Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft
File: JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft (raw, json)
Hash identifier: yZgB76luFSAsqerXQBaeWUMwWMqssl3OOhCG2TUfZJI=
Subject key identifier: 74:7A:B6:D0:AD:83:8C:F5:F1:12:0C:C8:CC:A3:23:99:EE:CE:58:99
Authority key identifier: 24:A9:D8:4C:6D:16:C0:83:09:3C:33:71:B4:57:5D:36:EF:44:8F:E4
Certificate issuer: /CN=24a9d84c6d16c083093c3371b4575d36ef448fe4
Certificate serial: 019A725C696B0EAC1FB22013C8BC1D50492D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft
Manifest number: 0AD1
Signing time: Tue 11 Nov 2025 10:00:50 +0000
Manifest this update: Tue 11 Nov 2025 10:00:50 +0000
Manifest next update: Wed 12 Nov 2025 10:00:50 +0000
Files and hashes: 1: JKnYTG0WwIMJPDNxtFddNu9Ej-Q.crl (hash: V6fXTIT10Vh8a6Urxbt4AXmaRURzIRchIroETOrY8pk=)
2: sEY4t-bPe6btAR7wv3UJWwU-X2E.roa (hash: aU4yEzDR1E1BJAYcSFYYldSWQZ2ELBxfjYhJldcUrMM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:69:6b:0e:ac:1f:b2:20:13:c8:bc:1d:50:49:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24a9d84c6d16c083093c3371b4575d36ef448fe4
Validity
Not Before: Nov 11 10:00:50 2025 GMT
Not After : Nov 12 10:00:50 2025 GMT
Subject: CN=747ab6d0ad838cf5f1120cc8cca32399eece5899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:22:bd:2c:a6:23:b0:f8:f0:e6:d9:5e:06:5f:
ae:0b:a4:e2:ab:37:cd:74:93:d8:11:98:c4:ad:f3:
c9:14:0a:c0:b5:9c:86:87:7d:fe:70:c6:46:64:0b:
b9:61:21:22:24:77:b6:44:7c:89:40:1e:56:03:27:
b1:12:49:34:b7:34:38:e1:20:d6:28:1c:97:a4:e5:
a9:aa:3a:87:03:7e:85:46:97:32:bb:81:9b:53:b9:
3f:15:0d:80:47:1f:4b:01:5a:09:e4:ae:cf:7a:57:
c7:05:d6:8c:ce:41:40:7f:7b:bc:77:38:8a:0c:ff:
7b:a1:cc:3b:0d:d7:cd:6a:2a:37:9d:a8:b8:bf:33:
ee:b7:22:35:91:3a:b6:a6:d3:ba:9a:dd:42:c0:27:
df:02:21:5d:45:20:d8:d9:e2:da:d5:ff:1d:b4:e5:
7c:9d:68:52:e8:86:87:7f:75:05:2f:09:06:7f:f1:
e3:4e:b4:07:6e:a4:c4:74:78:89:39:c9:c3:86:f9:
ca:e8:19:57:d9:7f:b4:69:4a:e4:1f:a2:7e:ff:88:
92:76:ae:f3:cd:f5:b8:d2:e9:4e:28:90:d7:85:28:
b5:ee:2d:74:d8:2f:5e:c4:79:a1:dc:84:51:a1:8f:
35:b7:c2:68:e8:64:d6:57:1a:fb:12:d9:41:da:06:
87:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:7A:B6:D0:AD:83:8C:F5:F1:12:0C:C8:CC:A3:23:99:EE:CE:58:99
X509v3 Authority Key Identifier:
keyid:24:A9:D8:4C:6D:16:C0:83:09:3C:33:71:B4:57:5D:36:EF:44:8F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:64:6a:ce:f9:4e:69:33:98:b8:20:7a:2b:2a:89:ca:26:ae:
f7:e6:dc:30:48:cb:ba:d3:40:e7:3b:13:b0:e2:7a:ae:b8:7c:
a8:98:d0:b6:70:1c:8f:a5:86:69:d7:d1:97:e8:e7:ca:5c:b6:
96:e1:4d:23:2e:75:5e:f1:8a:e7:42:40:17:12:05:5c:78:ef:
1e:6d:c1:bf:8f:6d:1a:49:5d:e9:b3:ed:2c:25:69:af:db:3a:
49:5f:7b:8e:f4:6f:aa:3e:30:51:80:e7:28:c2:cd:41:4e:a4:
9a:9a:be:c8:d4:06:ec:37:29:31:ce:67:65:ee:c4:c4:33:33:
ac:70:d6:94:bc:5a:08:e4:1d:4d:0b:70:91:bc:85:70:80:d4:
d3:67:60:60:45:b7:59:ad:f3:f9:05:5b:42:43:71:2b:57:ca:
de:17:0c:27:bf:e4:04:17:97:58:e4:f8:d8:77:c2:e4:d3:3a:
b1:64:29:fe:b4:c9:ca:24:f4:c9:0b:af:a0:81:87:c3:ea:f2:
62:d3:59:e1:3c:a6:09:59:0d:eb:44:c2:a6:b3:44:b8:62:7e:
0c:88:99:13:85:4a:ab:61:ad:f5:e3:f4:31:c3:0a:5a:86:0f:
65:9c:3b:dd:70:00:cf:8d:4f:79:bb:18:e0:03:7b:61:5a:87:
4b:a3:1f:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXGlrDqwfsiATyLwdUEktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YTlkODRjNmQxNmMwODMwOTNjMzM3MWI0NTc1ZDM2ZWY0
NDhmZTQwHhcNMjUxMTExMTAwMDUwWhcNMjUxMTEyMTAwMDUwWjAzMTEwLwYDVQQD
Eyg3NDdhYjZkMGFkODM4Y2Y1ZjExMjBjYzhjY2EzMjM5OWVlY2U1ODk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SK9LKYjsPjw5tleBl+uC6TiqzfN
dJPYEZjErfPJFArAtZyGh33+cMZGZAu5YSEiJHe2RHyJQB5WAyexEkk0tzQ44SDW
KByXpOWpqjqHA36FRpcyu4GbU7k/FQ2ARx9LAVoJ5K7PelfHBdaMzkFAf3u8dziK
DP97ocw7DdfNaio3nai4vzPutyI1kTq2ptO6mt1CwCffAiFdRSDY2eLa1f8dtOV8
nWhS6IaHf3UFLwkGf/HjTrQHbqTEdHiJOcnDhvnK6BlX2X+0aUrkH6J+/4iSdq7z
zfW40ulOKJDXhSi17i102C9exHmh3IRRoY81t8Jo6GTWVxr7EtlB2gaHKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHR6ttCtg4z18RIMyMyjI5nuzliZMB8GA1UdIwQY
MBaAFCSp2ExtFsCDCTwzcbRXXTbvRI/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSktuWVRHMFd3SU1KUEROeHRGZGROdTlFai1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8wNWNhMWQtYzM1Ny00OGJjLTk2MDkt
NDVhNTM0ZjIyMmY0LzEvSktuWVRHMFd3SU1KUEROeHRGZGROdTlFai1RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8wNWNhMWQtYzM1Ny00OGJjLTk2MDktNDVhNTM0ZjIyMmY0
LzEvSktuWVRHMFd3SU1KUEROeHRGZGROdTlFai1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK2RqzvlO
aTOYuCB6KyqJyiau9+bcMEjLutNA5zsTsOJ6rrh8qJjQtnAcj6WGadfRl+jnyly2
luFNIy51XvGK50JAFxIFXHjvHm3Bv49tGkld6bPtLCVpr9s6SV97jvRvqj4wUYDn
KMLNQU6kmpq+yNQG7DcpMc5nZe7ExDMzrHDWlLxaCOQdTQtwkbyFcIDU02dgYEW3
Wa3z+QVbQkNxK1fK3hcMJ7/kBBeXWOT42HfC5NM6sWQp/rTJyiT0yQuvoIGHw+ry
YtNZ4TymCVkN60TCprNEuGJ+DIiZE4VKq2Gt9eP0McMKWoYPZZw73XAAz41PebsY
4AN7YVqHS6MfYQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:47:24 2025 by rpki-client