Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft
File: oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft (raw, json)
Hash identifier: 1OdAya8qViHJWFyEslkV6uzD6VyMbR8zGWTnd0u3zCM=
Subject key identifier: 4A:4E:C2:89:46:75:9A:1B:C2:47:0F:2F:F6:5E:AC:FE:52:85:6D:0B
Authority key identifier: A0:9F:DA:04:7B:3A:0B:1C:82:04:35:E6:99:38:86:60:DA:32:C6:3F
Certificate issuer: /CN=a09fda047b3a0b1c820435e699388660da32c63f
Certificate serial: 019A71EECFECA1314FA26B8F9467C3F7E877
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft
Manifest number: 067A
Signing time: Tue 11 Nov 2025 08:01:07 +0000
Manifest this update: Tue 11 Nov 2025 08:01:07 +0000
Manifest next update: Wed 12 Nov 2025 08:01:07 +0000
Files and hashes: 1: FfIlEvStYRtAHT_4tgisj2sboIA.roa (hash: u8VtTRQomqZri4fvKgtiux4C4c/ZHFagnd78Z59URa8=)
2: oJ_aBHs6CxyCBDXmmTiGYNoyxj8.crl (hash: ufuF5USa/vWddpVqQTm0DnEYZ0PBEvRFoy1lQQmFuyY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft
rsync://rpki.ripe.net/repository/DEFAULT/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:cf:ec:a1:31:4f:a2:6b:8f:94:67:c3:f7:e8:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a09fda047b3a0b1c820435e699388660da32c63f
Validity
Not Before: Nov 11 08:01:07 2025 GMT
Not After : Nov 12 08:01:07 2025 GMT
Subject: CN=4a4ec28946759a1bc2470f2ff65eacfe52856d0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:bd:11:b2:72:e4:fd:21:76:bd:d8:7e:ce:fa:
05:eb:07:9a:fa:84:01:39:0b:3c:ba:cb:11:0b:0b:
a5:96:6d:dc:ad:2f:a2:84:ca:3a:c7:51:f4:5f:39:
91:ff:26:ae:56:1d:b3:27:89:34:3e:bc:9c:81:03:
51:1e:5a:2e:a4:0e:3f:5f:1f:67:f4:da:02:66:47:
ce:1b:3d:6b:3b:13:4f:52:91:ee:ff:26:90:fd:73:
27:a7:ce:80:f2:73:63:e8:b7:db:5f:2b:6c:3b:8b:
5c:42:f7:5e:af:75:bf:e9:43:3c:7c:79:9c:f8:ec:
ff:11:31:d5:f9:c6:63:f5:8d:55:4c:ea:d2:dc:e0:
3e:ec:3d:46:c0:36:a9:38:44:2f:92:21:dc:2c:18:
cc:13:fe:4a:ba:0b:b0:07:49:67:fd:c9:cf:27:14:
1d:0c:96:30:ab:ca:ed:ca:89:78:49:43:b7:ea:8d:
9d:31:31:8a:59:06:c0:91:a8:9a:24:2a:1b:56:74:
4b:8a:0d:dd:9a:92:78:21:7a:5a:b4:6d:e8:94:cd:
59:13:3c:2d:36:6c:71:5f:2b:ae:f2:dd:ed:17:25:
71:55:8f:5a:21:8a:77:fc:76:0f:66:1f:bf:b0:15:
b1:d7:09:0c:3c:ee:6a:32:a1:33:3f:4c:02:39:41:
51:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:4E:C2:89:46:75:9A:1B:C2:47:0F:2F:F6:5E:AC:FE:52:85:6D:0B
X509v3 Authority Key Identifier:
keyid:A0:9F:DA:04:7B:3A:0B:1C:82:04:35:E6:99:38:86:60:DA:32:C6:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:83:f7:94:d6:14:ec:86:37:d9:9e:ce:c8:df:1b:a4:4d:33:
