Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.mft
File: jghAgExmgMQfIehybzgLleaelEc.mft (raw, json)
Hash identifier: LECNCXNp2gnEXs7vDEhkigmQZXtYzXSPKaT5RBU9hMc=
Subject key identifier: E5:EC:C9:44:2A:71:1C:8F:B1:6F:2C:E0:02:98:9A:54:9E:2C:EE:2B
Authority key identifier: 8E:08:40:80:4C:66:80:C4:1F:21:E8:72:6F:38:0B:95:E6:9E:94:47
Certificate issuer: /CN=8e0840804c6680c41f21e8726f380b95e69e9447
Certificate serial: 019A24780F4FE61677AD99B3D020926F1D7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.mft
Manifest number: 0C47
Signing time: Mon 27 Oct 2025 07:00:39 +0000
Manifest this update: Mon 27 Oct 2025 07:00:39 +0000
Manifest next update: Tue 28 Oct 2025 07:00:39 +0000
Files and hashes: 1: B_tPzlcakKiFDBacnORzzWv1yTE.roa (hash: agYbT4sj3xKKoiRvTRiMrXGnEy5N2ggal8elxJ61JUw=)
2: HtP1TmS7Jnp-rdYE-25kUdcbSF8.roa (hash: E94twRw9JlGZMbmmCttmzyXZguvpf/OPgy8FVeGF2rg=)
3: jghAgExmgMQfIehybzgLleaelEc.crl (hash: fOF3gHw0r6RK9GNDiZIzgW0thvLlTeOnw3s09pkJ8dQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.mft
rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 07:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:78:0f:4f:e6:16:77:ad:99:b3:d0:20:92:6f:1d:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e0840804c6680c41f21e8726f380b95e69e9447
Validity
Not Before: Oct 27 07:00:39 2025 GMT
Not After : Oct 28 07:00:39 2025 GMT
Subject: CN=e5ecc9442a711c8fb16f2ce002989a549e2cee2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9d:10:68:0c:0d:4c:98:7e:9f:fd:09:fb:a1:
07:73:c6:6e:10:30:59:75:78:e8:6e:16:17:b3:9d:
d1:59:43:27:b8:33:20:f3:be:44:a7:0d:93:0d:1f:
04:7d:30:a3:97:38:06:fd:d2:01:cd:11:b0:ea:0a:
36:39:1c:59:4b:69:0f:72:65:4c:ea:ea:90:c6:85:
59:7b:ff:df:c7:d4:68:5f:d3:d8:32:0b:f8:35:26:
db:27:94:63:70:1c:65:3e:cf:9e:93:68:48:4d:65:
92:61:10:f0:d6:4b:c8:60:e6:9f:9c:20:95:15:2d:
08:ee:2a:e0:d9:20:45:a0:00:aa:ae:ff:4d:01:46:
4f:47:9d:80:9d:da:4a:9d:21:ce:54:73:ba:34:19:
93:de:56:21:f3:ab:09:a7:d5:12:37:fc:5d:bc:8c:
74:0f:05:89:52:84:45:9a:36:c0:6c:42:75:33:b1:
63:aa:c2:4b:18:4f:e9:a3:98:60:d4:f8:f0:92:ca:
45:52:de:9d:53:8e:b9:ac:63:ab:5c:5d:11:50:ee:
63:54:3d:cc:11:37:19:a9:6e:5c:77:f0:96:98:2a:
20:fc:1f:63:b9:a2:e1:4c:7a:bb:fc:d9:05:5a:b0:
4c:71:02:e3:9f:68:c4:df:07:d4:ba:61:c2:1f:f4:
a4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:EC:C9:44:2A:71:1C:8F:B1:6F:2C:E0:02:98:9A:54:9E:2C:EE:2B
X509v3 Authority Key Identifier:
keyid:8E:08:40:80:4C:66:80:C4:1F:21:E8:72:6F:38:0B:95:E6:9E:94:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bc:7d:84:00:90:09:39:ea:a8:a4:82:94:d3:9e:65:b9:4f:ad:
c5:80:e9:3f:23:fb:8b:f3:c9:f9:52:27:71:30:de:c0:f6:bb:
cd:67:85:20:9c:7f:ba:8b:f1:32:17:4e:d6:d4:9e:47:41:e9:
9c:1b:03:5b:07:f2:87:7b:55:58:48:b0:98:ef:4b:27:3f:39:
b4:8b:ae:3c:7d:d7:16:9a:3e:ff:a7:46:9d:02:23:9d:24:71:
39:7a:85:24:b6:fc:9f:0f:d9:27:a1:53:75:c2:f2:e4:21:9a:
af:3e:7c:67:4a:ea:71:21:00:87:fa:22:f5:24:92:d3:dd:89:
54:f7:66:a5:45:8f:83:37:73:1e:c0:09:b5:b3:db:f7:ce:a1:
f5:a3:09:90:2d:81:e7:42:a2:da:da:db:b3:4a:20:95:a6:ec:
d3:ac:8c:f6:11:d0:ab:d0:15:39:31:c4:6b:61:8a:66:d4:af:
98:7d:2f:cf:34:02:7b:2f:b2:af:e0:ee:0f:36:5e:d9:23:7f:
6a:87:cd:08:06:22:cf:11:af:a9:49:6b:51:c6:81:04:1f:9a:
e8:9f:f3:73:c4:67:b5:c6:86:4c:71:6b:40:d8:e0:b1:e2:c1:
cd:c5:51:8c:5b:05:32:72:c6:ef:38:23:e4:91:31:6a:98:5a:
d6:f2:1b:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZokeA9P5hZ3rZmz0CCSbx16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMDg0MDgwNGM2NjgwYzQxZjIxZTg3MjZmMzgwYjk1ZTY5
ZTk0NDcwHhcNMjUxMDI3MDcwMDM5WhcNMjUxMDI4MDcwMDM5WjAzMTEwLwYDVQQD
EyhlNWVjYzk0NDJhNzExYzhmYjE2ZjJjZTAwMjk4OWE1NDllMmNlZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZ0QaAwNTJh+n/0J+6EHc8ZuEDBZ
dXjobhYXs53RWUMnuDMg875Epw2TDR8EfTCjlzgG/dIBzRGw6go2ORxZS2kPcmVM
6uqQxoVZe//fx9RoX9PYMgv4NSbbJ5RjcBxlPs+ek2hITWWSYRDw1kvIYOafnCCV
FS0I7irg2SBFoACqrv9NAUZPR52AndpKnSHOVHO6NBmT3lYh86sJp9USN/xdvIx0
DwWJUoRFmjbAbEJ1M7FjqsJLGE/po5hg1PjwkspFUt6dU465rGOrXF0RUO5jVD3M
ETcZqW5cd/CWmCog/B9juaLhTHq7/NkFWrBMcQLjn2jE3wfUumHCH/SkBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOXsyUQqcRyPsW8s4AKYmlSeLO4rMB8GA1UdIwQY
MBaAFI4IQIBMZoDEHyHocm84C5XmnpRHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamdoQWdFeG1nTVFmSWVoeWJ6Z0xsZWFlbEVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9jZWU1NzItMzQyMC00NWU0LTg3YjYt
YzI3OTk3NTNjODUzLzEvamdoQWdFeG1nTVFmSWVoeWJ6Z0xsZWFlbEVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9jZWU1NzItMzQyMC00NWU0LTg3YjYtYzI3OTk3NTNjODUz
LzEvamdoQWdFeG1nTVFmSWVoeWJ6Z0xsZWFlbEVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvH2EAJAJ
OeqopIKU055luU+txYDpPyP7i/PJ+VIncTDewPa7zWeFIJx/uovxMhdO1tSeR0Hp
nBsDWwfyh3tVWEiwmO9LJz85tIuuPH3XFpo+/6dGnQIjnSRxOXqFJLb8nw/ZJ6FT
dcLy5CGarz58Z0rqcSEAh/oi9SSS092JVPdmpUWPgzdzHsAJtbPb986h9aMJkC2B
50Ki2trbs0oglabs06yM9hHQq9AVOTHEa2GKZtSvmH0vzzQCey+yr+DuDzZe2SN/
aofNCAYizxGvqUlrUcaBBB+a6J/zc8RntcaGTHFrQNjgseLBzcVRjFsFMnLG7zgj
5JExapha1vIbpw==
-----END CERTIFICATE-----
Generated at Mon Oct 27 15:06:01 2025 by rpki-client