Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft
File: ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft (raw, json)
Hash identifier: iZ47yLU/W5tMiWbzvBmmJGvp63lN4+fFEbqwOJhvEfM=
Subject key identifier: 9B:40:67:9F:F0:FF:5C:64:9F:23:A8:05:7C:65:13:CC:73:AC:08:1E
Authority key identifier: A2:0C:C6:71:54:B4:03:14:5D:13:94:69:88:61:27:AB:62:9E:B9:28
Certificate issuer: /CN=a20cc67154b403145d139469886127ab629eb928
Certificate serial: 019A4E4F972639CD53642D4EF4318EA63174
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogzGcVS0AxRdE5RpiGEnq2KeuSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft
Manifest number: 1180
Signing time: Tue 04 Nov 2025 10:00:29 +0000
Manifest this update: Tue 04 Nov 2025 10:00:29 +0000
Manifest next update: Wed 05 Nov 2025 10:00:29 +0000
Files and hashes: 1: 0riwbK-R5SQDQbiXbxNMvOKwj1Q.roa (hash: d2SRgakZUBxW5TlLkPzlI9efZpJljVH6FfcMkO1myyQ=)
2: 13rU8nhg31f282Ufq4fY9epK_mk.roa (hash: 71Un032C55jpwedQZGjeiCXgaYcH9RkzCt+gCgI2Wak=)
3: ogzGcVS0AxRdE5RpiGEnq2KeuSg.crl (hash: FccS+C+GwKIglsrwyxpkbaljY72alp57lIv5+zwJIpk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogzGcVS0AxRdE5RpiGEnq2KeuSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:4f:97:26:39:cd:53:64:2d:4e:f4:31:8e:a6:31:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a20cc67154b403145d139469886127ab629eb928
Validity
Not Before: Nov 4 10:00:29 2025 GMT
Not After : Nov 5 10:00:29 2025 GMT
Subject: CN=9b40679ff0ff5c649f23a8057c6513cc73ac081e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:10:75:73:08:94:8c:52:b5:fd:1f:09:4a:19:
5f:12:59:60:ee:9c:a8:73:11:24:70:11:11:b7:e2:
3d:71:0a:b7:18:71:2c:40:ac:aa:75:9a:d6:f5:c0:
8c:0d:1d:49:89:2e:b6:8a:61:27:38:01:39:2a:bc:
65:50:ad:0b:dd:6c:37:92:6e:90:af:99:40:34:ba:
4c:48:51:fc:bf:c7:c9:51:cf:9c:c6:1b:b3:9f:44:
23:f6:43:d6:af:91:a6:9e:45:40:7d:b3:d3:08:cd:
76:df:9b:15:7e:85:15:99:5a:00:19:cd:87:fb:0d:
42:49:59:88:bb:1f:74:7f:a0:6f:21:b0:80:b9:89:
fa:2a:d7:9f:4e:01:93:e7:7e:07:be:c8:d6:06:68:
7a:92:87:90:10:67:fb:69:6c:34:75:17:0e:92:65:
a6:a0:86:cc:a3:a4:4b:6e:b9:a8:ef:cc:7f:59:eb:
98:d2:eb:0d:a1:5d:8e:16:77:7f:ea:c9:6a:2c:37:
87:e2:aa:8a:e7:e9:cb:7a:e1:d0:1c:75:e5:5c:2d:
66:af:69:52:d0:16:be:69:2c:56:8d:fb:47:e1:b6:
45:9a:c1:82:be:1b:1a:9e:b5:6f:2c:65:cd:69:fd:
ff:f1:9c:1c:6b:50:51:d6:af:e6:c0:36:66:da:4c:
b7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:40:67:9F:F0:FF:5C:64:9F:23:A8:05:7C:65:13:CC:73:AC:08:1E
X509v3 Authority Key Identifier:
