Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
File: JkXNQMgEm-mprn8DM2q9P-CCr7k.mft (raw, json)
Hash identifier: VeSMgPwWuHqI/76W3czSpKiv2hUguGuT3r8tmfg30+U=
Subject key identifier: 5E:59:00:E6:F0:01:03:8C:2D:37:77:C6:E4:02:F2:67:21:0C:44:F2
Authority key identifier: 26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9
Certificate issuer: /CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9
Certificate serial: 0197488D3279DA0EED765AB35A3EFAACEBE2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
Manifest number: 157A
Signing time: Sat 07 Jun 2025 04:01:42 +0000
Manifest this update: Sat 07 Jun 2025 04:01:42 +0000
Manifest next update: Sun 08 Jun 2025 04:01:42 +0000
Files and hashes: 1: JkXNQMgEm-mprn8DM2q9P-CCr7k.crl (hash: SYiajlLidP11Jckc1ciKgvbovS8ZBGgzl63A0+tc4+M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 04:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:48:8d:32:79:da:0e:ed:76:5a:b3:5a:3e:fa:ac:eb:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9
Validity
Not Before: Jun 7 04:01:42 2025 GMT
Not After : Jun 8 04:01:42 2025 GMT
Subject: CN=5e5900e6f001038c2d3777c6e402f267210c44f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a1:e7:d6:7f:3c:03:ef:f7:27:6a:b6:c7:01:
40:a1:ff:a2:de:da:1f:a6:da:12:15:9d:42:13:47:
7c:38:55:79:11:e0:9e:6d:75:28:30:36:c5:03:a0:
7b:2e:a1:f4:a7:a2:8e:47:70:d4:51:c2:51:5f:90:
49:b2:03:4c:79:8c:93:54:db:7d:f6:1f:4d:7f:9f:
dc:6f:9a:e7:cf:b2:3f:e5:2d:ec:a8:9f:47:1b:6e:
33:87:a3:4d:73:c0:fa:3e:24:1b:33:c4:d3:f0:e1:
3b:8c:84:a4:b6:01:12:2d:1e:96:cb:20:98:bf:cc:
35:0f:05:d5:2c:01:fa:2d:fb:44:42:a5:bd:fa:21:
c8:b7:41:92:41:d5:59:1c:dc:75:04:36:a1:a9:3c:
8d:d0:4f:e9:c2:1a:b0:2e:15:c5:ed:68:f3:fe:33:
b7:20:70:e1:28:4a:43:42:2e:bf:19:48:96:37:66:
b1:07:ea:4d:09:f9:f5:d9:69:65:95:8b:d0:49:fa:
1f:8e:4e:5e:03:65:2c:3a:29:c3:68:8e:80:0c:98:
16:64:35:cf:65:d2:ad:cc:e9:01:55:f3:25:58:b7:
76:80:0e:83:6b:dc:f5:1c:28:8e:59:b4:f4:75:fc:
51:48:d3:41:bd:64:e5:3c:62:f7:ec:e9:34:f6:95:
89:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:59:00:E6:F0:01:03:8C:2D:37:77:C6:E4:02:F2:67:21:0C:44:F2
X509v3 Authority Key Identifier:
keyid:26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
45:75:dc:3a:47:cb:29:4d:8e:7f:17:d4:ee:48:c4:8d:c2:42:
9e:11:fb:79:65:02:80:47:8b:37:34:2d:1a:8a:fc:7c:67:3a:
df:6c:76:cb:c6:d4:19:85:3a:b7:d8:95:0c:08:0d:ab:76:54:
bd:48:e9:37:c7:9b:8e:de:b8:d9:6f:4b:86:91:6c:c4:74:37:
aa:c6:7d:c1:ae:7c:c6:19:6b:94:42:9d:20:81:c1:aa:bc:43:
e1:9f:0f:3f:d7:ce:e8:86:2a:9c:54:30:9b:d3:26:a1:6d:9b:
06:c7:8a:f6:07:53:d2:ad:04:c6:94:05:8b:53:e7:1e:1c:55:
57:af:66:44:d4:ff:e6:72:c5:d6:6f:31:60:7a:62:c2:f2:bc:
0b:23:be:31:fa:f5:79:f4:9c:bc:5b:a7:83:f6:36:d1:2a:9f:
93:ea:26:36:e2:48:6a:cd:6d:1f:08:e4:1b:30:d0:07:eb:bc:
e2:38:df:c2:30:5a:6d:aa:cd:31:2a:b9:ca:de:95:35:7a:1a:
4a:59:a3:5c:b5:a7:5b:fc:df:46:68:99:48:37:d0:d0:d2:53:
f4:0e:01:d7:bb:21:08:30:30:55:2e:a7:9f:cf:c4:fa:08:c9:
74:51:0f:42:79:73:94:f3:40:50:ac:ea:07:6e:37:2f:82:9e:
08:24:e7:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjTJ52g7tdlqzWj76rOviMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NDVjZDQwYzgwNDliZTlhOWFlN2YwMzMzNmFiZDNmZTA4
MmFmYjkwHhcNMjUwNjA3MDQwMTQyWhcNMjUwNjA4MDQwMTQyWjAzMTEwLwYDVQQD
Eyg1ZTU5MDBlNmYwMDEwMzhjMmQzNzc3YzZlNDAyZjI2NzIxMGM0NGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKHn1n88A+/3J2q2xwFAof+i3tof
ptoSFZ1CE0d8OFV5EeCebXUoMDbFA6B7LqH0p6KOR3DUUcJRX5BJsgNMeYyTVNt9
9h9Nf5/cb5rnz7I/5S3sqJ9HG24zh6NNc8D6PiQbM8TT8OE7jISktgESLR6WyyCY
v8w1DwXVLAH6LftEQqW9+iHIt0GSQdVZHNx1BDahqTyN0E/pwhqwLhXF7Wjz/jO3
IHDhKEpDQi6/GUiWN2axB+pNCfn12WlllYvQSfofjk5eA2UsOinDaI6ADJgWZDXP
ZdKtzOkBVfMlWLd2gA6Da9z1HCiOWbT0dfxRSNNBvWTlPGL37Ok09pWJnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF5ZAObwAQOMLTd3xuQC8mchDETyMB8GA1UdIwQY
MBaAFCZFzUDIBJvpqa5/AzNqvT/ggq+5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUt
YzExNDlhMDE4MTVmLzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUtYzExNDlhMDE4MTVm
LzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARXXcOkfL
KU2OfxfU7kjEjcJCnhH7eWUCgEeLNzQtGor8fGc632x2y8bUGYU6t9iVDAgNq3ZU
vUjpN8ebjt642W9LhpFsxHQ3qsZ9wa58xhlrlEKdIIHBqrxD4Z8PP9fO6IYqnFQw
m9MmoW2bBseK9gdT0q0ExpQFi1PnHhxVV69mRNT/5nLF1m8xYHpiwvK8CyO+Mfr1
efScvFung/Y20Sqfk+omNuJIas1tHwjkGzDQB+u84jjfwjBabarNMSq5yt6VNXoa
SlmjXLWnW/zfRmiZSDfQ0NJT9A4B17shCDAwVS6nn8/E+gjJdFEPQnlzlPNAUKzq
B243L4KeCCTnxQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:41:07 2025 by rpki-client