Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
File: o8lj0aEdANOEre35u4blOEmpsYw.mft (raw, json)
Hash identifier: T03FH0lN8FP/l7e/U/xSQBMzD0cjbfEhSILoA8BQqnk=
Subject key identifier: 4F:B0:7F:9E:E6:B3:A8:B9:6B:0C:5C:38:F8:50:9E:EA:AF:E6:D3:99
Authority key identifier: A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C
Certificate issuer: /CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c
Certificate serial: 019A251CA559CEA4228FB4005AFA6CF4AB4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
Manifest number: 16FA
Signing time: Mon 27 Oct 2025 10:00:25 +0000
Manifest this update: Mon 27 Oct 2025 10:00:25 +0000
Manifest next update: Tue 28 Oct 2025 10:00:25 +0000
Files and hashes: 1: 1-9Z39awtCUNqeCcuYwIOQubEoEY.roa (hash: AJvelHrJ42adBWeCqNbgdbqaGB/A4YMI32J/x3+LlBI=)
2: o8lj0aEdANOEre35u4blOEmpsYw.crl (hash: CSqxBGLeyqM7RP/CeA3Oy3mCZsREMhszMBmgcR36ZKU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 08:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:25:1c:a5:59:ce:a4:22:8f:b4:00:5a:fa:6c:f4:ab:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c
Validity
Not Before: Oct 27 10:00:25 2025 GMT
Not After : Oct 28 10:00:25 2025 GMT
Subject: CN=4fb07f9ee6b3a8b96b0c5c38f8509eeaafe6d399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b9:56:eb:a1:c5:1f:40:4f:f6:e1:c2:05:82:
1f:00:82:6b:c5:75:b2:4e:3e:6a:f6:5b:fc:27:41:
a8:7e:56:04:ea:94:5c:1b:f8:60:6d:37:d8:5e:21:
d0:94:88:18:fe:86:e3:b8:f3:af:c3:52:a7:d3:41:
d0:50:14:82:b0:af:93:9e:b3:c6:0d:b3:f3:7f:14:
bb:68:26:57:ff:10:b6:e8:d2:ad:d8:f2:52:97:41:
b1:4d:f6:77:4a:8b:76:5c:01:06:0e:a8:37:93:23:
2d:63:1e:77:e5:d8:fb:82:87:36:f2:0a:c6:1d:32:
2b:d6:65:b6:14:76:35:cb:31:21:2f:7a:fe:6b:fd:
0f:77:7f:99:09:fd:2c:47:e1:07:a9:e2:2b:74:f1:
45:ea:74:83:b8:10:a8:db:9d:87:79:5e:21:0a:0d:
e0:83:3f:ff:f8:7c:8d:95:62:e4:ba:81:d4:20:29:
40:43:02:3f:c8:62:9c:cc:42:67:8d:ec:33:61:6e:
41:94:d2:8c:fb:dc:ee:5d:36:b4:f6:d8:1b:b9:a6:
84:3b:f4:2b:c0:e7:2b:a1:0b:48:46:04:c1:81:d6:
07:b8:26:62:6c:dc:bd:27:6b:85:77:31:21:26:bb:
72:0c:ae:22:db:00:31:79:cd:e1:b8:76:30:7f:cd:
a9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B0:7F:9E:E6:B3:A8:B9:6B:0C:5C:38:F8:50:9E:EA:AF:E6:D3:99
X509v3 Authority Key Identifier:
keyid:A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
92:c4:46:4b:ac:58:ac:73:16:3a:8f:75:c1:7c:90:c6:a8:04:
20:0c:1f:42:e1:ea:e9:b0:43:ee:6c:60:aa:6a:aa:4a:bc:83:
76:b3:a1:68:2d:db:eb:08:4e:99:1d:5e:16:4d:9a:af:88:40:
0d:98:d2:bd:8c:3a:6d:9d:e0:2b:cc:1a:99:d3:29:de:f1:ab:
48:b7:24:a6:6f:cd:90:fe:60:6c:29:cb:4f:c1:d2:f7:0b:f8:
fc:77:98:a1:a8:56:5c:ab:cd:8b:69:a1:3a:fb:27:f0:6f:58:
e1:1e:b9:aa:d0:6b:0b:be:64:2a:b1:65:ea:93:25:63:c9:7b:
15:8e:ba:46:ec:85:6d:c6:7d:cf:fc:cd:7a:f7:69:7e:00:0d:
07:ae:a6:19:4a:68:cd:a2:5d:43:0f:69:47:cd:c6:a1:2e:38:
be:6c:84:60:33:25:de:d2:7f:61:8b:db:30:71:2a:30:be:2f:
1f:a3:68:b8:1a:8c:bb:90:1a:00:98:ab:17:d6:fa:93:0c:9f:
ed:f8:50:ac:43:92:67:ae:58:f0:94:d3:8a:94:df:c5:7e:3f:
9e:ab:9e:3b:a3:7d:2c:70:cd:50:55:a1:96:f0:46:2f:d4:16:
a7:50:d5:d6:72:c9:bb:ab:2c:0f:ed:8b:ce:86:1b:1e:b2:7f:
d5:66:06:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZolHKVZzqQij7QAWvps9KtNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYzk2M2QxYTExZDAwZDM4NGFkZWRmOWJiODZlNTM4NDlh
OWIxOGMwHhcNMjUxMDI3MTAwMDI1WhcNMjUxMDI4MTAwMDI1WjAzMTEwLwYDVQQD
Eyg0ZmIwN2Y5ZWU2YjNhOGI5NmIwYzVjMzhmODUwOWVlYWFmZTZkMzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtblW66HFH0BP9uHCBYIfAIJrxXWy
Tj5q9lv8J0GoflYE6pRcG/hgbTfYXiHQlIgY/objuPOvw1Kn00HQUBSCsK+TnrPG
DbPzfxS7aCZX/xC26NKt2PJSl0GxTfZ3Sot2XAEGDqg3kyMtYx535dj7goc28grG
HTIr1mW2FHY1yzEhL3r+a/0Pd3+ZCf0sR+EHqeIrdPFF6nSDuBCo252HeV4hCg3g
gz//+HyNlWLkuoHUIClAQwI/yGKczEJnjewzYW5BlNKM+9zuXTa09tgbuaaEO/Qr
wOcroQtIRgTBgdYHuCZibNy9J2uFdzEhJrtyDK4i2wAxec3huHYwf82pBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE+wf57ms6i5awxcOPhQnuqv5tOZMB8GA1UdIwQY
MBaAFKPJY9GhHQDThK3t+buG5ThJqbGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2Qt
MTA0MmVhOGUzYmZiLzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2QtMTA0MmVhOGUzYmZi
LzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAksRGS6xY
rHMWOo91wXyQxqgEIAwfQuHq6bBD7mxgqmqqSryDdrOhaC3b6whOmR1eFk2ar4hA
DZjSvYw6bZ3gK8wamdMp3vGrSLckpm/NkP5gbCnLT8HS9wv4/HeYoahWXKvNi2mh
Ovsn8G9Y4R65qtBrC75kKrFl6pMlY8l7FY66RuyFbcZ9z/zNevdpfgANB66mGUpo
zaJdQw9pR83GoS44vmyEYDMl3tJ/YYvbMHEqML4vH6NouBqMu5AaAJirF9b6kwyf
7fhQrEOSZ65Y8JTTipTfxX4/nqueO6N9LHDNUFWhlvBGL9QWp1DV1nLJu6ssD+2L
zoYbHrJ/1WYGUw==
-----END CERTIFICATE-----
Generated at Mon Oct 27 12:10:55 2025 by rpki-client