Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
File: JY8HU8Azwa8JGGbQlCZFEmlspos.mft (raw, json)
Hash identifier: gHj2+WGX/C7sGdsoIREUo+ozSGK/uR8mXZmBYpYl69o=
Subject key identifier: B7:DB:D2:F9:DA:05:93:97:AD:34:F8:AF:4B:46:10:4F:F7:B4:DF:2C
Authority key identifier: 25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B
Certificate issuer: /CN=258f0753c033c1af091866d094264512696ca68b
Certificate serial: 0199233136C38C9C206EF1D82973D69E18FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
Manifest number: 09BD
Signing time: Sun 07 Sep 2025 08:00:51 +0000
Manifest this update: Sun 07 Sep 2025 08:00:51 +0000
Manifest next update: Mon 08 Sep 2025 08:00:51 +0000
Files and hashes: 1: BQh7QT9BX7cTqXjHHhGh4E0jau4.roa (hash: ji+6a8qXV045VZtKjEfl6cGy7fTl7ME8scmY2gpWI2s=)
2: JY8HU8Azwa8JGGbQlCZFEmlspos.crl (hash: V/V/CPU+xhyVGXbAJb7qtBxfPvUlSIf5sCt5hYJ3460=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:31:36:c3:8c:9c:20:6e:f1:d8:29:73:d6:9e:18:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=258f0753c033c1af091866d094264512696ca68b
Validity
Not Before: Sep 7 08:00:51 2025 GMT
Not After : Sep 8 08:00:51 2025 GMT
Subject: CN=b7dbd2f9da059397ad34f8af4b46104ff7b4df2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:de:83:03:dc:37:37:10:60:30:1c:0e:ee:26:
8c:46:51:9f:82:d8:e8:12:2e:e7:e6:eb:df:7f:25:
b8:98:fc:6a:58:f4:0b:56:db:41:34:5e:ac:a4:8c:
02:09:a8:26:88:ab:3e:d2:d0:64:6f:b9:48:e8:e2:
7a:b0:fc:e9:bd:9f:d3:02:8d:f8:68:1d:f0:41:3c:
f8:a2:ff:ac:55:25:9c:1c:8d:be:e4:67:4e:d4:5d:
f1:20:02:f4:2f:2f:90:3a:29:a8:df:0b:df:b9:45:
7c:61:ad:05:29:61:7f:8a:f3:50:75:4d:b1:ad:2f:
be:e5:62:6e:45:97:97:a4:72:c1:77:a9:fc:15:81:
45:06:5e:db:c3:16:c5:2a:cd:cc:a1:00:ff:b5:2a:
93:9d:07:fc:da:ce:da:63:e9:25:d5:ff:b2:c2:51:
18:ed:6d:72:09:9e:b5:6c:d4:a0:9a:b9:e3:8d:62:
ea:77:ba:7d:34:f0:db:c2:f7:bc:2f:f2:27:86:df:
42:27:7a:9a:5c:24:1b:88:7d:3a:bc:fa:73:89:c7:
70:ad:42:b7:6f:fc:75:04:08:40:6c:7c:18:1a:9c:
c7:7c:e5:1e:1c:26:c8:8f:8c:a9:4a:e5:68:46:3d:
db:20:75:c4:95:71:4a:93:db:e8:b1:a8:6b:a7:99:
fc:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:DB:D2:F9:DA:05:93:97:AD:34:F8:AF:4B:46:10:4F:F7:B4:DF:2C
X509v3 Authority Key Identifier:
keyid:25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:4a:dd:27:61:61:09:86:fa:72:d9:b5:d3:1f:df:f1:e7:fa:
42:2a:c1:b8:be:3e:6c:bc:6b:14:bd:5b:22:9e:c7:84:74:3e:
b6:e0:bc:2b:18:51:b0:c4:ac:a8:e6:d1:3c:6e:d4:1f:90:b4:
22:b3:06:bc:c6:5b:0b:71:50:b9:0b:81:47:a1:70:17:c1:65:
43:86:71:c2:e2:c5:3a:8b:ac:df:8c:5e:39:a2:16:16:2d:68:
80:a1:49:02:72:9c:f9:83:e0:a3:ca:50:ab:93:4a:2b:3e:3a:
82:d5:e1:9a:95:9a:84:2b:28:7e:ac:24:24:8e:9a:bb:87:b4:
68:71:4b:af:31:a6:af:a6:e6:7f:5e:fa:8c:02:06:97:c7:98:
8d:6a:ad:7f:13:ca:ca:c9:ea:54:25:6c:73:10:51:bd:c3:5c:
3a:f9:ba:e4:79:d2:8a:72:5b:49:df:28:e8:7b:12:94:91:be:
cf:bb:d1:41:11:27:00:e3:ea:d1:e2:77:bc:02:89:25:05:1a:
52:97:29:fa:b6:71:79:18:3f:72:c4:62:5e:32:73:45:8b:bd:
42:b2:12:6d:41:14:71:b3:cc:6e:d8:0c:b7:fe:e0:0c:44:fc:
a1:bc:8e:26:33:1c:05:75:93:21:fc:00:db:9b:86:ce:ec:75:
c3:12:8d:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMTbDjJwgbvHYKXPWnhj6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OGYwNzUzYzAzM2MxYWYwOTE4NjZkMDk0MjY0NTEyNjk2
Y2E2OGIwHhcNMjUwOTA3MDgwMDUxWhcNMjUwOTA4MDgwMDUxWjAzMTEwLwYDVQQD
EyhiN2RiZDJmOWRhMDU5Mzk3YWQzNGY4YWY0YjQ2MTA0ZmY3YjRkZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5t6DA9w3NxBgMBwO7iaMRlGfgtjo
Ei7n5uvffyW4mPxqWPQLVttBNF6spIwCCagmiKs+0tBkb7lI6OJ6sPzpvZ/TAo34
aB3wQTz4ov+sVSWcHI2+5GdO1F3xIAL0Ly+QOimo3wvfuUV8Ya0FKWF/ivNQdU2x
rS++5WJuRZeXpHLBd6n8FYFFBl7bwxbFKs3MoQD/tSqTnQf82s7aY+kl1f+ywlEY
7W1yCZ61bNSgmrnjjWLqd7p9NPDbwve8L/Inht9CJ3qaXCQbiH06vPpzicdwrUK3
b/x1BAhAbHwYGpzHfOUeHCbIj4ypSuVoRj3bIHXElXFKk9vosahrp5n83QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLfb0vnaBZOXrTT4r0tGEE/3tN8sMB8GA1UdIwQY
MBaAFCWPB1PAM8GvCRhm0JQmRRJpbKaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQt
MmMyZjBkMjRmOTM2LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQtMmMyZjBkMjRmOTM2
LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhErdJ2Fh
CYb6ctm10x/f8ef6QirBuL4+bLxrFL1bIp7HhHQ+tuC8KxhRsMSsqObRPG7UH5C0
IrMGvMZbC3FQuQuBR6FwF8FlQ4ZxwuLFOous34xeOaIWFi1ogKFJAnKc+YPgo8pQ
q5NKKz46gtXhmpWahCsofqwkJI6au4e0aHFLrzGmr6bmf176jAIGl8eYjWqtfxPK
ysnqVCVscxBRvcNcOvm65HnSinJbSd8o6HsSlJG+z7vRQREnAOPq0eJ3vAKJJQUa
Upcp+rZxeRg/csRiXjJzRYu9QrISbUEUcbPMbtgMt/7gDET8obyOJjMcBXWTIfwA
25uGzux1wxKNGA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 14:34:12 2025 by rpki-client