Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/jPCwtGoI0ecPy92Hetk5oBMuEmk.mft
File: jPCwtGoI0ecPy92Hetk5oBMuEmk.mft (raw, json)
Hash identifier: CCN0cjTcR0CEnpP6A2o+adOqtpx0fwgxB5dOjM1JtMM=
Subject key identifier: C3:56:92:5E:4F:37:55:84:4E:39:AA:32:B3:81:3C:74:5A:67:70:5A
Authority key identifier: 8C:F0:B0:B4:6A:08:D1:E7:0F:CB:DD:87:7A:D9:39:A0:13:2E:12:69
Certificate issuer: /CN=8cf0b0b46a08d1e70fcbdd877ad939a0132e1269
Certificate serial: 019A725CDCD66288BE6784F191080ECA836A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jPCwtGoI0ecPy92Hetk5oBMuEmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/jPCwtGoI0ecPy92Hetk5oBMuEmk.mft
Manifest number: 12C2
Signing time: Tue 11 Nov 2025 10:01:19 +0000
Manifest this update: Tue 11 Nov 2025 10:01:19 +0000
Manifest next update: Wed 12 Nov 2025 10:01:19 +0000
Files and hashes: 1: Gh9PpfuY5LxhoKf93mfL5cK3chM.roa (hash: h2BIVV97ReDZkfRDJTGtHCoQkarTn+cxIbkViPsb5Nw=)
2: jPCwtGoI0ecPy92Hetk5oBMuEmk.crl (hash: cZVJNVlxGiyIlVphS5iQ68sn8MaJ1ZlNDWctadnv4dc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/jPCwtGoI0ecPy92Hetk5oBMuEmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/jPCwtGoI0ecPy92Hetk5oBMuEmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/jPCwtGoI0ecPy92Hetk5oBMuEmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:dc:d6:62:88:be:67:84:f1:91:08:0e:ca:83:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cf0b0b46a08d1e70fcbdd877ad939a0132e1269
Validity
Not Before: Nov 11 10:01:19 2025 GMT
Not After : Nov 12 10:01:19 2025 GMT
Subject: CN=c356925e4f3755844e39aa32b3813c745a67705a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:db:86:b9:37:52:5d:4a:c5:81:4e:f6:c4:d1:
0b:67:2d:02:90:cf:cd:12:9d:ef:17:be:b3:45:e2:
49:b5:75:5e:2f:38:37:7c:b8:4f:b4:47:78:24:98:
20:e9:48:2b:2f:ef:53:d1:60:b6:40:c3:89:e3:8e:
b4:2b:58:cd:89:a5:0f:dc:23:c2:4e:65:33:10:d2:
af:fd:8d:01:18:6a:2f:03:38:0b:26:42:0d:9b:60:
9c:5b:76:21:3f:84:88:27:b3:9b:fe:c7:ec:81:f1:
c5:c2:9e:a4:e0:a9:fd:a0:a0:1d:ce:71:22:dc:d6:
a2:ce:24:d8:83:b6:4e:1a:5e:9a:fa:f4:70:92:50:
d4:a1:44:9a:13:f5:5a:da:f6:ee:78:bf:98:e9:b8:
1c:da:d6:01:83:d1:ef:80:ed:f1:db:f3:b6:60:bc:
63:c8:7d:8a:e8:90:d0:10:d9:37:b2:37:e2:c4:98:
1c:b0:de:09:24:db:e3:ea:d8:fc:d5:16:9e:a5:12:
f5:07:64:39:ac:69:45:03:3b:81:b1:22:e1:9e:d2:
f3:6e:be:55:d1:f8:22:89:a8:90:a3:09:da:d7:eb:
25:1b:30:ff:7c:aa:9d:53:70:73:56:8a:65:a7:a1:
1d:84:cd:2e:e6:aa:5a:18:80:12:58:9b:41:04:0a:
08:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:56:92:5E:4F:37:55:84:4E:39:AA:32:B3:81:3C:74:5A:67:70:5A
X509v3 Authority Key Identifier:
keyid:8C:F0:B0:B4:6A:08:D1:E7:0F:CB:DD:87:7A:D9:39:A0:13:2E:12:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jPCwtGoI0ecPy92Hetk5oBMuEmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/jPCwtGoI0ecPy92Hetk5oBMuEmk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/jPCwtGoI0ecPy92Hetk5oBMuEmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b2:38:3d:b0:09:cd:dd:21:f1:bf:92:2f:e2:7e:6a:67:f7:c1:
57:b5:04:f4:a5:fd:49:3e:71:51:fc:e7:23:53:65:c7:a7:9e:
92:b2:f1:36:0b:30:68:70:56:4c:e3:a1:c3:83:5c:9b:eb:5a:
94:9a:30:43:90:fb:09:dc:45:cd:99:58:24:8c:3b:c0:34:ad:
61:0c:99:06:1a:dc:c3:be:c2:64:6d:85:44:34:5f:6d:bc:d7:
7f:04:28:70:4a:a5:8d:6a:3c:41:ef:11:96:f8:85:f8:fa:de:
69:53:c1:14:14:5c:aa:a6:8d:2a:c6:07:1e:70:ae:d6:5b:35:
51:63:04:e7:f9:06:39:a5:54:8d:2a:9b:9f:dd:15:06:7a:bf:
dc:24:c3:3b:f2:5c:e9:15:47:0b:d0:ef:8c:66:95:47:32:d0:
19:60:0b:26:18:b8:cd:36:18:2b:3c:8d:56:70:10:d4:46:0f:
de:ec:bf:c4:c6:92:14:dc:f5:76:c9:04:e8:f0:da:ba:91:c5:
49:e7:de:9e:cd:87:95:f7:43:29:6f:fa:b2:25:46:24:d5:19:
39:c0:06:bc:41:32:53:17:2f:56:b2:f0:70:d0:f6:42:fd:0e:
3d:87:6b:6f:9c:ea:3c:25:18:e5:0f:53:bc:26:55:45:8f:b1:
d2:62:58:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXNzWYoi+Z4TxkQgOyoNqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZjBiMGI0NmEwOGQxZTcwZmNiZGQ4NzdhZDkzOWEwMTMy
ZTEyNjkwHhcNMjUxMTExMTAwMTE5WhcNMjUxMTEyMTAwMTE5WjAzMTEwLwYDVQQD
EyhjMzU2OTI1ZTRmMzc1NTg0NGUzOWFhMzJiMzgxM2M3NDVhNjc3MDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtuGuTdSXUrFgU72xNELZy0CkM/N
Ep3vF76zReJJtXVeLzg3fLhPtEd4JJgg6UgrL+9T0WC2QMOJ4460K1jNiaUP3CPC
TmUzENKv/Y0BGGovAzgLJkINm2CcW3YhP4SIJ7Ob/sfsgfHFwp6k4Kn9oKAdznEi
3NaiziTYg7ZOGl6a+vRwklDUoUSaE/Va2vbueL+Y6bgc2tYBg9HvgO3x2/O2YLxj
yH2K6JDQENk3sjfixJgcsN4JJNvj6tj81RaepRL1B2Q5rGlFAzuBsSLhntLzbr5V
0fgiiaiQowna1+slGzD/fKqdU3BzVoplp6EdhM0u5qpaGIASWJtBBAoIdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMNWkl5PN1WETjmqMrOBPHRaZ3BaMB8GA1UdIwQY
MBaAFIzwsLRqCNHnD8vdh3rZOaATLhJpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalBDd3RHb0kwZWNQeTkySGV0azVvQk11RW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80ODhmOTAtMjI0ZS00NjM0LTk2N2Yt
OGYxODFkM2EzZThmLzEvalBDd3RHb0kwZWNQeTkySGV0azVvQk11RW1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy80ODhmOTAtMjI0ZS00NjM0LTk2N2YtOGYxODFkM2EzZThm
LzEvalBDd3RHb0kwZWNQeTkySGV0azVvQk11RW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsjg9sAnN
3SHxv5Iv4n5qZ/fBV7UE9KX9ST5xUfznI1Nlx6eekrLxNgswaHBWTOOhw4Ncm+ta
lJowQ5D7CdxFzZlYJIw7wDStYQyZBhrcw77CZG2FRDRfbbzXfwQocEqljWo8Qe8R
lviF+PreaVPBFBRcqqaNKsYHHnCu1ls1UWME5/kGOaVUjSqbn90VBnq/3CTDO/Jc
6RVHC9DvjGaVRzLQGWALJhi4zTYYKzyNVnAQ1EYP3uy/xMaSFNz1dskE6PDaupHF
Sefens2HlfdDKW/6siVGJNUZOcAGvEEyUxcvVrLwcND2Qv0OPYdrb5zqPCUY5Q9T
vCZVRY+x0mJYfw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:57:55 2025 by rpki-client