Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/0dcd96-0ae3-4f5c-8d21-a902b0096b99/1/8oxp2pTIXt1I2cH9jjMq477mYAQ.mft
File: 8oxp2pTIXt1I2cH9jjMq477mYAQ.mft (raw, json)
Hash identifier: 5rU+SxVYQugNPl7C6OqU0LqCEy92ef+mPBM86z+F8IA=
Subject key identifier: 4D:AE:46:4A:E0:50:01:DC:80:AB:1F:1D:A4:E1:3A:A0:03:03:AE:47
Authority key identifier: F2:8C:69:DA:94:C8:5E:DD:48:D9:C1:FD:8E:33:2A:E3:BE:E6:60:04
Certificate issuer: /CN=f28c69da94c85edd48d9c1fd8e332ae3bee66004
Certificate serial: 019A706E240CDEE8CE0602C3D117FBA23EDA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8oxp2pTIXt1I2cH9jjMq477mYAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/0dcd96-0ae3-4f5c-8d21-a902b0096b99/1/8oxp2pTIXt1I2cH9jjMq477mYAQ.mft
Manifest number: 0FE9
Signing time: Tue 11 Nov 2025 01:00:57 +0000
Manifest this update: Tue 11 Nov 2025 01:00:57 +0000
Manifest next update: Wed 12 Nov 2025 01:00:57 +0000
Files and hashes: 1: 8oxp2pTIXt1I2cH9jjMq477mYAQ.crl (hash: e+ufIX4obUk1Bc9x0nyS0mnzXT0v/svGGdFleDxtNok=)
2: m7fQ-cMMDdeyLl0RJP3A0VDHgVE.roa (hash: rB/+iXy3MWnMmudzmSTexHxDroAo7zhjaO5iq26LcWQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/0dcd96-0ae3-4f5c-8d21-a902b0096b99/1/8oxp2pTIXt1I2cH9jjMq477mYAQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/0dcd96-0ae3-4f5c-8d21-a902b0096b99/1/8oxp2pTIXt1I2cH9jjMq477mYAQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8oxp2pTIXt1I2cH9jjMq477mYAQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 01:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:6e:24:0c:de:e8:ce:06:02:c3:d1:17:fb:a2:3e:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f28c69da94c85edd48d9c1fd8e332ae3bee66004
Validity
Not Before: Nov 11 01:00:57 2025 GMT
Not After : Nov 12 01:00:57 2025 GMT
Subject: CN=4dae464ae05001dc80ab1f1da4e13aa00303ae47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:65:15:73:8b:45:0d:25:1d:f6:2e:d9:3d:82:
87:37:56:91:34:2b:5a:e0:27:8a:4e:48:c2:f6:ff:
f7:96:1a:58:29:72:1a:79:0f:11:6d:0b:18:3b:9e:
13:47:a2:6b:9c:c3:2a:38:38:cf:01:bf:ae:f0:3f:
92:1c:cb:03:bd:1f:79:a2:d8:a7:9f:fe:ff:4c:2f:
0e:36:bb:77:83:1b:36:d0:c0:ac:df:dd:9b:c0:9e:
82:3b:74:07:1d:91:52:f6:d1:af:dd:7e:9f:1b:ea:
90:00:21:99:80:b1:ab:a9:64:6f:25:87:92:2c:05:
66:17:aa:fa:0e:d0:4c:aa:3d:07:d0:2e:0d:e0:84:
13:1e:ef:53:47:15:c9:20:1e:7a:98:1f:67:06:cf:
da:04:8b:11:f3:73:2c:6b:12:59:95:3f:38:10:b8:
15:18:58:0b:fa:b3:86:25:8d:0e:5f:bc:8e:ce:15:
a8:6c:71:2b:01:e9:d3:80:85:da:79:37:0c:47:2c:
a0:7f:a5:b8:62:b7:18:46:33:fa:55:c0:5c:de:84:
33:c8:4b:ab:c5:f0:f7:47:3f:2f:d9:fc:f5:e0:03:
b4:2f:f3:9c:9c:16:df:87:7c:2d:1e:8b:34:2b:3a:
e3:cd:a3:05:91:30:eb:8f:43:39:83:ef:50:4e:f7:
a5:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:AE:46:4A:E0:50:01:DC:80:AB:1F:1D:A4:E1:3A:A0:03:03:AE:47
X509v3 Authority Key Identifier:
