Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.mft
File: khxP2jZ8U4OxXCpxQ61LEMlVzqA.mft (raw, json)
Hash identifier: dcQnqrnoCBo8H8icTekBvQgZY9ETWko6bR6EMu2Tb8g=
Subject key identifier: F8:C6:4D:1A:A4:A6:31:D0:3D:B2:81:E9:2F:B1:EF:CA:EC:53:58:9F
Authority key identifier: 92:1C:4F:DA:36:7C:53:83:B1:5C:2A:71:43:AD:4B:10:C9:55:CE:A0
Certificate issuer: /CN=921c4fda367c5383b15c2a7143ad4b10c955cea0
Certificate serial: 019A725CD76E79D3460D1BD950E8DF805089
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khxP2jZ8U4OxXCpxQ61LEMlVzqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.mft
Manifest number: 1432
Signing time: Tue 11 Nov 2025 10:01:18 +0000
Manifest this update: Tue 11 Nov 2025 10:01:18 +0000
Manifest next update: Wed 12 Nov 2025 10:01:18 +0000
Files and hashes: 1: K_0VKEBHZ8AzTGdtRKig6YmReAg.roa (hash: V6KL9KuDWKfGzsEoPpZURMCt8ttu62n0nd3Y+gExuwA=)
2: khxP2jZ8U4OxXCpxQ61LEMlVzqA.crl (hash: ir5x4t58cX6mtlSVpfy7gK08Z6S7vXBAbqdhTF2HRYQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.mft
rsync://rpki.ripe.net/repository/DEFAULT/khxP2jZ8U4OxXCpxQ61LEMlVzqA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:d7:6e:79:d3:46:0d:1b:d9:50:e8:df:80:50:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921c4fda367c5383b15c2a7143ad4b10c955cea0
Validity
Not Before: Nov 11 10:01:18 2025 GMT
Not After : Nov 12 10:01:18 2025 GMT
Subject: CN=f8c64d1aa4a631d03db281e92fb1efcaec53589f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:6e:38:76:1f:41:c6:90:57:51:2a:67:12:10:
11:f8:78:0d:2f:6d:d2:5d:24:fb:09:43:42:9e:0b:
86:90:33:2d:e9:7f:cd:b2:e4:b7:6d:25:38:bd:68:
13:04:be:34:04:ad:9a:19:ee:d0:44:60:1a:16:50:
9d:6e:c5:50:2e:d4:e9:fa:ff:c2:0c:07:53:29:68:
06:83:7d:ae:aa:33:af:0c:bd:32:f2:a9:30:30:a7:
79:f0:02:90:dd:57:d8:6c:fc:cb:36:c4:38:4a:8d:
ff:4c:0d:0f:33:c2:f5:46:b4:b7:80:c1:6e:f3:db:
09:c5:ec:f9:da:7b:e8:9f:a4:03:3b:59:77:3d:e4:
a7:25:63:06:bf:19:73:39:76:6f:dc:ac:33:80:73:
04:2e:46:09:00:53:4d:52:8c:43:e6:88:6e:d9:df:
b5:dd:e9:d1:1c:ba:1b:3d:84:a9:90:f7:c6:7e:b4:
3d:78:18:77:dd:90:2d:e4:43:c1:15:a0:45:41:6d:
cc:8a:80:ab:33:7d:77:f9:f6:b2:a9:89:7e:7a:c9:
7a:32:fa:51:36:e0:5d:65:8a:a8:35:37:06:36:b9:
18:18:01:33:97:ad:3c:19:e1:1c:54:35:0e:da:e7:
b5:07:eb:e9:a7:95:c6:2a:cc:ae:10:55:2c:f7:bd:
46:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:C6:4D:1A:A4:A6:31:D0:3D:B2:81:E9:2F:B1:EF:CA:EC:53:58:9F
X509v3 Authority Key Identifier:
keyid:92:1C:4F:DA:36:7C:53:83:B1:5C:2A:71:43:AD:4B:10:C9:55:CE:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khxP2jZ8U4OxXCpxQ61LEMlVzqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:fe:b6:a8:76:34:17:29:17:bf:ab:fa:c2:cc:82:21:c0:dc:
53:e6:d7:fe:c5:80:0e:fb:c3:ad:62:85:aa:a8:47:2c:8c:6a:
a1:4a:a8:ce:8c:36:73:63:63:01:f1:f5:a6:01:35:79:4e:c7:
f3:c1:21:05:56:6f:87:d7:29:c4:18:29:24:e0:6d:b7:f8:99:
f8:4d:93:f8:b3:c3:96:19:c7:8f:30:60:ca:3e:7f:d6:5e:f9:
50:10:cd:df:ee:92:9b:a4:bf:68:93:d4:7c:52:08:d1:2c:25:
b3:95:0c:9e:80:c8:e7:cd:8c:11:fb:39:7a:3e:53:0d:77:74:
da:f2:8f:f3:1a:35:68:f5:f3:38:f7:e8:68:41:97:51:83:be:
3e:bf:d6:a3:dc:00:bd:7a:38:65:98:0e:20:fd:11:35:23:07:
3b:bc:f2:e7:af:f4:86:05:b9:ae:00:83:05:62:4d:fd:5d:81:
d5:97:bc:64:1c:d7:17:1f:dc:58:8c:84:2c:42:a7:ba:22:26:
f3:3a:06:93:db:68:8f:29:da:9f:eb:c3:0d:2c:35:3e:30:0e:
c2:f1:77:0d:7d:e2:71:6f:4b:7f:19:5f:c2:76:ee:10:05:0c:
27:89:19:03:34:22:28:ba:6a:ce:e0:b6:e1:69:f5:1e:06:b8:
e4:ed:a7:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXNduedNGDRvZUOjfgFCJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWM0ZmRhMzY3YzUzODNiMTVjMmE3MTQzYWQ0YjEwYzk1
NWNlYTAwHhcNMjUxMTExMTAwMTE4WhcNMjUxMTEyMTAwMTE4WjAzMTEwLwYDVQQD
EyhmOGM2NGQxYWE0YTYzMWQwM2RiMjgxZTkyZmIxZWZjYWVjNTM1ODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiG44dh9BxpBXUSpnEhAR+HgNL23S
XST7CUNCnguGkDMt6X/NsuS3bSU4vWgTBL40BK2aGe7QRGAaFlCdbsVQLtTp+v/C
DAdTKWgGg32uqjOvDL0y8qkwMKd58AKQ3VfYbPzLNsQ4So3/TA0PM8L1RrS3gMFu
89sJxez52nvon6QDO1l3PeSnJWMGvxlzOXZv3KwzgHMELkYJAFNNUoxD5ohu2d+1
3enRHLobPYSpkPfGfrQ9eBh33ZAt5EPBFaBFQW3MioCrM313+fayqYl+esl6MvpR
NuBdZYqoNTcGNrkYGAEzl608GeEcVDUO2ue1B+vpp5XGKsyuEFUs971GcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPjGTRqkpjHQPbKB6S+x78rsU1ifMB8GA1UdIwQY
MBaAFJIcT9o2fFODsVwqcUOtSxDJVc6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h4UDJqWjhVNE94WENweFE2MUxFTWxWenFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zZDZiMWEtNmQ2MS00NGI4LThjYmIt
MjM2MDhmNmFlMmVhLzEva2h4UDJqWjhVNE94WENweFE2MUxFTWxWenFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zZDZiMWEtNmQ2MS00NGI4LThjYmItMjM2MDhmNmFlMmVh
LzEva2h4UDJqWjhVNE94WENweFE2MUxFTWxWenFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgv62qHY0
FykXv6v6wsyCIcDcU+bX/sWADvvDrWKFqqhHLIxqoUqozow2c2NjAfH1pgE1eU7H
88EhBVZvh9cpxBgpJOBtt/iZ+E2T+LPDlhnHjzBgyj5/1l75UBDN3+6Sm6S/aJPU
fFII0Swls5UMnoDI582MEfs5ej5TDXd02vKP8xo1aPXzOPfoaEGXUYO+Pr/Wo9wA
vXo4ZZgOIP0RNSMHO7zy56/0hgW5rgCDBWJN/V2B1Ze8ZBzXFx/cWIyELEKnuiIm
8zoGk9tojynan+vDDSw1PjAOwvF3DX3icW9LfxlfwnbuEAUMJ4kZAzQiKLpqzuC2
4Wn1Hga45O2nlw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:48:47 2025 by rpki-client