Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
File: JfgKOI5PDiZBTOq-q036hBkdgUA.mft (raw, json)
Hash identifier: 5swWIDNUTEK8RGI9DKonnq1HhFYd8xuIdSeQ3NwUMAA=
Subject key identifier: 1B:DB:9F:09:EE:B5:13:82:33:C5:00:53:70:B5:3A:D1:4F:C4:38:40
Authority key identifier: 25:F8:0A:38:8E:4F:0E:26:41:4C:EA:BE:AB:4D:FA:84:19:1D:81:40
Certificate issuer: /CN=25f80a388e4f0e26414ceabeab4dfa84191d8140
Certificate serial: 019A7226311DD6CD201FDD144B1270C57CBD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JfgKOI5PDiZBTOq-q036hBkdgUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
Manifest number: 1627
Signing time: Tue 11 Nov 2025 09:01:36 +0000
Manifest this update: Tue 11 Nov 2025 09:01:36 +0000
Manifest next update: Wed 12 Nov 2025 09:01:36 +0000
Files and hashes: 1: JfgKOI5PDiZBTOq-q036hBkdgUA.crl (hash: 3g63LtHJmCjcAfyccR5FjmQOLw9RtmvuuUwgc3hGkpc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/JfgKOI5PDiZBTOq-q036hBkdgUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:31:1d:d6:cd:20:1f:dd:14:4b:12:70:c5:7c:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25f80a388e4f0e26414ceabeab4dfa84191d8140
Validity
Not Before: Nov 11 09:01:36 2025 GMT
Not After : Nov 12 09:01:36 2025 GMT
Subject: CN=1bdb9f09eeb5138233c5005370b53ad14fc43840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:50:2b:1f:92:48:ff:3c:f3:75:9a:f7:c9:b5:
97:54:9b:c9:83:bc:df:cb:ff:72:77:cd:f0:57:8b:
7b:47:1d:99:8e:88:05:ea:b7:3e:8c:04:54:79:14:
dd:c8:30:52:cd:9e:aa:4f:e3:2a:16:41:6b:c0:ea:
49:10:37:9b:23:87:be:b7:31:59:47:78:ca:4d:80:
19:0c:20:97:70:54:39:57:5d:61:78:f9:87:b0:0a:
25:98:4a:4c:a9:14:75:6c:32:94:97:6b:0f:a3:c2:
38:4d:ad:3a:5d:45:a0:0f:1f:97:43:27:d7:d1:fa:
60:b5:4f:60:1e:93:70:e1:94:e4:05:7b:9a:63:8e:
0c:a7:87:86:d8:89:4b:df:d5:66:9c:58:f7:c8:e8:
1d:b1:a1:01:f8:f5:b4:b2:06:7e:b6:51:db:4b:0f:
36:4b:12:0f:c4:8e:7f:ea:79:7a:68:b5:bc:2b:89:
c6:39:9c:aa:5e:d4:ae:e4:06:ac:d6:ae:ba:22:3d:
7b:16:b7:b5:46:c8:49:b3:e2:b0:6d:66:3f:ee:ca:
45:df:11:27:49:8e:87:d8:4b:a9:59:d3:c6:0e:52:
50:8f:0a:fa:4c:7d:60:bd:8b:ee:2f:33:90:25:30:
ee:c3:49:57:03:a1:cb:3e:18:29:f5:bf:f4:37:2d:
69:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:DB:9F:09:EE:B5:13:82:33:C5:00:53:70:B5:3A:D1:4F:C4:38:40
X509v3 Authority Key Identifier:
keyid:25:F8:0A:38:8E:4F:0E:26:41:4C:EA:BE:AB:4D:FA:84:19:1D:81:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JfgKOI5PDiZBTOq-q036hBkdgUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:cb:01:cb:40:57:50:f9:e3:cf:ab:e4:53:8b:96:bb:c6:b0:
cf:07:d6:9d:1a:3c:6e:55:37:d9:c9:f6:06:f8:bf:10:05:af:
8a:5e:42:80:61:ec:cc:7f:1d:05:ec:56:20:fe:47:c8:aa:1f:
c8:95:1b:b8:52:e1:1a:c6:28:92:09:8c:ca:dc:86:5f:70:ad:
46:fd:70:d0:44:bd:be:0c:dc:8e:7e:d9:f9:72:30:81:4e:ac:
b7:3a:a3:b2:9a:c8:54:05:22:9a:60:ff:41:93:98:9a:b1:4c:
8e:6d:24:bd:d6:fd:ed:e9:fb:4e:7c:31:b5:db:3e:4a:a3:e0:
dc:37:62:83:3d:18:2c:0a:50:33:47:1e:30:47:f0:be:43:1a:
80:3a:94:7f:32:68:11:05:eb:b2:3f:77:23:0a:93:e3:6c:da:
89:c6:36:29:a5:f1:08:73:13:99:5b:7b:1f:19:bd:c0:4d:d6:
c8:b4:99:14:57:d8:d5:4f:1f:70:73:4e:cd:61:e3:94:f3:87:
d7:49:43:f4:1a:56:d0:2f:67:4b:6a:da:b1:2a:bb:74:ab:70:
a8:af:6a:8b:b9:8a:51:75:f9:ff:01:99:5e:11:26:5a:82:a6:
09:9b:76:12:7f:90:8e:65:89:bc:fc:f0:f4:b5:22:66:1a:2e:
f1:75:4b:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJjEd1s0gH90USxJwxXy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZjgwYTM4OGU0ZjBlMjY0MTRjZWFiZWFiNGRmYTg0MTkx
ZDgxNDAwHhcNMjUxMTExMDkwMTM2WhcNMjUxMTEyMDkwMTM2WjAzMTEwLwYDVQQD
EygxYmRiOWYwOWVlYjUxMzgyMzNjNTAwNTM3MGI1M2FkMTRmYzQzODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFArH5JI/zzzdZr3ybWXVJvJg7zf
y/9yd83wV4t7Rx2ZjogF6rc+jARUeRTdyDBSzZ6qT+MqFkFrwOpJEDebI4e+tzFZ
R3jKTYAZDCCXcFQ5V11hePmHsAolmEpMqRR1bDKUl2sPo8I4Ta06XUWgDx+XQyfX
0fpgtU9gHpNw4ZTkBXuaY44Mp4eG2IlL39VmnFj3yOgdsaEB+PW0sgZ+tlHbSw82
SxIPxI5/6nl6aLW8K4nGOZyqXtSu5Aas1q66Ij17Fre1RshJs+KwbWY/7spF3xEn
SY6H2EupWdPGDlJQjwr6TH1gvYvuLzOQJTDuw0lXA6HLPhgp9b/0Ny1p6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBvbnwnutROCM8UAU3C1OtFPxDhAMB8GA1UdIwQY
MBaAFCX4CjiOTw4mQUzqvqtN+oQZHYFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmZnS09JNVBEaVpCVE9xLXEwMzZoQmtkZ1VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yMGNmYTQtZTA4Yi00YjcwLTkzNjIt
OTdkYzdiNTM1YjFkLzEvSmZnS09JNVBEaVpCVE9xLXEwMzZoQmtkZ1VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yMGNmYTQtZTA4Yi00YjcwLTkzNjItOTdkYzdiNTM1YjFk
LzEvSmZnS09JNVBEaVpCVE9xLXEwMzZoQmtkZ1VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKssBy0BX
UPnjz6vkU4uWu8awzwfWnRo8blU32cn2Bvi/EAWvil5CgGHszH8dBexWIP5HyKof
yJUbuFLhGsYokgmMytyGX3CtRv1w0ES9vgzcjn7Z+XIwgU6stzqjsprIVAUimmD/
QZOYmrFMjm0kvdb97en7Tnwxtds+SqPg3Ddigz0YLApQM0ceMEfwvkMagDqUfzJo
EQXrsj93IwqT42zaicY2KaXxCHMTmVt7Hxm9wE3WyLSZFFfY1U8fcHNOzWHjlPOH
10lD9BpW0C9nS2rasSq7dKtwqK9qi7mKUXX5/wGZXhEmWoKmCZt2En+QjmWJvPzw
9LUiZhou8XVLwQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:24 2025 by rpki-client