Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft
File: jrsOsZ53d9cDgAD2wS053tEgQkI.mft (raw, json)
Hash identifier: hEHGagpIXw2wJ1ZqJ9HC5KEeMbxlVx0OLFeo5P7eKmE=
Subject key identifier: B2:7C:11:2B:D2:4D:5D:81:E4:92:DB:E1:F9:49:2A:87:26:BE:BF:89
Authority key identifier: 8E:BB:0E:B1:9E:77:77:D7:03:80:00:F6:C1:2D:39:DE:D1:20:42:42
Certificate issuer: /CN=8ebb0eb19e7777d7038000f6c12d39ded1204242
Certificate serial: 019923A0CB7FB96A4324F055C1EEA7D9DA51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft
Manifest number: 0CAC
Signing time: Sun 07 Sep 2025 10:02:44 +0000
Manifest this update: Sun 07 Sep 2025 10:02:44 +0000
Manifest next update: Mon 08 Sep 2025 10:02:44 +0000
Files and hashes: 1: 68-2o2gnqeFje-83JI2NL7vcFCs.roa (hash: 5XT1BGaZiWzYIBY9EJMQdD9z2CvFYvirF/G5S8/gceM=)
2: jrsOsZ53d9cDgAD2wS053tEgQkI.crl (hash: nDY9UscmJAWH8WFSnMhqWMl1dNG7seX+QZvaqY6480g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft
rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:a0:cb:7f:b9:6a:43:24:f0:55:c1:ee:a7:d9:da:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ebb0eb19e7777d7038000f6c12d39ded1204242
Validity
Not Before: Sep 7 10:02:44 2025 GMT
Not After : Sep 8 10:02:44 2025 GMT
Subject: CN=b27c112bd24d5d81e492dbe1f9492a8726bebf89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:59:19:8c:31:46:5f:42:e0:cc:9a:90:f5:57:
67:42:60:86:da:d5:20:dd:b9:6d:2d:10:0d:ce:88:
4f:b5:e3:08:aa:46:97:ce:93:60:15:57:5e:eb:3c:
5f:a1:7d:91:1d:98:b7:13:c8:de:d1:96:a5:0a:13:
e4:ef:80:9e:94:bd:2c:0e:43:0b:eb:dc:81:5a:6f:
e6:38:6b:8d:89:ee:ad:fa:2a:2a:88:31:51:40:6b:
aa:a8:b6:c7:f7:5c:36:59:a6:a1:25:47:2b:d8:6d:
b7:86:a9:93:6e:b8:4d:3b:bf:94:e5:67:12:3a:08:
c1:94:a3:0d:0b:77:24:25:a8:95:8b:6b:0c:dd:d9:
4c:74:df:94:b0:bb:01:2c:af:cb:c4:a7:02:d6:50:
fe:4d:db:4c:b3:22:46:79:60:d3:9b:1a:24:ee:89:
9a:d0:94:e7:00:ba:5a:c2:8f:bd:8e:b5:c2:11:aa:
c7:48:34:83:8c:85:a4:22:b0:26:2c:92:bd:9c:b2:
3e:2c:9a:e7:a8:07:bf:60:b1:54:d2:6b:ad:ed:0e:
c5:7d:19:7e:b6:97:59:92:4e:4b:ce:44:fd:5a:75:
4d:41:70:ca:1e:e6:bd:59:57:15:b6:7e:70:a3:aa:
57:2f:4a:f7:eb:d7:92:40:50:22:3c:af:8a:ea:ab:
c4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:7C:11:2B:D2:4D:5D:81:E4:92:DB:E1:F9:49:2A:87:26:BE:BF:89
X509v3 Authority Key Identifier:
