Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0e90c8-2b83-4715-9933-a73f0b7418ab/1/JbGiI7fnP9I0YsIE5g6dSBXPdj8.mft
File: JbGiI7fnP9I0YsIE5g6dSBXPdj8.mft (raw, json)
Hash identifier: F1zq/OP2erxmaXgwGRjj+4pwlhu5MUUUuc/ousgfRZQ=
Subject key identifier: EB:A9:D9:C3:8B:B6:99:C7:E2:6B:8B:3F:99:C5:B2:BD:9A:06:8D:A2
Authority key identifier: 25:B1:A2:23:B7:E7:3F:D2:34:62:C2:04:E6:0E:9D:48:15:CF:76:3F
Certificate issuer: /CN=25b1a223b7e73fd23462c204e60e9d4815cf763f
Certificate serial: 019A4E188FD6F35F65C38AE798846DD1E34B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JbGiI7fnP9I0YsIE5g6dSBXPdj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0e90c8-2b83-4715-9933-a73f0b7418ab/1/JbGiI7fnP9I0YsIE5g6dSBXPdj8.mft
Manifest number: 02F4
Signing time: Tue 04 Nov 2025 09:00:23 +0000
Manifest this update: Tue 04 Nov 2025 09:00:23 +0000
Manifest next update: Wed 05 Nov 2025 09:00:23 +0000
Files and hashes: 1: 1-nkTyOMqH94a8OlfukcDf7YbkNc.roa (hash: Z6uvUYmhirGQlJwClrs+HtNhQJGa2PNo7VCbu68pXz8=)
2: JbGiI7fnP9I0YsIE5g6dSBXPdj8.crl (hash: x+nKws7rXrNz5+1lGkxKbv0V6lMzvw9LfZAqyp51Mbk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/0e90c8-2b83-4715-9933-a73f0b7418ab/1/JbGiI7fnP9I0YsIE5g6dSBXPdj8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/0e90c8-2b83-4715-9933-a73f0b7418ab/1/JbGiI7fnP9I0YsIE5g6dSBXPdj8.mft
rsync://rpki.ripe.net/repository/DEFAULT/JbGiI7fnP9I0YsIE5g6dSBXPdj8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:8f:d6:f3:5f:65:c3:8a:e7:98:84:6d:d1:e3:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25b1a223b7e73fd23462c204e60e9d4815cf763f
Validity
Not Before: Nov 4 09:00:23 2025 GMT
Not After : Nov 5 09:00:23 2025 GMT
Subject: CN=eba9d9c38bb699c7e26b8b3f99c5b2bd9a068da2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:53:9c:75:45:24:12:aa:e3:fc:34:95:ac:37:
68:be:41:5d:3c:33:42:5b:1f:bf:79:a0:d6:84:6f:
c1:db:d4:f2:2e:ab:bb:22:f3:ca:2b:2f:31:79:07:
c3:18:56:2b:3f:fe:e6:4d:b2:2a:6c:f3:3b:3d:83:
7d:81:27:f0:e9:46:64:f8:14:0d:09:ba:47:0d:cb:
71:c9:70:09:51:da:3a:ee:d8:0d:6a:2d:c3:41:aa:
59:8e:7c:c5:71:da:9f:77:f8:c0:e6:82:77:fe:18:
7e:34:40:07:6a:53:23:cf:eb:96:52:f7:13:f8:cf:
0b:e8:f4:36:93:32:89:da:ed:46:04:8b:6c:93:b0:
e6:58:dd:f9:28:ec:33:60:55:0b:36:e8:09:8a:c9:
7b:85:20:d7:84:5f:d2:1f:16:51:45:97:32:4b:c8:
73:57:47:91:cf:aa:0c:31:be:41:9f:4a:e4:80:b2:
b4:13:89:57:ae:9d:00:c5:5e:1d:48:d7:3c:dd:32:
0f:d3:b6:d8:b9:06:e3:e3:b2:70:8b:2a:ee:19:6d:
b7:f9:81:1a:84:b5:71:33:c9:53:fb:ae:c2:d8:33:
04:97:f7:76:78:16:80:72:83:92:19:31:34:88:f2:
7a:0e:ed:1c:bd:bd:a8:05:53:c7:11:78:79:fe:d8:
45:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:A9:D9:C3:8B:B6:99:C7:E2:6B:8B:3F:99:C5:B2:BD:9A:06:8D:A2
X509v3 Authority Key Identifier:
keyid:25:B1:A2:23:B7:E7:3F:D2:34:62:C2:04:E6:0E:9D:48:15:CF:76:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbGiI7fnP9I0YsIE5g6dSBXPdj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0e90c8-2b83-4715-9933-a73f0b7418ab/1/JbGiI7fnP9I0YsIE5g6dSBXPdj8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0e90c8-2b83-4715-9933-a73f0b7418ab/1/JbGiI7fnP9I0YsIE5g6dSBXPdj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
00:d1:bb:4a:c9:a3:9f:24:4c:1a:23:67:53:96:ad:33:69:df:
d1:ed:e7:b6:83:f2:5c:1a:5a:f8:2e:a5:22:34:5b:93:24:a4:
bb:8c:d4:f3:c0:b9:da:08:15:5a:bb:fc:41:1c:f3:d1:30:7a:
b2:eb:e6:ea:23:46:30:60:55:68:6e:ed:f8:00:ca:c0:d4:ff:
7b:7e:1a:70:85:c6:75:5e:0e:b3:2c:71:a6:80:f6:cc:a1:27:
e5:77:54:fd:4f:00:91:04:80:ac:cf:1a:6b:fc:46:8b:97:7d:
83:3d:d7:33:34:55:3c:6c:24:1d:17:78:0a:58:02:d8:3a:6d:
43:f3:90:fc:f8:22:2b:ef:f9:1f:94:a5:81:d3:35:5d:61:45:
10:c0:0e:f0:47:fc:ab:ee:25:64:b3:a6:6c:b8:8a:da:e5:4b:
ff:97:f1:ae:2a:ac:ac:c5:85:2e:ec:fc:70:43:90:c6:d3:80:
96:5f:26:20:f5:b2:3f:f1:e8:2a:dc:90:a2:cb:a3:be:73:19:
75:65:c2:47:05:c9:10:ff:03:8f:26:3b:5f:7a:f1:3e:65:fb:
32:1f:b2:a1:14:7b:76:db:15:bd:b6:a9:d5:63:27:22:1f:0f:
05:6c:5d:88:c7:a7:22:d1:02:1b:2f:7e:57:b1:7e:59:5e:43:
84:cb:57:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGI/W819lw4rnmIRt0eNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YjFhMjIzYjdlNzNmZDIzNDYyYzIwNGU2MGU5ZDQ4MTVj
Zjc2M2YwHhcNMjUxMTA0MDkwMDIzWhcNMjUxMTA1MDkwMDIzWjAzMTEwLwYDVQQD
EyhlYmE5ZDljMzhiYjY5OWM3ZTI2YjhiM2Y5OWM1YjJiZDlhMDY4ZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1OcdUUkEqrj/DSVrDdovkFdPDNC
Wx+/eaDWhG/B29TyLqu7IvPKKy8xeQfDGFYrP/7mTbIqbPM7PYN9gSfw6UZk+BQN
CbpHDctxyXAJUdo67tgNai3DQapZjnzFcdqfd/jA5oJ3/hh+NEAHalMjz+uWUvcT
+M8L6PQ2kzKJ2u1GBItsk7DmWN35KOwzYFULNugJisl7hSDXhF/SHxZRRZcyS8hz
V0eRz6oMMb5Bn0rkgLK0E4lXrp0AxV4dSNc83TIP07bYuQbj47JwiyruGW23+YEa
hLVxM8lT+67C2DMEl/d2eBaAcoOSGTE0iPJ6Du0cvb2oBVPHEXh5/thFxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOup2cOLtpnH4muLP5nFsr2aBo2iMB8GA1UdIwQY
MBaAFCWxoiO35z/SNGLCBOYOnUgVz3Y/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJHaUk3Zm5QOUkwWXNJRTVnNmRTQlhQZGo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wZTkwYzgtMmI4My00NzE1LTk5MzMt
YTczZjBiNzQxOGFiLzEvSmJHaUk3Zm5QOUkwWXNJRTVnNmRTQlhQZGo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8wZTkwYzgtMmI4My00NzE1LTk5MzMtYTczZjBiNzQxOGFi
LzEvSmJHaUk3Zm5QOUkwWXNJRTVnNmRTQlhQZGo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAANG7Ssmj
nyRMGiNnU5atM2nf0e3ntoPyXBpa+C6lIjRbkySku4zU88C52ggVWrv8QRzz0TB6
suvm6iNGMGBVaG7t+ADKwNT/e34acIXGdV4OsyxxpoD2zKEn5XdU/U8AkQSArM8a
a/xGi5d9gz3XMzRVPGwkHRd4ClgC2DptQ/OQ/PgiK+/5H5SlgdM1XWFFEMAO8Ef8
q+4lZLOmbLiK2uVL/5fxriqsrMWFLuz8cEOQxtOAll8mIPWyP/HoKtyQosujvnMZ
dWXCRwXJEP8DjyY7X3rxPmX7Mh+yoRR7dtsVvbap1WMnIh8PBWxdiMenItECGy9+
V7F+WV5DhMtXBA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:36:42 2025 by rpki-client