Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
File: JlNDThz2kK0m1HoDs_w1qAKnm1g.mft (raw, json)
Hash identifier: p2A2fUNj6/brLhpNIbMyCucLPzhTy9IT1fxynd2OFS8=
Subject key identifier: 32:C3:A9:E6:E4:69:05:6D:E0:48:45:2B:5F:F4:17:BF:8B:CC:29:2E
Authority key identifier: 26:53:43:4E:1C:F6:90:AD:26:D4:7A:03:B3:FC:35:A8:02:A7:9B:58
Certificate issuer: /CN=2653434e1cf690ad26d47a03b3fc35a802a79b58
Certificate serial: 019A71B7DD4EC73F4833DDE30398D59AF11C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JlNDThz2kK0m1HoDs_w1qAKnm1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
Manifest number: 0A0D
Signing time: Tue 11 Nov 2025 07:01:06 +0000
Manifest this update: Tue 11 Nov 2025 07:01:06 +0000
Manifest next update: Wed 12 Nov 2025 07:01:06 +0000
Files and hashes: 1: JlNDThz2kK0m1HoDs_w1qAKnm1g.crl (hash: y7xf6WP5m5xRnWaXhKJD/K3BfhM3TFuSbEtRuIiw53g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
rsync://rpki.ripe.net/repository/DEFAULT/JlNDThz2kK0m1HoDs_w1qAKnm1g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:dd:4e:c7:3f:48:33:dd:e3:03:98:d5:9a:f1:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2653434e1cf690ad26d47a03b3fc35a802a79b58
Validity
Not Before: Nov 11 07:01:06 2025 GMT
Not After : Nov 12 07:01:06 2025 GMT
Subject: CN=32c3a9e6e469056de048452b5ff417bf8bcc292e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:67:32:bc:6b:5d:f3:cc:b8:e5:af:75:b5:33:
ee:94:b9:f6:22:80:42:6c:59:18:13:3e:6e:4e:60:
3c:b6:31:f7:16:a8:85:df:ac:ca:3f:99:07:07:f2:
c5:5a:30:3a:63:77:b7:f6:5a:9e:a7:4f:db:30:9e:
60:46:e2:c8:7d:7a:ae:83:2d:39:e5:29:aa:4e:f4:
50:b8:9f:de:60:e7:c2:d4:cd:37:80:7a:e3:8c:87:
f8:22:ee:0e:08:af:16:38:c5:52:fd:4e:ad:3e:6a:
a4:8a:f5:d1:7e:ac:1f:53:5d:0d:37:4d:26:e9:21:
91:8e:c0:38:83:2f:36:77:47:76:73:95:c4:84:c3:
d1:5b:80:fd:55:63:13:dc:89:c1:1e:09:95:d5:cf:
e9:a2:de:bc:71:21:5f:ef:e2:be:70:9f:ef:58:4d:
22:d1:2e:2a:8a:45:c4:85:20:c7:2b:a9:80:d9:b6:
b9:99:5f:ab:19:d1:c4:9f:3a:23:8a:5b:47:d7:e7:
42:78:20:de:fc:7a:4c:69:a5:05:b9:3b:67:6f:d3:
c0:7e:39:78:d9:0b:d3:eb:0f:34:40:d3:3e:c0:90:
57:d8:1c:74:05:67:5d:13:86:c3:ab:1d:da:1d:9f:
c0:65:13:4d:13:12:c4:56:21:7f:d9:8c:71:9c:15:
37:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C3:A9:E6:E4:69:05:6D:E0:48:45:2B:5F:F4:17:BF:8B:CC:29:2E
X509v3 Authority Key Identifier:
keyid:26:53:43:4E:1C:F6:90:AD:26:D4:7A:03:B3:FC:35:A8:02:A7:9B:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JlNDThz2kK0m1HoDs_w1qAKnm1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:56:a4:10:9e:be:09:88:fe:22:0f:2f:17:3b:69:30:68:6c:
