Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
File: jHFLbLK61OdjmoqicQKPWqG8asI.mft (raw, json)
Hash identifier: +pbH3cy+kDGCqcvVSU+jpiBlovGyd2eOjATsi/rvXuU=
Subject key identifier: 1D:19:96:84:B3:C8:19:0E:BC:43:3B:18:85:F9:DD:11:8D:D7:5E:63
Authority key identifier: 8C:71:4B:6C:B2:BA:D4:E7:63:9A:8A:A2:71:02:8F:5A:A1:BC:6A:C2
Certificate issuer: /CN=8c714b6cb2bad4e7639a8aa271028f5aa1bc6ac2
Certificate serial: 019A725CFFC001A057A40212B7BDD080688C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
Manifest number: 06D1
Signing time: Tue 11 Nov 2025 10:01:28 +0000
Manifest this update: Tue 11 Nov 2025 10:01:28 +0000
Manifest next update: Wed 12 Nov 2025 10:01:28 +0000
Files and hashes: 1: 4SJUH7W4ejICjEKktk38NQNcB4Q.roa (hash: 2qwbbCMLxypAlAiGN2fpQYPHWTBbWd8fpkq/6FE+imI=)
2: jHFLbLK61OdjmoqicQKPWqG8asI.crl (hash: CJYuhcoATlL9TrlYZWLzl6LgazAs/kHTzo6b/PgwgZc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:ff:c0:01:a0:57:a4:02:12:b7:bd:d0:80:68:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c714b6cb2bad4e7639a8aa271028f5aa1bc6ac2
Validity
Not Before: Nov 11 10:01:28 2025 GMT
Not After : Nov 12 10:01:28 2025 GMT
Subject: CN=1d199684b3c8190ebc433b1885f9dd118dd75e63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:94:de:1c:b3:c5:a1:41:d2:9d:42:3f:18:ce:
ab:45:20:78:52:41:57:62:ff:10:d2:6f:39:f3:89:
1a:ef:67:71:cc:6c:0e:89:4e:4f:ef:1a:22:d8:cb:
b2:c0:a5:89:88:18:51:ce:2e:7b:52:35:4f:dc:ac:
08:c1:4f:e5:f6:bd:bd:3b:3b:98:fa:22:ad:52:4d:
18:9d:43:1d:4d:a4:4e:50:35:20:68:de:5a:2e:fc:
8f:f0:4e:35:0f:e1:fe:67:0f:57:97:07:ee:6c:e4:
01:6c:86:95:c7:1d:2f:6c:66:4e:54:c8:db:ec:20:
39:a3:b9:69:8e:1d:1c:a4:d9:4c:5e:01:aa:b3:f5:
bc:d6:f0:bf:dc:27:14:9e:b9:24:e0:d2:de:7f:e8:
e0:92:33:27:b7:3b:40:91:09:88:a5:39:a3:04:6d:
99:54:e0:81:2b:1f:df:ac:76:48:ce:42:fa:ed:db:
be:a9:dd:31:fc:59:f2:47:a3:e5:35:50:f7:91:a6:
a0:97:df:0a:11:e8:f8:f1:f5:a5:b1:7d:d3:21:9c:
38:80:af:41:4d:3e:14:bd:6f:e7:e6:47:5c:18:1e:
89:c1:f2:a6:a1:81:ae:2f:c2:57:d5:c6:4d:d5:d1:
5e:12:ef:b3:74:a2:b3:0a:5c:82:b2:67:f0:01:0e:
31:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:19:96:84:B3:C8:19:0E:BC:43:3B:18:85:F9:DD:11:8D:D7:5E:63
X509v3 Authority Key Identifier:
keyid:8C:71:4B:6C:B2:BA:D4:E7:63:9A:8A:A2:71:02:8F:5A:A1:BC:6A:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:95:ef:5b:a8:f3:01:42:eb:c9:c9:bd:64:c5:b5:de:04:83:
56:5a:b2:68:b4:17:a7:71:eb:7a:6a:22:a2:7f:ca:6e:f2:e4:
3f:21:c9:79:43:f0:1a:d4:dd:be:41:ff:ae:a4:d6:bd:27:ab:
85:f9:00:91:7a:ff:1b:13:25:e3:c8:b5:aa:c0:02:58:c2:79:
06:1a:b7:fd:18:5e:b6:25:4a:c5:b9:90:01:2b:d4:c6:b0:bd:
f0:d6:49:e6:13:d1:40:61:ed:04:be:b4:ad:8d:c5:8c:5e:9e:
81:ec:c8:4b:07:20:69:a5:1a:5f:3d:7a:7c:57:4d:03:e1:64:
4d:7b:c5:65:ac:71:f5:91:8d:04:7d:51:55:97:a9:aa:fd:bd:
2d:c9:7e:e0:2f:bd:93:e1:a8:c9:41:e8:81:17:6b:c6:c1:55:
fe:e3:a9:8d:5d:57:9f:fd:a2:04:ca:5d:d2:ef:9b:26:e2:75:
92:a2:20:4c:0f:13:2c:13:52:f1:96:aa:01:ec:cd:49:3a:36:
39:fe:ae:5b:d7:ae:f9:90:33:cf:97:18:fc:28:dd:14:f2:e5:
3d:47:fa:7c:54:09:ad:2a:1e:fd:fa:22:19:1a:d6:fb:de:12:
c9:90:ef:32:e5:3d:f5:7f:5c:72:ed:c4:75:e8:64:4f:23:63:
d2:be:3d:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXP/AAaBXpAISt73QgGiMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNzE0YjZjYjJiYWQ0ZTc2MzlhOGFhMjcxMDI4ZjVhYTFi
YzZhYzIwHhcNMjUxMTExMTAwMTI4WhcNMjUxMTEyMTAwMTI4WjAzMTEwLwYDVQQD
EygxZDE5OTY4NGIzYzgxOTBlYmM0MzNiMTg4NWY5ZGQxMThkZDc1ZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JTeHLPFoUHSnUI/GM6rRSB4UkFX
Yv8Q0m8584ka72dxzGwOiU5P7xoi2MuywKWJiBhRzi57UjVP3KwIwU/l9r29OzuY
+iKtUk0YnUMdTaROUDUgaN5aLvyP8E41D+H+Zw9XlwfubOQBbIaVxx0vbGZOVMjb
7CA5o7lpjh0cpNlMXgGqs/W81vC/3CcUnrkk4NLef+jgkjMntztAkQmIpTmjBG2Z
VOCBKx/frHZIzkL67du+qd0x/FnyR6PlNVD3kaagl98KEej48fWlsX3TIZw4gK9B
TT4UvW/n5kdcGB6JwfKmoYGuL8JX1cZN1dFeEu+zdKKzClyCsmfwAQ4xLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB0ZloSzyBkOvEM7GIX53RGN115jMB8GA1UdIwQY
MBaAFIxxS2yyutTnY5qKonECj1qhvGrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8wMmE4ZDYtOTE1OC00YWViLWE3NTAt
Nzg3NTNhMTA0MjI2LzEvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8wMmE4ZDYtOTE1OC00YWViLWE3NTAtNzg3NTNhMTA0MjI2
LzEvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgJXvW6jz
AULrycm9ZMW13gSDVlqyaLQXp3Hremoion/KbvLkPyHJeUPwGtTdvkH/rqTWvSer
hfkAkXr/GxMl48i1qsACWMJ5Bhq3/RhetiVKxbmQASvUxrC98NZJ5hPRQGHtBL60
rY3FjF6egezISwcgaaUaXz16fFdNA+FkTXvFZaxx9ZGNBH1RVZepqv29Lcl+4C+9
k+GoyUHogRdrxsFV/uOpjV1Xn/2iBMpd0u+bJuJ1kqIgTA8TLBNS8ZaqAezNSTo2
Of6uW9eu+ZAzz5cY/CjdFPLlPUf6fFQJrSoe/foiGRrW+94SyZDvMuU99X9ccu3E
dehkTyNj0r49Pg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:34:03 2025 by rpki-client