keyid:8E:BB:0E:B1:9E:77:77:D7:03:80:00:F6:C1:2D:39:DE:D1:20:42:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:7f:24:26:97:67:e1:01:75:24:f3:53:eb:8f:5f:8c:32:9d:
8c:c8:36:a6:ad:a4:65:17:a0:63:0a:3d:d5:cd:c6:e3:92:d9:
c3:b1:db:cd:c1:b9:d7:fa:19:2a:73:ee:c0:49:6d:ae:97:d0:
c8:ca:82:d7:d6:ac:6a:09:e6:64:fd:f1:92:28:de:49:58:ae:
57:eb:ac:cd:0c:5c:b8:bd:41:ae:c7:c8:2b:5c:78:87:2e:0c:
65:33:c8:25:21:32:2b:c1:57:81:54:37:3f:50:4a:58:d6:e2:
64:69:73:c5:f5:ea:fd:15:47:b9:fa:62:0f:ab:e3:67:20:fc:
76:d0:02:b5:59:f5:49:92:e8:97:18:46:1f:d9:3c:69:bc:55:
72:ec:e9:94:b9:15:76:01:55:87:44:a9:7d:bd:07:2b:a7:be:
f4:f6:a9:90:9f:a9:c9:54:b7:a6:22:67:ca:68:b6:66:8f:a2:
d8:7d:28:6e:0c:2f:20:eb:b2:e0:0d:b0:06:5c:f0:46:28:58:
10:7d:d5:7e:28:a5:20:66:ce:c6:37:94:b4:ef:41:84:a2:65:
a5:eb:01:e2:39:7d:d7:66:bc:70:09:ee:0e:b8:a3:f6:00:60:
97:8c:1d:56:e6:38:c2:46:75:82:47:46:71:20:a1:e0:dd:ed:
69:01:1b:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoMt/uWpDJPBVwe6n2dpRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYmIwZWIxOWU3Nzc3ZDcwMzgwMDBmNmMxMmQzOWRlZDEy
MDQyNDIwHhcNMjUwOTA3MTAwMjQ0WhcNMjUwOTA4MTAwMjQ0WjAzMTEwLwYDVQQD
EyhiMjdjMTEyYmQyNGQ1ZDgxZTQ5MmRiZTFmOTQ5MmE4NzI2YmViZjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1kZjDFGX0LgzJqQ9VdnQmCG2tUg
3bltLRANzohPteMIqkaXzpNgFVde6zxfoX2RHZi3E8je0ZalChPk74CelL0sDkML
69yBWm/mOGuNie6t+ioqiDFRQGuqqLbH91w2WaahJUcr2G23hqmTbrhNO7+U5WcS
OgjBlKMNC3ckJaiVi2sM3dlMdN+UsLsBLK/LxKcC1lD+TdtMsyJGeWDTmxok7oma
0JTnALpawo+9jrXCEarHSDSDjIWkIrAmLJK9nLI+LJrnqAe/YLFU0mut7Q7FfRl+
tpdZkk5LzkT9WnVNQXDKHua9WVcVtn5wo6pXL0r369eSQFAiPK+K6qvESwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLJ8ESvSTV2B5JLb4flJKocmvr+JMB8GA1UdIwQY
MBaAFI67DrGed3fXA4AA9sEtOd7RIEJCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zYjE1N2QtODE5Ni00ZTQwLWFiMzYt
MTUxNDFjNjY4NTRkLzEvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zYjE1N2QtODE5Ni00ZTQwLWFiMzYtMTUxNDFjNjY4NTRk
LzEvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgX8kJpdn
4QF1JPNT649fjDKdjMg2pq2kZRegYwo91c3G45LZw7HbzcG51/oZKnPuwEltrpfQ
yMqC19asagnmZP3xkijeSViuV+uszQxcuL1BrsfIK1x4hy4MZTPIJSEyK8FXgVQ3
P1BKWNbiZGlzxfXq/RVHufpiD6vjZyD8dtACtVn1SZLolxhGH9k8abxVcuzplLkV
dgFVh0Spfb0HK6e+9PapkJ+pyVS3piJnymi2Zo+i2H0obgwvIOuy4A2wBlzwRihY
EH3VfiilIGbOxjeUtO9BhKJlpesB4jl912a8cAnuDrij9gBgl4wdVuY4wkZ1gkdG
cSCh4N3taQEbOQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:26:51 2025 by rpki-client