Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft
File: oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft (raw, json)
Hash identifier: Jsjd1GQYRA29XTSqdIGn6QWq4L29aEhIFWE7ceVtFp4=
Subject key identifier: BC:EF:14:ED:D8:CA:CD:92:3A:6B:48:73:8A:C0:AC:68:21:60:09:DC
Authority key identifier: A0:9F:DA:04:7B:3A:0B:1C:82:04:35:E6:99:38:86:60:DA:32:C6:3F
Certificate issuer: /CN=a09fda047b3a0b1c820435e699388660da32c63f
Certificate serial: 019D6BADECECFF694A7E8865C103F70C42C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft
Manifest number: 0805
Signing time: Wed 08 Apr 2026 06:00:53 +0000
Manifest this update: Wed 08 Apr 2026 06:00:53 +0000
Manifest next update: Thu 09 Apr 2026 06:00:53 +0000
Files and hashes: 1: T3IIdcu9O4RqtWN63OnvjHlxoHA.roa (hash: mcKH90gzUrsNVUfzI9EqajlTYUwudYLzyU2jnBM19/w=)
2: oJ_aBHs6CxyCBDXmmTiGYNoyxj8.crl (hash: 6fKxbUA5o6ImQ6k63CUtEPIIJXXJhHPxtDZPo89wCDA=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6b:ad:ec:ec:ff:69:4a:7e:88:65:c1:03:f7:0c:42:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a09fda047b3a0b1c820435e699388660da32c63f
Validity
Not Before: Apr 8 06:00:53 2026 GMT
Not After : Apr 9 06:00:53 2026 GMT
Subject: CN=bcef14edd8cacd923a6b48738ac0ac68216009dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b7:7a:1c:88:cd:9d:f6:68:83:b7:62:1d:0a:
5a:f4:c6:80:c5:a1:c1:10:e7:42:63:bc:c5:f2:d2:
ff:d3:d2:9d:91:b1:aa:3c:c6:26:cf:24:18:53:d2:
16:0f:4a:11:73:96:f5:26:62:a0:85:e8:fa:c6:34:
b8:35:9b:45:d3:ee:48:ab:78:c2:63:63:74:88:d7:
19:f1:d9:4c:1b:80:0a:e9:2d:ec:b1:85:cc:07:39:
cb:19:6e:58:cb:13:55:f9:3e:b8:db:52:0e:af:54:
8d:c6:fb:23:a3:a0:e7:e1:ad:fe:5e:94:1c:85:fa:
44:61:b2:8b:38:c8:2b:c0:12:ca:c7:98:9b:85:1b:
33:1e:db:95:a3:66:6e:fa:c0:ce:7c:9b:62:b2:0e:
70:a9:c8:11:f4:14:b6:b2:e9:67:cd:72:b6:07:b8:
77:89:4b:b0:58:fa:4c:77:48:28:da:a9:9d:d6:ac:
64:60:9d:1c:d0:99:85:91:7f:6e:ab:f5:50:70:33:
51:40:2d:7c:6a:d1:e9:18:99:ae:12:71:ca:5c:b9:
17:06:e0:70:3c:f7:e2:5d:37:89:85:dc:08:a7:a0:
9d:a5:27:df:7c:cf:c3:32:cb:3e:0b:3f:29:76:4d:
2b:31:0b:af:d5:51:eb:96:b7:85:11:25:8b:3a:d0:
72:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:EF:14:ED:D8:CA:CD:92:3A:6B:48:73:8A:C0:AC:68:21:60:09:DC
X509v3 Authority Key Identifier:
keyid:A0:9F:DA:04:7B:3A:0B:1C:82:04:35:E6:99:38:86:60:DA:32:C6:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ac:2f:dd:bc:b9:22:5b:36:36:0a:b9:e5:6a:6d:19:e9:cc:77:
