Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/ab8137-3753-4eca-a94e-8c2130a35016/1/JK_wO1q_sXhyXKbpD149mMumjr8.mft
File: JK_wO1q_sXhyXKbpD149mMumjr8.mft (raw, json)
Hash identifier: sGzHzGubf+sRjKS6xM862y5X+KLnRoWr5joVgSCDen8=
Subject key identifier: 7A:0C:26:42:98:31:0C:A0:BA:AB:13:15:A2:E0:85:E2:7F:13:E6:80
Authority key identifier: 24:AF:F0:3B:5A:BF:B1:78:72:5C:A6:E9:0F:5E:3D:98:CB:A6:8E:BF
Certificate issuer: /CN=24aff03b5abfb178725ca6e90f5e3d98cba68ebf
Certificate serial: 019A70DC055912F6416DB241B57774B264D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JK_wO1q_sXhyXKbpD149mMumjr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/ab8137-3753-4eca-a94e-8c2130a35016/1/JK_wO1q_sXhyXKbpD149mMumjr8.mft
Manifest number: 0821
Signing time: Tue 11 Nov 2025 03:00:58 +0000
Manifest this update: Tue 11 Nov 2025 03:00:58 +0000
Manifest next update: Wed 12 Nov 2025 03:00:58 +0000
Files and hashes: 1: JK_wO1q_sXhyXKbpD149mMumjr8.crl (hash: rDnlmyitjda8xiitkKLd8SgMVEYxub2YCZcDqgPf3gw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/ab8137-3753-4eca-a94e-8c2130a35016/1/JK_wO1q_sXhyXKbpD149mMumjr8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/ab8137-3753-4eca-a94e-8c2130a35016/1/JK_wO1q_sXhyXKbpD149mMumjr8.mft
rsync://rpki.ripe.net/repository/DEFAULT/JK_wO1q_sXhyXKbpD149mMumjr8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:05:59:12:f6:41:6d:b2:41:b5:77:74:b2:64:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24aff03b5abfb178725ca6e90f5e3d98cba68ebf
Validity
Not Before: Nov 11 03:00:58 2025 GMT
Not After : Nov 12 03:00:58 2025 GMT
Subject: CN=7a0c264298310ca0baab1315a2e085e27f13e680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:00:f9:ab:93:e8:58:af:0f:d3:85:3f:73:1f:
9e:96:7a:06:85:36:e5:70:94:48:81:50:90:63:96:
2a:3d:d1:1e:47:90:77:ed:9c:d6:c1:14:16:e5:f1:
8b:c2:07:aa:f2:1d:27:df:79:6e:98:35:5f:a6:65:
3d:68:8a:10:ac:a1:a9:ce:d8:27:f3:10:34:cf:b1:
7f:f1:65:1e:7c:f3:63:36:d4:5f:ca:5e:37:65:04:
5a:d1:df:ec:6d:d3:84:6b:29:05:db:3b:c0:14:97:
90:c5:db:85:67:8b:94:14:e7:e6:ac:98:71:eb:b8:
a7:a0:e3:24:06:23:08:8e:2e:60:d5:9c:60:06:f2:
57:18:d3:46:7c:3c:b8:13:20:a7:42:cf:9a:c9:19:
48:a4:e6:e5:1f:48:bd:01:74:a0:7e:70:0a:0b:9a:
3a:b6:9a:b3:4c:7b:58:24:86:cd:bb:5a:8a:7d:79:
dd:b9:e6:b5:48:e3:f8:8c:43:97:0e:74:ca:9f:e7:
86:2f:d4:36:67:33:bd:ff:20:2a:6a:12:bf:e4:bc:
cf:25:54:38:fc:42:91:b4:ee:3f:0a:0f:29:9d:04:
cc:6c:95:dd:07:42:43:08:4a:cd:8a:90:f6:c8:b9:
d3:eb:e8:28:85:1b:1c:c3:a5:6f:f6:9f:09:c2:a0:
6d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:0C:26:42:98:31:0C:A0:BA:AB:13:15:A2:E0:85:E2:7F:13:E6:80
X509v3 Authority Key Identifier:
