
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
File: o8lj0aEdANOEre35u4blOEmpsYw.mft (raw, json)
Hash identifier: 23zt0GWClsEMEEVkKoga6c927Yli/onnrpdJ51Rl1E4=
Subject key identifier: 1B:78:24:74:7B:E4:05:BE:6B:A2:17:E2:BD:11:EA:10:81:D4:B6:95
Authority key identifier: A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C
Certificate issuer: /CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c
Certificate serial: 019752D8D77680503905A9BF25A657DFBCC8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
Manifest number: 1584
Signing time: Mon 09 Jun 2025 04:00:31 +0000
Manifest this update: Mon 09 Jun 2025 04:00:31 +0000
Manifest next update: Tue 10 Jun 2025 04:00:31 +0000
Files and hashes: 1: 1-9Z39awtCUNqeCcuYwIOQubEoEY.roa (hash: AJvelHrJ42adBWeCqNbgdbqaGB/A4YMI32J/x3+LlBI=)
2: o8lj0aEdANOEre35u4blOEmpsYw.crl (hash: wr/4wWGrx12MnUKn+xWQ4xZBFuuRl7wXSQdp6TVCeZo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 04:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:52:d8:d7:76:80:50:39:05:a9:bf:25:a6:57:df:bc:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c
Validity
Not Before: Jun 9 04:00:31 2025 GMT
Not After : Jun 10 04:00:31 2025 GMT
Subject: CN=1b7824747be405be6ba217e2bd11ea1081d4b695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c8:b6:14:18:70:e3:7e:a2:67:76:cf:6f:6b:
42:a7:35:3c:12:d2:d3:f7:2a:aa:9a:c0:e2:07:f1:
ad:30:b4:1f:1e:ee:7c:f2:5a:25:08:df:32:cf:26:
55:18:0e:e4:d4:e2:bc:2a:23:85:a2:f8:c3:32:79:
4e:a1:a5:37:47:31:4e:27:01:82:eb:74:77:f9:3a:
a1:45:6f:c9:f3:8d:04:a8:d6:68:00:a3:92:4d:56:
b9:bf:ff:80:94:66:91:61:64:10:23:a4:2e:a2:7a:
1a:8b:b1:80:d8:1c:a3:58:1a:6a:3c:0d:37:9b:54:
db:83:6a:c9:7f:3d:7c:5c:7d:0e:67:c8:bb:25:de:
12:73:2f:90:81:76:94:c2:90:e7:4a:8c:77:22:2a:
cf:91:35:c1:3e:07:58:d0:2e:75:59:da:37:07:1f:
d0:80:f9:0c:4e:8a:27:b4:a7:31:76:e6:13:90:3d:
b5:35:a5:61:0d:b6:a6:7c:78:8a:75:1d:98:2d:f2:
96:68:c6:e5:77:18:fd:0b:93:92:45:6f:37:6d:d9:
3c:c7:1d:81:3e:b5:f8:a6:3b:37:53:e9:d8:bf:e8:
1c:b2:51:25:69:7c:fc:74:9b:04:a7:2c:f4:cf:66:
1e:aa:ac:72:16:1c:3d:23:0e:c9:05:52:7c:30:b4:
72:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:78:24:74:7B:E4:05:BE:6B:A2:17:E2:BD:11:EA:10:81:D4:B6:95
X509v3 Authority Key Identifier:
keyid:A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b1:b9:04:f3:d5:11:0c:66:4a:13:49:29:b1:6e:29:5e:57:27:
e0:af:d4:a5:d1:e4:4e:1c:82:8e:5b:ce:e3:39:6b:15:b7:1c:
8f:a4:f3:f8:7e:c2:95:62:07:dc:6d:c3:53:ff:37:aa:2e:77:
f7:3e:08:78:ab:f6:ed:c2:78:01:67:e7:f9:cc:a3:00:5c:78:
1a:95:8c:bd:e0:b8:ed:3a:d1:e5:14:c8:29:02:90:8a:c3:f5:
77:2b:7f:76:0d:ef:a2:ec:02:0b:2d:95:86:ff:d5:38:e8:bb:
83:86:ea:0a:0e:c5:20:ad:97:e5:9f:86:e1:17:e1:58:00:19:
16:df:23:a5:61:6e:ea:72:a0:4e:1e:4a:2b:ef:5e:b8:ec:4d:
69:df:9e:1f:4a:53:a4:43:39:ab:7d:76:21:7f:5a:65:55:40:
86:f7:c6:10:24:94:5a:33:41:2b:d4:dd:a5:b2:90:55:26:41:
ec:b7:b4:a4:5a:42:9d:46:ac:36:b9:01:d4:2f:4f:19:12:84:
62:c9:76:94:f3:a3:98:ba:2d:c9:eb:a4:70:02:5d:ed:b2:ee:
89:c1:b3:bd:cd:5e:60:0c:05:36:3d:5b:6f:65:ad:55:92:c8:
6a:36:b1:32:af:37:77:b5:23:43:1c:b9:f6:08:b7:f1:59:49:
69:35:df:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdS2Nd2gFA5Bam/JaZX37zIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYzk2M2QxYTExZDAwZDM4NGFkZWRmOWJiODZlNTM4NDlh
OWIxOGMwHhcNMjUwNjA5MDQwMDMxWhcNMjUwNjEwMDQwMDMxWjAzMTEwLwYDVQQD
EygxYjc4MjQ3NDdiZTQwNWJlNmJhMjE3ZTJiZDExZWExMDgxZDRiNjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsi2FBhw436iZ3bPb2tCpzU8EtLT
9yqqmsDiB/GtMLQfHu588lolCN8yzyZVGA7k1OK8KiOFovjDMnlOoaU3RzFOJwGC
63R3+TqhRW/J840EqNZoAKOSTVa5v/+AlGaRYWQQI6Quonoai7GA2ByjWBpqPA03
m1Tbg2rJfz18XH0OZ8i7Jd4Scy+QgXaUwpDnSox3IirPkTXBPgdY0C51Wdo3Bx/Q
gPkMToontKcxduYTkD21NaVhDbamfHiKdR2YLfKWaMbldxj9C5OSRW83bdk8xx2B
PrX4pjs3U+nYv+gcslElaXz8dJsEpyz0z2YeqqxyFhw9Iw7JBVJ8MLRyzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBt4JHR75AW+a6IX4r0R6hCB1LaVMB8GA1UdIwQY
MBaAFKPJY9GhHQDThK3t+buG5ThJqbGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2Qt
MTA0MmVhOGUzYmZiLzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2QtMTA0MmVhOGUzYmZi
LzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsbkE89UR
DGZKE0kpsW4pXlcn4K/UpdHkThyCjlvO4zlrFbccj6Tz+H7ClWIH3G3DU/83qi53
9z4IeKv27cJ4AWfn+cyjAFx4GpWMveC47TrR5RTIKQKQisP1dyt/dg3vouwCCy2V
hv/VOOi7g4bqCg7FIK2X5Z+G4RfhWAAZFt8jpWFu6nKgTh5KK+9euOxNad+eH0pT
pEM5q312IX9aZVVAhvfGECSUWjNBK9TdpbKQVSZB7Le0pFpCnUasNrkB1C9PGRKE
Ysl2lPOjmLotyeukcAJd7bLuicGzvc1eYAwFNj1bb2WtVZLIajaxMq83d7UjQxy5
9gi38VlJaTXfFA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:40:40 2025 by rpki-client