Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/394d07-05cc-4f72-bd46-289696cc99b9/1/o8-bZGUWkotdBsKoGestvA_pkgo.mft
File: o8-bZGUWkotdBsKoGestvA_pkgo.mft (raw, json)
Hash identifier: RCx2Vicn2zBiZ49Adw2s32fu07ELYwa3uDZTGRcgnPo=
Subject key identifier: 85:E0:D5:67:9C:FA:2B:C5:9B:0A:14:5C:22:24:38:51:86:9D:EA:3F
Authority key identifier: A3:CF:9B:64:65:16:92:8B:5D:06:C2:A8:19:EB:2D:BC:0F:E9:92:0A
Certificate issuer: /CN=a3cf9b646516928b5d06c2a819eb2dbc0fe9920a
Certificate serial: 019D284E1E527C9E80731BAAD059BC00E9C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o8-bZGUWkotdBsKoGestvA_pkgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/394d07-05cc-4f72-bd46-289696cc99b9/1/o8-bZGUWkotdBsKoGestvA_pkgo.mft
Manifest number: 02DA
Signing time: Thu 26 Mar 2026 04:01:41 +0000
Manifest this update: Thu 26 Mar 2026 04:01:41 +0000
Manifest next update: Fri 27 Mar 2026 04:01:41 +0000
Files and hashes: 1: 699-AVQHq9A-mOz16n5eWo61zOY.roa (hash: qmU7lIRPt6s/fJ1Asi4/dDcElLOynVYiN3n5hO5Ttcc=)
2: o8-bZGUWkotdBsKoGestvA_pkgo.crl (hash: X8Ygh1w+SXo0UrB7sMeOVvGiXPSRluF4wUzSCgAhujA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/394d07-05cc-4f72-bd46-289696cc99b9/1/o8-bZGUWkotdBsKoGestvA_pkgo.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/394d07-05cc-4f72-bd46-289696cc99b9/1/o8-bZGUWkotdBsKoGestvA_pkgo.mft
rsync://rpki.ripe.net/repository/DEFAULT/o8-bZGUWkotdBsKoGestvA_pkgo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 04:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:4e:1e:52:7c:9e:80:73:1b:aa:d0:59:bc:00:e9:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3cf9b646516928b5d06c2a819eb2dbc0fe9920a
Validity
Not Before: Mar 26 04:01:41 2026 GMT
Not After : Mar 27 04:01:41 2026 GMT
Subject: CN=85e0d5679cfa2bc59b0a145c22243851869dea3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6b:82:b1:f8:12:5b:70:bc:6c:af:c1:0a:af:
21:af:e9:32:41:fe:b7:31:d4:67:61:e9:4a:c4:b0:
e4:d3:5b:e9:45:73:f9:0d:cd:54:57:f8:47:a9:cc:
07:f3:f8:c7:0a:66:53:2b:f7:63:93:96:c7:38:29:
58:49:9c:ff:cc:6f:80:bd:49:14:f1:33:f6:98:ab:
22:d1:f2:58:a8:65:91:fa:1c:da:09:a4:52:7c:6c:
0d:47:16:a3:a2:d0:87:c6:40:46:b8:b7:51:18:15:
55:f4:a8:4c:94:5a:4f:ce:1d:4d:aa:74:ea:59:fa:
79:03:f8:e7:db:ef:a8:4f:2f:62:47:fe:88:eb:20:
73:63:35:2a:ce:59:93:74:dd:de:3b:96:10:a9:87:
fe:a2:ae:32:6c:c5:4f:43:7e:ba:18:9d:db:35:c8:
a4:fb:06:7c:06:67:c2:d4:32:96:8c:7b:84:26:7d:
63:a6:ff:6c:cc:92:73:55:31:ba:dd:cc:c6:6c:a6:
a0:b4:5f:1c:0f:2d:b8:af:02:95:9b:92:5c:4c:91:
57:3e:8c:e4:d9:c2:01:3a:6d:09:33:3a:ac:3c:7a:
30:68:c6:3d:46:0c:28:56:18:69:70:b9:c4:db:5a:
9b:6d:3e:85:77:fe:9b:97:6b:45:43:d9:62:87:cb:
d9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E0:D5:67:9C:FA:2B:C5:9B:0A:14:5C:22:24:38:51:86:9D:EA:3F
X509v3 Authority Key Identifier:
