Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.mft
File: jghAgExmgMQfIehybzgLleaelEc.mft (raw, json)
Hash identifier: SFed0RhmFvPl1qy3xqViTtmqR9di/Bwdng1gzO1jZMc=
Subject key identifier: B6:97:79:3C:67:E7:01:A3:A7:97:AB:83:4A:9A:A9:56:2A:80:3E:48
Authority key identifier: 8E:08:40:80:4C:66:80:C4:1F:21:E8:72:6F:38:0B:95:E6:9E:94:47
Certificate issuer: /CN=8e0840804c6680c41f21e8726f380b95e69e9447
Certificate serial: 019936F05C26F5C8CD5312D0210F8D2E1195
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.mft
Manifest number: 0BCC
Signing time: Thu 11 Sep 2025 04:02:25 +0000
Manifest this update: Thu 11 Sep 2025 04:02:25 +0000
Manifest next update: Fri 12 Sep 2025 04:02:25 +0000
Files and hashes: 1: B_tPzlcakKiFDBacnORzzWv1yTE.roa (hash: agYbT4sj3xKKoiRvTRiMrXGnEy5N2ggal8elxJ61JUw=)
2: HtP1TmS7Jnp-rdYE-25kUdcbSF8.roa (hash: E94twRw9JlGZMbmmCttmzyXZguvpf/OPgy8FVeGF2rg=)
3: jghAgExmgMQfIehybzgLleaelEc.crl (hash: K/8DlMBBTb4Jzyjy6ErtOS9ZZ/8QoDR0Kyy3ks45IrQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.mft
rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Sep 2025 04:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:36:f0:5c:26:f5:c8:cd:53:12:d0:21:0f:8d:2e:11:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e0840804c6680c41f21e8726f380b95e69e9447
Validity
Not Before: Sep 11 04:02:25 2025 GMT
Not After : Sep 12 04:02:25 2025 GMT
Subject: CN=b697793c67e701a3a797ab834a9aa9562a803e48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:28:ac:80:8e:5a:38:53:19:28:d0:0a:2a:52:
ff:96:99:ad:89:fe:7b:c0:14:e6:90:05:3a:c9:77:
74:54:ad:38:e3:18:55:97:76:fc:34:a2:f7:8e:38:
07:55:d5:0d:f2:a4:95:2c:e7:36:67:1b:30:a2:91:
dd:f3:f8:fb:e5:4b:6d:30:ab:84:bd:17:ba:62:c8:
fb:d0:37:1d:ca:aa:e1:81:19:e9:c1:b9:59:e5:9e:
55:1b:20:35:ac:d4:84:a1:6d:60:80:1d:e8:49:25:
4a:f7:60:46:c8:0a:04:9d:2a:9f:68:2b:78:47:26:
cb:8d:fa:c3:48:64:33:a5:64:e0:e5:b8:72:45:7b:
ba:a9:0c:74:eb:2d:8f:ce:c6:4a:ce:bf:83:2e:dd:
4b:59:1f:d3:1c:ee:a7:fa:aa:35:9e:8a:75:95:3f:
1b:c9:ec:9e:04:94:ba:ed:bd:ba:60:91:2e:c7:d1:
21:df:6c:3b:fa:b5:20:c0:cb:44:6f:82:8a:a5:5d:
81:5a:31:51:b0:80:ee:6a:8c:0c:ff:e7:31:e9:3f:
7e:8d:1e:61:fd:29:a7:b1:0e:03:aa:16:7c:a7:7a:
26:0d:a5:48:0f:ca:79:d9:ec:83:d4:28:dd:9c:b3:
43:61:4b:66:f4:23:7d:80:db:f7:b4:12:59:55:12:
db:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:97:79:3C:67:E7:01:A3:A7:97:AB:83:4A:9A:A9:56:2A:80:3E:48
X509v3 Authority Key Identifier:
keyid:8E:08:40:80:4C:66:80:C4:1F:21:E8:72:6F:38:0B:95:E6:9E:94:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:e6:3f:a9:5f:92:b1:44:c8:72:72:50:12:9a:f1:f8:09:ee:
01:18:5c:51:a4:7d:66:67:f0:d7:d8:b6:1f:a0:eb:0f:eb:51:
d3:60:d7:7c:9c:57:3a:7f:bd:08:41:81:f3:49:64:68:72:2b:
65:b9:ac:79:de:fb:71:87:b9:ce:69:91:3c:ef:8a:66:bd:99:
62:6f:5a:29:f3:a2:5c:32:96:9e:0a:c8:fc:57:02:3b:87:f3:
d3:b4:57:13:ed:f4:40:da:ec:36:81:cd:30:00:b1:08:df:4a:
58:12:c6:6d:a5:e5:ee:78:8c:2c:e8:85:d4:77:07:a4:fe:84:
44:ee:d4:4b:c4:90:d8:04:81:3c:8d:d4:71:af:e6:1c:8c:6e:
3e:0e:49:5e:cc:ea:e0:da:33:d5:85:f3:3c:0f:a6:3e:91:bb:
6b:a2:3e:6f:3e:b4:b3:40:f7:5a:ae:0f:6a:5b:a3:06:ee:f5:
64:f4:e9:29:98:ba:4d:b3:46:02:ae:97:42:ba:19:89:17:f0:
56:d3:ff:db:88:a8:2b:ef:57:82:a2:a7:1e:c0:58:26:d4:f1:
91:9e:bb:86:63:d1:d6:24:4b:e6:82:d5:95:63:92:ac:bd:11:
c2:d9:e6:8c:41:3b:7d:a0:fc:83:27:cb:f6:ed:8b:bc:17:71:
4c:44:89:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk28Fwm9cjNUxLQIQ+NLhGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMDg0MDgwNGM2NjgwYzQxZjIxZTg3MjZmMzgwYjk1ZTY5
ZTk0NDcwHhcNMjUwOTExMDQwMjI1WhcNMjUwOTEyMDQwMjI1WjAzMTEwLwYDVQQD
EyhiNjk3NzkzYzY3ZTcwMWEzYTc5N2FiODM0YTlhYTk1NjJhODAzZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyisgI5aOFMZKNAKKlL/lpmtif57
wBTmkAU6yXd0VK044xhVl3b8NKL3jjgHVdUN8qSVLOc2ZxswopHd8/j75UttMKuE
vRe6Ysj70DcdyqrhgRnpwblZ5Z5VGyA1rNSEoW1ggB3oSSVK92BGyAoEnSqfaCt4
RybLjfrDSGQzpWTg5bhyRXu6qQx06y2PzsZKzr+DLt1LWR/THO6n+qo1nop1lT8b
yeyeBJS67b26YJEux9Eh32w7+rUgwMtEb4KKpV2BWjFRsIDuaowM/+cx6T9+jR5h
/SmnsQ4DqhZ8p3omDaVID8p52eyD1CjdnLNDYUtm9CN9gNv3tBJZVRLb9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLaXeTxn5wGjp5erg0qaqVYqgD5IMB8GA1UdIwQY
MBaAFI4IQIBMZoDEHyHocm84C5XmnpRHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamdoQWdFeG1nTVFmSWVoeWJ6Z0xsZWFlbEVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9jZWU1NzItMzQyMC00NWU0LTg3YjYt
YzI3OTk3NTNjODUzLzEvamdoQWdFeG1nTVFmSWVoeWJ6Z0xsZWFlbEVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9jZWU1NzItMzQyMC00NWU0LTg3YjYtYzI3OTk3NTNjODUz
LzEvamdoQWdFeG1nTVFmSWVoeWJ6Z0xsZWFlbEVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQeY/qV+S
sUTIcnJQEprx+AnuARhcUaR9Zmfw19i2H6DrD+tR02DXfJxXOn+9CEGB80lkaHIr
Zbmsed77cYe5zmmRPO+KZr2ZYm9aKfOiXDKWngrI/FcCO4fz07RXE+30QNrsNoHN
MACxCN9KWBLGbaXl7niMLOiF1HcHpP6ERO7US8SQ2ASBPI3Uca/mHIxuPg5JXszq
4Noz1YXzPA+mPpG7a6I+bz60s0D3Wq4PalujBu71ZPTpKZi6TbNGAq6XQroZiRfw
VtP/24ioK+9XgqKnHsBYJtTxkZ67hmPR1iRL5oLVlWOSrL0RwtnmjEE7faD8gyfL
9u2LvBdxTESJUA==
-----END CERTIFICATE-----
Generated at Thu Sep 11 08:37:55 2025 by rpki-client