Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft
File: jrsOsZ53d9cDgAD2wS053tEgQkI.mft (raw, json)
Hash identifier: OnYh6QzX33VMbkMhL3Nu4jI+1lW7lL1QIiEcY8b5lRE=
Subject key identifier: C2:6B:F3:D9:03:36:64:CA:EB:33:9B:C2:F8:FA:E2:55:70:EB:75:5C
Authority key identifier: 8E:BB:0E:B1:9E:77:77:D7:03:80:00:F6:C1:2D:39:DE:D1:20:42:42
Certificate issuer: /CN=8ebb0eb19e7777d7038000f6c12d39ded1204242
Certificate serial: 019A71B8E775F82BC8782CEA889387CD096F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft
Manifest number: 0D59
Signing time: Tue 11 Nov 2025 07:02:14 +0000
Manifest this update: Tue 11 Nov 2025 07:02:14 +0000
Manifest next update: Wed 12 Nov 2025 07:02:14 +0000
Files and hashes: 1: 68-2o2gnqeFje-83JI2NL7vcFCs.roa (hash: 5XT1BGaZiWzYIBY9EJMQdD9z2CvFYvirF/G5S8/gceM=)
2: jrsOsZ53d9cDgAD2wS053tEgQkI.crl (hash: ZFWMGAfe+uhkEOGVDejJwJ4QR1aM36kKbr+HkGBk0no=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft
rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:e7:75:f8:2b:c8:78:2c:ea:88:93:87:cd:09:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ebb0eb19e7777d7038000f6c12d39ded1204242
Validity
Not Before: Nov 11 07:02:14 2025 GMT
Not After : Nov 12 07:02:14 2025 GMT
Subject: CN=c26bf3d9033664caeb339bc2f8fae25570eb755c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3b:f4:9a:0a:82:5c:d6:77:65:22:ad:10:7e:
54:92:47:3e:9e:b4:50:74:62:c9:45:a1:05:c2:7d:
46:48:f2:da:ee:c6:2f:14:93:15:20:70:db:45:64:
ce:06:09:6b:dd:72:90:23:d4:4f:ab:36:d1:75:39:
62:17:7e:27:d2:0e:24:38:6d:a7:51:0f:e0:d2:95:
62:a3:54:e7:18:98:97:ff:40:1c:51:1f:85:5c:13:
66:fa:5b:03:0e:87:0a:bb:0f:d0:3f:05:6d:38:75:
fa:81:06:4f:62:63:6e:78:c7:9d:ad:69:90:34:32:
02:e0:8f:d6:17:c0:f4:4d:5a:e9:5b:e6:39:d6:4f:
76:f7:5a:ca:a7:46:d9:d2:9a:5b:29:61:82:df:8b:
e5:77:7f:46:02:63:da:29:3d:f2:14:9f:c5:5f:f1:
9b:af:b6:bf:a2:3b:e0:38:62:b8:ed:fb:c4:f5:d8:
e0:ca:54:cb:b2:72:dd:39:c2:df:43:9c:5c:cd:53:
9b:fb:42:cf:d0:c6:25:ee:63:52:57:f7:fd:79:8b:
9a:11:62:54:b1:c2:56:55:9e:2f:cc:fc:ed:57:9a:
9d:74:37:bd:1c:6c:1d:ae:eb:22:16:93:bc:3e:af:
91:bb:5e:c5:c7:a7:e3:5c:43:2f:a1:ea:5d:af:66:
77:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:6B:F3:D9:03:36:64:CA:EB:33:9B:C2:F8:FA:E2:55:70:EB:75:5C
X509v3 Authority Key Identifier:
