Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.mft
File: jghAgExmgMQfIehybzgLleaelEc.mft (raw, json)
Hash identifier: u2VIGMw7vOPPu0ssizuoQZuxQMOfV+tbIiuEb3v1Aqc=
Subject key identifier: 38:DF:71:65:87:4C:1A:3B:99:80:30:53:F7:6D:F9:FC:5F:84:5A:2B
Authority key identifier: 8E:08:40:80:4C:66:80:C4:1F:21:E8:72:6F:38:0B:95:E6:9E:94:47
Certificate issuer: /CN=8e0840804c6680c41f21e8726f380b95e69e9447
Certificate serial: 0197488CEF99B16E45C3DE808D32D0E83572
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.mft
Manifest number: 0ACC
Signing time: Sat 07 Jun 2025 04:01:25 +0000
Manifest this update: Sat 07 Jun 2025 04:01:25 +0000
Manifest next update: Sun 08 Jun 2025 04:01:25 +0000
Files and hashes: 1: B_tPzlcakKiFDBacnORzzWv1yTE.roa (hash: agYbT4sj3xKKoiRvTRiMrXGnEy5N2ggal8elxJ61JUw=)
2: HtP1TmS7Jnp-rdYE-25kUdcbSF8.roa (hash: E94twRw9JlGZMbmmCttmzyXZguvpf/OPgy8FVeGF2rg=)
3: jghAgExmgMQfIehybzgLleaelEc.crl (hash: 0pW2dVU8OQ9oOSLou5MtDvZXEctoJ7EaburOSMXhX7k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.mft
rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:48:8c:ef:99:b1:6e:45:c3:de:80:8d:32:d0:e8:35:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e0840804c6680c41f21e8726f380b95e69e9447
Validity
Not Before: Jun 7 04:01:25 2025 GMT
Not After : Jun 8 04:01:25 2025 GMT
Subject: CN=38df7165874c1a3b99803053f76df9fc5f845a2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:7a:37:88:a6:0f:6a:da:fa:b7:3f:50:ae:da:
d8:07:f2:54:ca:40:b1:80:ed:a2:7c:e4:b7:83:0f:
a7:25:fc:24:b0:84:4e:23:b3:52:82:1c:07:ff:fb:
be:f4:a6:c7:1a:15:4f:0f:ba:42:fb:f4:90:c1:4f:
13:34:6d:46:da:65:e7:2a:d8:74:88:c2:fe:33:10:
1b:fe:70:98:91:4f:0c:07:cd:3f:f1:fa:6c:44:b5:
16:66:a3:a6:ed:33:67:24:c2:54:01:16:b9:4d:47:
d1:21:60:9a:4f:76:bd:a0:d9:8a:c8:60:db:09:f1:
7c:27:64:23:a3:be:8e:a2:8c:f1:a9:f1:1f:00:bb:
d7:8b:be:cc:c4:c2:f4:45:67:6f:5c:03:86:aa:43:
4a:69:76:da:ef:f9:3d:88:55:07:83:36:e8:b2:fd:
69:54:35:66:d6:e8:ed:87:50:72:09:6b:cb:9f:0c:
04:44:02:22:fa:f1:54:e4:e6:89:13:ee:62:70:6a:
00:47:dd:4d:f2:5c:76:43:a2:4f:70:ad:48:0a:3d:
43:3c:44:69:81:00:88:79:82:6c:4e:c2:2a:b3:07:
d5:3a:93:65:19:cb:c8:cc:4c:8a:4d:32:f7:5d:86:
30:e1:ab:a9:7e:6f:f9:e6:15:d7:b2:f8:89:4a:28:
5f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:DF:71:65:87:4C:1A:3B:99:80:30:53:F7:6D:F9:FC:5F:84:5A:2B
X509v3 Authority Key Identifier:
keyid:8E:08:40:80:4C:66:80:C4:1F:21:E8:72:6F:38:0B:95:E6:9E:94:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:6b:9b:b1:d5:f9:f1:f3:69:b4:0e:af:4d:16:43:a0:13:74:
47:a6:27:47:80:a7:64:7d:b6:d8:69:18:f9:af:06:95:a4:57:
61:d1:2c:f0:66:aa:ad:77:fe:13:86:b0:80:bf:99:c1:00:53:
1e:91:20:74:0b:32:4b:36:6d:08:df:cd:7d:a8:35:d0:76:7d:
51:a0:b3:28:f7:4b:9d:72:97:32:70:2b:7c:87:73:03:51:97:
a4:bc:4b:3f:c4:70:78:e5:c7:67:6c:ca:a3:9d:3b:44:5c:e3:
f1:1e:a4:fb:7f:8a:26:da:7b:87:7d:d3:37:1c:24:cb:72:ae:
70:c2:58:ac:9f:ea:4f:62:2b:46:45:b2:a8:44:4d:9a:7d:d1:
5c:3a:7a:84:85:92:1c:31:6f:9a:c4:a8:97:c6:ff:15:63:ae:
05:da:49:a7:14:4c:4d:c1:73:6a:e5:fb:37:4e:49:5e:76:06:
f2:a4:96:f9:cf:f8:7c:c8:95:50:40:d2:08:c3:5f:30:d7:f6:
30:75:66:82:1d:a5:83:bd:d3:5f:3a:3d:96:12:43:10:f3:7c:
9e:f2:5c:f9:d5:a1:13:08:0f:36:ae:ba:f1:34:ed:13:fd:18:
db:18:3c:3f:14:99:54:94:3d:df:97:70:9e:77:45:f4:5d:8d:
28:7d:f3:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjO+ZsW5Fw96AjTLQ6DVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMDg0MDgwNGM2NjgwYzQxZjIxZTg3MjZmMzgwYjk1ZTY5
ZTk0NDcwHhcNMjUwNjA3MDQwMTI1WhcNMjUwNjA4MDQwMTI1WjAzMTEwLwYDVQQD
EygzOGRmNzE2NTg3NGMxYTNiOTk4MDMwNTNmNzZkZjlmYzVmODQ1YTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0no3iKYPatr6tz9QrtrYB/JUykCx
gO2ifOS3gw+nJfwksIROI7NSghwH//u+9KbHGhVPD7pC+/SQwU8TNG1G2mXnKth0
iML+MxAb/nCYkU8MB80/8fpsRLUWZqOm7TNnJMJUARa5TUfRIWCaT3a9oNmKyGDb
CfF8J2Qjo76OoozxqfEfALvXi77MxML0RWdvXAOGqkNKaXba7/k9iFUHgzbosv1p
VDVm1ujth1ByCWvLnwwERAIi+vFU5OaJE+5icGoAR91N8lx2Q6JPcK1ICj1DPERp
gQCIeYJsTsIqswfVOpNlGcvIzEyKTTL3XYYw4aupfm/55hXXsviJSihfOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDjfcWWHTBo7mYAwU/dt+fxfhForMB8GA1UdIwQY
MBaAFI4IQIBMZoDEHyHocm84C5XmnpRHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamdoQWdFeG1nTVFmSWVoeWJ6Z0xsZWFlbEVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9jZWU1NzItMzQyMC00NWU0LTg3YjYt
YzI3OTk3NTNjODUzLzEvamdoQWdFeG1nTVFmSWVoeWJ6Z0xsZWFlbEVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9jZWU1NzItMzQyMC00NWU0LTg3YjYtYzI3OTk3NTNjODUz
LzEvamdoQWdFeG1nTVFmSWVoeWJ6Z0xsZWFlbEVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH2ubsdX5
8fNptA6vTRZDoBN0R6YnR4CnZH222GkY+a8GlaRXYdEs8GaqrXf+E4awgL+ZwQBT
HpEgdAsySzZtCN/Nfag10HZ9UaCzKPdLnXKXMnArfIdzA1GXpLxLP8RweOXHZ2zK
o507RFzj8R6k+3+KJtp7h33TNxwky3KucMJYrJ/qT2IrRkWyqERNmn3RXDp6hIWS
HDFvmsSol8b/FWOuBdpJpxRMTcFzauX7N05JXnYG8qSW+c/4fMiVUEDSCMNfMNf2
MHVmgh2lg73TXzo9lhJDEPN8nvJc+dWhEwgPNq668TTtE/0Y2xg8PxSZVJQ935dw
nndF9F2NKH3zvw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:33:47 2025 by rpki-client