
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
File: o8lj0aEdANOEre35u4blOEmpsYw.mft (raw, json)
Hash identifier: c4N/OpMvmVvvDg/p7Qqur0hEoJDC/M63TXTtuisV72I=
Subject key identifier: 3A:3B:E3:F6:D4:90:20:B4:06:BF:68:0B:18:FE:9D:BB:BF:86:9E:E6
Authority key identifier: A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C
Certificate issuer: /CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c
Certificate serial: 0197643AB13099781B41E0515B44642BEA72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
Manifest number: 158D
Signing time: Thu 12 Jun 2025 13:00:57 +0000
Manifest this update: Thu 12 Jun 2025 13:00:57 +0000
Manifest next update: Fri 13 Jun 2025 13:00:57 +0000
Files and hashes: 1: 1-9Z39awtCUNqeCcuYwIOQubEoEY.roa (hash: AJvelHrJ42adBWeCqNbgdbqaGB/A4YMI32J/x3+LlBI=)
2: o8lj0aEdANOEre35u4blOEmpsYw.crl (hash: x4oq0q3QwF/ZI1KJc2mDMrQtBQ4LJ2l5Fft4JOLUX4Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Jun 2025 13:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:64:3a:b1:30:99:78:1b:41:e0:51:5b:44:64:2b:ea:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c
Validity
Not Before: Jun 12 13:00:57 2025 GMT
Not After : Jun 13 13:00:57 2025 GMT
Subject: CN=3a3be3f6d49020b406bf680b18fe9dbbbf869ee6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c1:52:2e:6c:29:83:51:c2:90:b6:01:d6:25:
21:bc:ba:99:09:26:dc:8e:c2:8a:09:4f:b0:bb:e6:
e3:29:04:3c:d4:65:51:03:c7:cf:4b:13:32:46:d0:
38:8b:83:b6:14:94:7d:71:75:b8:d9:93:84:92:82:
84:46:f8:2f:87:10:a1:4c:ec:73:8e:a2:9a:61:67:
e8:fd:67:dc:a2:eb:51:f2:e8:46:6c:15:b4:02:10:
76:20:c0:f7:5c:3d:01:bb:3a:c4:27:10:67:bb:ae:
f8:e8:d3:da:36:20:86:ae:b7:6b:b3:5e:ec:e7:1f:
29:d7:b4:cf:83:14:21:1f:4a:35:6c:82:71:65:8e:
fb:de:85:b3:86:e0:4e:66:53:18:d6:9c:65:19:4d:
17:fc:50:a5:95:75:a8:50:67:d6:8b:4c:c9:ac:79:
03:3b:26:33:9b:3c:2c:84:29:95:6c:31:68:66:39:
3d:40:c5:2d:85:ab:02:a3:2a:79:3e:c3:c4:7c:06:
95:84:63:31:9b:98:82:a2:e0:63:9f:be:18:d8:a4:
62:4e:7d:12:0b:f2:68:5f:23:4e:95:e6:3b:fe:15:
1b:20:8d:0c:b1:d8:df:fd:45:f8:5d:8f:45:90:a6:
71:e1:5e:2c:6a:f3:21:3e:6e:1d:d5:b5:6a:0b:12:
0f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:3B:E3:F6:D4:90:20:B4:06:BF:68:0B:18:FE:9D:BB:BF:86:9E:E6
X509v3 Authority Key Identifier:
keyid:A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:cf:26:50:02:02:9c:20:af:e8:92:f7:d2:b2:02:d5:ed:2f:
6a:af:44:a3:ae:fa:2d:cd:ed:b2:62:f8:0d:be:07:7a:c1:01:
89:23:46:d7:5e:b9:a1:69:39:85:17:33:67:e8:c5:21:7f:d8:
1b:50:3b:b3:0f:fd:09:e7:30:98:42:26:d1:66:cf:90:e7:8b:
08:60:cb:b2:a4:24:8c:87:86:b9:df:b9:f0:8e:90:f7:d1:8f:
d3:7f:cf:b1:10:df:e8:d0:05:de:27:f3:7f:93:d7:a8:3c:a6:
ac:f3:61:39:d5:8e:19:ad:27:6a:43:fe:3e:9c:09:f7:e4:2b:
29:b9:a8:08:14:02:d2:98:39:3d:cd:e9:10:4c:03:e9:13:23:
19:8e:b0:ea:5f:8d:0d:35:95:ab:c3:eb:14:ee:5d:3a:ee:eb:
c8:59:1e:30:16:b3:44:b6:54:57:9c:fd:21:22:32:ac:e4:01:
dd:b6:f3:31:02:ff:2d:8b:c0:8a:00:c6:62:f1:85:6c:29:66:
d8:70:a0:6f:a9:c9:4c:10:6d:41:12:d5:96:33:a6:18:a2:e7:
83:63:62:e6:bd:f0:99:84:d7:7c:00:3e:2d:05:9d:4a:4e:b0:
3b:d7:3d:dd:1b:f8:45:f7:a9:66:4a:23:86:b7:b0:29:b1:79:
79:0c:01:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkOrEwmXgbQeBRW0RkK+pyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYzk2M2QxYTExZDAwZDM4NGFkZWRmOWJiODZlNTM4NDlh
OWIxOGMwHhcNMjUwNjEyMTMwMDU3WhcNMjUwNjEzMTMwMDU3WjAzMTEwLwYDVQQD
EygzYTNiZTNmNmQ0OTAyMGI0MDZiZjY4MGIxOGZlOWRiYmJmODY5ZWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcFSLmwpg1HCkLYB1iUhvLqZCSbc
jsKKCU+wu+bjKQQ81GVRA8fPSxMyRtA4i4O2FJR9cXW42ZOEkoKERvgvhxChTOxz
jqKaYWfo/WfcoutR8uhGbBW0AhB2IMD3XD0BuzrEJxBnu6746NPaNiCGrrdrs17s
5x8p17TPgxQhH0o1bIJxZY773oWzhuBOZlMY1pxlGU0X/FCllXWoUGfWi0zJrHkD
OyYzmzwshCmVbDFoZjk9QMUthasCoyp5PsPEfAaVhGMxm5iCouBjn74Y2KRiTn0S
C/JoXyNOleY7/hUbII0Msdjf/UX4XY9FkKZx4V4savMhPm4d1bVqCxIPtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDo74/bUkCC0Br9oCxj+nbu/hp7mMB8GA1UdIwQY
MBaAFKPJY9GhHQDThK3t+buG5ThJqbGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2Qt
MTA0MmVhOGUzYmZiLzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2QtMTA0MmVhOGUzYmZi
LzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQc8mUAIC
nCCv6JL30rIC1e0vaq9Eo676Lc3tsmL4Db4HesEBiSNG1165oWk5hRczZ+jFIX/Y
G1A7sw/9CecwmEIm0WbPkOeLCGDLsqQkjIeGud+58I6Q99GP03/PsRDf6NAF3ifz
f5PXqDymrPNhOdWOGa0nakP+PpwJ9+QrKbmoCBQC0pg5Pc3pEEwD6RMjGY6w6l+N
DTWVq8PrFO5dOu7ryFkeMBazRLZUV5z9ISIyrOQB3bbzMQL/LYvAigDGYvGFbClm
2HCgb6nJTBBtQRLVljOmGKLng2Ni5r3wmYTXfAA+LQWdSk6wO9c93Rv4RfepZkoj
hrewKbF5eQwBjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 22:01:32 2025 by rpki-client