Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.mft
File: Jnzx804vAQuQLcFCRVtrtzJs8I0.mft (raw, json)
Hash identifier: aaDlfdz9HTSzrt9umtK37npp/tqvDpkyAEZ3DOZVZW8=
Subject key identifier: D6:5E:E5:96:7C:01:A3:83:3D:3D:B4:03:EE:20:61:47:7F:3C:C3:9B
Authority key identifier: 26:7C:F1:F3:4E:2F:01:0B:90:2D:C1:42:45:5B:6B:B7:32:6C:F0:8D
Certificate issuer: /CN=267cf1f34e2f010b902dc142455b6bb7326cf08d
Certificate serial: 019A7149E569988345F44993BFB46D85D6DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jnzx804vAQuQLcFCRVtrtzJs8I0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 05:00:59 +0000
Manifest this update: Tue 11 Nov 2025 05:00:59 +0000
Manifest next update: Wed 12 Nov 2025 05:00:59 +0000
Files and hashes: 1: Jnzx804vAQuQLcFCRVtrtzJs8I0.crl (hash: IR8eXJWhIeJ337QJ+a3vwyQKhyqezTUeqzi0xLLJ87c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jnzx804vAQuQLcFCRVtrtzJs8I0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:e5:69:98:83:45:f4:49:93:bf:b4:6d:85:d6:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=267cf1f34e2f010b902dc142455b6bb7326cf08d
Validity
Not Before: Nov 11 05:00:59 2025 GMT
Not After : Nov 12 05:00:59 2025 GMT
Subject: CN=d65ee5967c01a3833d3db403ee2061477f3cc39b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9f:08:f5:b4:18:f2:1d:2f:b5:b7:fa:97:e4:
0e:c6:61:b1:22:38:54:17:c8:eb:63:0f:a7:91:74:
3c:96:38:0f:dc:d6:4d:e0:34:e1:78:10:80:8b:f2:
03:87:ed:4a:1c:33:11:04:a3:06:a4:ec:13:56:b1:
1b:b0:d1:5c:87:a1:07:6a:63:f1:a6:4b:a0:b7:46:
c1:00:de:4b:f4:08:31:e7:c8:b6:21:08:aa:2d:ab:
45:70:d7:20:0d:83:8b:86:ae:04:6a:3a:f6:e4:ad:
db:5e:43:da:8d:6b:bb:3b:e4:b3:1b:fd:39:48:f7:
ec:26:7a:ac:4d:45:67:ab:7b:82:e1:df:40:8d:a3:
92:f6:d3:03:47:7f:09:d5:7e:c2:4b:30:77:cc:8b:
67:af:66:68:2d:d7:53:4f:ba:5e:52:4f:40:7d:f3:
34:36:97:66:82:c2:6a:a8:af:3e:9d:d8:c6:31:61:
2f:9b:eb:d2:28:f1:d6:69:af:83:92:b3:84:5d:f9:
f2:31:7e:83:78:9f:6d:30:a0:27:5a:1d:9b:3d:07:
4d:2d:86:4b:bb:e0:d4:db:cf:7b:9c:ff:23:07:ca:
f4:e2:77:c5:03:9d:42:f2:4e:96:44:1f:60:b5:0a:
94:d9:fc:61:a6:3b:cd:1f:65:88:c3:cb:f8:03:f2:
46:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:5E:E5:96:7C:01:A3:83:3D:3D:B4:03:EE:20:61:47:7F:3C:C3:9B
X509v3 Authority Key Identifier:
keyid:26:7C:F1:F3:4E:2F:01:0B:90:2D:C1:42:45:5B:6B:B7:32:6C:F0:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jnzx804vAQuQLcFCRVtrtzJs8I0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:f4:16:87:e6:e1:22:a9:4a:93:d4:c6:be:17:7e:24:e4:8b:
88:49:dd:bd:5c:c8:bd:59:4b:82:2f:e5:d3:56:d5:cf:ea:38:
39:4e:70:c6:37:02:37:03:16:5a:4a:0b:77:59:6b:a4:2e:27:
53:69:91:41:aa:8b:bb:21:6c:b6:87:f7:5b:f3:dd:57:16:91:
f4:13:d7:b7:eb:fd:a6:fe:9d:2a:62:aa:32:b0:fd:c6:48:c9:
47:ee:9d:95:85:45:72:62:98:92:5e:e0:24:ab:74:7e:d1:bf:
43:33:b7:8a:7f:e6:d2:5f:90:79:06:7d:64:ba:d3:53:8b:d9:
d4:09:e9:b1:2f:f8:dc:8e:73:d8:3a:04:98:2d:2b:24:da:a5:
48:42:9b:0c:dd:3c:1a:cb:48:db:9f:b0:3c:38:bc:73:9e:bf:
38:3b:b1:e4:ce:61:6d:8d:55:f9:a8:13:db:fd:37:f9:01:f7:
97:3f:b8:1f:6d:e5:c8:7a:2a:0f:23:73:9f:29:3b:0f:c2:37:
9d:07:de:d1:16:a3:13:28:af:32:e0:36:06:4e:ed:b0:90:34:
30:46:6b:ae:e0:64:87:9e:64:16:3b:80:55:d9:e8:95:0d:b7:
00:2e:c9:2a:8d:4b:7b:ba:1a:17:0a:25:7f:10:42:73:67:b8:
fa:a6:7d:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSeVpmINF9EmTv7RthdbdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2N2NmMWYzNGUyZjAxMGI5MDJkYzE0MjQ1NWI2YmI3MzI2
Y2YwOGQwHhcNMjUxMTExMDUwMDU5WhcNMjUxMTEyMDUwMDU5WjAzMTEwLwYDVQQD
EyhkNjVlZTU5NjdjMDFhMzgzM2QzZGI0MDNlZTIwNjE0NzdmM2NjMzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu58I9bQY8h0vtbf6l+QOxmGxIjhU
F8jrYw+nkXQ8ljgP3NZN4DTheBCAi/IDh+1KHDMRBKMGpOwTVrEbsNFch6EHamPx
pkugt0bBAN5L9Agx58i2IQiqLatFcNcgDYOLhq4Eajr25K3bXkPajWu7O+SzG/05
SPfsJnqsTUVnq3uC4d9AjaOS9tMDR38J1X7CSzB3zItnr2ZoLddTT7peUk9AffM0
NpdmgsJqqK8+ndjGMWEvm+vSKPHWaa+DkrOEXfnyMX6DeJ9tMKAnWh2bPQdNLYZL
u+DU2897nP8jB8r04nfFA51C8k6WRB9gtQqU2fxhpjvNH2WIw8v4A/JGKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNZe5ZZ8AaODPT20A+4gYUd/PMObMB8GA1UdIwQY
MBaAFCZ88fNOLwELkC3BQkVba7cybPCNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm56eDgwNHZBUXVRTGNGQ1JWdHJ0ekpzOEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85MWJjZDgtYTFmNy00ZmIxLWIyODgt
MDExYjQ1MWI0NWI0LzEvSm56eDgwNHZBUXVRTGNGQ1JWdHJ0ekpzOEkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85MWJjZDgtYTFmNy00ZmIxLWIyODgtMDExYjQ1MWI0NWI0
LzEvSm56eDgwNHZBUXVRTGNGQ1JWdHJ0ekpzOEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnvQWh+bh
IqlKk9TGvhd+JOSLiEndvVzIvVlLgi/l01bVz+o4OU5wxjcCNwMWWkoLd1lrpC4n
U2mRQaqLuyFstof3W/PdVxaR9BPXt+v9pv6dKmKqMrD9xkjJR+6dlYVFcmKYkl7g
JKt0ftG/QzO3in/m0l+QeQZ9ZLrTU4vZ1AnpsS/43I5z2DoEmC0rJNqlSEKbDN08
GstI25+wPDi8c56/ODux5M5hbY1V+agT2/03+QH3lz+4H23lyHoqDyNznyk7D8I3
nQfe0RajEyivMuA2Bk7tsJA0MEZrruBkh55kFjuAVdnolQ23AC7JKo1Le7oaFwol
fxBCc2e4+qZ99g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:02:34 2025 by rpki-client