5c:3c:74:5f:5c:fb:dc:c0:cb:b3:
64:2a:6f:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9Q/sf2lmidvi2zK0QG6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZmViNDEwZTA3ZDA4OGZiNjUxYjkxMzc0OWI4MTI1N2Uz
Yjk5NTIwHhcNMjUxMTA0MTMwMTE0WhcNMjUxMTA1MTMwMTE0WjAzMTEwLwYDVQQD
EygyMjBhMGY3ZDg2MjY5NzExOThjMDRkZjVlMDRlZGY2MDcyZjhmMWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQ1ZbSaV1EaeMlkKH5dBs6kcBf/5
7MEVFn+BqcLb0zWR6wrAKkunWTsffmHBAQNMDNxLs/UhMzqLlzQlpQ6wEMF0sjSx
2Se7zDGH+jcvA7ywsfCYkF4HRiFPWS3w3DA+XxMAleDyRqab2Sr06E7WYDAsS8vB
Oj3Vnp+AUD0vbm/BWrmofsTptLeMLeKk4kPsVqSWxnRSlzv4Dfpy48Wv3s8QtW9t
zB5l7V+vkgNZ7tqm8cEf+6trgI5vg+jMqMDsV65KATurIdAYJFJuxibFoto2AZ3k
3+Dzl0O/F6e4dH/VufTBorRpHwIggdA9cHMBy+SFZnhiQdVqF0wSSXgThwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCIKD32GJpcRmMBN9eBO32By+PGiMB8GA1UdIwQY
MBaAFKP+tBDgfQiPtlG5E3SbgSV+O5lSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85ZjA2OGEtMTdmNC00MzExLThiYmMt
MjM0YjMyMmEwY2ZlLzEvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85ZjA2OGEtMTdmNC00MzExLThiYmMtMjM0YjMyMmEwY2Zl
LzEvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn/Q0wqUz
m12oR2dtEWOa2AZmpWcl2eFuuVsmb90f/bshCEoedQedC+qjhAnoy2UyHICIBJUa
cStz3ZPW/OhoEpH5fWm155xtBSgTjbhWD5ipZTVobqSuDG9jCfeln0nykc9z/33d
Jf2n7n/82VBeZDEBWDiuQl8TAowjWWO+HebuBHEMUV/ak9XOtyANBwzBOR2zP586
EUfchUmiSm56lAq7zhzA+tmzrolbgbHPM+KKP3K0X2QhZUXozFzwRIZ42Mjez+hj
FrXGnsqjCdS7BSH3IzTRVhstPnAzlvOgCszxIW+JZlfL7/iAqmVdJycAI/1cPHRf
XPvcwMuzZCpvGQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:34:12 2025 by rpki-client