Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/ae020b-e0d7-451d-bb05-d908faf34ef8/1/JCH_to6rl-JKkGJtkEmL5-1wZvA.mft
File: JCH_to6rl-JKkGJtkEmL5-1wZvA.mft (raw, json)
Hash identifier: 3Czw7C93uxUTIgZIv/39qcSdzKnbAzJZSWFTI82X4HU=
Subject key identifier: DC:A3:58:2D:BF:64:80:0D:56:E7:39:16:4A:3E:B6:CD:05:74:38:2C
Authority key identifier: 24:21:FF:B6:8E:AB:97:E2:4A:90:62:6D:90:49:8B:E7:ED:70:66:F0
Certificate issuer: /CN=2421ffb68eab97e24a90626d90498be7ed7066f0
Certificate serial: 019D37893A43C2A00819F9CD9461C36F5FA9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JCH_to6rl-JKkGJtkEmL5-1wZvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/ae020b-e0d7-451d-bb05-d908faf34ef8/1/JCH_to6rl-JKkGJtkEmL5-1wZvA.mft
Manifest number: 188D
Signing time: Sun 29 Mar 2026 03:00:33 +0000
Manifest this update: Sun 29 Mar 2026 03:00:33 +0000
Manifest next update: Mon 30 Mar 2026 03:00:33 +0000
Files and hashes: 1: JCH_to6rl-JKkGJtkEmL5-1wZvA.crl (hash: VvXPkkmOnycVumv3rvOfUyM/4SRF5BgiqWkuHlyA5Gs=)
2: VnCUFpdYn6p9SWgBKCYPBMB_uag.roa (hash: CTE/bVTVJxivSVfHlKssz3gbLXyaKsvtaNtZL1+VzWQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/ae020b-e0d7-451d-bb05-d908faf34ef8/1/JCH_to6rl-JKkGJtkEmL5-1wZvA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/ae020b-e0d7-451d-bb05-d908faf34ef8/1/JCH_to6rl-JKkGJtkEmL5-1wZvA.mft
rsync://rpki.ripe.net/repository/DEFAULT/JCH_to6rl-JKkGJtkEmL5-1wZvA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:3a:43:c2:a0:08:19:f9:cd:94:61:c3:6f:5f:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2421ffb68eab97e24a90626d90498be7ed7066f0
Validity
Not Before: Mar 29 03:00:33 2026 GMT
Not After : Mar 30 03:00:33 2026 GMT
Subject: CN=dca3582dbf64800d56e739164a3eb6cd0574382c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d6:87:75:7c:f8:46:2b:cf:20:94:cb:ab:b6:
a0:61:b8:25:6d:ce:0d:b1:81:e7:be:cb:34:d2:4f:
6b:ff:76:aa:21:86:a3:68:ff:bb:c1:07:a9:12:d8:
fa:6d:66:84:04:61:68:03:1d:c0:c5:55:28:b0:ea:
74:71:b6:54:83:14:6d:b0:2a:b0:61:80:9b:d4:42:
8c:fe:db:75:de:82:7b:99:7a:40:fe:e8:44:bf:b7:
5b:dd:eb:47:5b:40:7b:19:4f:eb:69:c8:f3:b3:ee:
7b:0b:c7:e8:bc:7c:ed:f7:62:df:56:a6:35:2a:a5:
b8:8e:ac:bd:f8:51:99:da:de:15:fb:68:19:b9:d6:
71:c7:46:a7:f9:b1:7e:6c:fa:c4:d7:40:43:cd:74:
da:3d:20:89:7e:03:c2:21:1a:7a:24:3b:bb:f0:55:
8a:9d:a6:82:e0:cc:ac:e0:84:34:30:d5:aa:e4:cb:
11:01:76:28:b0:53:ee:f1:25:6e:fa:b5:c5:f2:7f:
30:83:04:4e:92:88:be:a4:c1:f9:34:1d:f8:7e:d6:
c8:6b:f3:5e:e6:c3:45:c5:6d:50:ea:b0:ad:53:1e:
61:a1:31:b5:65:56:09:9e:23:d0:9b:97:fa:62:66:
7b:58:64:50:64:56:1c:46:c4:80:46:49:f3:3b:57:
56:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A3:58:2D:BF:64:80:0D:56:E7:39:16:4A:3E:B6:CD:05:74:38:2C
X509v3 Authority Key Identifier:
