Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
File: JY8HU8Azwa8JGGbQlCZFEmlspos.mft (raw, json)
Hash identifier: Egpm3B1HgTwTGzdUx76TLopno06nat4qTtaipiiyGcY=
Subject key identifier: D6:2A:74:A4:DA:A7:F6:A4:29:F2:5A:6D:B8:6B:46:66:BB:6A:B0:EE
Authority key identifier: 25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B
Certificate issuer: /CN=258f0753c033c1af091866d094264512696ca68b
Certificate serial: 019A5262FECD7727DF83B75FD20BFBFC714E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
Manifest number: 0A5A
Signing time: Wed 05 Nov 2025 05:00:10 +0000
Manifest this update: Wed 05 Nov 2025 05:00:10 +0000
Manifest next update: Thu 06 Nov 2025 05:00:10 +0000
Files and hashes: 1: BQh7QT9BX7cTqXjHHhGh4E0jau4.roa (hash: ji+6a8qXV045VZtKjEfl6cGy7fTl7ME8scmY2gpWI2s=)
2: JY8HU8Azwa8JGGbQlCZFEmlspos.crl (hash: DFcqZgPIERAQtd+swVVM9e1Tj1o4h2JKER0OMQMC8CY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:62:fe:cd:77:27:df:83:b7:5f:d2:0b:fb:fc:71:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=258f0753c033c1af091866d094264512696ca68b
Validity
Not Before: Nov 5 05:00:10 2025 GMT
Not After : Nov 6 05:00:10 2025 GMT
Subject: CN=d62a74a4daa7f6a429f25a6db86b4666bb6ab0ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3a:f1:54:33:d6:5b:1c:9c:69:aa:ad:0b:d1:
dc:42:f3:b6:9b:80:04:49:a5:4c:17:30:6c:a0:64:
45:3a:bb:f7:cb:25:a9:ea:1d:6e:6c:cf:ee:47:fa:
5b:15:6c:cb:bd:c5:8a:b5:6c:16:12:f4:be:0c:9c:
07:cc:94:e3:e0:34:30:df:cd:8f:9f:32:28:9e:07:
89:4f:bb:e1:a6:a7:10:43:7a:4c:60:2a:db:56:30:
85:cf:65:d2:78:fd:d8:a1:e9:78:9e:a3:44:49:62:
89:8d:77:3f:95:f8:eb:f1:8d:04:27:87:0d:c2:3e:
b1:27:1e:b3:b5:9d:4b:28:07:6e:ef:e5:9d:69:a1:
78:0d:dd:e8:f0:82:54:3f:08:f4:4e:78:3e:55:3e:
a8:85:c8:29:77:d6:bf:81:08:d6:ed:4b:74:f0:7e:
7b:74:e3:82:fa:f2:c7:ae:0b:87:ca:66:25:b4:54:
0b:8f:57:75:19:4c:49:92:d1:33:b3:76:22:ac:71:
9a:15:ba:21:0b:e0:2e:cd:7a:5b:e5:5d:fc:de:74:
2c:8f:27:47:c1:40:77:0b:91:f6:90:f4:4c:d7:cb:
2a:18:4f:34:79:66:bd:fa:71:79:41:35:86:61:de:
76:2e:3a:dd:27:f5:7b:2f:81:b1:83:85:05:45:8b:
d2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:2A:74:A4:DA:A7:F6:A4:29:F2:5A:6D:B8:6B:46:66:BB:6A:B0:EE
X509v3 Authority Key Identifier:
keyid:25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:6c:df:17:3c:c3:d4:c4:0d:c9:57:e1:5a:91:0c:c0:6a:b1:
07:ee:d2:82:cb:d3:38:55:d3:18:e5:99:5b:5e:3b:8e:9e:fa:
61:1d:f6:76:83:5a:1f:9f:c3:48:56:a3:d0:71:a7:b1:ff:2b:
22:6f:5d:63:c5:12:92:64:b7:86:d3:f7:8c:fd:fc:75:0e:38:
e3:2c:0d:18:40:40:90:60:91:41:dd:c2:3d:63:f2:a4:da:17:
7f:e6:51:0f:86:b5:29:2b:0a:23:a4:0b:d6:ab:6b:cb:31:f0:
d7:cc:4a:67:c6:c5:1f:1d:76:3c:d8:11:e0:d6:5b:dc:7f:45:
5f:73:27:6c:87:a6:af:88:38:71:87:4b:dc:94:03:59:da:68:
b1:10:d3:ea:a7:26:ed:eb:d4:d6:e5:5a:95:a5:94:b0:38:50:
0e:0d:06:cb:ad:65:e0:eb:5a:03:18:c8:da:d7:99:a4:f9:f9:
80:bb:fa:fe:cf:10:61:35:a1:55:99:7a:85:ee:18:ea:22:59:
ec:35:07:d1:74:5a:0d:42:16:d3:f3:31:5f:0d:79:1f:66:58:
0e:9d:96:ab:e4:15:87:55:19:24:d2:a3:48:76:95:49:bc:f9:
e4:b8:d4:98:cc:f0:36:c8:30:fb:b7:6d:14:82:b8:12:a1:a7:
98:b6:3d:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSYv7Ndyffg7df0gv7/HFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OGYwNzUzYzAzM2MxYWYwOTE4NjZkMDk0MjY0NTEyNjk2
Y2E2OGIwHhcNMjUxMTA1MDUwMDEwWhcNMjUxMTA2MDUwMDEwWjAzMTEwLwYDVQQD
EyhkNjJhNzRhNGRhYTdmNmE0MjlmMjVhNmRiODZiNDY2NmJiNmFiMGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDrxVDPWWxycaaqtC9HcQvO2m4AE
SaVMFzBsoGRFOrv3yyWp6h1ubM/uR/pbFWzLvcWKtWwWEvS+DJwHzJTj4DQw382P
nzIongeJT7vhpqcQQ3pMYCrbVjCFz2XSeP3Yoel4nqNESWKJjXc/lfjr8Y0EJ4cN
wj6xJx6ztZ1LKAdu7+WdaaF4Dd3o8IJUPwj0Tng+VT6ohcgpd9a/gQjW7Ut08H57
dOOC+vLHrguHymYltFQLj1d1GUxJktEzs3YirHGaFbohC+AuzXpb5V383nQsjydH
wUB3C5H2kPRM18sqGE80eWa9+nF5QTWGYd52LjrdJ/V7L4Gxg4UFRYvSpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNYqdKTap/akKfJabbhrRma7arDuMB8GA1UdIwQY
MBaAFCWPB1PAM8GvCRhm0JQmRRJpbKaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQt
MmMyZjBkMjRmOTM2LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQtMmMyZjBkMjRmOTM2
LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg2zfFzzD
1MQNyVfhWpEMwGqxB+7SgsvTOFXTGOWZW147jp76YR32doNaH5/DSFaj0HGnsf8r
Im9dY8USkmS3htP3jP38dQ444ywNGEBAkGCRQd3CPWPypNoXf+ZRD4a1KSsKI6QL
1qtryzHw18xKZ8bFHx12PNgR4NZb3H9FX3MnbIemr4g4cYdL3JQDWdposRDT6qcm
7evU1uValaWUsDhQDg0Gy61l4OtaAxjI2teZpPn5gLv6/s8QYTWhVZl6he4Y6iJZ
7DUH0XRaDUIW0/MxXw15H2ZYDp2Wq+QVh1UZJNKjSHaVSbz55LjUmMzwNsgw+7dt
FIK4EqGnmLY9/A==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:04:38 2025 by rpki-client