Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft
File: jrsOsZ53d9cDgAD2wS053tEgQkI.mft (raw, json)
Hash identifier: +CZWR8nwZeD0NQfbPQzFre3WbMXIN+Tb5RFxjiFvqiM=
Subject key identifier: 34:4F:5E:6C:26:41:E3:67:47:30:73:C0:66:49:52:B4:18:8B:14:02
Authority key identifier: 8E:BB:0E:B1:9E:77:77:D7:03:80:00:F6:C1:2D:39:DE:D1:20:42:42
Certificate issuer: /CN=8ebb0eb19e7777d7038000f6c12d39ded1204242
Certificate serial: 019A4D05E61DC5B189EA9FD936FC9BA3C564
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft
Manifest number: 0D46
Signing time: Tue 04 Nov 2025 04:00:23 +0000
Manifest this update: Tue 04 Nov 2025 04:00:23 +0000
Manifest next update: Wed 05 Nov 2025 04:00:23 +0000
Files and hashes: 1: 68-2o2gnqeFje-83JI2NL7vcFCs.roa (hash: 5XT1BGaZiWzYIBY9EJMQdD9z2CvFYvirF/G5S8/gceM=)
2: jrsOsZ53d9cDgAD2wS053tEgQkI.crl (hash: oX2b6Sr+LWkjSKEi67w0sgA/TLiZZRDA0rTVNvYUixs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft
rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 04:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:05:e6:1d:c5:b1:89:ea:9f:d9:36:fc:9b:a3:c5:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ebb0eb19e7777d7038000f6c12d39ded1204242
Validity
Not Before: Nov 4 04:00:23 2025 GMT
Not After : Nov 5 04:00:23 2025 GMT
Subject: CN=344f5e6c2641e367473073c0664952b4188b1402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ea:7b:b5:50:f2:c3:f5:12:f9:bf:64:e8:66:
b0:1f:cf:10:cc:28:41:b8:78:7e:2f:65:51:a1:3d:
cb:0c:c0:16:e6:00:5b:2b:11:fa:d3:33:20:b9:f3:
51:d1:ef:30:88:7d:a7:a6:de:fc:d3:8c:e8:38:bf:
4f:22:c4:1e:07:9e:1b:28:24:03:c8:61:c9:7e:76:
77:95:f5:e3:7f:f1:49:8e:e2:f8:01:62:87:0b:d0:
ba:2f:5f:a1:9e:d8:c0:c9:4b:97:13:26:2a:eb:0c:
19:f9:27:5d:77:9b:94:3f:0f:ce:7d:37:37:c2:c3:
4b:89:5e:57:d3:3d:ba:75:ec:ba:c0:91:c9:b1:9c:
26:67:8d:11:c8:15:58:b5:e9:02:67:d9:ef:fe:37:
1e:0a:40:95:2c:ad:75:3a:6e:e7:c4:e0:37:73:58:
c8:8a:f5:5b:69:58:48:2a:8c:d2:ab:8d:94:de:26:
79:d1:26:14:8f:ea:a8:d1:6f:94:19:5d:43:ad:5f:
63:9c:20:8c:62:37:e3:1b:1d:ab:34:f9:7a:e1:88:
d2:97:37:dd:7b:bd:fe:50:19:46:8f:32:e6:0a:a0:
24:16:bb:05:60:14:6e:3d:03:fc:0f:f3:da:19:21:
fe:23:f8:68:4e:18:5a:79:d4:3c:17:e2:0e:58:a4:
a7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:4F:5E:6C:26:41:E3:67:47:30:73:C0:66:49:52:B4:18:8B:14:02
X509v3 Authority Key Identifier:
keyid:8E:BB:0E:B1:9E:77:77:D7:03:80:00:F6:C1:2D:39:DE:D1:20:42:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:b3:cc:ac:19:58:0f:d8:86:82:58:01:0f:7c:c1:a1:3e:26:
bd:f1:fe:fb:ee:02:c1:e0:fc:69:5a:d7:7d:f0:8b:b9:c7:ee:
5b:d6:6a:0a:8d:6f:ca:5d:f8:d7:cf:c9:07:58:39:27:36:04:
35:f8:84:08:c4:72:b1:fd:58:bc:67:d8:b5:f9:1f:f8:be:de:
ea:60:cd:9e:44:40:b9:e7:94:10:cd:8f:ec:fd:1b:b8:7e:97:
0f:c9:4c:7d:db:a7:55:68:ca:45:d9:d2:63:48:d0:a9:5a:ee:
db:a8:21:55:93:11:6d:83:62:bd:b9:38:8a:17:55:db:88:c6:
9b:a8:75:b1:f3:a3:24:80:28:95:fa:c4:f4:40:53:25:45:92:
d1:08:e1:97:60:e9:7e:30:05:72:6b:78:79:8c:25:0d:41:ce:
5c:7b:42:71:93:65:a9:36:f6:03:94:42:5a:d0:41:1c:98:67:
69:08:92:f2:88:bf:bd:30:e8:0f:72:19:3b:64:e3:f8:ca:7e:
84:f5:74:e6:6c:20:08:ec:b4:84:49:d8:0b:cb:b6:57:d7:14:
f6:45:ad:58:70:46:e7:11:90:d8:c6:dd:a2:ee:7a:ae:17:ae:
93:22:34:87:ad:95:44:ec:03:c1:b7:2f:1b:a9:23:f7:c3:cb:
6e:b1:8c:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBeYdxbGJ6p/ZNvybo8VkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYmIwZWIxOWU3Nzc3ZDcwMzgwMDBmNmMxMmQzOWRlZDEy
MDQyNDIwHhcNMjUxMTA0MDQwMDIzWhcNMjUxMTA1MDQwMDIzWjAzMTEwLwYDVQQD
EygzNDRmNWU2YzI2NDFlMzY3NDczMDczYzA2NjQ5NTJiNDE4OGIxNDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+p7tVDyw/US+b9k6GawH88QzChB
uHh+L2VRoT3LDMAW5gBbKxH60zMgufNR0e8wiH2npt7804zoOL9PIsQeB54bKCQD
yGHJfnZ3lfXjf/FJjuL4AWKHC9C6L1+hntjAyUuXEyYq6wwZ+Sddd5uUPw/OfTc3
wsNLiV5X0z26dey6wJHJsZwmZ40RyBVYtekCZ9nv/jceCkCVLK11Om7nxOA3c1jI
ivVbaVhIKozSq42U3iZ50SYUj+qo0W+UGV1DrV9jnCCMYjfjGx2rNPl64YjSlzfd
e73+UBlGjzLmCqAkFrsFYBRuPQP8D/PaGSH+I/hoThhaedQ8F+IOWKSn/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDRPXmwmQeNnRzBzwGZJUrQYixQCMB8GA1UdIwQY
MBaAFI67DrGed3fXA4AA9sEtOd7RIEJCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zYjE1N2QtODE5Ni00ZTQwLWFiMzYt
MTUxNDFjNjY4NTRkLzEvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zYjE1N2QtODE5Ni00ZTQwLWFiMzYtMTUxNDFjNjY4NTRk
LzEvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD7PMrBlY
D9iGglgBD3zBoT4mvfH+++4CweD8aVrXffCLucfuW9ZqCo1vyl3418/JB1g5JzYE
NfiECMRysf1YvGfYtfkf+L7e6mDNnkRAueeUEM2P7P0buH6XD8lMfdunVWjKRdnS
Y0jQqVru26ghVZMRbYNivbk4ihdV24jGm6h1sfOjJIAolfrE9EBTJUWS0Qjhl2Dp
fjAFcmt4eYwlDUHOXHtCcZNlqTb2A5RCWtBBHJhnaQiS8oi/vTDoD3IZO2Tj+Mp+
hPV05mwgCOy0hEnYC8u2V9cU9kWtWHBG5xGQ2Mbdou56rheukyI0h62VROwDwbcv
G6kj98PLbrGMQw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:46:43 2025 by rpki-client