keyid:A3:CF:9B:64:65:16:92:8B:5D:06:C2:A8:19:EB:2D:BC:0F:E9:92:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8-bZGUWkotdBsKoGestvA_pkgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/394d07-05cc-4f72-bd46-289696cc99b9/1/o8-bZGUWkotdBsKoGestvA_pkgo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/394d07-05cc-4f72-bd46-289696cc99b9/1/o8-bZGUWkotdBsKoGestvA_pkgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:af:f1:50:24:e0:4c:84:1f:a7:a4:fc:bb:43:b5:a4:85:cf:
58:3d:d0:a4:9e:26:43:52:dd:73:1f:35:6c:69:96:cb:21:5b:
40:cc:51:81:45:b9:2b:c7:71:53:79:9d:d3:c6:fe:25:82:b2:
57:bf:59:5e:5e:33:f7:f4:d7:92:7f:31:da:2f:95:b8:be:4a:
57:af:64:23:c8:29:30:8f:a5:85:6e:83:e2:a2:f6:95:75:c3:
33:d4:82:fd:38:d7:9c:92:9c:ce:34:fd:80:e1:0e:82:14:73:
98:0b:c1:f1:8b:b3:bf:f8:d2:50:16:69:be:78:4a:21:a3:36:
cc:9b:2d:26:b8:cc:26:1f:27:30:2c:83:99:22:14:9b:05:fb:
3c:c8:ee:4e:64:d0:6f:5d:b5:ff:3e:a3:9f:a6:01:f4:1f:4a:
7f:7a:52:5f:a9:46:ee:a0:a8:1f:f2:b8:50:5c:fe:ff:e7:24:
18:9d:9f:cf:91:9f:ab:dc:bb:bb:30:7e:f5:1e:dc:c4:88:53:
a5:6e:b4:dd:20:40:46:00:4e:3e:7c:2e:f5:f4:39:11:69:30:
01:5f:41:fd:2c:10:f3:9e:25:d2:51:6c:28:da:a6:b9:2c:db:
22:68:fa:f0:bc:f5:85:3f:58:ba:ba:74:ce:40:c3:67:ee:73:
53:59:3f:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTh5SfJ6Acxuq0Fm8AOnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzY2Y5YjY0NjUxNjkyOGI1ZDA2YzJhODE5ZWIyZGJjMGZl
OTkyMGEwHhcNMjYwMzI2MDQwMTQxWhcNMjYwMzI3MDQwMTQxWjAzMTEwLwYDVQQD
Eyg4NWUwZDU2NzljZmEyYmM1OWIwYTE0NWMyMjI0Mzg1MTg2OWRlYTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomuCsfgSW3C8bK/BCq8hr+kyQf63
MdRnYelKxLDk01vpRXP5Dc1UV/hHqcwH8/jHCmZTK/djk5bHOClYSZz/zG+AvUkU
8TP2mKsi0fJYqGWR+hzaCaRSfGwNRxajotCHxkBGuLdRGBVV9KhMlFpPzh1NqnTq
Wfp5A/jn2++oTy9iR/6I6yBzYzUqzlmTdN3eO5YQqYf+oq4ybMVPQ366GJ3bNcik
+wZ8BmfC1DKWjHuEJn1jpv9szJJzVTG63czGbKagtF8cDy24rwKVm5JcTJFXPozk
2cIBOm0JMzqsPHowaMY9RgwoVhhpcLnE21qbbT6Fd/6bl2tFQ9lih8vZjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIXg1Wec+ivFmwoUXCIkOFGGneo/MB8GA1UdIwQY
MBaAFKPPm2RlFpKLXQbCqBnrLbwP6ZIKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzgtYlpHVVdrb3RkQnNLb0dlc3R2QV9wa2dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zOTRkMDctMDVjYy00ZjcyLWJkNDYt
Mjg5Njk2Y2M5OWI5LzEvbzgtYlpHVVdrb3RkQnNLb0dlc3R2QV9wa2dvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zOTRkMDctMDVjYy00ZjcyLWJkNDYtMjg5Njk2Y2M5OWI5
LzEvbzgtYlpHVVdrb3RkQnNLb0dlc3R2QV9wa2dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVq/xUCTg
TIQfp6T8u0O1pIXPWD3QpJ4mQ1Ldcx81bGmWyyFbQMxRgUW5K8dxU3md08b+JYKy
V79ZXl4z9/TXkn8x2i+VuL5KV69kI8gpMI+lhW6D4qL2lXXDM9SC/TjXnJKczjT9
gOEOghRzmAvB8Yuzv/jSUBZpvnhKIaM2zJstJrjMJh8nMCyDmSIUmwX7PMjuTmTQ
b121/z6jn6YB9B9Kf3pSX6lG7qCoH/K4UFz+/+ckGJ2fz5Gfq9y7uzB+9R7cxIhT
pW603SBARgBOPnwu9fQ5EWkwAV9B/SwQ854l0lFsKNqmuSzbImj68Lz1hT9Yurp0
zkDDZ+5zU1k/ww==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:27:21 2026 by rpki-client