Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
File: o8lj0aEdANOEre35u4blOEmpsYw.mft (raw, json)
Hash identifier: gXo/XQHuQL+Ps+gEsUj6AQ5xrVJ3YPqyQ71M80748Ds=
Subject key identifier: 29:96:29:37:7B:33:D4:E3:2E:6D:AD:C1:A6:CC:BD:CC:B2:93:D7:93
Authority key identifier: A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C
Certificate issuer: /CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c
Certificate serial: 019933B75FC28CDC527AB8C5EAA8912AFE70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
Manifest number: 167D
Signing time: Wed 10 Sep 2025 13:01:19 +0000
Manifest this update: Wed 10 Sep 2025 13:01:19 +0000
Manifest next update: Thu 11 Sep 2025 13:01:19 +0000
Files and hashes: 1: 1-9Z39awtCUNqeCcuYwIOQubEoEY.roa (hash: AJvelHrJ42adBWeCqNbgdbqaGB/A4YMI32J/x3+LlBI=)
2: o8lj0aEdANOEre35u4blOEmpsYw.crl (hash: 6CIGi8VF1i9PnxXC40DKYEIPJ7x0bjgaLlBHVlYD6uI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 13:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:33:b7:5f:c2:8c:dc:52:7a:b8:c5:ea:a8:91:2a:fe:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c
Validity
Not Before: Sep 10 13:01:19 2025 GMT
Not After : Sep 11 13:01:19 2025 GMT
Subject: CN=299629377b33d4e32e6dadc1a6ccbdccb293d793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6c:a2:8f:2f:0c:54:02:76:7b:be:ba:9b:88:
00:61:f3:50:bd:a6:92:1c:6b:98:6b:54:ba:96:49:
bf:ae:42:f8:db:26:ea:12:1e:96:e3:18:ea:d2:fe:
3f:1a:e1:3a:81:b3:63:e1:8b:5b:93:44:95:79:a3:
5b:4f:66:8e:d8:3b:4e:4b:2a:d3:82:1c:0d:0e:32:
fa:2c:f9:80:57:79:06:bf:32:50:52:27:0d:b8:f3:
5e:5c:46:72:bc:a4:ae:22:27:96:21:9b:74:70:10:
b4:a2:d3:ff:e8:f7:67:9b:c8:60:fa:b9:a0:2f:9c:
66:19:4a:0a:35:1a:b4:96:1e:67:b2:1f:a0:56:9b:
b8:01:cc:44:9b:d0:b0:6a:59:a1:3b:35:f0:40:e4:
78:a8:e4:8c:97:50:8e:aa:38:d9:2a:ae:5d:fe:a9:
16:23:26:22:18:14:d8:7c:73:b6:0d:45:11:b7:e5:
8d:85:26:5c:96:9b:2a:10:9a:b3:8b:ee:b8:a3:dd:
38:36:d4:13:62:4b:41:64:9e:85:44:33:8a:52:01:
a1:b4:91:64:f1:86:2b:07:e6:91:f1:56:be:e1:8e:
29:6c:33:1b:6f:84:36:dd:fa:51:3a:fe:df:46:72:
b7:7e:22:55:96:1e:57:21:73:e9:47:31:5b:b8:52:
f2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:96:29:37:7B:33:D4:E3:2E:6D:AD:C1:A6:CC:BD:CC:B2:93:D7:93
X509v3 Authority Key Identifier:
keyid:A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
45:7d:e6:f2:8d:d0:02:9f:72:4e:9b:1b:99:8a:41:ca:30:20:
d0:94:aa:93:e1:1b:13:e7:bd:95:f0:54:dc:52:de:06:fc:02:
77:01:66:3e:11:e7:10:af:c3:e1:be:de:3f:4f:c6:9a:ad:94:
0b:2f:8e:f2:a4:58:d8:8c:c3:25:88:d2:c4:3f:a4:d6:00:f9:
9a:cf:61:a2:46:f5:78:fc:9a:21:41:2f:75:5a:a0:1f:bf:cb:
2f:84:53:cd:50:7f:bf:62:0a:dc:21:6a:c7:a8:ca:78:62:ba:
3e:ac:71:07:f8:20:2e:33:d6:c3:df:fb:1e:02:e7:fb:79:65:
dd:7c:8b:6e:e8:c4:b5:f8:e3:07:7f:55:c6:6e:f7:ec:9a:86:
4b:a9:f4:90:53:8d:89:fb:de:a2:88:a0:55:73:3a:53:48:8d:
b6:96:3a:02:52:4f:af:70:76:cb:b0:39:9e:c4:db:ab:f1:8d:
e6:7a:de:a3:c0:74:f8:1a:e3:04:f3:ba:71:e3:1e:1b:f3:96:
2b:e4:00:d7:9b:1f:e7:d6:02:04:37:6f:e6:5a:d7:8d:8f:28:
d7:8f:bd:38:6b:7b:d8:0d:8b:77:f5:3d:5e:69:39:2c:f3:f1:
74:f6:ea:ab:34:3b:94:ea:d2:9c:98:e3:f7:b5:ea:56:f8:c0:
11:a3:b5:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkzt1/CjNxSerjF6qiRKv5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYzk2M2QxYTExZDAwZDM4NGFkZWRmOWJiODZlNTM4NDlh
OWIxOGMwHhcNMjUwOTEwMTMwMTE5WhcNMjUwOTExMTMwMTE5WjAzMTEwLwYDVQQD
EygyOTk2MjkzNzdiMzNkNGUzMmU2ZGFkYzFhNmNjYmRjY2IyOTNkNzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmyijy8MVAJ2e766m4gAYfNQvaaS
HGuYa1S6lkm/rkL42ybqEh6W4xjq0v4/GuE6gbNj4Ytbk0SVeaNbT2aO2DtOSyrT
ghwNDjL6LPmAV3kGvzJQUicNuPNeXEZyvKSuIieWIZt0cBC0otP/6Pdnm8hg+rmg
L5xmGUoKNRq0lh5nsh+gVpu4AcxEm9CwalmhOzXwQOR4qOSMl1COqjjZKq5d/qkW
IyYiGBTYfHO2DUURt+WNhSZclpsqEJqzi+64o904NtQTYktBZJ6FRDOKUgGhtJFk
8YYrB+aR8Va+4Y4pbDMbb4Q23fpROv7fRnK3fiJVlh5XIXPpRzFbuFLyWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCmWKTd7M9TjLm2twabMvcyyk9eTMB8GA1UdIwQY
MBaAFKPJY9GhHQDThK3t+buG5ThJqbGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2Qt
MTA0MmVhOGUzYmZiLzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2QtMTA0MmVhOGUzYmZi
LzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARX3m8o3Q
Ap9yTpsbmYpByjAg0JSqk+EbE+e9lfBU3FLeBvwCdwFmPhHnEK/D4b7eP0/Gmq2U
Cy+O8qRY2IzDJYjSxD+k1gD5ms9hokb1ePyaIUEvdVqgH7/LL4RTzVB/v2IK3CFq
x6jKeGK6PqxxB/ggLjPWw9/7HgLn+3ll3XyLbujEtfjjB39Vxm737JqGS6n0kFON
ifveooigVXM6U0iNtpY6AlJPr3B2y7A5nsTbq/GN5nreo8B0+BrjBPO6ceMeG/OW
K+QA15sf59YCBDdv5lrXjY8o14+9OGt72A2Ld/U9Xmk5LPPxdPbqqzQ7lOrSnJjj
97XqVvjAEaO1Mg==
-----END CERTIFICATE-----
Generated at Wed Sep 10 23:06:46 2025 by rpki-client