Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft
File: oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft (raw, json)
Hash identifier: TNd5JtruAEdccIWxCLDsJekNrzlPIjKOSG/5TFmi0E8=
Subject key identifier: ED:F3:CA:3A:0C:52:12:1F:8A:6B:50:8A:B6:42:DF:5F:F6:4B:AC:74
Authority key identifier: A0:9F:DA:04:7B:3A:0B:1C:82:04:35:E6:99:38:86:60:DA:32:C6:3F
Certificate issuer: /CN=a09fda047b3a0b1c820435e699388660da32c63f
Certificate serial: 019A4D3D5DC187F9B03615ABF88E32AD768D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft
Manifest number: 0667
Signing time: Tue 04 Nov 2025 05:00:58 +0000
Manifest this update: Tue 04 Nov 2025 05:00:58 +0000
Manifest next update: Wed 05 Nov 2025 05:00:58 +0000
Files and hashes: 1: FfIlEvStYRtAHT_4tgisj2sboIA.roa (hash: u8VtTRQomqZri4fvKgtiux4C4c/ZHFagnd78Z59URa8=)
2: oJ_aBHs6CxyCBDXmmTiGYNoyxj8.crl (hash: CDqwZQZyWbkZgT7LNQTRNDBEkdzHuk2V5KZdAX4vKBE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft
rsync://rpki.ripe.net/repository/DEFAULT/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 05:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:3d:5d:c1:87:f9:b0:36:15:ab:f8:8e:32:ad:76:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a09fda047b3a0b1c820435e699388660da32c63f
Validity
Not Before: Nov 4 05:00:58 2025 GMT
Not After : Nov 5 05:00:58 2025 GMT
Subject: CN=edf3ca3a0c52121f8a6b508ab642df5ff64bac74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:88:59:e7:03:42:46:2e:4f:11:ca:e8:aa:3d:
9f:22:74:ac:77:3b:db:99:48:69:30:15:9e:13:8b:
eb:92:9c:db:8f:4b:bd:77:be:75:2a:fb:09:e7:30:
01:78:df:09:8c:72:6e:70:94:40:a7:f2:6a:dd:8e:
89:40:66:9f:9e:c1:73:77:f0:6c:9f:0c:07:ac:5a:
48:e9:90:0a:75:66:24:e0:27:c3:f4:e0:6b:2a:93:
3d:df:ba:57:b6:1f:44:8d:43:fd:b6:02:30:6c:61:
7d:1b:9a:21:3e:e5:a0:11:2a:e7:e7:6a:6d:f1:f6:
9f:5b:19:ac:10:34:b4:f0:3e:6c:2c:2b:af:cd:18:
b5:14:e9:2a:bb:d8:4d:04:a6:00:74:73:84:ab:9a:
08:c9:43:f6:96:02:62:16:0e:dd:9a:34:c0:c4:4d:
c0:f4:f3:54:15:38:aa:ec:01:2e:cf:4c:e6:41:7a:
81:c4:b7:e3:cd:16:8b:3f:fb:17:a2:8e:0e:eb:6e:
83:78:ac:c4:f4:c8:93:50:db:10:0d:0b:61:69:ac:
3b:ef:4e:cb:e9:6f:4f:03:b3:00:91:67:6b:26:79:
50:e3:99:02:9d:fe:1f:40:d0:d1:b1:c9:02:8d:c6:
5b:6a:73:00:be:8c:65:cb:ff:00:f5:a3:1e:36:5a:
91:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:F3:CA:3A:0C:52:12:1F:8A:6B:50:8A:B6:42:DF:5F:F6:4B:AC:74
X509v3 Authority Key Identifier:
keyid:A0:9F:DA:04:7B:3A:0B:1C:82:04:35:E6:99:38:86:60:DA:32:C6:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:2b:0e:f5:26:e9:42:17:dd:df:e4:79:90:c2:08:f7:de:df:
b5:e0:0d:ba:cf:1f:bd:b7:a6:b3:ba:a8:ab:f8:11:54:36:c2:
8c:bf:59:6a:4b:75:27:b4:ef:04:4e:39:b3:8c:fe:ca:9b:1b:
08:ae:80:eb:fe:dd:de:bf:7e:b1:c5:ba:c3:56:88:5a:d7:65:
0d:89:c2:4f:20:fa:4d:dc:1e:4e:fb:b1:04:b9:51:f7:40:f1:
6e:ab:d3:b5:47:a6:82:b9:44:f6:40:78:28:84:b8:1a:08:b6:
7b:11:5f:1e:b9:cb:32:5d:20:a9:be:ed:3f:60:db:75:cd:16:
41:da:b9:13:0f:54:d7:ff:13:e2:96:b4:12:f7:3d:1d:52:0b:
f1:3c:28:52:56:4c:a2:37:cc:57:d9:ef:53:0a:3e:de:de:60:
00:65:7d:e0:9e:b1:9e:5a:19:11:b4:0e:54:0c:c7:6e:77:32:
65:e7:e1:be:e1:f7:d3:8b:18:a3:c5:87:97:a2:99:21:23:77:
97:1d:6a:cc:4d:63:48:84:b8:c7:f4:d1:79:72:f3:a4:a3:ad:
42:e2:75:f5:cc:9b:78:bb:de:9f:69:cf:4f:7a:f8:bc:3e:6a:
29:c2:11:25:6c:5b:67:fa:a3:a2:69:c8:74:33:21:60:a7:5c:
9a:1d:2a:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNPV3Bh/mwNhWr+I4yrXaNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOWZkYTA0N2IzYTBiMWM4MjA0MzVlNjk5Mzg4NjYwZGEz
MmM2M2YwHhcNMjUxMTA0MDUwMDU4WhcNMjUxMTA1MDUwMDU4WjAzMTEwLwYDVQQD
EyhlZGYzY2EzYTBjNTIxMjFmOGE2YjUwOGFiNjQyZGY1ZmY2NGJhYzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4hZ5wNCRi5PEcroqj2fInSsdzvb
mUhpMBWeE4vrkpzbj0u9d751KvsJ5zABeN8JjHJucJRAp/Jq3Y6JQGafnsFzd/Bs
nwwHrFpI6ZAKdWYk4CfD9OBrKpM937pXth9EjUP9tgIwbGF9G5ohPuWgESrn52pt
8fafWxmsEDS08D5sLCuvzRi1FOkqu9hNBKYAdHOEq5oIyUP2lgJiFg7dmjTAxE3A
9PNUFTiq7AEuz0zmQXqBxLfjzRaLP/sXoo4O626DeKzE9MiTUNsQDQthaaw7707L
6W9PA7MAkWdrJnlQ45kCnf4fQNDRsckCjcZbanMAvoxly/8A9aMeNlqR6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO3zyjoMUhIfimtQirZC31/2S6x0MB8GA1UdIwQY
MBaAFKCf2gR7OgscggQ15pk4hmDaMsY/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0pfYUJIczZDeHlDQkRYbW1UaUdZTm95eGo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84YjRkMzItMDM2NS00ZGFhLTlkNWIt
Mjk5MjBlNTE2N2Q5LzEvb0pfYUJIczZDeHlDQkRYbW1UaUdZTm95eGo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84YjRkMzItMDM2NS00ZGFhLTlkNWItMjk5MjBlNTE2N2Q5
LzEvb0pfYUJIczZDeHlDQkRYbW1UaUdZTm95eGo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkSsO9Sbp
Qhfd3+R5kMII997fteANus8fvbems7qoq/gRVDbCjL9Zakt1J7TvBE45s4z+ypsb
CK6A6/7d3r9+scW6w1aIWtdlDYnCTyD6TdweTvuxBLlR90DxbqvTtUemgrlE9kB4
KIS4Ggi2exFfHrnLMl0gqb7tP2Dbdc0WQdq5Ew9U1/8T4pa0Evc9HVIL8TwoUlZM
ojfMV9nvUwo+3t5gAGV94J6xnloZEbQOVAzHbncyZefhvuH304sYo8WHl6KZISN3
lx1qzE1jSIS4x/TReXLzpKOtQuJ19cybeLven2nPT3r4vD5qKcIRJWxbZ/qjomnI
dDMhYKdcmh0q1A==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:15:57 2025 by rpki-client