ae:40:60:97:b3:cc:9d:2b:7c:23:4c:8a:17:22:7d:71:c2:90:
af:17:bd:f0:3a:96:e2:d0:79:2c:ea:83:9b:ef:d6:b4:97:98:
40:c2:b8:87:45:8c:ab:16:c7:ee:8b:62:64:28:67:75:ab:14:
4f:ec:2d:4c:08:3f:3b:70:26:7b:fb:e2:00:56:52:f6:c4:05:
42:ea:c1:68:9a:a7:e5:4c:5d:50:9a:0f:d8:5e:c0:ef:51:b0:
f0:e8:a4:23:0e:aa:f4:0d:f5:60:00:b5:64:56:86:db:b0:c8:
5e:f0:5d:fe:4c:0b:b6:db:c7:1b:e5:63:a2:1d:28:90:ae:76:
40:fb:94:a4:ee:46:11:fa:72:98:ce:dd:a0:96:d9:38:1e:68:
c3:0f:76:90:1f:20:63:90:10:3a:d0:d0:79:4a:76:82:03:0d:
00:f8:e8:1f:38:ec:84:c7:a8:10:03:97:c0:89:9c:c4:76:74:
0a:68:a6:42:05:70:a3:cf:ba:53:69:b6:bf:32:c7:3d:17:05:
24:5b:ff:c5:f2:54:62:8f:fb:4a:4e:e4:d4:a8:67:1e:66:d1:
1d:96:0c:ff:80:7a:28:f6:e3:03:25:c7:a1:4c:4c:f9:58:d3:
d0:af:71:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7s/soTFPomuPlGfD9+h3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOWZkYTA0N2IzYTBiMWM4MjA0MzVlNjk5Mzg4NjYwZGEz
MmM2M2YwHhcNMjUxMTExMDgwMTA3WhcNMjUxMTEyMDgwMTA3WjAzMTEwLwYDVQQD
Eyg0YTRlYzI4OTQ2NzU5YTFiYzI0NzBmMmZmNjVlYWNmZTUyODU2ZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA570RsnLk/SF2vdh+zvoF6wea+oQB
OQs8ussRCwullm3crS+ihMo6x1H0XzmR/yauVh2zJ4k0PrycgQNRHloupA4/Xx9n
9NoCZkfOGz1rOxNPUpHu/yaQ/XMnp86A8nNj6LfbXytsO4tcQvder3W/6UM8fHmc
+Oz/ETHV+cZj9Y1VTOrS3OA+7D1GwDapOEQvkiHcLBjME/5KuguwB0ln/cnPJxQd
DJYwq8rtyol4SUO36o2dMTGKWQbAkaiaJCobVnRLig3dmpJ4IXpatG3olM1ZEzwt
NmxxXyuu8t3tFyVxVY9aIYp3/HYPZh+/sBWx1wkMPO5qMqEzP0wCOUFR+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEpOwolGdZobwkcPL/ZerP5ShW0LMB8GA1UdIwQY
MBaAFKCf2gR7OgscggQ15pk4hmDaMsY/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0pfYUJIczZDeHlDQkRYbW1UaUdZTm95eGo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84YjRkMzItMDM2NS00ZGFhLTlkNWIt
Mjk5MjBlNTE2N2Q5LzEvb0pfYUJIczZDeHlDQkRYbW1UaUdZTm95eGo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84YjRkMzItMDM2NS00ZGFhLTlkNWItMjk5MjBlNTE2N2Q5
LzEvb0pfYUJIczZDeHlDQkRYbW1UaUdZTm95eGo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC4P3lNYU
7IY32Z7OyN8bpE0zrkBgl7PMnSt8I0yKFyJ9ccKQrxe98DqW4tB5LOqDm+/WtJeY
QMK4h0WMqxbH7otiZChndasUT+wtTAg/O3Ame/viAFZS9sQFQurBaJqn5UxdUJoP
2F7A71Gw8OikIw6q9A31YAC1ZFaG27DIXvBd/kwLttvHG+Vjoh0okK52QPuUpO5G
EfpymM7doJbZOB5oww92kB8gY5AQOtDQeUp2ggMNAPjoHzjshMeoEAOXwImcxHZ0
CmimQgVwo8+6U2m2vzLHPRcFJFv/xfJUYo/7Sk7k1KhnHmbRHZYM/4B6KPbjAyXH
oUxM+VjT0K9xRw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:00:24 2025 by rpki-client