keyid:24:21:FF:B6:8E:AB:97:E2:4A:90:62:6D:90:49:8B:E7:ED:70:66:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JCH_to6rl-JKkGJtkEmL5-1wZvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/ae020b-e0d7-451d-bb05-d908faf34ef8/1/JCH_to6rl-JKkGJtkEmL5-1wZvA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/ae020b-e0d7-451d-bb05-d908faf34ef8/1/JCH_to6rl-JKkGJtkEmL5-1wZvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ac:ad:22:e5:5f:2b:a6:30:62:cc:bf:df:52:19:a6:a4:97:ad:
b2:09:2b:d4:e3:a4:00:f2:aa:28:2d:39:1a:a3:54:4d:b7:62:
7c:6a:35:71:94:e3:25:63:e3:98:8f:56:71:50:1b:35:42:76:
43:b3:86:d5:73:a6:f7:66:81:6a:f5:81:68:ce:f6:de:42:94:
a9:d7:2c:52:8e:b8:65:b4:b6:17:ec:d7:06:b8:a7:f1:14:4a:
cf:5d:02:22:b2:f5:e5:b0:24:ae:b7:8f:25:cd:65:49:25:72:
77:5c:88:1c:98:49:5f:66:66:48:36:75:77:09:65:88:0d:b0:
c7:a8:fa:6d:f6:ca:dc:eb:22:a9:3e:15:d7:65:ce:34:b8:1b:
c5:60:c1:31:05:84:d1:a0:87:ed:97:d2:ba:22:80:fe:54:19:
a0:06:6b:2c:28:8d:e7:3c:b6:ef:2d:ad:22:3b:3a:fc:a9:07:
93:9f:1c:70:1d:c0:06:de:8f:4a:9d:e0:a2:24:a3:bc:65:c2:
2e:6c:cc:34:f8:de:cb:a3:2a:cd:96:e7:48:cc:2e:0e:98:e6:
d3:a2:c0:1d:4f:69:83:fa:9b:55:bb:5b:ab:53:13:02:ac:4c:
5d:fd:c7:e7:2b:61:cb:f0:e8:25:2e:b0:fe:cf:f8:fb:fd:c2:
4a:0f:fe:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iTpDwqAIGfnNlGHDb1+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MjFmZmI2OGVhYjk3ZTI0YTkwNjI2ZDkwNDk4YmU3ZWQ3
MDY2ZjAwHhcNMjYwMzI5MDMwMDMzWhcNMjYwMzMwMDMwMDMzWjAzMTEwLwYDVQQD
EyhkY2EzNTgyZGJmNjQ4MDBkNTZlNzM5MTY0YTNlYjZjZDA1NzQzODJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttaHdXz4RivPIJTLq7agYbglbc4N
sYHnvss00k9r/3aqIYajaP+7wQepEtj6bWaEBGFoAx3AxVUosOp0cbZUgxRtsCqw
YYCb1EKM/tt13oJ7mXpA/uhEv7db3etHW0B7GU/racjzs+57C8fovHzt92LfVqY1
KqW4jqy9+FGZ2t4V+2gZudZxx0an+bF+bPrE10BDzXTaPSCJfgPCIRp6JDu78FWK
naaC4Mys4IQ0MNWq5MsRAXYosFPu8SVu+rXF8n8wgwROkoi+pMH5NB34ftbIa/Ne
5sNFxW1Q6rCtUx5hoTG1ZVYJniPQm5f6YmZ7WGRQZFYcRsSARknzO1dWEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNyjWC2/ZIANVuc5Fko+ts0FdDgsMB8GA1UdIwQY
MBaAFCQh/7aOq5fiSpBibZBJi+ftcGbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkNIX3RvNnJsLUpLa0dKdGtFbUw1LTF3WnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hZTAyMGItZTBkNy00NTFkLWJiMDUt
ZDkwOGZhZjM0ZWY4LzEvSkNIX3RvNnJsLUpLa0dKdGtFbUw1LTF3WnZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hZTAyMGItZTBkNy00NTFkLWJiMDUtZDkwOGZhZjM0ZWY4
LzEvSkNIX3RvNnJsLUpLa0dKdGtFbUw1LTF3WnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArK0i5V8r
pjBizL/fUhmmpJetsgkr1OOkAPKqKC05GqNUTbdifGo1cZTjJWPjmI9WcVAbNUJ2
Q7OG1XOm92aBavWBaM723kKUqdcsUo64ZbS2F+zXBrin8RRKz10CIrL15bAkrreP
Jc1lSSVyd1yIHJhJX2ZmSDZ1dwlliA2wx6j6bfbK3OsiqT4V12XONLgbxWDBMQWE
0aCH7ZfSuiKA/lQZoAZrLCiN5zy27y2tIjs6/KkHk58ccB3ABt6PSp3goiSjvGXC
LmzMNPjey6MqzZbnSMwuDpjm06LAHU9pg/qbVbtbq1MTAqxMXf3H5ythy/DoJS6w
/s/4+/3CSg/+nA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:30:31 2026 by rpki-client