Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: XccZj1yrHACUW6x0gOOH/kTslyl0kuEXEYP3YEu6JIs=
Subject key identifier: D7:85:5E:DB:7E:C6:38:FC:CA:43:B0:90:8B:16:6C:9E:1A:54:BA:EB
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019A07B6FC2AA01A9E284E8D03366BFA9A8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 16E8
Signing time: Tue 21 Oct 2025 17:00:23 +0000
Manifest this update: Tue 21 Oct 2025 17:00:23 +0000
Manifest next update: Wed 22 Oct 2025 17:00:23 +0000
Files and hashes: 1: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: 81iUWzRJYi/GRiveTUgmMFTxzT/WMJkAYmIO6DUxEBE=)
2: yGFlSDdiFlFUJBTzkBDJlODQZoY.roa (hash: 5kgFGMiEYqgnd4sbR3CvLQA6/mpT37R4CFK6/AUcK/Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 14:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:07:b6:fc:2a:a0:1a:9e:28:4e:8d:03:36:6b:fa:9a:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Oct 21 17:00:23 2025 GMT
Not After : Oct 22 17:00:23 2025 GMT
Subject: CN=d7855edb7ec638fcca43b0908b166c9e1a54baeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:42:8a:20:6a:cf:29:4f:1c:79:46:9d:ff:4b:
4b:85:e3:bf:89:d9:40:5b:07:19:18:e9:75:00:f2:
27:13:c0:01:98:6b:8d:cc:86:85:fd:bb:8a:11:9d:
0b:c6:30:b7:47:73:93:f1:4e:ec:fc:e5:22:cf:83:
ac:9e:ba:15:3c:90:c6:ff:43:18:22:ab:b2:06:5d:
cd:a0:6e:94:33:8f:32:6f:b5:0e:21:4e:34:8b:af:
a2:fc:39:51:f8:14:a6:8b:6e:f8:4d:d6:5f:a2:ff:
7b:70:f8:08:21:92:8b:4b:e6:86:83:18:f1:be:95:
b4:63:8d:8a:e7:0c:af:eb:4e:5e:84:93:ad:ab:17:
df:bf:7e:15:ff:9f:20:85:d4:d2:49:23:e3:bd:41:
bd:6b:b6:50:e5:41:29:e3:e0:1c:24:68:3e:c1:7f:
9d:e6:43:65:04:76:f2:29:f3:36:1e:8f:39:fb:04:
d0:b4:0e:ea:3a:9f:7e:75:01:52:6f:95:97:94:46:
fa:5b:3e:ca:2f:88:9a:d3:68:65:37:10:11:57:c6:
a9:af:1b:ab:c0:a8:99:fd:e9:d9:a7:30:b9:09:c5:
91:b8:60:5f:bd:55:92:0f:b3:5c:1f:19:8a:43:8b:
7b:d8:02:70:75:51:5c:9a:de:50:91:e1:ac:75:ce:
50:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:85:5E:DB:7E:C6:38:FC:CA:43:B0:90:8B:16:6C:9E:1A:54:BA:EB
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
74:71:e2:ba:f3:27:eb:99:b9:1b:ef:e0:9a:75:21:0b:09:cf:
3b:22:ff:f4:10:87:50:bd:ba:42:4b:a3:54:53:20:25:89:28:
29:b4:19:78:36:f9:7c:d3:5d:c0:bf:c9:62:50:1c:a9:2b:cb:
f8:6d:83:a3:dc:b2:27:c2:24:ba:b7:25:3d:78:d3:01:29:6c:
e1:91:9e:f2:5b:73:83:6a:54:80:dd:7e:47:4b:4c:87:78:98:
04:bb:d0:da:0e:0d:53:b2:63:a8:28:bf:58:ed:26:12:eb:0f:
dc:a0:66:da:20:ab:8f:a0:47:a2:64:df:df:92:13:a1:fa:25:
d1:f5:70:b9:25:ae:9f:22:44:65:1b:fb:74:7f:91:56:93:db:
27:8c:4b:78:d7:3a:db:3b:17:24:f0:6c:d0:da:b5:8f:bf:d5:
50:be:59:f7:16:76:da:c9:4f:13:a4:f8:1a:2a:6c:34:50:d3:
b0:5a:ee:b4:f2:05:e0:03:c3:d4:e9:69:0e:67:02:15:7c:d6:
bd:0f:ec:3e:da:36:a4:f4:0d:9a:3c:c4:3b:c9:bc:cf:91:05:
16:af:60:b5:3d:35:5c:cf:ea:85:12:15:99:95:82:c9:79:e0:
95:84:91:43:68:cf:56:ba:bf:6d:db:82:d1:92:38:56:9d:c9:
a3:8c:6e:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoHtvwqoBqeKE6NAzZr+pqLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjUxMDIxMTcwMDIzWhcNMjUxMDIyMTcwMDIzWjAzMTEwLwYDVQQD
EyhkNzg1NWVkYjdlYzYzOGZjY2E0M2IwOTA4YjE2NmM5ZTFhNTRiYWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEKKIGrPKU8ceUad/0tLheO/idlA
WwcZGOl1APInE8ABmGuNzIaF/buKEZ0LxjC3R3OT8U7s/OUiz4OsnroVPJDG/0MY
IquyBl3NoG6UM48yb7UOIU40i6+i/DlR+BSmi274TdZfov97cPgIIZKLS+aGgxjx
vpW0Y42K5wyv605ehJOtqxffv34V/58ghdTSSSPjvUG9a7ZQ5UEp4+AcJGg+wX+d
5kNlBHbyKfM2Ho85+wTQtA7qOp9+dQFSb5WXlEb6Wz7KL4ia02hlNxARV8aprxur
wKiZ/enZpzC5CcWRuGBfvVWSD7NcHxmKQ4t72AJwdVFcmt5QkeGsdc5QZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNeFXtt+xjj8ykOwkIsWbJ4aVLrrMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdHHiuvMn
65m5G+/gmnUhCwnPOyL/9BCHUL26QkujVFMgJYkoKbQZeDb5fNNdwL/JYlAcqSvL
+G2Do9yyJ8IkurclPXjTASls4ZGe8ltzg2pUgN1+R0tMh3iYBLvQ2g4NU7JjqCi/
WO0mEusP3KBm2iCrj6BHomTf35ITofol0fVwuSWunyJEZRv7dH+RVpPbJ4xLeNc6
2zsXJPBs0Nq1j7/VUL5Z9xZ22slPE6T4GipsNFDTsFrutPIF4APD1OlpDmcCFXzW
vQ/sPto2pPQNmjzEO8m8z5EFFq9gtT01XM/qhRIVmZWCyXnglYSRQ2jPVrq/bduC
0ZI4Vp3Jo4xuCg==
-----END CERTIFICATE-----
Generated at Tue Oct 21 21:36:48 2025 by rpki-client