Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
File: khjNJev3TLGwBLAe5QVQP_8kbWE.mft (raw, json)
Hash identifier: nOOp+4/jA/9ty7l8YQSC+rfsnEGACCpnKuKCUDQnC0M=
Subject key identifier: C6:97:29:E0:5F:68:1A:0B:A0:C3:AD:16:35:06:2D:CF:35:C8:9C:AA
Authority key identifier: 92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
Certificate issuer: /CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Certificate serial: 01974779D55E35562DE02A490BD80AF41720
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
Manifest number: 03AA
Signing time: Fri 06 Jun 2025 23:00:56 +0000
Manifest this update: Fri 06 Jun 2025 23:00:56 +0000
Manifest next update: Sat 07 Jun 2025 23:00:56 +0000
Files and hashes: 1: hzP2EY4V13WQH8d_pNPxVTI0pdE.roa (hash: p8JhkO3NrYZd+pd4+yMBXMa+gMDLxEDL5Q92aazBUYw=)
2: khjNJev3TLGwBLAe5QVQP_8kbWE.crl (hash: VF+XlNSoTzoXsVKTGCFlJ9dFQeISQ46wIhyywu6UM/w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:47:79:d5:5e:35:56:2d:e0:2a:49:0b:d8:0a:f4:17:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Validity
Not Before: Jun 6 23:00:56 2025 GMT
Not After : Jun 7 23:00:56 2025 GMT
Subject: CN=c69729e05f681a0ba0c3ad1635062dcf35c89caa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:52:b9:1a:57:57:ae:d0:44:ff:f0:c3:08:05:
6c:90:8c:83:b6:30:1e:fb:1b:72:23:91:71:77:df:
38:47:8e:39:e2:91:52:96:29:3a:69:fa:41:85:9c:
6c:85:7b:49:af:61:9c:45:07:80:5f:78:30:a9:65:
ba:17:5f:ab:3b:f1:8c:43:c6:2d:95:52:e1:07:8a:
67:5d:38:57:db:ea:be:d1:fd:07:ad:4a:84:7b:79:
ad:5c:fd:1d:cb:1e:85:48:30:70:7a:7e:6f:06:67:
af:c8:8b:8d:d0:b9:03:22:2b:09:f1:db:8c:fe:b8:
72:db:bc:e0:bf:2e:b2:bd:ac:0c:12:d8:18:42:99:
e7:01:11:ad:07:a5:17:a9:ca:4f:85:72:46:7c:b8:
76:03:2f:b6:e3:2b:bd:c9:c6:36:73:18:e8:f0:13:
f4:f3:4e:4c:60:b7:98:8a:cd:90:c6:19:01:90:ad:
65:80:fa:fe:1b:5d:ea:ee:1d:99:e3:ec:f8:1f:35:
28:f5:4e:e9:ec:0d:1d:aa:f3:46:d8:83:93:1e:ea:
20:d7:12:60:62:69:c9:c9:b8:87:e4:27:26:65:74:
de:26:4b:b8:51:56:5b:02:0b:e3:9b:23:9e:40:8a:
2c:66:68:21:00:d8:14:0e:7a:ec:6c:a3:ca:67:bb:
ae:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:97:29:E0:5F:68:1A:0B:A0:C3:AD:16:35:06:2D:CF:35:C8:9C:AA
X509v3 Authority Key Identifier:
keyid:92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:50:f3:08:20:e8:ed:28:c9:4f:47:7b:e3:b3:bc:00:3b:56:
d6:22:09:59:6d:24:4f:66:16:30:64:9e:2d:89:49:d8:93:5b:
d8:bb:2a:4c:c6:4c:32:85:88:e6:cf:ac:ad:cf:12:3b:1c:3b:
16:b7:a8:01:f8:42:dc:00:5c:a8:8b:18:b6:b7:96:ee:80:8c:
75:13:19:81:d2:21:07:a9:1b:da:19:10:63:ab:aa:3f:6f:6d:
31:11:92:3d:25:f7:b4:fb:ab:15:11:c8:54:70:c4:51:3b:a9:
cb:35:d3:df:73:4b:a8:5a:c3:8a:a2:e1:d0:e0:6a:f0:19:12:
82:a4:31:98:31:89:51:80:a7:d6:51:16:48:2e:04:df:aa:3f:
c2:b2:41:74:67:73:cc:bd:9d:d9:9d:d3:2f:a2:31:46:62:2c:
6a:d7:b0:05:18:d0:9a:00:52:9d:3d:99:53:95:d5:37:a9:29:
7d:1f:01:44:b4:36:2d:30:57:60:59:b8:7f:9d:9c:48:97:13:
c0:7f:9a:f3:0e:f3:7c:c4:4b:38:3f:9f:35:1b:0b:70:a9:62:
62:e1:e6:23:25:10:7c:4b:84:e6:b0:68:7f:30:31:0c:15:e8:
53:2d:e1:c4:34:bf:45:0e:10:ae:67:c0:0b:8f:50:ea:ba:1c:
3b:06:fc:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHedVeNVYt4CpJC9gK9BcgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMThjZDI1ZWJmNzRjYjFiMDA0YjAxZWU1MDU1MDNmZmYy
NDZkNjEwHhcNMjUwNjA2MjMwMDU2WhcNMjUwNjA3MjMwMDU2WjAzMTEwLwYDVQQD
EyhjNjk3MjllMDVmNjgxYTBiYTBjM2FkMTYzNTA2MmRjZjM1Yzg5Y2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlK5GldXrtBE//DDCAVskIyDtjAe
+xtyI5Fxd984R4454pFSlik6afpBhZxshXtJr2GcRQeAX3gwqWW6F1+rO/GMQ8Yt
lVLhB4pnXThX2+q+0f0HrUqEe3mtXP0dyx6FSDBwen5vBmevyIuN0LkDIisJ8duM
/rhy27zgvy6yvawMEtgYQpnnARGtB6UXqcpPhXJGfLh2Ay+24yu9ycY2cxjo8BP0
805MYLeYis2QxhkBkK1lgPr+G13q7h2Z4+z4HzUo9U7p7A0dqvNG2IOTHuog1xJg
YmnJybiH5CcmZXTeJku4UVZbAgvjmyOeQIosZmghANgUDnrsbKPKZ7uuawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMaXKeBfaBoLoMOtFjUGLc81yJyqMB8GA1UdIwQY
MBaAFJIYzSXr90yxsASwHuUFUD//JG1hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUt
YmM4NzdjZTkwNjFhLzEva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUtYmM4NzdjZTkwNjFh
LzEva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGFDzCCDo
7SjJT0d747O8ADtW1iIJWW0kT2YWMGSeLYlJ2JNb2LsqTMZMMoWI5s+src8SOxw7
FreoAfhC3ABcqIsYtreW7oCMdRMZgdIhB6kb2hkQY6uqP29tMRGSPSX3tPurFRHI
VHDEUTupyzXT33NLqFrDiqLh0OBq8BkSgqQxmDGJUYCn1lEWSC4E36o/wrJBdGdz
zL2d2Z3TL6IxRmIsatewBRjQmgBSnT2ZU5XVN6kpfR8BRLQ2LTBXYFm4f52cSJcT
wH+a8w7zfMRLOD+fNRsLcKliYuHmIyUQfEuE5rBofzAxDBXoUy3hxDS/RQ4QrmfA
C49Q6rocOwb87w==
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:27:23 2025 by rpki-client