Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
File: o8lj0aEdANOEre35u4blOEmpsYw.mft (raw, json)
Hash identifier: bFQjD7TBID06CcjLH8hqsxU4DwhJ/y3mMAHzafCIy3Q=
Subject key identifier: 47:CD:3D:80:B3:AB:D7:D8:9E:62:34:40:F8:19:18:12:D4:1D:A7:09
Authority key identifier: A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C
Certificate issuer: /CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c
Certificate serial: 019DA52F6AF26AE58598BD7198D8E0200D89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
Manifest number: 18CB
Signing time: Sun 19 Apr 2026 10:00:41 +0000
Manifest this update: Sun 19 Apr 2026 10:00:41 +0000
Manifest next update: Mon 20 Apr 2026 10:00:41 +0000
Files and hashes: 1: o8lj0aEdANOEre35u4blOEmpsYw.crl (hash: RkWhZWMonyHhSt87Ffn7ckKquReCYnZFZ56JxW6naqQ=)
2: sbWj3cDEvspo2pzFM90qmBN7XGY.roa (hash: ZCuFftw5Wl2QKtDaCFVmcabJrAkBRibR6g/1SyLs2gs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a5:2f:6a:f2:6a:e5:85:98:bd:71:98:d8:e0:20:0d:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c
Validity
Not Before: Apr 19 10:00:41 2026 GMT
Not After : Apr 20 10:00:41 2026 GMT
Subject: CN=47cd3d80b3abd7d89e623440f8191812d41da709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f0:0b:0b:5e:de:a1:2d:cb:10:41:c1:67:e6:
02:61:ba:45:b6:40:9e:06:a7:20:1b:4e:5c:74:13:
15:03:f0:61:87:e3:8f:a3:d6:4c:ef:70:36:7b:90:
6c:6d:af:24:fc:01:70:b1:95:72:72:bc:06:9c:b6:
0f:13:2c:e9:b0:9f:3d:f0:d6:23:37:ae:9c:d4:42:
be:71:d7:3d:0d:76:78:d2:3e:38:dc:6e:c8:82:70:
9a:67:89:b2:24:6f:87:bc:e3:25:c9:17:4b:df:b8:
4b:d2:6e:0e:05:6d:bc:2c:e9:50:f3:e6:b8:55:92:
2f:6e:b4:1c:39:bf:72:75:a8:97:db:d2:f4:df:7e:
a1:5d:c8:1b:9f:71:af:2a:fe:ce:22:19:a3:84:e2:
27:ee:c8:21:6f:a9:d1:a6:48:ae:af:27:7e:17:40:
2b:d0:9d:44:64:9e:b9:a3:64:9e:58:5c:63:16:d3:
7c:68:56:c3:48:66:f0:ae:8c:6e:ce:86:b6:8d:f7:
9d:9d:2b:18:e6:d9:cb:fe:49:9c:ac:4a:51:8e:91:
7c:c1:41:ba:dd:51:56:fb:8e:b1:20:99:9f:b1:ba:
6a:60:2d:af:6c:16:75:36:0f:9d:a5:0a:a1:b4:61:
74:cc:45:cb:a0:2c:e7:20:ab:1d:4c:ee:7a:67:06:
13:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:CD:3D:80:B3:AB:D7:D8:9E:62:34:40:F8:19:18:12:D4:1D:A7:09
X509v3 Authority Key Identifier:
keyid:A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:76:f1:ed:dc:93:82:07:21:08:e4:45:7f:1d:da:f2:08:3a:
44:ba:85:a5:15:6e:31:90:30:da:77:00:19:26:94:0c:8b:86:
d0:21:af:64:41:f2:b9:84:f5:d9:7c:1c:77:6d:cd:fd:2c:45:
56:db:7a:48:68:88:24:d4:8b:2c:c3:d7:53:90:de:94:d9:94:
85:30:24:90:b9:4f:33:67:86:36:a4:ed:aa:37:23:59:69:8d:
2e:2a:07:07:41:5f:6d:5a:9c:2d:ad:a0:6c:f4:70:e3:5b:b0:
bb:a0:6f:0a:8d:97:05:12:ad:15:78:d6:fe:69:c9:63:4a:b6:
14:11:3b:b4:2f:71:3a:2e:61:8b:f2:4b:66:50:86:c2:96:9d:
66:60:72:6e:cb:7b:17:66:b9:98:2b:26:d3:10:e1:d6:58:7b:
ef:6e:25:bd:6c:e4:3e:66:df:82:24:f6:20:a9:c4:46:26:3b:
2d:f7:9c:4a:2d:f1:13:b6:29:3f:17:39:7b:7f:c9:41:75:e5:
43:63:6b:de:68:7c:33:ba:18:6c:29:02:45:75:2c:a6:df:ef:
ae:af:9e:dc:d6:9e:44:06:79:3e:6c:31:85:db:11:cd:98:1f:
4e:c7:4d:df:ff:b1:ec:a9:24:11:58:5a:f5:68:60:0c:8d:61:
b9:31:3c:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2lL2ryauWFmL1xmNjgIA2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYzk2M2QxYTExZDAwZDM4NGFkZWRmOWJiODZlNTM4NDlh
OWIxOGMwHhcNMjYwNDE5MTAwMDQxWhcNMjYwNDIwMTAwMDQxWjAzMTEwLwYDVQQD
Eyg0N2NkM2Q4MGIzYWJkN2Q4OWU2MjM0NDBmODE5MTgxMmQ0MWRhNzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofALC17eoS3LEEHBZ+YCYbpFtkCe
BqcgG05cdBMVA/Bhh+OPo9ZM73A2e5Bsba8k/AFwsZVycrwGnLYPEyzpsJ898NYj
N66c1EK+cdc9DXZ40j443G7IgnCaZ4myJG+HvOMlyRdL37hL0m4OBW28LOlQ8+a4
VZIvbrQcOb9ydaiX29L0336hXcgbn3GvKv7OIhmjhOIn7sghb6nRpkiuryd+F0Ar
0J1EZJ65o2SeWFxjFtN8aFbDSGbwroxuzoa2jfednSsY5tnL/kmcrEpRjpF8wUG6
3VFW+46xIJmfsbpqYC2vbBZ1Ng+dpQqhtGF0zEXLoCznIKsdTO56ZwYTBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEfNPYCzq9fYnmI0QPgZGBLUHacJMB8GA1UdIwQY
MBaAFKPJY9GhHQDThK3t+buG5ThJqbGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2Qt
MTA0MmVhOGUzYmZiLzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2QtMTA0MmVhOGUzYmZi
LzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACXbx7dyT
ggchCORFfx3a8gg6RLqFpRVuMZAw2ncAGSaUDIuG0CGvZEHyuYT12Xwcd23N/SxF
Vtt6SGiIJNSLLMPXU5DelNmUhTAkkLlPM2eGNqTtqjcjWWmNLioHB0FfbVqcLa2g
bPRw41uwu6BvCo2XBRKtFXjW/mnJY0q2FBE7tC9xOi5hi/JLZlCGwpadZmBybst7
F2a5mCsm0xDh1lh7724lvWzkPmbfgiT2IKnERiY7LfecSi3xE7YpPxc5e3/JQXXl
Q2Nr3mh8M7oYbCkCRXUspt/vrq+e3NaeRAZ5PmwxhdsRzZgfTsdN3/+x7KkkEVha
9WhgDI1huTE8JQ==
-----END CERTIFICATE-----
Generated at Sun Apr 19 14:18:54 2026 by rpki-client