Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
File: JY8HU8Azwa8JGGbQlCZFEmlspos.mft (raw, json)
Hash identifier: 6pjv2SnZ7T5Jff65PaaX6bUCnBtg05KmuaGJ+yyTmHI=
Subject key identifier: C5:42:B8:EA:0B:1D:1F:F8:DE:9B:EE:58:74:43:77:96:9D:6B:B2:99
Authority key identifier: 25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B
Certificate issuer: /CN=258f0753c033c1af091866d094264512696ca68b
Certificate serial: 019A2409BEB176F2C235AA5CCE7C77F1CE3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
Manifest number: 0A42
Signing time: Mon 27 Oct 2025 05:00:09 +0000
Manifest this update: Mon 27 Oct 2025 05:00:09 +0000
Manifest next update: Tue 28 Oct 2025 05:00:09 +0000
Files and hashes: 1: BQh7QT9BX7cTqXjHHhGh4E0jau4.roa (hash: ji+6a8qXV045VZtKjEfl6cGy7fTl7ME8scmY2gpWI2s=)
2: JY8HU8Azwa8JGGbQlCZFEmlspos.crl (hash: 0UxJce4/rmouOQsceKWuTJB3oGOHRIhVqOaLe4IFzDg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 05:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:09:be:b1:76:f2:c2:35:aa:5c:ce:7c:77:f1:ce:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=258f0753c033c1af091866d094264512696ca68b
Validity
Not Before: Oct 27 05:00:09 2025 GMT
Not After : Oct 28 05:00:09 2025 GMT
Subject: CN=c542b8ea0b1d1ff8de9bee58744377969d6bb299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b7:f1:3f:0e:bd:e1:cd:be:00:7f:a0:d5:ba:
73:46:6e:02:38:9f:46:7b:96:ff:b1:45:a7:14:9a:
10:83:ed:28:5c:53:e8:50:26:38:ff:ee:cb:7d:09:
f6:aa:af:55:7b:f7:ce:38:a4:66:5f:08:1d:c3:c5:
31:e7:de:d4:67:ba:49:54:e5:71:cb:4b:f5:ee:b8:
fe:a0:d6:d9:bf:5a:ca:69:9e:ea:21:b5:93:ff:4b:
ad:d3:9e:3b:2f:f2:37:52:e7:41:92:4b:5a:f7:ff:
fa:f9:31:a6:07:b2:85:78:c3:6f:d3:fb:e9:6a:0f:
2b:7a:5d:bc:09:08:db:98:76:d3:b2:5c:86:9e:2d:
2a:38:23:b6:a9:43:8f:b3:31:98:52:79:90:4e:cd:
7b:85:5b:5c:5b:a4:d4:43:e6:4e:77:71:4a:df:f2:
d3:4f:0b:73:9d:05:c0:4f:86:f4:ac:0b:aa:87:7e:
28:b4:20:ae:ab:e5:62:92:1c:b8:32:57:18:ef:0a:
04:36:06:2b:64:f5:92:93:45:e6:9f:4a:f5:4b:7c:
d0:9c:85:06:a3:2a:a2:a3:f1:3e:35:6b:2e:91:61:
b9:1e:19:cd:c0:d5:26:d7:e5:f2:8c:c7:22:65:7d:
c0:b2:46:3f:88:e6:e5:13:59:17:ed:92:cc:5c:96:
2d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:42:B8:EA:0B:1D:1F:F8:DE:9B:EE:58:74:43:77:96:9D:6B:B2:99
X509v3 Authority Key Identifier:
keyid:25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
88:94:b6:c1:31:ea:b3:4c:ec:3a:87:84:9c:1a:14:a5:91:cd:
df:77:f0:eb:cc:23:64:19:dd:7b:9a:ae:df:60:3b:94:ce:9f:
fc:dc:fb:83:13:16:e9:63:3a:f7:7d:75:d7:cf:ef:6f:b9:53:
88:db:45:9a:c8:47:d2:22:10:9b:a9:7d:64:3c:22:8b:08:ab:
c0:98:9c:42:11:a2:28:91:f8:d3:b6:1a:b3:3b:70:1e:eb:7c:
23:9a:1f:90:0b:47:e3:71:99:d9:d1:b8:e7:e0:cd:8d:ab:b1:
f3:b9:22:c3:36:5f:94:c4:b4:05:49:56:8d:ad:ec:60:7e:fa:
54:65:28:d4:f7:bf:a3:75:c7:ba:74:a1:60:f3:fa:05:3e:f7:
9b:86:67:60:74:4c:44:2b:7e:50:ae:80:79:0a:fe:06:f7:f4:
bb:ca:99:b7:ff:c3:e6:d6:5a:22:43:d2:92:6f:a6:ad:5c:b5:
e8:c1:3d:6a:7e:5e:d7:25:bb:45:df:1e:41:eb:77:71:94:80:
af:ec:66:f8:fb:75:b9:a4:58:5e:23:16:51:72:f0:59:db:1d:
b4:5c:f9:4d:43:55:f5:60:a7:56:c0:28:02:5d:66:19:d6:cd:
e5:c5:84:89:d5:ae:12:28:aa:e6:97:65:31:da:14:f9:96:98:
57:03:24:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZokCb6xdvLCNapcznx38c48MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OGYwNzUzYzAzM2MxYWYwOTE4NjZkMDk0MjY0NTEyNjk2
Y2E2OGIwHhcNMjUxMDI3MDUwMDA5WhcNMjUxMDI4MDUwMDA5WjAzMTEwLwYDVQQD
EyhjNTQyYjhlYTBiMWQxZmY4ZGU5YmVlNTg3NDQzNzc5NjlkNmJiMjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLfxPw694c2+AH+g1bpzRm4COJ9G
e5b/sUWnFJoQg+0oXFPoUCY4/+7LfQn2qq9Ve/fOOKRmXwgdw8Ux597UZ7pJVOVx
y0v17rj+oNbZv1rKaZ7qIbWT/0ut0547L/I3UudBkkta9//6+TGmB7KFeMNv0/vp
ag8rel28CQjbmHbTslyGni0qOCO2qUOPszGYUnmQTs17hVtcW6TUQ+ZOd3FK3/LT
TwtznQXAT4b0rAuqh34otCCuq+Vikhy4MlcY7woENgYrZPWSk0Xmn0r1S3zQnIUG
oyqio/E+NWsukWG5HhnNwNUm1+XyjMciZX3AskY/iOblE1kX7ZLMXJYtMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMVCuOoLHR/43pvuWHRDd5ada7KZMB8GA1UdIwQY
MBaAFCWPB1PAM8GvCRhm0JQmRRJpbKaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQt
MmMyZjBkMjRmOTM2LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQtMmMyZjBkMjRmOTM2
LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiJS2wTHq
s0zsOoeEnBoUpZHN33fw68wjZBnde5qu32A7lM6f/Nz7gxMW6WM6931118/vb7lT
iNtFmshH0iIQm6l9ZDwiiwirwJicQhGiKJH407YasztwHut8I5ofkAtH43GZ2dG4
5+DNjaux87kiwzZflMS0BUlWja3sYH76VGUo1Pe/o3XHunShYPP6BT73m4ZnYHRM
RCt+UK6AeQr+Bvf0u8qZt//D5tZaIkPSkm+mrVy16ME9an5e1yW7Rd8eQet3cZSA
r+xm+Pt1uaRYXiMWUXLwWdsdtFz5TUNV9WCnVsAoAl1mGdbN5cWEidWuEiiq5pdl
MdoU+ZaYVwMk6g==
-----END CERTIFICATE-----
Generated at Mon Oct 27 12:28:44 2025 by rpki-client