Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.mft
File: oLalsaFMhtTPtGxOhuzUBmgEzJA.mft (raw, json)
Hash identifier: h2BbFTJyUScVtZPyTDbgXnCrRabAtw740Hsx4zA+8JU=
Subject key identifier: F7:F8:E2:53:3F:BC:DC:43:CA:9E:0C:35:19:4F:F1:C4:F0:77:C5:B1
Authority key identifier: A0:B6:A5:B1:A1:4C:86:D4:CF:B4:6C:4E:86:EC:D4:06:68:04:CC:90
Certificate issuer: /CN=a0b6a5b1a14c86d4cfb46c4e86ecd4066804cc90
Certificate serial: 0199FC8F760DEF9E4EB2E934616B5F5FFDEC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oLalsaFMhtTPtGxOhuzUBmgEzJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.mft
Manifest number: 06FE
Signing time: Sun 19 Oct 2025 13:01:24 +0000
Manifest this update: Sun 19 Oct 2025 13:01:24 +0000
Manifest next update: Mon 20 Oct 2025 13:01:24 +0000
Files and hashes: 1: MCk_wjcNWplBl8XuQ-Q-tXaOPdg.roa (hash: FrFfJHN2MqG7rUNbBMB2RUeLHgQ0eftZ7IS2VaSzx58=)
2: oLalsaFMhtTPtGxOhuzUBmgEzJA.crl (hash: Cd2JvC++4Zz9sfa8g9+/pu8fmPCu3Solz27SsO9outY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/oLalsaFMhtTPtGxOhuzUBmgEzJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 13:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:8f:76:0d:ef:9e:4e:b2:e9:34:61:6b:5f:5f:fd:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0b6a5b1a14c86d4cfb46c4e86ecd4066804cc90
Validity
Not Before: Oct 19 13:01:24 2025 GMT
Not After : Oct 20 13:01:24 2025 GMT
Subject: CN=f7f8e2533fbcdc43ca9e0c35194ff1c4f077c5b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ad:c8:78:59:e9:7e:22:f8:ff:e7:a4:8f:e3:
16:aa:a6:5c:5d:40:de:32:1e:3c:c2:f6:c8:f8:1b:
92:b1:c8:20:a7:06:28:16:65:30:6e:ca:26:e3:2d:
5d:bc:54:12:e1:a3:6e:fb:69:f9:88:ba:fd:36:7b:
28:75:dd:4f:e6:30:8f:d8:11:b3:0d:b6:a6:df:9f:
d0:da:6e:93:78:00:fd:14:33:67:d4:0b:20:d6:7d:
43:c9:9b:73:df:b8:16:af:7c:2a:49:61:fb:bf:45:
a6:5c:e5:55:8e:d0:bc:23:f4:0c:66:55:18:03:48:
c7:bc:42:a5:88:46:2d:e6:3b:22:1f:af:bc:37:c3:
52:dd:b5:5f:24:cb:77:49:68:31:ef:07:f9:c8:86:
57:ec:b6:54:97:be:8f:d7:4c:4a:b9:b3:20:60:fb:
02:b7:c5:7b:07:5e:84:75:d7:71:d1:68:6b:53:c3:
dc:e7:08:10:80:94:9e:08:91:c3:fc:7f:a6:39:7d:
3c:28:d6:62:97:81:3e:38:90:26:4d:95:69:43:af:
c5:4e:c7:2b:10:66:ad:61:4c:69:74:4e:19:21:6b:
94:56:b2:00:8b:58:7a:99:03:63:de:e9:f2:35:bd:
d8:8e:89:b4:25:f1:cc:06:99:0e:2b:73:6d:e7:6d:
e1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:F8:E2:53:3F:BC:DC:43:CA:9E:0C:35:19:4F:F1:C4:F0:77:C5:B1
X509v3 Authority Key Identifier:
keyid:A0:B6:A5:B1:A1:4C:86:D4:CF:B4:6C:4E:86:EC:D4:06:68:04:CC:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oLalsaFMhtTPtGxOhuzUBmgEzJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:bb:43:a8:6d:3e:5a:d1:08:cf:d8:d0:ba:0d:70:3f:32:01:
78:61:28:ca:99:5c:e6:9d:13:25:38:9d:02:7e:1d:5d:fe:5c:
4e:fd:ea:75:31:83:1a:05:4d:7f:5c:5a:37:50:21:6f:7e:fd:
94:2a:17:86:95:3b:5b:45:c2:31:e6:22:7f:a0:40:4e:48:56:
24:7a:ce:c4:e1:e5:ac:df:eb:e9:6a:25:6c:4d:b0:55:40:01:
3d:b6:c8:af:8f:35:ba:d5:21:5b:80:d6:94:67:96:19:42:84:
23:43:b3:67:52:1f:30:46:ec:43:23:2d:0f:18:d5:a7:0f:c8:
de:3f:47:c0:6e:77:3b:b2:b5:4b:d1:87:ce:ef:84:f5:89:e0:
3c:0a:6f:2b:68:bb:1a:7e:77:5f:9f:59:2f:0e:8d:8b:50:d3:
f7:ef:48:19:6c:1b:22:01:23:da:fc:9d:4a:04:66:e2:92:02:
60:dd:0e:68:ec:5f:50:4d:57:ee:76:24:35:ea:46:5e:63:08:
20:2e:a7:65:de:4c:cb:01:84:e4:23:15:3c:a6:68:b3:f6:d8:
04:2f:e8:29:21:21:0e:33:a3:68:22:cc:5e:54:3a:15:0f:0b:
1a:3c:7d:5e:9b:51:86:2d:2e:9b:fb:2d:16:f9:76:b4:e3:19:
28:31:2d:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j3YN755Osuk0YWtfX/3sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYjZhNWIxYTE0Yzg2ZDRjZmI0NmM0ZTg2ZWNkNDA2Njgw
NGNjOTAwHhcNMjUxMDE5MTMwMTI0WhcNMjUxMDIwMTMwMTI0WjAzMTEwLwYDVQQD
EyhmN2Y4ZTI1MzNmYmNkYzQzY2E5ZTBjMzUxOTRmZjFjNGYwNzdjNWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0a3IeFnpfiL4/+ekj+MWqqZcXUDe
Mh48wvbI+BuSscggpwYoFmUwbsom4y1dvFQS4aNu+2n5iLr9Nnsodd1P5jCP2BGz
Dbam35/Q2m6TeAD9FDNn1Asg1n1DyZtz37gWr3wqSWH7v0WmXOVVjtC8I/QMZlUY
A0jHvEKliEYt5jsiH6+8N8NS3bVfJMt3SWgx7wf5yIZX7LZUl76P10xKubMgYPsC
t8V7B16Edddx0WhrU8Pc5wgQgJSeCJHD/H+mOX08KNZil4E+OJAmTZVpQ6/FTscr
EGatYUxpdE4ZIWuUVrIAi1h6mQNj3unyNb3Yjom0JfHMBpkOK3Nt523h/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPf44lM/vNxDyp4MNRlP8cTwd8WxMB8GA1UdIwQY
MBaAFKC2pbGhTIbUz7RsTobs1AZoBMyQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0xhbHNhRk1odFRQdEd4T2h1elVCbWdFekpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9lMWZiNTItOTc5ZC00NDM2LWJlNTEt
ODU4NGJlZjBiN2Q1LzEvb0xhbHNhRk1odFRQdEd4T2h1elVCbWdFekpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9lMWZiNTItOTc5ZC00NDM2LWJlNTEtODU4NGJlZjBiN2Q1
LzEvb0xhbHNhRk1odFRQdEd4T2h1elVCbWdFekpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOrtDqG0+
WtEIz9jQug1wPzIBeGEoyplc5p0TJTidAn4dXf5cTv3qdTGDGgVNf1xaN1Ahb379
lCoXhpU7W0XCMeYif6BATkhWJHrOxOHlrN/r6WolbE2wVUABPbbIr481utUhW4DW
lGeWGUKEI0OzZ1IfMEbsQyMtDxjVpw/I3j9HwG53O7K1S9GHzu+E9YngPApvK2i7
Gn53X59ZLw6Ni1DT9+9IGWwbIgEj2vydSgRm4pICYN0OaOxfUE1X7nYkNepGXmMI
IC6nZd5MywGE5CMVPKZos/bYBC/oKSEhDjOjaCLMXlQ6FQ8LGjx9XptRhi0um/st
Fvl2tOMZKDEtpg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:36:14 2025 by rpki-client