5e:ce:c1:52:0f:4c:e6:f3:33:d4:02:7c:1e:63:c9:3e:86:04:
31:ad:f0:d9:33:fa:f8:ae:e1:7b:15:44:fe:13:0c:8c:23:a0:
db:31:4b:de:55:c8:25:82:66:3d:66:22:2b:4b:af:22:be:63:
a0:b9:ce:0a:a4:43:1a:22:c5:a7:8c:89:42:77:fc:1a:64:9a:
bf:7b:5f:08:dd:38:87:c6:1c:c1:d7:2c:95:c7:55:6a:b4:6b:
0e:b9:64:f9:67:5b:c6:1a:63:05:23:30:b5:7b:e2:6f:b4:8f:
b8:43:7c:02:23:be:cc:29:d1:05:38:fb:8f:17:05:5c:3e:85:
fa:11:94:75:7e:62:bf:37:bc:05:4c:2e:3f:a4:e9:ce:9d:f0:
5a:6d:e1:59:26:04:8a:c6:f6:c2:36:8e:23:fa:b6:8d:2f:4e:
aa:3d:80:c2:13:09:7b:89:0b:05:6c:5c:4d:9b:9c:7f:e6:e2:
0e:1f:a3:11:94:15:7e:6e:22:94:81:f1:da:08:41:ba:46:a9:
00:86:ea:44:b9:1f:2b:6e:56:41:47:fb:3a:f8:24:7a:ca:b5:
e2:c8:32:a6:04:b7:96:f0:45:84:38:26:91:d1:0e:c6:50:37:
a9:cb:47:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ1rrezs/2lKfohlwQP3DELAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOWZkYTA0N2IzYTBiMWM4MjA0MzVlNjk5Mzg4NjYwZGEz
MmM2M2YwHhcNMjYwNDA4MDYwMDUzWhcNMjYwNDA5MDYwMDUzWjAzMTEwLwYDVQQD
EyhiY2VmMTRlZGQ4Y2FjZDkyM2E2YjQ4NzM4YWMwYWM2ODIxNjAwOWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybd6HIjNnfZog7diHQpa9MaAxaHB
EOdCY7zF8tL/09KdkbGqPMYmzyQYU9IWD0oRc5b1JmKghej6xjS4NZtF0+5Iq3jC
Y2N0iNcZ8dlMG4AK6S3ssYXMBznLGW5YyxNV+T6421IOr1SNxvsjo6Dn4a3+XpQc
hfpEYbKLOMgrwBLKx5ibhRszHtuVo2Zu+sDOfJtisg5wqcgR9BS2sulnzXK2B7h3
iUuwWPpMd0go2qmd1qxkYJ0c0JmFkX9uq/VQcDNRQC18atHpGJmuEnHKXLkXBuBw
PPfiXTeJhdwIp6CdpSfffM/DMss+Cz8pdk0rMQuv1VHrlreFESWLOtByOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLzvFO3Yys2SOmtIc4rArGghYAncMB8GA1UdIwQY
MBaAFKCf2gR7OgscggQ15pk4hmDaMsY/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0pfYUJIczZDeHlDQkRYbW1UaUdZTm95eGo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84YjRkMzItMDM2NS00ZGFhLTlkNWIt
Mjk5MjBlNTE2N2Q5LzEvb0pfYUJIczZDeHlDQkRYbW1UaUdZTm95eGo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84YjRkMzItMDM2NS00ZGFhLTlkNWItMjk5MjBlNTE2N2Q5
LzEvb0pfYUJIczZDeHlDQkRYbW1UaUdZTm95eGo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArC/dvLki
WzY2Crnlam0Z6cx3Xs7BUg9M5vMz1AJ8HmPJPoYEMa3w2TP6+K7hexVE/hMMjCOg
2zFL3lXIJYJmPWYiK0uvIr5joLnOCqRDGiLFp4yJQnf8GmSav3tfCN04h8Ycwdcs
lcdVarRrDrlk+WdbxhpjBSMwtXvib7SPuEN8AiO+zCnRBTj7jxcFXD6F+hGUdX5i
vze8BUwuP6Tpzp3wWm3hWSYEisb2wjaOI/q2jS9Oqj2AwhMJe4kLBWxcTZucf+bi
Dh+jEZQVfm4ilIHx2ghBukapAIbqRLkfK25WQUf7Ovgkesq14sgypgS3lvBFhDgm
kdEOxlA3qctH4w==
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:40:43 2026 by rpki-client