Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
File: khjNJev3TLGwBLAe5QVQP_8kbWE.mft (raw, json)
Hash identifier: rQs5HgE3QhyPZY9TM9Q1eNISPa9IfK0gYTXBKKHDiNk=
Subject key identifier: 5C:65:50:94:72:52:0E:64:F9:FE:EE:F9:EA:34:A1:B1:52:5C:63:70
Authority key identifier: 92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
Certificate issuer: /CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Certificate serial: 019A2C312F7D81C64F21318B6B300BB67640
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
Manifest number: 0532
Signing time: Tue 28 Oct 2025 19:00:12 +0000
Manifest this update: Tue 28 Oct 2025 19:00:12 +0000
Manifest next update: Wed 29 Oct 2025 19:00:12 +0000
Files and hashes: 1: TrlRH64mTqxgPbbyg2lJDlsMeB0.roa (hash: Ar7RtZkoApHXI4MhYkDHCkz8Varr+3EYOSwaeqk+kiE=)
2: eWQbNDk7Bizpa1HJwWi556Oud3s.roa (hash: PwNs4nRmZS0NVFzVnjZatxVrXUe/B08COyWu1QU2ZLs=)
3: khjNJev3TLGwBLAe5QVQP_8kbWE.crl (hash: U/kp5+OXItiTzPvUXoye49kf/m1oZli9dgkaU2CO8e4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 19:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2c:31:2f:7d:81:c6:4f:21:31:8b:6b:30:0b:b6:76:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Validity
Not Before: Oct 28 19:00:12 2025 GMT
Not After : Oct 29 19:00:12 2025 GMT
Subject: CN=5c65509472520e64f9feeef9ea34a1b1525c6370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:75:da:0d:9b:5e:7f:0d:21:50:25:ca:d9:cb:
80:6b:7f:3d:be:ef:39:e3:eb:e3:13:c8:94:f9:06:
6c:69:5b:5c:df:6a:fa:6f:a1:cc:b1:76:a8:05:4f:
65:5b:7c:1c:8b:3e:2e:bc:bc:dd:e8:58:69:07:ab:
c9:f9:2a:02:6d:17:03:c6:09:f5:32:af:6a:f3:67:
66:98:e5:0c:cd:a7:52:95:5e:34:2a:ea:f2:35:99:
f4:d8:7c:d8:95:35:19:b3:1b:8c:6e:ba:e3:be:21:
ce:00:cc:47:a5:1b:e8:bb:7c:b6:05:c5:e9:d1:c7:
21:36:c2:70:64:e6:dc:b6:5d:2b:ef:d0:9f:a1:75:
5a:33:34:99:df:b4:d0:17:f9:42:80:dd:38:a2:11:
f1:ff:92:61:43:5b:4b:cc:8d:1d:cc:ea:24:a2:f5:
b8:8f:e5:1d:db:9f:c8:3d:77:d4:6b:c0:d6:bd:a1:
11:59:47:e3:6a:f5:cc:23:a4:c8:a8:69:a4:10:99:
51:8a:85:9e:70:18:f2:f6:00:a0:41:60:d4:0b:9e:
55:28:44:78:36:84:4a:53:7b:76:d8:ab:71:89:62:
4b:df:4a:07:16:72:84:02:88:1f:40:7e:7d:77:ef:
f5:9c:8b:23:02:05:52:17:cb:d9:11:fc:13:18:4a:
2d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:65:50:94:72:52:0E:64:F9:FE:EE:F9:EA:34:A1:B1:52:5C:63:70
X509v3 Authority Key Identifier:
keyid:92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:f5:60:b0:5b:19:0d:e8:d9:fa:75:3e:a9:99:71:b1:30:bf:
de:67:59:76:64:87:1b:4f:87:92:e3:3f:df:a3:a1:55:3b:5e:
99:39:a4:a5:5f:b7:ed:82:fb:d0:84:06:a9:c7:53:d7:e8:89:
26:c2:85:a1:82:4e:63:78:ba:b2:72:50:27:37:bf:f2:e8:93:
c1:af:4a:55:ec:53:0b:f5:58:fc:3b:5f:68:81:5e:42:c6:9e:
64:02:2b:2a:d4:bf:1b:92:39:4c:8b:f2:d0:37:2c:92:1a:b8:
7a:fa:dd:6a:33:76:c7:cd:e2:fd:8d:07:ff:78:30:6e:94:ac:
43:73:c8:32:4d:db:c7:c0:27:8b:91:82:3d:78:ad:9c:82:aa:
a1:34:c9:ed:09:93:1a:6e:ad:19:57:29:ac:8b:fa:4a:65:a7:
4a:d6:1d:d9:c2:75:2e:02:8a:12:5d:18:51:ec:33:0c:72:01:
b4:23:37:7b:2e:8c:f9:09:17:5d:0e:73:69:29:02:9d:23:d2:
c0:e9:65:ec:9a:5f:dd:e7:3c:05:f9:97:b5:f5:8f:eb:b2:67:
0c:5f:90:74:eb:ee:11:f3:d3:6f:b4:1c:56:99:99:da:a6:e5:
cc:9a:6e:62:36:9a:8c:87:82:85:5a:49:69:5d:c9:a1:01:71:
04:bb:6e:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZosMS99gcZPITGLazALtnZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMThjZDI1ZWJmNzRjYjFiMDA0YjAxZWU1MDU1MDNmZmYy
NDZkNjEwHhcNMjUxMDI4MTkwMDEyWhcNMjUxMDI5MTkwMDEyWjAzMTEwLwYDVQQD
Eyg1YzY1NTA5NDcyNTIwZTY0ZjlmZWVlZjllYTM0YTFiMTUyNWM2MzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHXaDZtefw0hUCXK2cuAa389vu85
4+vjE8iU+QZsaVtc32r6b6HMsXaoBU9lW3wciz4uvLzd6FhpB6vJ+SoCbRcDxgn1
Mq9q82dmmOUMzadSlV40KuryNZn02HzYlTUZsxuMbrrjviHOAMxHpRvou3y2BcXp
0cchNsJwZObctl0r79CfoXVaMzSZ37TQF/lCgN04ohHx/5JhQ1tLzI0dzOokovW4
j+Ud25/IPXfUa8DWvaERWUfjavXMI6TIqGmkEJlRioWecBjy9gCgQWDUC55VKER4
NoRKU3t22KtxiWJL30oHFnKEAogfQH59d+/1nIsjAgVSF8vZEfwTGEotdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFxlUJRyUg5k+f7u+eo0obFSXGNwMB8GA1UdIwQY
MBaAFJIYzSXr90yxsASwHuUFUD//JG1hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUt
YmM4NzdjZTkwNjFhLzEva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUtYmM4NzdjZTkwNjFh
LzEva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAivVgsFsZ
DejZ+nU+qZlxsTC/3mdZdmSHG0+HkuM/36OhVTtemTmkpV+37YL70IQGqcdT1+iJ
JsKFoYJOY3i6snJQJze/8uiTwa9KVexTC/VY/DtfaIFeQsaeZAIrKtS/G5I5TIvy
0Dcskhq4evrdajN2x83i/Y0H/3gwbpSsQ3PIMk3bx8Ani5GCPXitnIKqoTTJ7QmT
Gm6tGVcprIv6SmWnStYd2cJ1LgKKEl0YUewzDHIBtCM3ey6M+QkXXQ5zaSkCnSPS
wOll7Jpf3ec8BfmXtfWP67JnDF+QdOvuEfPTb7QcVpmZ2qblzJpuYjaajIeChVpJ
aV3JoQFxBLtu+g==
-----END CERTIFICATE-----
Generated at Wed Oct 29 01:32:34 2025 by rpki-client