Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/39ab2e-feeb-4a0e-8740-45296c32f0a3/1/jha95kqam7o_-hQ4oZesP5SYn68.mft
File: jha95kqam7o_-hQ4oZesP5SYn68.mft (raw, json)
Hash identifier: MHPhP+sojHl/U4oLAC0nu2pFJjseeCJpMyX4dgoj/9c=
Subject key identifier: 68:B2:97:90:12:5A:90:7F:3B:0B:59:33:E1:1A:EF:6D:73:7C:9D:CC
Authority key identifier: 8E:16:BD:E6:4A:9A:9B:BA:3F:FA:14:38:A1:97:AC:3F:94:98:9F:AF
Certificate issuer: /CN=8e16bde64a9a9bba3ffa1438a197ac3f94989faf
Certificate serial: 019A725CCCF27B66A499188C95982D6CFFDB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jha95kqam7o_-hQ4oZesP5SYn68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/39ab2e-feeb-4a0e-8740-45296c32f0a3/1/jha95kqam7o_-hQ4oZesP5SYn68.mft
Manifest number: 0AB3
Signing time: Tue 11 Nov 2025 10:01:15 +0000
Manifest this update: Tue 11 Nov 2025 10:01:15 +0000
Manifest next update: Wed 12 Nov 2025 10:01:15 +0000
Files and hashes: 1: jha95kqam7o_-hQ4oZesP5SYn68.crl (hash: 0pBFCtOwVbEmk+ObMtfaG51N8bZKrA/23avK2h3CDAk=)
2: lgcKgcRNJg401G2YURIZe_B5NuU.roa (hash: uy67hQlFG6+Rikv9aAochHvjUmoKf+eqiNInXnUkhzk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/39ab2e-feeb-4a0e-8740-45296c32f0a3/1/jha95kqam7o_-hQ4oZesP5SYn68.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/39ab2e-feeb-4a0e-8740-45296c32f0a3/1/jha95kqam7o_-hQ4oZesP5SYn68.mft
rsync://rpki.ripe.net/repository/DEFAULT/jha95kqam7o_-hQ4oZesP5SYn68.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:cc:f2:7b:66:a4:99:18:8c:95:98:2d:6c:ff:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e16bde64a9a9bba3ffa1438a197ac3f94989faf
Validity
Not Before: Nov 11 10:01:15 2025 GMT
Not After : Nov 12 10:01:15 2025 GMT
Subject: CN=68b29790125a907f3b0b5933e11aef6d737c9dcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:62:8e:5f:8f:cd:27:6e:78:b9:00:3b:e0:99:
d8:a5:98:ac:4e:99:27:35:b1:b8:08:1e:4f:46:3f:
0b:89:58:a9:7d:86:8a:0a:da:5f:ef:1c:5e:4a:22:
0d:05:fb:60:34:0d:e1:cd:09:f0:50:06:c0:ce:e6:
c0:72:4d:bf:ec:63:59:36:ef:36:79:9e:fc:51:24:
68:bf:74:86:41:63:ff:f2:f6:ee:d4:a5:04:e7:39:
a9:e4:c9:53:e5:49:2f:df:d8:1e:28:bd:04:20:0f:
69:a7:1b:8a:05:45:e2:77:2a:50:ed:32:f0:92:94:
e9:2b:80:f6:6b:0c:3b:74:b5:61:51:5b:16:af:fa:
8d:90:b8:18:85:2a:48:10:86:c7:3c:0d:5e:d2:a9:
db:b6:66:75:83:9f:26:69:a2:29:ef:15:3b:44:61:
f9:00:93:3b:41:85:99:7c:c9:52:92:8c:1b:dc:e6:
84:cc:43:2e:f2:2c:fe:4c:ee:db:b0:e5:98:2b:81:
c0:2d:c5:c5:ab:35:9b:7d:ab:26:f0:61:96:af:2a:
f8:ba:a8:cb:48:11:b3:e5:1c:5e:40:1e:b3:bb:d2:
dd:13:0d:3d:fa:eb:91:f8:87:52:f9:62:f5:69:8a:
c8:94:d6:aa:20:d0:b1:1b:5b:66:3d:f1:2b:00:0e:
95:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B2:97:90:12:5A:90:7F:3B:0B:59:33:E1:1A:EF:6D:73:7C:9D:CC
X509v3 Authority Key Identifier:
keyid:8E:16:BD:E6:4A:9A:9B:BA:3F:FA:14:38:A1:97:AC:3F:94:98:9F:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jha95kqam7o_-hQ4oZesP5SYn68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/39ab2e-feeb-4a0e-8740-45296c32f0a3/1/jha95kqam7o_-hQ4oZesP5SYn68.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/39ab2e-feeb-4a0e-8740-45296c32f0a3/1/jha95kqam7o_-hQ4oZesP5SYn68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:2f:6b:8a:51:05:2c:06:d4:aa:72:ac:ef:9a:ea:0f:24:15:
28:24:6a:70:ae:6f:6d:9c:60:82:27:ea:8f:1c:b5:a9:0d:aa:
9c:3b:08:95:d8:4b:55:f4:73:4f:7a:40:9a:06:8b:e4:49:b2:
57:f2:c2:95:da:b1:28:2a:d4:0e:af:5d:9a:24:2f:6b:9e:e6:
5e:27:fb:70:c1:43:a6:f7:ca:23:a5:b1:67:e6:e5:bc:66:15:
15:1f:e0:d9:45:52:b7:12:2b:b7:22:aa:e4:d9:df:92:4f:63:
1e:64:2c:e0:fa:f0:e9:96:6b:d3:cd:23:79:00:ae:f5:1f:d8:
2e:ac:54:77:c5:cd:05:33:eb:3d:18:a7:b6:45:88:45:f1:75:
99:d3:37:c1:8f:27:0a:cb:1a:d1:cb:c3:f4:a4:e1:1f:e3:6f:
2e:a6:d0:0e:78:1d:57:04:08:b0:90:02:f9:c1:59:6f:65:8b:
a1:b1:91:64:60:37:40:c2:68:4b:4d:6a:9a:37:19:a7:c6:bc:
b1:5b:e2:15:24:75:97:61:95:77:80:c3:dd:c6:81:0f:79:46:
5c:be:71:39:61:a8:0b:37:a3:27:66:b8:73:47:f4:6b:22:1f:
7b:f8:94:9d:ca:00:5b:30:18:eb:a6:02:30:49:e7:bf:98:51:
78:e9:2b:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXMzye2akmRiMlZgtbP/bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMTZiZGU2NGE5YTliYmEzZmZhMTQzOGExOTdhYzNmOTQ5
ODlmYWYwHhcNMjUxMTExMTAwMTE1WhcNMjUxMTEyMTAwMTE1WjAzMTEwLwYDVQQD
Eyg2OGIyOTc5MDEyNWE5MDdmM2IwYjU5MzNlMTFhZWY2ZDczN2M5ZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGKOX4/NJ254uQA74JnYpZisTpkn
NbG4CB5PRj8LiVipfYaKCtpf7xxeSiINBftgNA3hzQnwUAbAzubAck2/7GNZNu82
eZ78USRov3SGQWP/8vbu1KUE5zmp5MlT5Ukv39geKL0EIA9ppxuKBUXidypQ7TLw
kpTpK4D2aww7dLVhUVsWr/qNkLgYhSpIEIbHPA1e0qnbtmZ1g58maaIp7xU7RGH5
AJM7QYWZfMlSkowb3OaEzEMu8iz+TO7bsOWYK4HALcXFqzWbfasm8GGWryr4uqjL
SBGz5RxeQB6zu9LdEw09+uuR+IdS+WL1aYrIlNaqINCxG1tmPfErAA6VuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGiyl5ASWpB/OwtZM+Ea721zfJ3MMB8GA1UdIwQY
MBaAFI4WveZKmpu6P/oUOKGXrD+UmJ+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhhOTVrcWFtN29fLWhRNG9aZXNQNVNZbjY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zOWFiMmUtZmVlYi00YTBlLTg3NDAt
NDUyOTZjMzJmMGEzLzEvamhhOTVrcWFtN29fLWhRNG9aZXNQNVNZbjY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zOWFiMmUtZmVlYi00YTBlLTg3NDAtNDUyOTZjMzJmMGEz
LzEvamhhOTVrcWFtN29fLWhRNG9aZXNQNVNZbjY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEy9rilEF
LAbUqnKs75rqDyQVKCRqcK5vbZxggifqjxy1qQ2qnDsIldhLVfRzT3pAmgaL5Emy
V/LCldqxKCrUDq9dmiQva57mXif7cMFDpvfKI6WxZ+blvGYVFR/g2UVStxIrtyKq
5Nnfkk9jHmQs4Prw6ZZr080jeQCu9R/YLqxUd8XNBTPrPRintkWIRfF1mdM3wY8n
Cssa0cvD9KThH+NvLqbQDngdVwQIsJAC+cFZb2WLobGRZGA3QMJoS01qmjcZp8a8
sVviFSR1l2GVd4DD3caBD3lGXL5xOWGoCzejJ2a4c0f0ayIfe/iUncoAWzAY66YC
MEnnv5hReOkrrg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:54:06 2025 by rpki-client