Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft
File: JQou0RQnyhZIM4Ur1JydtT1j5js.mft (raw, json)
Hash identifier: xDuLcGD3NMF8P0CiIZEBkPVavQRAWMb1jN8/V+nqAz4=
Subject key identifier: 51:BB:58:D4:8F:C4:BE:7B:F3:24:E9:6A:BF:8C:A9:D6:5F:1E:FE:09
Authority key identifier: 25:0A:2E:D1:14:27:CA:16:48:33:85:2B:D4:9C:9D:B5:3D:63:E6:3B
Certificate issuer: /CN=250a2ed11427ca164833852bd49c9db53d63e63b
Certificate serial: 019A70DC13EBD89A390A32C9CD7266FE772E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JQou0RQnyhZIM4Ur1JydtT1j5js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft
Manifest number: 02BB
Signing time: Tue 11 Nov 2025 03:01:02 +0000
Manifest this update: Tue 11 Nov 2025 03:01:02 +0000
Manifest next update: Wed 12 Nov 2025 03:01:02 +0000
Files and hashes: 1: JQou0RQnyhZIM4Ur1JydtT1j5js.crl (hash: 2pISAdEH3d+RKpZ3CdCXnWe/qvxJUtEqJ2iVsoVMoCo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft
rsync://rpki.ripe.net/repository/DEFAULT/JQou0RQnyhZIM4Ur1JydtT1j5js.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:13:eb:d8:9a:39:0a:32:c9:cd:72:66:fe:77:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=250a2ed11427ca164833852bd49c9db53d63e63b
Validity
Not Before: Nov 11 03:01:02 2025 GMT
Not After : Nov 12 03:01:02 2025 GMT
Subject: CN=51bb58d48fc4be7bf324e96abf8ca9d65f1efe09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e0:e3:b2:e2:80:fa:b8:a2:6a:85:ba:70:da:
3e:73:40:ba:6d:28:ee:aa:32:05:69:74:fa:c0:58:
9c:73:de:0e:0c:cc:aa:c2:ec:f4:5d:97:99:a0:cf:
de:fe:91:6b:66:a1:cc:f4:af:dd:3e:fd:d5:79:21:
3f:67:ff:92:58:ac:d0:5a:42:5f:4f:50:de:02:92:
2b:ef:6c:68:ad:d2:4d:b1:96:a1:b9:5f:b4:64:58:
30:74:62:c0:7a:09:08:13:6d:ad:55:18:32:8b:00:
ff:8f:8e:5e:fe:0c:f3:9a:a9:58:ba:27:83:54:90:
c8:f1:2b:df:48:ac:7d:d0:bb:34:24:c3:5c:d0:9f:
3c:e8:4e:a5:45:4d:b3:44:19:03:8f:f9:bf:d0:18:
a2:05:0b:53:e5:dc:15:a6:76:4d:1a:9d:eb:58:5d:
f9:af:a7:ba:78:77:3b:7e:67:4c:37:81:bc:6e:1f:
6c:cc:61:91:73:3f:67:81:3d:ed:5a:f7:6a:d2:64:
8f:d0:9a:da:51:52:84:78:39:2a:fb:f0:23:42:ab:
03:59:70:0c:d0:88:a5:a0:09:4e:37:f0:d5:aa:ce:
98:06:1f:23:fe:a3:01:fa:db:25:d9:cd:6a:cd:8f:
b4:50:5f:26:8e:3a:cc:67:e6:68:44:25:3d:6b:69:
d3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:BB:58:D4:8F:C4:BE:7B:F3:24:E9:6A:BF:8C:A9:D6:5F:1E:FE:09
X509v3 Authority Key Identifier:
keyid:25:0A:2E:D1:14:27:CA:16:48:33:85:2B:D4:9C:9D:B5:3D:63:E6:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQou0RQnyhZIM4Ur1JydtT1j5js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:6f:09:bf:42:1c:29:8f:2e:f0:fe:bd:e0:ee:eb:df:dc:e6:
7c:60:c3:a6:eb:22:e0:69:1a:da:25:b2:dc:84:b1:67:6d:f8:
ee:11:0b:c0:1f:34:89:3a:76:53:41:26:d2:eb:b3:33:09:6f:
d8:57:e2:15:b2:6e:0b:31:26:d5:c4:64:bd:f7:02:22:b7:e0:
bb:93:f7:76:70:96:df:70:60:7d:7d:38:d5:1f:fa:ca:d9:22:
c2:a6:f6:47:a3:82:d5:4d:ad:04:2b:ab:79:2f:17:c1:31:a5:
9c:10:9f:dd:3b:6f:f4:d9:e5:05:02:ad:a9:79:5e:71:05:bf:
80:a9:d1:46:74:d7:0c:48:ac:c8:f8:f4:4b:cd:c8:e7:4a:18:
06:15:8f:9f:ba:64:05:4b:a0:39:a3:44:2f:18:f7:45:43:16:
2a:46:e7:9a:bc:4a:84:96:0c:e7:07:f5:4d:1f:e7:f3:26:20:
d0:d0:80:94:f5:f2:93:0c:11:06:cb:83:1f:a3:f8:de:17:83:
11:ac:31:81:ff:90:7a:24:35:49:c3:30:a8:3b:53:f9:47:fb:
59:6c:e4:79:8d:cf:a0:ac:3e:9a:34:7f:e2:24:07:b2:4e:07:
d0:cd:16:4b:8c:ed:5d:de:83:4a:50:a2:01:69:f3:0c:61:02:
bf:34:3f:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3BPr2Jo5CjLJzXJm/ncuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MGEyZWQxMTQyN2NhMTY0ODMzODUyYmQ0OWM5ZGI1M2Q2
M2U2M2IwHhcNMjUxMTExMDMwMTAyWhcNMjUxMTEyMDMwMTAyWjAzMTEwLwYDVQQD
Eyg1MWJiNThkNDhmYzRiZTdiZjMyNGU5NmFiZjhjYTlkNjVmMWVmZTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4uDjsuKA+riiaoW6cNo+c0C6bSju
qjIFaXT6wFicc94ODMyqwuz0XZeZoM/e/pFrZqHM9K/dPv3VeSE/Z/+SWKzQWkJf
T1DeApIr72xordJNsZahuV+0ZFgwdGLAegkIE22tVRgyiwD/j45e/gzzmqlYuieD
VJDI8SvfSKx90Ls0JMNc0J886E6lRU2zRBkDj/m/0BiiBQtT5dwVpnZNGp3rWF35
r6e6eHc7fmdMN4G8bh9szGGRcz9ngT3tWvdq0mSP0JraUVKEeDkq+/AjQqsDWXAM
0IiloAlON/DVqs6YBh8j/qMB+tsl2c1qzY+0UF8mjjrMZ+ZoRCU9a2nTgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFG7WNSPxL578yTpar+MqdZfHv4JMB8GA1UdIwQY
MBaAFCUKLtEUJ8oWSDOFK9ScnbU9Y+Y7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlFvdTBSUW55aFpJTTRVcjFKeWR0VDFqNWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iNDM5ZWYtMmNjNS00YTc0LWIxZWEt
NTVjNjVjNDE1YjM2LzEvSlFvdTBSUW55aFpJTTRVcjFKeWR0VDFqNWpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iNDM5ZWYtMmNjNS00YTc0LWIxZWEtNTVjNjVjNDE1YjM2
LzEvSlFvdTBSUW55aFpJTTRVcjFKeWR0VDFqNWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKm8Jv0Ic
KY8u8P694O7r39zmfGDDpusi4Gka2iWy3ISxZ2347hELwB80iTp2U0Em0uuzMwlv
2FfiFbJuCzEm1cRkvfcCIrfgu5P3dnCW33BgfX041R/6ytkiwqb2R6OC1U2tBCur
eS8XwTGlnBCf3Ttv9NnlBQKtqXlecQW/gKnRRnTXDEisyPj0S83I50oYBhWPn7pk
BUugOaNELxj3RUMWKkbnmrxKhJYM5wf1TR/n8yYg0NCAlPXykwwRBsuDH6P43heD
Eawxgf+QeiQ1ScMwqDtT+Uf7WWzkeY3PoKw+mjR/4iQHsk4H0M0WS4ztXd6DSlCi
AWnzDGECvzQ/Pg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:58:29 2025 by rpki-client