Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
File: JfgKOI5PDiZBTOq-q036hBkdgUA.mft (raw, json)
Hash identifier: 7JwSfIpfRRZ8UFX0ezg1a2SmaN2AmFD9fDQ/YrYHKhk=
Subject key identifier: 47:6F:6C:82:61:43:7E:9A:A9:E8:74:B1:B1:3F:14:CB:47:78:18:F5
Authority key identifier: 25:F8:0A:38:8E:4F:0E:26:41:4C:EA:BE:AB:4D:FA:84:19:1D:81:40
Certificate issuer: /CN=25f80a388e4f0e26414ceabeab4dfa84191d8140
Certificate serial: 01984BC1DA9FC901631C7E883463C8F60CF2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JfgKOI5PDiZBTOq-q036hBkdgUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
Manifest number: 150A
Signing time: Sun 27 Jul 2025 12:00:52 +0000
Manifest this update: Sun 27 Jul 2025 12:00:52 +0000
Manifest next update: Mon 28 Jul 2025 12:00:52 +0000
Files and hashes: 1: JfgKOI5PDiZBTOq-q036hBkdgUA.crl (hash: 5ItJUIcV8G0QPre4/XsmtSHzz3SwXdW1ok1pZrq/Uxg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/JfgKOI5PDiZBTOq-q036hBkdgUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 09:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4b:c1:da:9f:c9:01:63:1c:7e:88:34:63:c8:f6:0c:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25f80a388e4f0e26414ceabeab4dfa84191d8140
Validity
Not Before: Jul 27 12:00:52 2025 GMT
Not After : Jul 28 12:00:52 2025 GMT
Subject: CN=476f6c8261437e9aa9e874b1b13f14cb477818f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ba:c4:dc:0f:bd:5a:70:2c:b7:49:36:e9:5a:
f4:01:72:d3:b5:51:e0:62:ad:f4:6f:38:0e:df:30:
b3:be:29:9d:f7:6c:cc:15:f7:da:33:e3:aa:f8:a0:
2f:be:5a:23:eb:9f:8f:d1:6c:b2:b1:45:f7:c2:20:
d5:a5:72:ff:b5:13:00:e1:4a:53:45:97:3b:d4:15:
5b:14:25:f3:ab:ce:25:b3:ba:9d:ac:e7:b1:9a:00:
cf:e1:4f:2a:56:62:0e:fd:a5:c0:9c:db:17:84:80:
c6:00:97:56:c3:6c:54:db:06:c9:ab:23:93:38:77:
fb:a0:b8:28:bd:2e:cb:5e:ac:2f:71:5c:52:a2:54:
6e:72:02:cb:f0:37:1d:ef:40:7e:eb:01:da:f6:2f:
10:f9:29:84:e6:6c:77:72:18:43:51:52:a2:55:99:
a0:93:ba:37:d0:35:71:c0:59:1e:49:1f:8e:59:6a:
ab:42:07:d3:15:79:f8:5c:2b:bf:5b:07:ca:bf:39:
7c:5f:bc:76:1b:94:0f:e9:76:d0:fc:6f:a8:b6:94:
4a:2f:8a:e2:e3:31:54:0e:86:07:b8:0d:52:0c:5c:
ec:13:bd:7f:c2:f3:3c:d5:47:b0:d6:43:3f:7e:95:
66:ff:a2:0b:25:00:17:b2:0b:c2:c0:87:34:6a:8f:
cf:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:6F:6C:82:61:43:7E:9A:A9:E8:74:B1:B1:3F:14:CB:47:78:18:F5
X509v3 Authority Key Identifier:
keyid:25:F8:0A:38:8E:4F:0E:26:41:4C:EA:BE:AB:4D:FA:84:19:1D:81:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JfgKOI5PDiZBTOq-q036hBkdgUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:07:be:f6:6d:f8:02:e1:8b:a6:3d:e1:54:1c:ab:de:5c:dc:
9d:15:bb:c1:b9:21:c0:79:1f:b3:6a:70:83:67:3e:91:ee:12:
cc:db:57:40:62:39:35:e6:11:10:b2:8d:27:d2:79:35:2a:8c:
cf:70:69:b3:10:23:df:22:70:10:72:c2:ed:bf:00:d1:36:a0:
5d:ce:0a:59:50:89:4e:a0:06:6f:d7:25:bc:8f:6a:8a:76:01:
05:28:b1:31:52:c8:32:56:33:6f:ff:95:99:08:ec:c9:04:04:
aa:24:25:55:67:a8:0d:1d:16:b0:00:67:32:fe:2a:60:f3:97:
07:7f:d2:ec:26:0a:06:52:e6:f8:bb:e4:04:12:7a:41:c8:85:
cf:e6:f9:7a:2c:28:c3:f9:20:27:db:ac:8b:52:be:03:8b:5e:
e1:8b:54:4d:38:90:04:24:eb:37:4e:68:24:b2:7f:40:e2:7c:
3f:b8:b0:bb:e8:9a:eb:87:1c:08:36:81:d8:b2:ad:c1:0b:25:
8b:b9:2d:90:29:af:4b:38:81:c4:84:f1:b3:13:ad:79:a2:b3:
c4:16:62:ac:04:66:56:98:aa:cc:f1:5e:e2:59:0c:4c:57:91:
d6:31:ef:bb:83:61:08:b6:94:9a:11:89:7d:16:69:92:13:70:
ef:24:2e:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhLwdqfyQFjHH6INGPI9gzyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZjgwYTM4OGU0ZjBlMjY0MTRjZWFiZWFiNGRmYTg0MTkx
ZDgxNDAwHhcNMjUwNzI3MTIwMDUyWhcNMjUwNzI4MTIwMDUyWjAzMTEwLwYDVQQD
Eyg0NzZmNmM4MjYxNDM3ZTlhYTllODc0YjFiMTNmMTRjYjQ3NzgxOGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7rE3A+9WnAst0k26Vr0AXLTtVHg
Yq30bzgO3zCzvimd92zMFffaM+Oq+KAvvloj65+P0WyysUX3wiDVpXL/tRMA4UpT
RZc71BVbFCXzq84ls7qdrOexmgDP4U8qVmIO/aXAnNsXhIDGAJdWw2xU2wbJqyOT
OHf7oLgovS7LXqwvcVxSolRucgLL8Dcd70B+6wHa9i8Q+SmE5mx3chhDUVKiVZmg
k7o30DVxwFkeSR+OWWqrQgfTFXn4XCu/WwfKvzl8X7x2G5QP6XbQ/G+otpRKL4ri
4zFUDoYHuA1SDFzsE71/wvM81Uew1kM/fpVm/6ILJQAXsgvCwIc0ao/PowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEdvbIJhQ36aqeh0sbE/FMtHeBj1MB8GA1UdIwQY
MBaAFCX4CjiOTw4mQUzqvqtN+oQZHYFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmZnS09JNVBEaVpCVE9xLXEwMzZoQmtkZ1VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yMGNmYTQtZTA4Yi00YjcwLTkzNjIt
OTdkYzdiNTM1YjFkLzEvSmZnS09JNVBEaVpCVE9xLXEwMzZoQmtkZ1VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yMGNmYTQtZTA4Yi00YjcwLTkzNjItOTdkYzdiNTM1YjFk
LzEvSmZnS09JNVBEaVpCVE9xLXEwMzZoQmtkZ1VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhQe+9m34
AuGLpj3hVByr3lzcnRW7wbkhwHkfs2pwg2c+ke4SzNtXQGI5NeYRELKNJ9J5NSqM
z3BpsxAj3yJwEHLC7b8A0TagXc4KWVCJTqAGb9clvI9qinYBBSixMVLIMlYzb/+V
mQjsyQQEqiQlVWeoDR0WsABnMv4qYPOXB3/S7CYKBlLm+LvkBBJ6QciFz+b5eiwo
w/kgJ9usi1K+A4te4YtUTTiQBCTrN05oJLJ/QOJ8P7iwu+ia64ccCDaB2LKtwQsl
i7ktkCmvSziBxITxsxOteaKzxBZirARmVpiqzPFe4lkMTFeR1jHvu4NhCLaUmhGJ
fRZpkhNw7yQuuw==
-----END CERTIFICATE-----
Generated at Sun Jul 27 15:21:43 2025 by rpki-client