keyid:24:AF:F0:3B:5A:BF:B1:78:72:5C:A6:E9:0F:5E:3D:98:CB:A6:8E:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JK_wO1q_sXhyXKbpD149mMumjr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ab8137-3753-4eca-a94e-8c2130a35016/1/JK_wO1q_sXhyXKbpD149mMumjr8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ab8137-3753-4eca-a94e-8c2130a35016/1/JK_wO1q_sXhyXKbpD149mMumjr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:14:fa:80:da:3c:9f:54:a6:b3:8a:6b:56:1a:a9:e2:2b:1a:
6a:9c:f5:1a:53:7e:0d:c5:1a:a8:6a:f7:71:50:09:a9:3f:1c:
41:fd:dd:28:32:82:ee:36:0f:48:4d:18:63:30:e2:d5:48:8d:
0c:bc:ee:0b:99:ab:ff:92:b4:52:77:1b:fc:6f:38:8b:bd:96:
7a:93:7c:6e:f3:5e:57:e9:41:f4:17:cf:54:c6:8c:3c:bc:d7:
e0:f5:8a:df:60:8c:05:4b:cd:25:07:25:44:b1:ce:32:35:c7:
9d:57:ee:65:60:cf:ec:48:24:e4:b1:3f:3d:0b:ac:9a:f4:37:
ee:26:28:f5:1d:c5:5f:55:1c:5e:b2:06:5c:d2:46:f0:e4:b6:
fc:20:0e:d6:42:95:79:0f:e6:eb:3c:62:e0:85:cc:79:75:b9:
55:14:8b:35:e6:47:ab:ff:2a:2b:47:a1:1c:90:e0:c9:4c:c4:
59:7a:a1:ee:fe:38:da:ad:60:c3:69:80:5f:64:a8:9e:91:08:
d0:05:5b:a0:03:2e:f6:86:b1:7c:e0:ee:ae:81:1e:4f:bc:74:
d4:6a:27:30:cc:1c:e7:c9:63:c6:55:b9:0f:23:87:78:ed:15:
aa:50:e5:41:94:c2:36:84:c4:80:d0:f4:e0:42:b5:96:d5:1f:
13:b1:8f:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3AVZEvZBbbJBtXd0smTVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YWZmMDNiNWFiZmIxNzg3MjVjYTZlOTBmNWUzZDk4Y2Jh
NjhlYmYwHhcNMjUxMTExMDMwMDU4WhcNMjUxMTEyMDMwMDU4WjAzMTEwLwYDVQQD
Eyg3YTBjMjY0Mjk4MzEwY2EwYmFhYjEzMTVhMmUwODVlMjdmMTNlNjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAD5q5PoWK8P04U/cx+elnoGhTbl
cJRIgVCQY5YqPdEeR5B37ZzWwRQW5fGLwgeq8h0n33lumDVfpmU9aIoQrKGpztgn
8xA0z7F/8WUefPNjNtRfyl43ZQRa0d/sbdOEaykF2zvAFJeQxduFZ4uUFOfmrJhx
67inoOMkBiMIji5g1ZxgBvJXGNNGfDy4EyCnQs+ayRlIpOblH0i9AXSgfnAKC5o6
tpqzTHtYJIbNu1qKfXnduea1SOP4jEOXDnTKn+eGL9Q2ZzO9/yAqahK/5LzPJVQ4
/EKRtO4/Cg8pnQTMbJXdB0JDCErNipD2yLnT6+gohRscw6Vv9p8JwqBtuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHoMJkKYMQyguqsTFaLgheJ/E+aAMB8GA1UdIwQY
MBaAFCSv8Dtav7F4clym6Q9ePZjLpo6/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSktfd08xcV9zWGh5WEticEQxNDltTXVtanI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hYjgxMzctMzc1My00ZWNhLWE5NGUt
OGMyMTMwYTM1MDE2LzEvSktfd08xcV9zWGh5WEticEQxNDltTXVtanI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hYjgxMzctMzc1My00ZWNhLWE5NGUtOGMyMTMwYTM1MDE2
LzEvSktfd08xcV9zWGh5WEticEQxNDltTXVtanI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUBT6gNo8
n1Sms4prVhqp4isaapz1GlN+DcUaqGr3cVAJqT8cQf3dKDKC7jYPSE0YYzDi1UiN
DLzuC5mr/5K0Uncb/G84i72WepN8bvNeV+lB9BfPVMaMPLzX4PWK32CMBUvNJQcl
RLHOMjXHnVfuZWDP7Egk5LE/PQusmvQ37iYo9R3FX1UcXrIGXNJG8OS2/CAO1kKV
eQ/m6zxi4IXMeXW5VRSLNeZHq/8qK0ehHJDgyUzEWXqh7v442q1gw2mAX2SonpEI
0AVboAMu9oaxfODuroEeT7x01GonMMwc58ljxlW5DyOHeO0VqlDlQZTCNoTEgND0
4EK1ltUfE7GPUQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:43 2025 by rpki-client