Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
File: JY8HU8Azwa8JGGbQlCZFEmlspos.mft (raw, json)
Hash identifier: DeBm5hD56vajsDAZZi6+6482RgvrlZOd93pAet6f08c=
Subject key identifier: B1:AA:AF:4B:47:27:34:E1:62:7D:15:A7:76:FB:E6:B0:E7:8D:9F:75
Authority key identifier: 25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B
Certificate issuer: /CN=258f0753c033c1af091866d094264512696ca68b
Certificate serial: 0199FD6ADC27C81A1F03DF456D026629EFDE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
Manifest number: 0A2E
Signing time: Sun 19 Oct 2025 17:01:02 +0000
Manifest this update: Sun 19 Oct 2025 17:01:02 +0000
Manifest next update: Mon 20 Oct 2025 17:01:02 +0000
Files and hashes: 1: BQh7QT9BX7cTqXjHHhGh4E0jau4.roa (hash: ji+6a8qXV045VZtKjEfl6cGy7fTl7ME8scmY2gpWI2s=)
2: JY8HU8Azwa8JGGbQlCZFEmlspos.crl (hash: LkzCv60dk+o4SVOA41tABmSmpbGU56Pe79IvJwJpaDE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:6a:dc:27:c8:1a:1f:03:df:45:6d:02:66:29:ef:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=258f0753c033c1af091866d094264512696ca68b
Validity
Not Before: Oct 19 17:01:02 2025 GMT
Not After : Oct 20 17:01:02 2025 GMT
Subject: CN=b1aaaf4b472734e1627d15a776fbe6b0e78d9f75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ac:e6:d8:9f:d0:e8:5e:e4:4d:c4:02:58:ac:
85:f7:84:7c:ca:56:2b:62:9b:23:72:c8:6f:26:64:
3d:ce:75:8b:c6:eb:2f:9e:f6:96:c0:e3:bd:9a:17:
be:4c:67:90:c7:00:2e:9d:96:85:a5:75:c8:3f:a9:
2c:bb:79:8b:8e:58:ed:6a:f9:a7:99:3f:71:4e:e8:
c6:fa:9b:3f:19:4b:80:eb:38:12:97:c5:20:e8:07:
7b:07:e8:67:4f:d4:02:5f:f4:de:57:dc:85:c6:06:
6e:b5:76:76:e1:74:65:68:3d:6b:ed:8b:cf:dc:8f:
ca:66:93:05:f7:e6:56:73:b0:df:ea:6e:b0:a5:20:
f2:ed:41:da:ad:a0:1e:fd:a5:12:e8:b5:fd:e2:fa:
d5:b4:fc:4a:08:ce:44:95:16:8c:a8:53:9f:90:70:
11:78:f0:80:6b:36:61:01:06:ec:dc:32:b1:33:d0:
89:81:33:b3:b0:40:97:74:15:52:83:21:ec:5e:6c:
a3:d0:09:86:c1:0e:17:47:f9:3f:68:24:43:c8:8a:
64:8a:9b:1c:de:da:d1:0e:30:a5:de:9e:4c:34:fc:
9b:ef:98:2e:97:e9:fe:2b:a4:8f:15:f3:b0:fd:99:
3b:44:13:2e:88:b0:4b:42:fe:86:3f:58:8f:ac:d3:
fd:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:AA:AF:4B:47:27:34:E1:62:7D:15:A7:76:FB:E6:B0:E7:8D:9F:75
X509v3 Authority Key Identifier:
keyid:25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:25:04:c5:0b:83:e0:9b:b7:10:bd:2e:e4:80:9d:92:a6:8b:
b1:f1:c0:62:61:10:09:26:35:70:67:9e:5e:70:ae:f8:fc:0b:
ef:e0:14:f0:6b:02:18:da:1a:07:1c:3d:59:7c:bf:d8:6f:a4:
bb:93:73:6a:48:b8:62:16:9a:56:70:06:51:a1:4a:d9:de:09:
4f:83:49:b5:57:59:22:1f:f7:f5:44:21:74:65:64:9a:5c:ff:
95:cc:57:b7:d2:07:f1:15:50:d5:f0:14:fa:7e:af:f7:3f:ad:
cc:20:0b:36:c9:3b:73:3b:e2:cc:d2:6a:d7:49:52:d0:b0:2f:
9a:4e:95:6b:f4:5e:b7:08:32:5a:af:ec:5e:20:8f:9a:36:5a:
fd:db:9c:c0:f1:57:b5:c1:23:52:9b:92:d3:06:3f:f6:49:17:
db:95:63:03:85:b8:61:66:31:13:70:0c:e9:1e:96:ce:a4:ad:
1e:d0:90:e2:df:ef:8c:55:b3:21:5f:83:7f:9e:94:9b:93:9f:
47:10:91:4f:5c:ea:41:60:4b:49:83:3b:df:ba:41:b2:8c:c5:
1b:60:0b:58:1a:88:f7:39:af:6d:2b:13:08:8e:a8:24:21:cc:
09:65:13:c1:1a:a7:f1:88:e4:b0:f8:f5:e3:98:94:c9:42:fd:
46:d8:13:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9atwnyBofA99FbQJmKe/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OGYwNzUzYzAzM2MxYWYwOTE4NjZkMDk0MjY0NTEyNjk2
Y2E2OGIwHhcNMjUxMDE5MTcwMTAyWhcNMjUxMDIwMTcwMTAyWjAzMTEwLwYDVQQD
EyhiMWFhYWY0YjQ3MjczNGUxNjI3ZDE1YTc3NmZiZTZiMGU3OGQ5Zjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqzm2J/Q6F7kTcQCWKyF94R8ylYr
YpsjcshvJmQ9znWLxusvnvaWwOO9mhe+TGeQxwAunZaFpXXIP6ksu3mLjljtavmn
mT9xTujG+ps/GUuA6zgSl8Ug6Ad7B+hnT9QCX/TeV9yFxgZutXZ24XRlaD1r7YvP
3I/KZpMF9+ZWc7Df6m6wpSDy7UHaraAe/aUS6LX94vrVtPxKCM5ElRaMqFOfkHAR
ePCAazZhAQbs3DKxM9CJgTOzsECXdBVSgyHsXmyj0AmGwQ4XR/k/aCRDyIpkipsc
3trRDjCl3p5MNPyb75gul+n+K6SPFfOw/Zk7RBMuiLBLQv6GP1iPrNP9AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLGqr0tHJzThYn0Vp3b75rDnjZ91MB8GA1UdIwQY
MBaAFCWPB1PAM8GvCRhm0JQmRRJpbKaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQt
MmMyZjBkMjRmOTM2LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQtMmMyZjBkMjRmOTM2
LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAiUExQuD
4Ju3EL0u5ICdkqaLsfHAYmEQCSY1cGeeXnCu+PwL7+AU8GsCGNoaBxw9WXy/2G+k
u5Nzaki4YhaaVnAGUaFK2d4JT4NJtVdZIh/39UQhdGVkmlz/lcxXt9IH8RVQ1fAU
+n6v9z+tzCALNsk7czvizNJq10lS0LAvmk6Va/RetwgyWq/sXiCPmjZa/ducwPFX
tcEjUpuS0wY/9kkX25VjA4W4YWYxE3AM6R6WzqStHtCQ4t/vjFWzIV+Df56Um5Of
RxCRT1zqQWBLSYM737pBsozFG2ALWBqI9zmvbSsTCI6oJCHMCWUTwRqn8YjksPj1
45iUyUL9RtgTkA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:08:46 2025 by rpki-client