Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.mft
File: oFa0I4Othizmo3StLKbTbCVNx7E.mft (raw, json)
Hash identifier: 5+hIEzXmdYLQ7ZJPpahszQRbJbkZ1cS6woZtii1P6QY=
Subject key identifier: 69:2A:0B:3D:41:2B:D8:3E:DB:FC:13:E1:EE:CB:6B:71:14:56:D7:D7
Authority key identifier: A0:56:B4:23:83:AD:86:2C:E6:A3:74:AD:2C:A6:D3:6C:25:4D:C7:B1
Certificate issuer: /CN=a056b42383ad862ce6a374ad2ca6d36c254dc7b1
Certificate serial: 0199FEEC10BFE1613B94620ECAF4B211666F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oFa0I4Othizmo3StLKbTbCVNx7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.mft
Manifest number: 1608
Signing time: Mon 20 Oct 2025 00:01:47 +0000
Manifest this update: Mon 20 Oct 2025 00:01:47 +0000
Manifest next update: Tue 21 Oct 2025 00:01:47 +0000
Files and hashes: 1: 4GMh7fIw13Bz3DUcceuO2FBtK6M.roa (hash: E9IDQ7QjcqjZJIn5bDeaHNVCqS2wv2WqYXLU0FEPSXU=)
2: XJGEpCzB4loh5ef0k98ZvXtkA5A.roa (hash: ln2eCgW4Lb0/Z2WnRMYRLGIC+qtaz3YxPhhlJZ12csI=)
3: oFa0I4Othizmo3StLKbTbCVNx7E.crl (hash: y1AIEZ9qoguZcPnmMBz0Vbb5y/QIEUwFJnnsnGswhuc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/oFa0I4Othizmo3StLKbTbCVNx7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:ec:10:bf:e1:61:3b:94:62:0e:ca:f4:b2:11:66:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a056b42383ad862ce6a374ad2ca6d36c254dc7b1
Validity
Not Before: Oct 20 00:01:47 2025 GMT
Not After : Oct 21 00:01:47 2025 GMT
Subject: CN=692a0b3d412bd83edbfc13e1eecb6b711456d7d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9b:a8:ec:2c:b1:81:d8:0a:36:b3:bf:de:b3:
03:a9:be:9f:1b:e5:57:e3:5f:20:3c:51:65:0a:7b:
2c:a8:e2:cc:0e:7a:f5:81:3d:b4:17:c8:4c:cd:ae:
18:6e:49:b1:ed:34:fc:10:de:c2:d9:b9:e0:b1:55:
b3:b2:74:9d:7c:cd:6f:26:4b:7f:cf:5a:5d:55:57:
bb:50:98:ef:03:0c:f8:3b:df:e8:d3:e8:87:e4:75:
58:a4:cc:ba:1c:69:fa:42:31:b2:0a:f8:55:eb:a3:
ab:08:ae:63:0d:e8:62:75:e9:a6:9a:3e:e0:76:33:
fc:5d:a8:5a:b3:56:dd:e2:c7:f7:64:90:d8:18:21:
91:ee:eb:06:98:f9:7d:b1:69:ff:c8:3b:97:37:07:
a3:86:52:59:82:e0:20:a1:01:1c:db:7b:8f:78:6f:
71:8f:5f:55:7c:60:18:f7:30:78:61:cf:c5:b6:de:
dd:78:70:31:2c:0f:06:07:b2:53:33:4e:f5:d0:7e:
09:bd:54:8b:3f:e7:a6:4c:5f:c4:67:2b:2d:7b:84:
90:bc:d3:93:5d:4b:ec:05:fe:01:5a:eb:a4:c9:c4:
4f:96:5c:50:0f:20:02:6f:f2:08:94:07:70:ab:ae:
2a:fb:68:98:02:45:b2:f0:5b:6c:90:94:73:bf:19:
c2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:2A:0B:3D:41:2B:D8:3E:DB:FC:13:E1:EE:CB:6B:71:14:56:D7:D7
X509v3 Authority Key Identifier:
keyid:A0:56:B4:23:83:AD:86:2C:E6:A3:74:AD:2C:A6:D3:6C:25:4D:C7:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oFa0I4Othizmo3StLKbTbCVNx7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bc:f7:f0:9a:5c:5f:fb:d3:ad:d4:d1:f7:a6:af:cf:b3:09:8a:
a7:d1:b9:42:f2:95:2f:81:68:37:55:b8:cc:18:86:fe:cc:8c:
33:b9:f6:42:99:25:77:ce:af:ab:b0:6c:14:46:dd:37:ee:37:
4d:17:fa:f9:42:27:01:73:88:4c:e3:5d:9b:6d:2f:62:19:2d:
62:87:d2:d5:ec:44:93:df:30:d6:f1:60:14:5f:3f:ee:d1:d4:
c7:3c:38:18:36:bb:f3:14:83:9d:29:d1:7d:bd:fa:be:09:7f:
9c:a8:c0:f0:b2:48:7f:17:a0:17:5c:4a:24:0e:c3:35:eb:75:
5f:02:9d:95:d0:37:e6:9b:47:4e:56:37:5b:6f:b6:f9:f5:d3:
76:a6:7b:cf:e4:3c:9d:50:7d:a0:3f:21:23:35:a6:8a:f0:74:
79:bb:cf:ce:d1:8e:fe:e8:b3:dd:e9:5f:b9:40:ca:21:72:59:
3a:e9:4f:74:ac:54:bc:db:8e:38:41:32:6d:c2:a4:f0:ca:da:
3f:f7:a7:9a:f2:b5:c6:34:07:e1:c0:60:1d:69:ef:f9:de:e3:
fe:d1:4b:2a:52:06:f3:bc:83:32:dd:01:bd:60:5a:29:85:14:
ed:c5:42:18:ed:a4:be:47:2f:a8:c7:fc:9f:64:e7:93:7e:92:
c8:49:2b:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+7BC/4WE7lGIOyvSyEWZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNTZiNDIzODNhZDg2MmNlNmEzNzRhZDJjYTZkMzZjMjU0
ZGM3YjEwHhcNMjUxMDIwMDAwMTQ3WhcNMjUxMDIxMDAwMTQ3WjAzMTEwLwYDVQQD
Eyg2OTJhMGIzZDQxMmJkODNlZGJmYzEzZTFlZWNiNmI3MTE0NTZkN2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZuo7CyxgdgKNrO/3rMDqb6fG+VX
418gPFFlCnssqOLMDnr1gT20F8hMza4Ybkmx7TT8EN7C2bngsVWzsnSdfM1vJkt/
z1pdVVe7UJjvAwz4O9/o0+iH5HVYpMy6HGn6QjGyCvhV66OrCK5jDehidemmmj7g
djP8Xahas1bd4sf3ZJDYGCGR7usGmPl9sWn/yDuXNwejhlJZguAgoQEc23uPeG9x
j19VfGAY9zB4Yc/Ftt7deHAxLA8GB7JTM0710H4JvVSLP+emTF/EZyste4SQvNOT
XUvsBf4BWuukycRPllxQDyACb/IIlAdwq64q+2iYAkWy8FtskJRzvxnCcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGkqCz1BK9g+2/wT4e7La3EUVtfXMB8GA1UdIwQY
MBaAFKBWtCODrYYs5qN0rSym02wlTcexMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0ZhMEk0T3RoaXptbzNTdExLYlRiQ1ZOeDdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8zZThkY2MtYTc2NC00NGJlLWI1MDct
OWIzZGQ0MTdjMzA4LzEvb0ZhMEk0T3RoaXptbzNTdExLYlRiQ1ZOeDdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8zZThkY2MtYTc2NC00NGJlLWI1MDctOWIzZGQ0MTdjMzA4
LzEvb0ZhMEk0T3RoaXptbzNTdExLYlRiQ1ZOeDdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvPfwmlxf
+9Ot1NH3pq/PswmKp9G5QvKVL4FoN1W4zBiG/syMM7n2Qpkld86vq7BsFEbdN+43
TRf6+UInAXOITONdm20vYhktYofS1exEk98w1vFgFF8/7tHUxzw4GDa78xSDnSnR
fb36vgl/nKjA8LJIfxegF1xKJA7DNet1XwKdldA35ptHTlY3W2+2+fXTdqZ7z+Q8
nVB9oD8hIzWmivB0ebvPztGO/uiz3elfuUDKIXJZOulPdKxUvNuOOEEybcKk8Mra
P/enmvK1xjQH4cBgHWnv+d7j/tFLKlIG87yDMt0BvWBaKYUU7cVCGO2kvkcvqMf8
n2Tnk36SyEkrrw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:47:31 2025 by rpki-client