Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.mft
File: JVcuj5OxikAc_s32JYZ4OFjMXxQ.mft (raw, json)
Hash identifier: Wy1+v43e95itnUdHrNv+/nbEncbhHt0LQdkMG8uCmvc=
Subject key identifier: 64:CB:9E:7F:64:0C:E6:B5:50:54:F8:44:86:86:E2:EC:90:13:C7:43
Authority key identifier: 25:57:2E:8F:93:B1:8A:40:1C:FE:CD:F6:25:86:78:38:58:CC:5F:14
Certificate issuer: /CN=25572e8f93b18a401cfecdf62586783858cc5f14
Certificate serial: 019A72CA6887DA99D4C9F1F47995540C2A9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JVcuj5OxikAc_s32JYZ4OFjMXxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 12:00:58 +0000
Manifest this update: Tue 11 Nov 2025 12:00:58 +0000
Manifest next update: Wed 12 Nov 2025 12:00:58 +0000
Files and hashes: 1: DTLOnLZIHhlPP7pvWpWEUTLWHQg.roa (hash: QLz4ZYz1buP6/UJvo5YrZ+4VolEyE3vVmr+8wwogqDA=)
2: JVcuj5OxikAc_s32JYZ4OFjMXxQ.crl (hash: kYtQE60xnxXQfXPB8203KNrfEOclaPijpLDfrHcNuho=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/JVcuj5OxikAc_s32JYZ4OFjMXxQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:68:87:da:99:d4:c9:f1:f4:79:95:54:0c:2a:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25572e8f93b18a401cfecdf62586783858cc5f14
Validity
Not Before: Nov 11 12:00:58 2025 GMT
Not After : Nov 12 12:00:58 2025 GMT
Subject: CN=64cb9e7f640ce6b55054f8448686e2ec9013c743
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7d:76:00:be:cb:89:72:b8:db:37:db:3c:02:
e5:aa:a1:66:17:12:47:e3:27:bb:0a:08:0f:23:db:
3e:ec:5b:a0:6d:a8:8f:5f:67:a1:6c:6b:01:09:b7:
57:0c:1b:44:86:51:8b:15:20:aa:8b:da:2b:a7:35:
6e:a0:8f:7d:49:9a:96:43:0a:2e:5b:03:53:24:b5:
87:53:78:98:d4:f9:8b:0d:50:c3:e7:6d:24:3e:4a:
c5:ab:1f:16:1e:41:a5:9a:3a:86:15:c0:45:82:76:
aa:a9:d9:34:2e:9c:e0:4a:76:c1:f4:9f:62:eb:b5:
b8:c5:f9:ea:39:dc:34:a0:40:63:29:b3:f0:ce:58:
86:49:98:ac:ef:c6:ae:4e:66:56:c3:75:82:1a:cb:
db:c5:d2:f9:20:d9:37:7d:81:76:48:2d:97:5a:c1:
f2:39:29:95:a1:0e:3e:de:81:de:7e:75:d7:7c:fe:
b5:27:41:a7:fc:6c:6b:0c:7b:5c:b6:e3:82:71:f5:
4c:ac:5f:f5:78:af:5d:7d:2a:47:bd:b7:66:ea:15:
6d:88:21:28:68:f9:20:28:dd:63:34:01:05:2d:88:
d2:dc:d7:7b:c3:1d:45:51:17:0f:c8:2e:e4:b1:d0:
20:ad:50:0e:61:c1:c3:fe:50:05:a6:06:a6:fb:ee:
8e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:CB:9E:7F:64:0C:E6:B5:50:54:F8:44:86:86:E2:EC:90:13:C7:43
X509v3 Authority Key Identifier:
keyid:25:57:2E:8F:93:B1:8A:40:1C:FE:CD:F6:25:86:78:38:58:CC:5F:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JVcuj5OxikAc_s32JYZ4OFjMXxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:42:84:bf:ef:ad:32:e3:d8:05:b8:cc:21:2f:3a:d0:eb:6b:
5d:4e:f6:24:bd:f6:ac:10:9e:ab:66:1e:ac:86:bc:3d:16:b4:
4c:be:b5:ba:f9:30:9c:6f:02:b7:77:59:c9:a0:b3:ac:b6:63:
03:6a:5b:af:60:1e:b9:37:8e:9c:4a:59:ab:a7:bc:d5:df:95:
e7:cd:fc:d9:53:72:35:7d:61:e6:8c:94:2e:e1:32:ec:cc:ee:
55:f0:b0:c4:ac:42:b7:99:8e:9a:b1:02:a1:82:ed:67:15:ba:
10:c2:2d:ba:e6:01:f4:eb:17:d3:cd:20:96:91:77:f6:04:42:
66:dc:6e:b0:2f:b4:cf:98:d9:41:a4:0a:ab:58:af:12:b6:5d:
e9:e0:c0:c1:83:e3:19:86:e7:c0:b1:00:3f:f4:6b:35:2b:3b:
6c:30:c6:04:e2:10:82:c4:16:9b:3b:87:06:98:dc:a9:12:aa:
50:19:dd:5b:53:4c:b4:52:26:40:90:7e:64:1e:8d:9a:dc:25:
90:e9:6c:6e:b9:3a:ea:3d:64:51:2a:55:83:f6:cb:5b:1d:73:
2d:ab:e7:f6:64:3c:6a:80:48:c7:8f:52:f5:e4:68:85:65:01:
8a:82:e2:5d:6d:f9:ee:d8:87:03:5f:04:1a:85:0d:a5:da:1e:
b6:49:b7:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyymiH2pnUyfH0eZVUDCqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NTcyZThmOTNiMThhNDAxY2ZlY2RmNjI1ODY3ODM4NThj
YzVmMTQwHhcNMjUxMTExMTIwMDU4WhcNMjUxMTEyMTIwMDU4WjAzMTEwLwYDVQQD
Eyg2NGNiOWU3ZjY0MGNlNmI1NTA1NGY4NDQ4Njg2ZTJlYzkwMTNjNzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH12AL7LiXK42zfbPALlqqFmFxJH
4ye7CggPI9s+7FugbaiPX2ehbGsBCbdXDBtEhlGLFSCqi9orpzVuoI99SZqWQwou
WwNTJLWHU3iY1PmLDVDD520kPkrFqx8WHkGlmjqGFcBFgnaqqdk0LpzgSnbB9J9i
67W4xfnqOdw0oEBjKbPwzliGSZis78auTmZWw3WCGsvbxdL5INk3fYF2SC2XWsHy
OSmVoQ4+3oHefnXXfP61J0Gn/GxrDHtctuOCcfVMrF/1eK9dfSpHvbdm6hVtiCEo
aPkgKN1jNAEFLYjS3Nd7wx1FURcPyC7ksdAgrVAOYcHD/lAFpgam++6OWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGTLnn9kDOa1UFT4RIaG4uyQE8dDMB8GA1UdIwQY
MBaAFCVXLo+TsYpAHP7N9iWGeDhYzF8UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlZjdWo1T3hpa0FjX3MzMkpZWjRPRmpNWHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80YjFhMzUtNGE4NC00MTRiLWIwNzMt
NjZkMzVlNTI1MDM5LzEvSlZjdWo1T3hpa0FjX3MzMkpZWjRPRmpNWHhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80YjFhMzUtNGE4NC00MTRiLWIwNzMtNjZkMzVlNTI1MDM5
LzEvSlZjdWo1T3hpa0FjX3MzMkpZWjRPRmpNWHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA0KEv++t
MuPYBbjMIS860OtrXU72JL32rBCeq2YerIa8PRa0TL61uvkwnG8Ct3dZyaCzrLZj
A2pbr2AeuTeOnEpZq6e81d+V58382VNyNX1h5oyULuEy7MzuVfCwxKxCt5mOmrEC
oYLtZxW6EMItuuYB9OsX080glpF39gRCZtxusC+0z5jZQaQKq1ivErZd6eDAwYPj
GYbnwLEAP/RrNSs7bDDGBOIQgsQWmzuHBpjcqRKqUBndW1NMtFImQJB+ZB6Nmtwl
kOlsbrk66j1kUSpVg/bLWx1zLavn9mQ8aoBIx49S9eRohWUBioLiXW357tiHA18E
GoUNpdoetkm3LQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:36:51 2025 by rpki-client