79:fc:69:74:9f:b5:b3:2f:05:ce:84:71:f0:7d:a0:a6:70:fd:
44:a9:29:2d:bf:a5:43:dd:33:19:0e:ed:cd:6c:aa:f2:7e:9c:
f9:e9:16:88:5c:20:d0:67:31:17:75:88:cb:15:a9:5f:1a:a6:
1b:91:d4:6b:41:b6:46:f4:00:ee:90:3a:2d:8a:82:7a:c1:18:
8f:1d:af:94:2a:e9:cc:c1:e8:0c:de:7a:b5:83:bc:a7:49:0a:
f5:42:a7:fc:20:0a:1e:63:ac:bc:06:66:28:28:0c:75:8d:c9:
06:65:77:8e:4c:c4:41:53:e9:0c:f6:d9:99:9a:cc:42:43:a0:
8f:d0:c6:d6:4d:54:cf:76:9d:67:10:48:6e:5c:b2:1b:70:33:
3c:43:ce:dc:40:14:5b:5b:98:5f:12:f6:77:6f:a8:17:4e:0d:
29:c3:dc:8d:94:38:5d:e2:5a:c5:1a:2e:07:34:06:1d:fa:38:
87:92:a4:a2:9c:5f:d0:d8:aa:4d:ef:3f:20:3e:6f:90:0d:e0:
13:00:d9:21:d0:8a:2a:47:43:b9:5f:40:7b:90:02:87:ff:7c:
7d:ea:1d:f3:31:fc:60:f3:4f:60:98:47:35:0b:a6:95:3c:1c:
fe:27:8c:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt91Oxz9IM93jA5jVmvEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NTM0MzRlMWNmNjkwYWQyNmQ0N2EwM2IzZmMzNWE4MDJh
NzliNTgwHhcNMjUxMTExMDcwMTA2WhcNMjUxMTEyMDcwMTA2WjAzMTEwLwYDVQQD
EygzMmMzYTllNmU0NjkwNTZkZTA0ODQ1MmI1ZmY0MTdiZjhiY2MyOTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGcyvGtd88y45a91tTPulLn2IoBC
bFkYEz5uTmA8tjH3FqiF36zKP5kHB/LFWjA6Y3e39lqep0/bMJ5gRuLIfXqugy05
5SmqTvRQuJ/eYOfC1M03gHrjjIf4Iu4OCK8WOMVS/U6tPmqkivXRfqwfU10NN00m
6SGRjsA4gy82d0d2c5XEhMPRW4D9VWMT3InBHgmV1c/pot68cSFf7+K+cJ/vWE0i
0S4qikXEhSDHK6mA2ba5mV+rGdHEnzojiltH1+dCeCDe/HpMaaUFuTtnb9PAfjl4
2QvT6w80QNM+wJBX2Bx0BWddE4bDqx3aHZ/AZRNNExLEViF/2YxxnBU3kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLDqebkaQVt4EhFK1/0F7+LzCkuMB8GA1UdIwQY
MBaAFCZTQ04c9pCtJtR6A7P8NagCp5tYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmxORFRoejJrSzBtMUhvRHNfdzFxQUtubTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9jYmExY2UtZjAxZS00Zjk0LWI1YWUt
Y2JhNWQ5NzhmMzcxLzEvSmxORFRoejJrSzBtMUhvRHNfdzFxQUtubTFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9jYmExY2UtZjAxZS00Zjk0LWI1YWUtY2JhNWQ5NzhmMzcx
LzEvSmxORFRoejJrSzBtMUhvRHNfdzFxQUtubTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYFakEJ6+
CYj+Ig8vFztpMGhsefxpdJ+1sy8FzoRx8H2gpnD9RKkpLb+lQ90zGQ7tzWyq8n6c
+ekWiFwg0GcxF3WIyxWpXxqmG5HUa0G2RvQA7pA6LYqCesEYjx2vlCrpzMHoDN56
tYO8p0kK9UKn/CAKHmOsvAZmKCgMdY3JBmV3jkzEQVPpDPbZmZrMQkOgj9DG1k1U
z3adZxBIblyyG3AzPEPO3EAUW1uYXxL2d2+oF04NKcPcjZQ4XeJaxRouBzQGHfo4
h5Kkopxf0NiqTe8/ID5vkA3gEwDZIdCKKkdDuV9Ae5ACh/98feod8zH8YPNPYJhH
NQumlTwc/ieMjA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:35:49 2025 by rpki-client