keyid:F2:8C:69:DA:94:C8:5E:DD:48:D9:C1:FD:8E:33:2A:E3:BE:E6:60:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8oxp2pTIXt1I2cH9jjMq477mYAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/0dcd96-0ae3-4f5c-8d21-a902b0096b99/1/8oxp2pTIXt1I2cH9jjMq477mYAQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/0dcd96-0ae3-4f5c-8d21-a902b0096b99/1/8oxp2pTIXt1I2cH9jjMq477mYAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:d3:05:14:a5:29:d2:b7:bc:44:1b:c8:be:d1:54:63:55:8e:
f2:ee:f5:36:90:0f:bf:d0:55:20:e4:51:03:97:90:c7:3b:59:
20:69:42:97:a1:da:f1:9f:b1:8d:68:11:4e:aa:72:2f:6d:d9:
85:3d:20:8c:99:19:80:99:9a:ba:27:10:f8:aa:21:8c:4e:08:
4b:b7:4b:c0:09:33:fd:22:fe:0b:12:36:d8:d7:79:40:39:62:
d1:ca:af:8d:42:87:58:5d:d3:85:82:15:a5:2f:53:5d:76:ac:
10:07:5b:b1:e3:57:b4:75:e7:3b:25:fb:22:5c:f1:7a:ad:35:
e6:93:9e:2f:6f:3b:aa:95:c5:dd:b6:1a:c6:ed:f7:cd:e2:fd:
ba:8d:7b:cb:0e:e3:a0:ae:04:a5:6b:b8:50:4e:a1:ee:54:cd:
28:3f:6a:f8:e3:6d:4f:20:a8:03:53:90:6d:fb:42:86:14:c8:
6a:19:65:54:0f:1e:de:a0:bc:94:7d:da:97:c9:d4:c3:17:6b:
ab:81:fe:e2:7d:74:cc:55:b2:a4:16:c4:40:9f:17:4e:84:55:
14:48:4e:83:54:a6:ed:c0:c5:7d:0d:da:53:dc:e0:22:d7:84:
13:2a:3f:0a:ca:ed:79:ca:af:2a:1c:76:70:fd:9c:ad:13:83:
f4:06:59:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbiQM3ujOBgLD0Rf7oj7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOGM2OWRhOTRjODVlZGQ0OGQ5YzFmZDhlMzMyYWUzYmVl
NjYwMDQwHhcNMjUxMTExMDEwMDU3WhcNMjUxMTEyMDEwMDU3WjAzMTEwLwYDVQQD
Eyg0ZGFlNDY0YWUwNTAwMWRjODBhYjFmMWRhNGUxM2FhMDAzMDNhZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGUVc4tFDSUd9i7ZPYKHN1aRNCta
4CeKTkjC9v/3lhpYKXIaeQ8RbQsYO54TR6JrnMMqODjPAb+u8D+SHMsDvR95otin
n/7/TC8ONrt3gxs20MCs392bwJ6CO3QHHZFS9tGv3X6fG+qQACGZgLGrqWRvJYeS
LAVmF6r6DtBMqj0H0C4N4IQTHu9TRxXJIB56mB9nBs/aBIsR83MsaxJZlT84ELgV
GFgL+rOGJY0OX7yOzhWobHErAenTgIXaeTcMRyygf6W4YrcYRjP6VcBc3oQzyEur
xfD3Rz8v2fz14AO0L/OcnBbfh3wtHos0KzrjzaMFkTDrj0M5g+9QTvelpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE2uRkrgUAHcgKsfHaThOqADA65HMB8GA1UdIwQY
MBaAFPKMadqUyF7dSNnB/Y4zKuO+5mAEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG94cDJwVElYdDFJMmNIOWpqTXE0NzdtWUFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8wZGNkOTYtMGFlMy00ZjVjLThkMjEt
YTkwMmIwMDk2Yjk5LzEvOG94cDJwVElYdDFJMmNIOWpqTXE0NzdtWUFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8wZGNkOTYtMGFlMy00ZjVjLThkMjEtYTkwMmIwMDk2Yjk5
LzEvOG94cDJwVElYdDFJMmNIOWpqTXE0NzdtWUFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABtMFFKUp
0re8RBvIvtFUY1WO8u71NpAPv9BVIORRA5eQxztZIGlCl6Ha8Z+xjWgRTqpyL23Z
hT0gjJkZgJmauicQ+KohjE4IS7dLwAkz/SL+CxI22Nd5QDli0cqvjUKHWF3ThYIV
pS9TXXasEAdbseNXtHXnOyX7Ilzxeq015pOeL287qpXF3bYaxu33zeL9uo17yw7j
oK4EpWu4UE6h7lTNKD9q+ONtTyCoA1OQbftChhTIahllVA8e3qC8lH3al8nUwxdr
q4H+4n10zFWypBbEQJ8XToRVFEhOg1Sm7cDFfQ3aU9zgIteEEyo/CsrtecqvKhx2
cP2crROD9AZZvw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:12 2025 by rpki-client