Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.mft
File: JVcuj5OxikAc_s32JYZ4OFjMXxQ.mft (raw, json)
Hash identifier: rcgHPsE/lx9OhhAliERGprMT+zVuISKfwS1UU2ygte4=
Subject key identifier: 12:88:7A:47:82:92:CE:44:E3:35:11:0E:99:C2:FB:17:43:8D:FD:6C
Authority key identifier: 25:57:2E:8F:93:B1:8A:40:1C:FE:CD:F6:25:86:78:38:58:CC:5F:14
Certificate issuer: /CN=25572e8f93b18a401cfecdf62586783858cc5f14
Certificate serial: 019D382DEEA00E0DB8FDBA94740DEADB1045
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JVcuj5OxikAc_s32JYZ4OFjMXxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 06:00:27 +0000
Manifest this update: Sun 29 Mar 2026 06:00:27 +0000
Manifest next update: Mon 30 Mar 2026 06:00:27 +0000
Files and hashes: 1: JVcuj5OxikAc_s32JYZ4OFjMXxQ.crl (hash: KcosKnRo+WspSHzro0vczQy5oR3zCo0IdrxCezvGOLM=)
2: SFUbqznmCnEJ3rKofq8VKf3iTTc.roa (hash: RPr3mwEf/YOEdxS9Rusypg0HUaq763lQcyOXM9sasq0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/JVcuj5OxikAc_s32JYZ4OFjMXxQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2d:ee:a0:0e:0d:b8:fd:ba:94:74:0d:ea:db:10:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25572e8f93b18a401cfecdf62586783858cc5f14
Validity
Not Before: Mar 29 06:00:27 2026 GMT
Not After : Mar 30 06:00:27 2026 GMT
Subject: CN=12887a478292ce44e335110e99c2fb17438dfd6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:39:a0:bf:27:83:08:45:3f:b6:f0:02:95:39:
11:12:09:a6:b3:f5:69:42:3c:c5:49:f1:58:79:3a:
36:47:c2:0c:17:85:34:1d:81:5d:e9:87:4c:65:0d:
ea:c6:17:d7:97:8f:d2:1e:f9:96:3b:c3:f6:25:a7:
c5:6e:34:2b:7b:0b:39:50:c3:74:90:d5:b4:c5:6c:
b5:07:86:b3:9f:9d:e3:2c:c8:7c:a8:29:e7:a8:13:
2b:0a:64:de:d8:a3:db:66:92:e6:ed:fe:dd:a7:5c:
42:7b:df:c6:c2:49:49:27:f8:e1:6c:38:35:a4:aa:
1c:85:43:4b:34:8b:85:58:f0:54:ff:08:ab:df:b0:
78:57:29:90:e7:bc:66:b7:b6:77:61:d9:56:eb:6c:
dd:36:96:26:89:b6:3e:bd:50:66:a1:3c:b0:6d:d3:
b6:3a:e7:3d:56:83:c8:d7:2b:46:b0:9a:51:d3:d5:
a1:27:2f:dc:a8:15:39:62:b3:50:d5:61:42:7f:39:
c1:d2:06:27:27:26:31:c6:c6:f9:1f:60:ec:ad:58:
78:84:cf:b9:c5:13:c6:e0:85:88:d4:cd:fd:f0:9f:
d9:b6:bf:0f:7d:74:78:6c:37:be:2d:5d:d6:f1:18:
c0:82:e0:81:ae:c4:84:22:6c:11:35:53:d5:aa:a0:
9e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:88:7A:47:82:92:CE:44:E3:35:11:0E:99:C2:FB:17:43:8D:FD:6C
X509v3 Authority Key Identifier:
keyid:25:57:2E:8F:93:B1:8A:40:1C:FE:CD:F6:25:86:78:38:58:CC:5F:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JVcuj5OxikAc_s32JYZ4OFjMXxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bc:dd:4c:04:43:13:b3:10:b6:47:9e:ee:72:a5:c1:68:19:c6:
20:bd:3f:a3:3d:cd:f8:96:94:50:6f:16:95:c3:bd:ab:e2:34:
33:66:1c:fa:50:af:a2:bd:69:f9:d6:79:26:6d:5a:5e:a8:0b:
27:6d:99:86:a1:85:30:bd:de:bd:92:0a:b4:5f:71:da:cb:1c:
97:67:da:c7:ad:75:71:1f:c2:18:59:ec:50:e7:db:4f:65:c2:
97:0c:63:dc:fa:1c:9c:4f:40:aa:ce:15:94:fa:48:75:f0:28:
f9:a0:15:2d:40:6c:37:80:2e:85:f5:b8:b6:60:64:60:9b:d8:
25:45:a6:11:af:0d:ab:51:de:a6:d6:bc:5d:ad:3d:2d:71:40:
ac:b4:71:3a:c5:b8:c3:c7:72:7f:b1:26:39:fa:5b:80:ab:b7:
ab:0c:4f:e3:a2:e9:66:a6:7d:2e:50:28:58:83:fe:ab:07:ac:
0e:23:dc:99:fb:18:ef:bd:d8:ee:91:92:80:51:a1:e1:40:a0:
35:ce:a2:2b:5d:01:bb:e2:d0:37:51:33:55:c6:c5:2f:83:a2:
f1:d9:20:d8:93:11:1f:bf:d1:8e:65:f7:61:36:9b:c0:dd:28:
0c:e6:4d:c0:f6:7f:a9:6e:3d:44:25:b0:b2:61:bb:44:1a:53:
af:2c:98:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Le6gDg24/bqUdA3q2xBFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NTcyZThmOTNiMThhNDAxY2ZlY2RmNjI1ODY3ODM4NThj
YzVmMTQwHhcNMjYwMzI5MDYwMDI3WhcNMjYwMzMwMDYwMDI3WjAzMTEwLwYDVQQD
EygxMjg4N2E0NzgyOTJjZTQ0ZTMzNTExMGU5OWMyZmIxNzQzOGRmZDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zmgvyeDCEU/tvAClTkREgmms/Vp
QjzFSfFYeTo2R8IMF4U0HYFd6YdMZQ3qxhfXl4/SHvmWO8P2JafFbjQrews5UMN0
kNW0xWy1B4azn53jLMh8qCnnqBMrCmTe2KPbZpLm7f7dp1xCe9/GwklJJ/jhbDg1
pKochUNLNIuFWPBU/wir37B4VymQ57xmt7Z3YdlW62zdNpYmibY+vVBmoTywbdO2
Ouc9VoPI1ytGsJpR09WhJy/cqBU5YrNQ1WFCfznB0gYnJyYxxsb5H2DsrVh4hM+5
xRPG4IWI1M398J/Ztr8PfXR4bDe+LV3W8RjAguCBrsSEImwRNVPVqqCecwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBKIekeCks5E4zURDpnC+xdDjf1sMB8GA1UdIwQY
MBaAFCVXLo+TsYpAHP7N9iWGeDhYzF8UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlZjdWo1T3hpa0FjX3MzMkpZWjRPRmpNWHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80YjFhMzUtNGE4NC00MTRiLWIwNzMt
NjZkMzVlNTI1MDM5LzEvSlZjdWo1T3hpa0FjX3MzMkpZWjRPRmpNWHhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80YjFhMzUtNGE4NC00MTRiLWIwNzMtNjZkMzVlNTI1MDM5
LzEvSlZjdWo1T3hpa0FjX3MzMkpZWjRPRmpNWHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvN1MBEMT
sxC2R57ucqXBaBnGIL0/oz3N+JaUUG8WlcO9q+I0M2Yc+lCvor1p+dZ5Jm1aXqgL
J22ZhqGFML3evZIKtF9x2sscl2fax611cR/CGFnsUOfbT2XClwxj3PocnE9Aqs4V
lPpIdfAo+aAVLUBsN4AuhfW4tmBkYJvYJUWmEa8Nq1Hepta8Xa09LXFArLRxOsW4
w8dyf7EmOfpbgKu3qwxP46LpZqZ9LlAoWIP+qwesDiPcmfsY773Y7pGSgFGh4UCg
Nc6iK10Bu+LQN1EzVcbFL4Oi8dkg2JMRH7/RjmX3YTabwN0oDOZNwPZ/qW49RCWw
smG7RBpTryyYOQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:53:50 2026 by rpki-client