Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
File: JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft (raw, json)
Hash identifier: GOZI49aVmW9LvJdbim7ui3d6uZ7d+2PeZfc8WGmuhn8=
Subject key identifier: D7:CB:84:CC:BF:52:91:CD:15:9B:80:19:44:64:60:A8:F9:94:35:81
Authority key identifier: 25:89:06:55:4D:8C:8B:42:8E:DE:8C:B3:50:26:86:0D:3D:77:71:DF
Certificate issuer: /CN=258906554d8c8b428ede8cb35026860d3d7771df
Certificate serial: 019A7225D44E2FA79E57CD28229D68E3A2DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JYkGVU2Mi0KO3oyzUCaGDT13cd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
Manifest number: 0DFF
Signing time: Tue 11 Nov 2025 09:01:12 +0000
Manifest this update: Tue 11 Nov 2025 09:01:12 +0000
Manifest next update: Wed 12 Nov 2025 09:01:12 +0000
Files and hashes: 1: JYkGVU2Mi0KO3oyzUCaGDT13cd8.crl (hash: nMTstHL9ru1WqnFmrlrGdu7FAIcOQ/HkvwdeeGtvNBo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
rsync://rpki.ripe.net/repository/DEFAULT/JYkGVU2Mi0KO3oyzUCaGDT13cd8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:d4:4e:2f:a7:9e:57:cd:28:22:9d:68:e3:a2:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=258906554d8c8b428ede8cb35026860d3d7771df
Validity
Not Before: Nov 11 09:01:12 2025 GMT
Not After : Nov 12 09:01:12 2025 GMT
Subject: CN=d7cb84ccbf5291cd159b8019446460a8f9943581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:53:02:c4:76:2c:12:e1:fd:94:7e:51:26:72:
32:c7:44:e7:8a:9c:99:9e:f9:99:12:6c:48:07:f8:
15:2a:2d:36:d9:b9:39:d5:ac:40:2a:9d:76:a6:e0:
c2:63:ca:f8:c8:0d:bd:7b:e8:9f:a9:9c:55:d5:d6:
d1:63:3f:0c:fb:bd:9a:a9:b6:70:62:9f:af:f4:ca:
04:eb:90:a6:26:5f:d5:1e:66:73:e7:ad:bc:45:7d:
75:99:84:24:33:ac:23:e4:e6:0c:8a:7a:e1:d0:18:
40:2b:bc:0f:71:51:aa:12:13:b7:1b:d1:25:94:7b:
74:00:d2:1a:12:90:55:ac:ea:e6:5e:3f:c3:e4:c8:
4b:4a:d7:58:d4:00:99:d8:03:93:06:94:5a:7c:6f:
70:a7:a6:44:10:f1:62:e3:8c:d1:d4:21:75:af:94:
b1:49:c6:a9:41:29:81:ea:f7:40:b4:b5:84:12:18:
af:11:f1:05:05:f5:c0:ff:47:e2:69:6a:d1:97:b9:
e0:c7:bc:85:92:5b:f0:55:53:0a:42:f5:4c:1c:7e:
5a:0c:aa:df:42:c4:e1:b6:2c:4e:3b:f6:a5:c2:0e:
70:7b:70:6f:4b:26:0b:8f:b8:0b:22:73:77:88:ce:
63:fd:96:1c:fe:71:37:68:90:3e:a3:ce:4f:5a:2f:
16:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:CB:84:CC:BF:52:91:CD:15:9B:80:19:44:64:60:A8:F9:94:35:81
X509v3 Authority Key Identifier:
keyid:25:89:06:55:4D:8C:8B:42:8E:DE:8C:B3:50:26:86:0D:3D:77:71:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYkGVU2Mi0KO3oyzUCaGDT13cd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:c2:e4:a2:28:a4:73:b5:4d:dd:b3:43:a3:11:b8:cd:85:18:
76:8b:6c:4f:af:59:90:54:cd:9d:22:b7:43:79:c0:3a:31:9e:
67:72:ec:d9:13:6c:2d:4a:a8:f2:9f:2f:ce:46:54:f0:06:48:
85:93:d1:d4:8d:85:9c:70:f6:c6:27:24:c6:52:4e:83:71:58:
57:9f:5f:ce:79:aa:fe:cb:ae:2e:76:46:f0:38:62:5f:a5:9a:
0b:0f:9a:a5:b2:57:a8:78:9d:6b:67:ed:93:ca:75:91:78:1e:
53:77:26:1d:e6:24:9f:33:c0:17:d5:04:29:9b:e6:03:ad:83:
64:ce:96:f3:0e:f1:ee:c6:62:8d:14:32:60:3e:0a:7e:00:19:
75:47:15:7b:c6:08:8c:83:37:fd:4e:03:c9:78:59:a3:35:66:
aa:e9:c8:d2:f5:b9:72:72:ae:ac:73:d6:86:5e:49:b2:49:e6:
e0:9c:f1:1b:2c:ee:3d:65:33:a1:90:a0:36:6c:11:12:8b:a2:
98:41:d4:1e:86:f6:25:92:68:71:cc:3c:c2:68:72:ae:92:54:
8b:1e:ab:36:5c:3e:34:31:e6:56:2d:ca:ed:64:d5:60:3f:24:
d8:40:b9:56:0b:6f:81:55:f0:00:4b:c2:31:ab:79:8d:83:94:
07:04:3d:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJdROL6eeV80oIp1o46LaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ODkwNjU1NGQ4YzhiNDI4ZWRlOGNiMzUwMjY4NjBkM2Q3
NzcxZGYwHhcNMjUxMTExMDkwMTEyWhcNMjUxMTEyMDkwMTEyWjAzMTEwLwYDVQQD
EyhkN2NiODRjY2JmNTI5MWNkMTU5YjgwMTk0NDY0NjBhOGY5OTQzNTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlMCxHYsEuH9lH5RJnIyx0TnipyZ
nvmZEmxIB/gVKi022bk51axAKp12puDCY8r4yA29e+ifqZxV1dbRYz8M+72aqbZw
Yp+v9MoE65CmJl/VHmZz5628RX11mYQkM6wj5OYMinrh0BhAK7wPcVGqEhO3G9El
lHt0ANIaEpBVrOrmXj/D5MhLStdY1ACZ2AOTBpRafG9wp6ZEEPFi44zR1CF1r5Sx
ScapQSmB6vdAtLWEEhivEfEFBfXA/0fiaWrRl7ngx7yFklvwVVMKQvVMHH5aDKrf
QsThtixOO/alwg5we3BvSyYLj7gLInN3iM5j/ZYc/nE3aJA+o85PWi8WIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNfLhMy/UpHNFZuAGURkYKj5lDWBMB8GA1UdIwQY
MBaAFCWJBlVNjItCjt6Ms1Amhg09d3HfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSllrR1ZVMk1pMEtPM295elVDYUdEVDEzY2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85YjU3YWItNmNhMi00YWE4LTgzODct
YWZkZDUzODI3ZTkzLzEvSllrR1ZVMk1pMEtPM295elVDYUdEVDEzY2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85YjU3YWItNmNhMi00YWE4LTgzODctYWZkZDUzODI3ZTkz
LzEvSllrR1ZVMk1pMEtPM295elVDYUdEVDEzY2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACMLkoiik
c7VN3bNDoxG4zYUYdotsT69ZkFTNnSK3Q3nAOjGeZ3Ls2RNsLUqo8p8vzkZU8AZI
hZPR1I2FnHD2xickxlJOg3FYV59fznmq/suuLnZG8DhiX6WaCw+apbJXqHida2ft
k8p1kXgeU3cmHeYknzPAF9UEKZvmA62DZM6W8w7x7sZijRQyYD4KfgAZdUcVe8YI
jIM3/U4DyXhZozVmqunI0vW5cnKurHPWhl5Jsknm4JzxGyzuPWUzoZCgNmwREoui
mEHUHob2JZJoccw8wmhyrpJUix6rNlw+NDHmVi3K7WTVYD8k2EC5VgtvgVXwAEvC
Mat5jYOUBwQ93Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:53:25 2025 by rpki-client