keyid:8E:BB:0E:B1:9E:77:77:D7:03:80:00:F6:C1:2D:39:DE:D1:20:42:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:b7:f1:2a:54:76:0a:05:3c:a6:68:55:b3:1f:e5:c3:81:6c:
d8:f2:3a:27:37:d5:e0:6a:f8:90:6c:5b:42:00:3c:e0:f1:e0:
e7:bb:f9:c5:31:e1:30:fe:fb:c7:00:05:28:53:4b:d3:01:cf:
f5:ed:fc:40:05:b1:c3:60:fa:a8:0e:16:22:9d:3a:7e:a2:60:
bd:7d:60:38:4c:8f:36:73:9c:3d:af:64:f5:67:6a:50:ea:13:
4e:7f:7d:1c:7f:b6:bc:36:a4:a9:a5:4e:39:f1:0b:af:41:de:
0f:09:8f:23:4d:0d:7d:de:2f:ed:ac:11:f3:e3:6e:3b:17:e0:
05:f2:13:0c:27:c6:a8:45:66:d6:ec:97:20:0f:47:03:24:3a:
e8:30:06:c7:ff:27:4c:bd:a2:2a:2f:bf:00:2d:98:c3:35:03:
11:c2:e5:87:54:fa:90:5e:fa:e8:d3:36:7d:c3:cb:70:b4:7a:
71:97:d6:b4:08:15:d2:19:b6:7b:39:68:e2:80:0b:8f:60:4a:
3a:4c:19:41:d8:e9:32:20:f4:ee:43:09:30:da:96:3f:13:ce:
d1:16:d2:0b:17:e0:b9:d2:b7:90:e7:0e:3c:3b:81:65:b2:83:
7a:2f:ea:21:7f:1f:81:e8:76:f9:85:81:34:fb:c4:57:17:e2:
ce:48:d3:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuOd1+CvIeCzqiJOHzQlvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYmIwZWIxOWU3Nzc3ZDcwMzgwMDBmNmMxMmQzOWRlZDEy
MDQyNDIwHhcNMjUxMTExMDcwMjE0WhcNMjUxMTEyMDcwMjE0WjAzMTEwLwYDVQQD
EyhjMjZiZjNkOTAzMzY2NGNhZWIzMzliYzJmOGZhZTI1NTcwZWI3NTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjv0mgqCXNZ3ZSKtEH5Ukkc+nrRQ
dGLJRaEFwn1GSPLa7sYvFJMVIHDbRWTOBglr3XKQI9RPqzbRdTliF34n0g4kOG2n
UQ/g0pVio1TnGJiX/0AcUR+FXBNm+lsDDocKuw/QPwVtOHX6gQZPYmNueMedrWmQ
NDIC4I/WF8D0TVrpW+Y51k9291rKp0bZ0ppbKWGC34vld39GAmPaKT3yFJ/FX/Gb
r7a/ojvgOGK47fvE9djgylTLsnLdOcLfQ5xczVOb+0LP0MYl7mNSV/f9eYuaEWJU
scJWVZ4vzPztV5qddDe9HGwdrusiFpO8Pq+Ru17Fx6fjXEMvoepdr2Z35QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMJr89kDNmTK6zObwvj64lVw63VcMB8GA1UdIwQY
MBaAFI67DrGed3fXA4AA9sEtOd7RIEJCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zYjE1N2QtODE5Ni00ZTQwLWFiMzYt
MTUxNDFjNjY4NTRkLzEvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zYjE1N2QtODE5Ni00ZTQwLWFiMzYtMTUxNDFjNjY4NTRk
LzEvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXbfxKlR2
CgU8pmhVsx/lw4Fs2PI6JzfV4Gr4kGxbQgA84PHg57v5xTHhMP77xwAFKFNL0wHP
9e38QAWxw2D6qA4WIp06fqJgvX1gOEyPNnOcPa9k9WdqUOoTTn99HH+2vDakqaVO
OfELr0HeDwmPI00Nfd4v7awR8+NuOxfgBfITDCfGqEVm1uyXIA9HAyQ66DAGx/8n
TL2iKi+/AC2YwzUDEcLlh1T6kF766NM2fcPLcLR6cZfWtAgV0hm2ezlo4oALj2BK
OkwZQdjpMiD07kMJMNqWPxPO0RbSCxfgudK3kOcOPDuBZbKDei/qIX8fgeh2+YWB
NPvEVxfizkjTig==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:54:53 2025 by rpki-client