Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft
File: KhfSVHdMl6nGhansXSTy_GlomQg.mft (raw, json)
Hash identifier: aXF0eTVqmIwM3U9w+wggs7jCRGV+SOwYO/qfhIII+d0=
Subject key identifier: 95:65:16:7B:09:12:60:E1:8B:78:92:9A:19:38:9E:13:29:6C:C9:01
Authority key identifier: 2A:17:D2:54:77:4C:97:A9:C6:85:A9:EC:5D:24:F2:FC:69:68:99:08
Certificate issuer: /CN=2a17d254774c97a9c685a9ec5d24f2fc69689908
Certificate serial: 01984AAE9EA7266DBE574F148148E5D37CC0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhfSVHdMl6nGhansXSTy_GlomQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft
Manifest number: 133D
Signing time: Sun 27 Jul 2025 07:00:14 +0000
Manifest this update: Sun 27 Jul 2025 07:00:14 +0000
Manifest next update: Mon 28 Jul 2025 07:00:14 +0000
Files and hashes: 1: 1ibpJfSu5zvmElDRsm3yBPA2Psc.roa (hash: fl2TXrWlprslHDoqKeFpyUnoLUsON1oTzkxdU0IwAjQ=)
2: KhfSVHdMl6nGhansXSTy_GlomQg.crl (hash: YzPbKJ/ziY9OkmNFnVDuMLZrfT9CpgVxeBOZ2hkYwww=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KhfSVHdMl6nGhansXSTy_GlomQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4a:ae:9e:a7:26:6d:be:57:4f:14:81:48:e5:d3:7c:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a17d254774c97a9c685a9ec5d24f2fc69689908
Validity
Not Before: Jul 27 07:00:14 2025 GMT
Not After : Jul 28 07:00:14 2025 GMT
Subject: CN=9565167b091260e18b78929a19389e13296cc901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:87:ce:e6:45:eb:79:a9:5e:27:a4:78:05:c9:
49:3d:d9:58:59:0c:ee:1f:d0:c2:91:66:be:22:a2:
fd:86:c2:68:31:61:f3:30:f8:7e:e8:49:97:04:85:
55:06:b6:8c:82:28:2a:0d:ef:67:7c:1f:e8:6c:13:
bb:e0:67:f0:a7:0f:04:92:c4:ec:46:78:ea:30:07:
3f:14:73:8a:c4:c6:d8:ec:1d:fb:33:6c:8c:aa:ec:
0d:75:de:6b:ef:06:94:ea:38:28:ec:2c:e4:a8:0a:
ff:4d:79:00:fb:9f:4e:60:36:8c:c4:ee:b8:8d:60:
0e:79:79:5d:f7:b8:9c:75:15:df:3b:aa:fb:ff:e1:
d5:34:f0:65:2b:57:47:f2:29:60:b8:a8:e1:84:89:
c0:44:d5:56:a3:77:dc:81:4f:44:22:ad:5f:85:86:
df:0b:17:cf:41:dd:66:6f:7f:0f:36:39:00:2b:f2:
4c:79:49:f9:ea:ed:65:3b:c4:5c:fa:ec:67:5f:a7:
9e:d4:a3:ee:e6:d1:13:01:05:3d:7d:ba:9a:49:e9:
00:21:a1:54:c2:f7:6e:c3:f6:f9:d4:e9:fc:e0:b1:
11:c0:cc:39:b7:de:13:bb:9e:33:f3:be:0a:b0:58:
4d:36:0f:ff:9b:c7:64:e0:2f:b5:07:b0:82:36:c1:
49:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:65:16:7B:09:12:60:E1:8B:78:92:9A:19:38:9E:13:29:6C:C9:01
X509v3 Authority Key Identifier:
keyid:2A:17:D2:54:77:4C:97:A9:C6:85:A9:EC:5D:24:F2:FC:69:68:99:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhfSVHdMl6nGhansXSTy_GlomQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:f5:a8:95:c2:0a:af:cb:2d:0b:bd:83:11:86:fb:bf:ba:bd:
00:8e:92:3a:b7:31:7d:aa:89:9e:66:0e:8d:6e:5f:8a:05:d0:
97:5e:0f:a9:da:4b:04:de:53:73:98:0f:48:97:34:e1:59:9e:
dd:f1:1e:5f:78:ab:c7:3b:2d:9a:2c:42:c2:c7:56:76:e9:6f:
2c:3e:8c:f1:59:1a:7e:7d:5b:41:88:c2:b0:a9:5d:51:a9:d0:
13:42:c5:fe:e9:69:e9:58:6c:fc:dc:71:fb:fd:95:13:bd:34:
7f:0b:4a:b7:63:20:9d:59:07:90:6b:df:0d:41:5b:86:e9:c3:
f5:03:27:9c:e3:3f:eb:4d:fe:8f:27:9a:95:fb:ea:5d:43:92:
c2:75:37:f8:fe:08:ee:38:78:29:19:6b:c3:78:08:87:7b:ac:
2c:a3:c8:b1:9a:a6:ef:89:58:bd:23:7a:b4:71:98:35:e4:40:
d8:03:41:c3:81:e5:d0:3a:c4:bd:a5:02:44:a5:b9:e9:6f:b6:
7a:11:6c:dd:5c:01:6f:8a:6a:c0:50:aa:98:8a:52:b0:af:fe:
be:d1:17:1e:f6:74:60:e4:59:cd:b8:47:27:fd:2a:0d:26:a2:
ad:81:ce:67:85:1e:a9:f9:f2:6c:d0:5e:60:56:db:1f:a0:5c:
c2:89:c3:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKrp6nJm2+V08UgUjl03zAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTdkMjU0Nzc0Yzk3YTljNjg1YTllYzVkMjRmMmZjNjk2
ODk5MDgwHhcNMjUwNzI3MDcwMDE0WhcNMjUwNzI4MDcwMDE0WjAzMTEwLwYDVQQD
Eyg5NTY1MTY3YjA5MTI2MGUxOGI3ODkyOWExOTM4OWUxMzI5NmNjOTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ofO5kXrealeJ6R4BclJPdlYWQzu
H9DCkWa+IqL9hsJoMWHzMPh+6EmXBIVVBraMgigqDe9nfB/obBO74Gfwpw8EksTs
RnjqMAc/FHOKxMbY7B37M2yMquwNdd5r7waU6jgo7CzkqAr/TXkA+59OYDaMxO64
jWAOeXld97icdRXfO6r7/+HVNPBlK1dH8ilguKjhhInARNVWo3fcgU9EIq1fhYbf
CxfPQd1mb38PNjkAK/JMeUn56u1lO8Rc+uxnX6ee1KPu5tETAQU9fbqaSekAIaFU
wvduw/b51On84LERwMw5t94Tu54z874KsFhNNg//m8dk4C+1B7CCNsFJZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJVlFnsJEmDhi3iSmhk4nhMpbMkBMB8GA1UdIwQY
MBaAFCoX0lR3TJepxoWp7F0k8vxpaJkIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2hmU1ZIZE1sNm5HaGFuc1hTVHlfR2xvbVFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82NmE0MzktY2YzMy00N2M1LTkyYWIt
ODBiNTExOGFiYWY2LzEvS2hmU1ZIZE1sNm5HaGFuc1hTVHlfR2xvbVFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82NmE0MzktY2YzMy00N2M1LTkyYWItODBiNTExOGFiYWY2
LzEvS2hmU1ZIZE1sNm5HaGFuc1hTVHlfR2xvbVFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYPWolcIK
r8stC72DEYb7v7q9AI6SOrcxfaqJnmYOjW5figXQl14PqdpLBN5Tc5gPSJc04Vme
3fEeX3irxzstmixCwsdWdulvLD6M8Vkafn1bQYjCsKldUanQE0LF/ulp6Vhs/Nxx
+/2VE700fwtKt2MgnVkHkGvfDUFbhunD9QMnnOM/603+jyealfvqXUOSwnU3+P4I
7jh4KRlrw3gIh3usLKPIsZqm74lYvSN6tHGYNeRA2ANBw4Hl0DrEvaUCRKW56W+2
ehFs3VwBb4pqwFCqmIpSsK/+vtEXHvZ0YORZzbhHJ/0qDSairYHOZ4UeqfnybNBe
YFbbH6BcwonDaw==
-----END CERTIFICATE-----
Generated at Sun Jul 27 13:10:32 2025 by rpki-client