keyid:A2:0C:C6:71:54:B4:03:14:5D:13:94:69:88:61:27:AB:62:9E:B9:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogzGcVS0AxRdE5RpiGEnq2KeuSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:d3:81:ad:77:b9:e6:62:5f:c9:9b:c5:23:d6:74:4a:58:64:
37:86:91:e5:87:59:b8:52:48:a1:ae:c1:37:f2:ef:b0:19:84:
5f:bd:1c:6c:a5:89:56:6f:e5:a8:7d:67:59:e2:30:07:ff:34:
eb:ce:75:b4:6a:8a:d2:94:c3:eb:89:8c:05:bf:40:cb:30:4a:
d6:90:01:c9:18:29:b8:32:58:dd:1a:4c:b2:fd:de:b8:41:a9:
74:57:3f:1d:92:c6:5e:84:d7:2e:03:e8:37:72:d1:14:b7:0b:
39:70:1a:b5:29:ed:02:81:5c:9a:7e:90:dd:1a:d0:e0:23:34:
03:f8:36:6b:eb:85:64:4c:6b:2d:54:4a:2b:1d:8c:49:ec:2f:
3b:1a:70:38:b9:e9:d1:56:b7:d0:d4:fd:0d:01:71:fb:55:eb:
ad:ad:68:85:46:30:ae:a5:21:62:bb:54:39:0e:15:9b:14:d8:
04:c7:16:08:85:30:6e:a7:92:b5:d7:2e:b9:af:20:b0:9f:45:
8e:0f:db:63:08:04:83:4f:a6:25:51:eb:23:15:49:24:ae:4d:
3e:77:31:d3:70:64:69:96:29:97:e3:38:31:50:3f:cb:22:29:
10:a7:69:f0:a5:ed:bb:04:42:eb:04:04:51:b2:d6:3e:38:5e:
6c:1a:b3:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT5cmOc1TZC1O9DGOpjF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMGNjNjcxNTRiNDAzMTQ1ZDEzOTQ2OTg4NjEyN2FiNjI5
ZWI5MjgwHhcNMjUxMTA0MTAwMDI5WhcNMjUxMTA1MTAwMDI5WjAzMTEwLwYDVQQD
Eyg5YjQwNjc5ZmYwZmY1YzY0OWYyM2E4MDU3YzY1MTNjYzczYWMwODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhB1cwiUjFK1/R8JShlfEllg7pyo
cxEkcBERt+I9cQq3GHEsQKyqdZrW9cCMDR1JiS62imEnOAE5KrxlUK0L3Ww3km6Q
r5lANLpMSFH8v8fJUc+cxhuzn0Qj9kPWr5GmnkVAfbPTCM1235sVfoUVmVoAGc2H
+w1CSVmIux90f6BvIbCAuYn6KtefTgGT534HvsjWBmh6koeQEGf7aWw0dRcOkmWm
oIbMo6RLbrmo78x/WeuY0usNoV2OFnd/6slqLDeH4qqK5+nLeuHQHHXlXC1mr2lS
0Ba+aSxWjftH4bZFmsGCvhsanrVvLGXNaf3/8Zwca1BR1q/mwDZm2ky36QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJtAZ5/w/1xknyOoBXxlE8xzrAgeMB8GA1UdIwQY
MBaAFKIMxnFUtAMUXROUaYhhJ6tinrkoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2d6R2NWUzBBeFJkRTVScGlHRW5xMktldVNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kZDg4NzgtMjk0MS00YzE1LWIyMDQt
OGZjMzM3MzdjZWFiLzEvb2d6R2NWUzBBeFJkRTVScGlHRW5xMktldVNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kZDg4NzgtMjk0MS00YzE1LWIyMDQtOGZjMzM3MzdjZWFi
LzEvb2d6R2NWUzBBeFJkRTVScGlHRW5xMktldVNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOtOBrXe5
5mJfyZvFI9Z0SlhkN4aR5YdZuFJIoa7BN/LvsBmEX70cbKWJVm/lqH1nWeIwB/80
6851tGqK0pTD64mMBb9AyzBK1pAByRgpuDJY3RpMsv3euEGpdFc/HZLGXoTXLgPo
N3LRFLcLOXAatSntAoFcmn6Q3RrQ4CM0A/g2a+uFZExrLVRKKx2MSewvOxpwOLnp
0Va30NT9DQFx+1Xrra1ohUYwrqUhYrtUOQ4VmxTYBMcWCIUwbqeStdcuua8gsJ9F
jg/bYwgEg0+mJVHrIxVJJK5NPncx03BkaZYpl+M4MVA/yyIpEKdp8KXtuwRC6wQE
UbLWPjhebBqzvw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:20:07 2025 by rpki-client