Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
File: o8lj0aEdANOEre35u4blOEmpsYw.mft (raw, json)
Hash identifier: kFLNnE5tQuZzumQRcF0V1V+WiHiqHxXz+shHPfR8sZs=
Subject key identifier: 16:7F:12:A4:B6:A0:9F:37:B8:0C:FC:43:83:B9:55:94:9B:43:A0:44
Authority key identifier: A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C
Certificate issuer: /CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c
Certificate serial: 019A4DAACDFA4768D646EECB6D252A380EC9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
Manifest number: 170F
Signing time: Tue 04 Nov 2025 07:00:30 +0000
Manifest this update: Tue 04 Nov 2025 07:00:30 +0000
Manifest next update: Wed 05 Nov 2025 07:00:30 +0000
Files and hashes: 1: 1-9Z39awtCUNqeCcuYwIOQubEoEY.roa (hash: AJvelHrJ42adBWeCqNbgdbqaGB/A4YMI32J/x3+LlBI=)
2: o8lj0aEdANOEre35u4blOEmpsYw.crl (hash: he2Ve8FmEt0XTtalEco79Gc7ltc7V7HZVYwVSYaaUmA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:aa:cd:fa:47:68:d6:46:ee:cb:6d:25:2a:38:0e:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c
Validity
Not Before: Nov 4 07:00:30 2025 GMT
Not After : Nov 5 07:00:30 2025 GMT
Subject: CN=167f12a4b6a09f37b80cfc4383b955949b43a044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a6:ce:77:e6:dc:40:f7:ad:73:cf:b5:14:a6:
fd:18:74:a6:a2:6f:32:c0:c6:37:97:d9:39:d8:b6:
09:99:39:76:ff:2c:a4:e6:6f:1b:af:c0:a3:68:de:
20:6d:aa:87:9b:dd:92:7b:64:5b:91:e9:f2:dd:61:
e7:7c:f8:4f:eb:88:83:9d:76:ec:b1:fd:97:d1:99:
a7:9d:a8:da:ba:b3:71:3b:bd:44:a2:a5:7e:1a:f6:
2d:40:c4:1f:59:0e:6c:65:b9:86:ab:79:a8:1b:95:
a9:d2:0a:7a:f5:15:5c:e6:95:13:17:65:c7:38:54:
e2:79:e7:a5:e3:08:cb:f6:85:99:d8:ec:34:84:5d:
d6:45:7d:68:67:c4:e2:95:97:70:cd:71:3f:0f:25:
f5:ce:4b:db:64:f9:c2:f9:9b:72:ad:a4:24:9f:cd:
4f:a6:12:f5:f2:f3:f1:0d:e8:5e:6d:e5:4f:be:fb:
67:63:03:6e:d6:3f:4e:87:f6:e9:5d:a1:df:f4:5c:
c1:66:7c:ea:53:c0:ec:e8:26:92:5c:01:8f:26:8d:
26:81:44:5c:59:0c:d0:bb:6a:d4:41:64:56:71:58:
6b:48:53:0d:01:eb:c7:48:0a:ff:b7:71:42:82:cb:
18:f0:f7:68:69:bf:23:c1:6c:fc:a6:a7:81:41:ac:
36:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:7F:12:A4:B6:A0:9F:37:B8:0C:FC:43:83:B9:55:94:9B:43:A0:44
X509v3 Authority Key Identifier:
keyid:A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:60:e7:c9:69:1a:a8:8f:6d:12:d1:c3:df:f0:86:07:37:67:
3a:b6:63:96:c3:ee:9b:86:29:2f:2e:34:95:fc:7b:5f:09:9d:
79:74:a4:6d:6a:fd:3f:5e:fa:95:4a:b0:80:42:e3:70:11:9f:
d5:39:69:04:fc:9c:45:b8:ea:6b:48:db:db:3e:fe:b0:01:d9:
0d:70:5a:e7:d0:5b:10:fa:55:f0:7a:b5:11:ef:b2:52:f4:c2:
34:4d:35:2c:4d:d4:9c:2a:37:56:f8:e4:5a:77:40:f9:3a:2e:
10:ae:9b:f0:be:30:f7:db:76:8f:13:66:2e:b7:1c:94:be:19:
9b:25:27:55:6d:1d:8c:62:ae:c9:c2:c6:4e:9a:e6:2a:22:ec:
c2:18:a0:1d:d8:c2:3a:d8:3f:b9:38:ae:0d:f9:6b:46:85:fb:
38:b7:ab:58:ac:4f:f9:86:62:27:ea:04:04:e8:9a:14:9e:c8:
74:38:b4:c4:ef:00:47:ea:b5:25:e7:19:ae:43:01:fe:9b:a4:
e8:d6:38:b5:21:af:1e:74:d0:74:48:ea:60:af:e0:11:cb:93:
8d:c6:85:5e:a7:7b:86:e4:02:17:4f:7f:23:d3:70:f2:a5:41:
2f:d7:df:75:ca:80:d0:56:49:3c:47:1f:cb:61:c3:1d:77:20:
8d:3e:08:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqs36R2jWRu7LbSUqOA7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYzk2M2QxYTExZDAwZDM4NGFkZWRmOWJiODZlNTM4NDlh
OWIxOGMwHhcNMjUxMTA0MDcwMDMwWhcNMjUxMTA1MDcwMDMwWjAzMTEwLwYDVQQD
EygxNjdmMTJhNGI2YTA5ZjM3YjgwY2ZjNDM4M2I5NTU5NDliNDNhMDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqbOd+bcQPetc8+1FKb9GHSmom8y
wMY3l9k52LYJmTl2/yyk5m8br8CjaN4gbaqHm92Se2Rbkeny3WHnfPhP64iDnXbs
sf2X0ZmnnajaurNxO71EoqV+GvYtQMQfWQ5sZbmGq3moG5Wp0gp69RVc5pUTF2XH
OFTieeel4wjL9oWZ2Ow0hF3WRX1oZ8TilZdwzXE/DyX1zkvbZPnC+ZtyraQkn81P
phL18vPxDehebeVPvvtnYwNu1j9Oh/bpXaHf9FzBZnzqU8Ds6CaSXAGPJo0mgURc
WQzQu2rUQWRWcVhrSFMNAevHSAr/t3FCgssY8Pdoab8jwWz8pqeBQaw2NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBZ/EqS2oJ83uAz8Q4O5VZSbQ6BEMB8GA1UdIwQY
MBaAFKPJY9GhHQDThK3t+buG5ThJqbGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2Qt
MTA0MmVhOGUzYmZiLzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2QtMTA0MmVhOGUzYmZi
LzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjGDnyWka
qI9tEtHD3/CGBzdnOrZjlsPum4YpLy40lfx7XwmdeXSkbWr9P176lUqwgELjcBGf
1TlpBPycRbjqa0jb2z7+sAHZDXBa59BbEPpV8Hq1Ee+yUvTCNE01LE3UnCo3Vvjk
WndA+TouEK6b8L4w99t2jxNmLrcclL4ZmyUnVW0djGKuycLGTprmKiLswhigHdjC
Otg/uTiuDflrRoX7OLerWKxP+YZiJ+oEBOiaFJ7IdDi0xO8AR+q1JecZrkMB/puk
6NY4tSGvHnTQdEjqYK/gEcuTjcaFXqd7huQCF09/I9Nw8qVBL9ffdcqA0FZJPEcf
y2HDHXcgjT4IcA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:01:44 2025 by rpki-client