Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
File: khjNJev3TLGwBLAe5QVQP_8kbWE.mft (raw, json)
Hash identifier: sgbv3q/rDYrYklaLgirrDaJg0hNDEXqr5/F6SAneMcQ=
Subject key identifier: 02:1A:18:67:32:3E:7F:78:B2:0F:55:01:4B:5A:69:16:BC:68:95:69
Authority key identifier: 92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
Certificate issuer: /CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Certificate serial: 019933139E2FE22764D82BEB80C13C39D125
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
Manifest number: 04B1
Signing time: Wed 10 Sep 2025 10:02:27 +0000
Manifest this update: Wed 10 Sep 2025 10:02:27 +0000
Manifest next update: Thu 11 Sep 2025 10:02:27 +0000
Files and hashes: 1: TrlRH64mTqxgPbbyg2lJDlsMeB0.roa (hash: Ar7RtZkoApHXI4MhYkDHCkz8Varr+3EYOSwaeqk+kiE=)
2: eWQbNDk7Bizpa1HJwWi556Oud3s.roa (hash: PwNs4nRmZS0NVFzVnjZatxVrXUe/B08COyWu1QU2ZLs=)
3: khjNJev3TLGwBLAe5QVQP_8kbWE.crl (hash: dTHAIWkGjIeVi6fa+fAH58rdT/6knKvNAvZr8u857TA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 10:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:33:13:9e:2f:e2:27:64:d8:2b:eb:80:c1:3c:39:d1:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Validity
Not Before: Sep 10 10:02:27 2025 GMT
Not After : Sep 11 10:02:27 2025 GMT
Subject: CN=021a1867323e7f78b20f55014b5a6916bc689569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:21:25:e4:75:74:55:02:59:4d:f4:a0:79:3e:
59:5b:46:f2:d2:92:05:26:bd:8b:e3:5d:bf:b7:95:
17:84:4d:12:7a:f5:0c:35:8c:47:ca:20:ac:93:61:
70:91:ab:c4:03:63:20:49:38:57:43:67:cc:29:cf:
3d:40:46:f3:87:a3:25:f8:14:62:31:4f:05:1b:0c:
6d:76:8a:15:26:25:ca:9e:5b:f6:2f:d5:1a:1b:cd:
f4:f2:66:4c:97:2f:67:23:2d:ca:be:ac:6f:7d:f0:
73:19:7c:6f:8d:d4:22:20:34:50:06:dc:48:74:cb:
5a:39:44:53:81:41:d4:81:aa:5b:bc:73:f4:1e:41:
d1:97:b6:44:74:b8:e6:00:0a:d6:a5:d0:d4:30:d5:
71:e4:94:83:ae:b7:97:63:25:1f:53:18:2d:d4:d6:
17:d1:ff:e0:71:31:05:bb:b1:e7:3e:9b:ba:16:24:
30:ce:ce:96:5f:5d:1b:b9:25:96:1e:6c:32:67:9d:
9c:52:29:68:0e:4f:6d:b9:73:2f:bd:29:ab:d8:ab:
ab:2b:b2:c7:11:86:17:08:ff:61:1e:f5:50:25:48:
72:e6:6d:21:b6:36:9e:fc:54:a4:f4:bc:65:11:ae:
0a:01:56:1f:45:bb:02:b5:78:1f:e8:0a:1b:6e:e7:
51:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:1A:18:67:32:3E:7F:78:B2:0F:55:01:4B:5A:69:16:BC:68:95:69
X509v3 Authority Key Identifier:
keyid:92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:c2:a6:cf:67:fb:5d:50:d2:d2:29:88:9e:99:f3:62:40:28:
0c:d4:91:26:44:f1:1f:94:55:f8:a8:aa:cd:4a:3a:62:07:e4:
c7:f5:f1:46:95:a1:f2:9a:a1:e5:84:16:47:f7:72:90:66:38:
83:fd:89:2a:ea:0c:bd:5c:c0:0a:b2:51:24:16:f6:ce:ce:58:
ed:c5:34:0f:74:4e:45:3d:14:56:b1:b5:fd:9f:d2:43:8b:c1:
98:c6:ef:31:24:5b:f2:15:e7:a2:a4:79:25:4e:ef:fd:bd:0a:
33:9e:b7:af:dd:92:d2:21:fb:8a:31:95:42:ec:92:7c:64:d0:
c4:9f:37:3f:30:8b:fb:eb:b8:e6:c6:3f:1c:1d:6f:0f:3b:6f:
6b:22:c0:ed:a0:22:48:a9:23:e6:1d:4a:60:b4:89:f7:25:68:
82:62:4b:fc:3e:5a:fc:43:e9:d2:20:f6:be:f5:d8:d6:28:53:
a6:16:da:61:39:72:6d:45:60:cf:65:56:c6:fc:b0:37:c9:70:
cd:13:e4:ef:22:c7:72:cd:33:79:69:c3:c3:c4:ad:41:0d:3a:
9b:9d:c9:67:61:7c:5c:99:93:a2:42:ac:0e:c1:bc:68:24:a8:
3d:8a:7f:4d:30:bf:b6:5e:be:30:e2:ec:68:2b:0a:04:43:e0:
d1:e9:6d:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkzE54v4idk2CvrgME8OdElMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMThjZDI1ZWJmNzRjYjFiMDA0YjAxZWU1MDU1MDNmZmYy
NDZkNjEwHhcNMjUwOTEwMTAwMjI3WhcNMjUwOTExMTAwMjI3WjAzMTEwLwYDVQQD
EygwMjFhMTg2NzMyM2U3Zjc4YjIwZjU1MDE0YjVhNjkxNmJjNjg5NTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCEl5HV0VQJZTfSgeT5ZW0by0pIF
Jr2L412/t5UXhE0SevUMNYxHyiCsk2FwkavEA2MgSThXQ2fMKc89QEbzh6Ml+BRi
MU8FGwxtdooVJiXKnlv2L9UaG8308mZMly9nIy3KvqxvffBzGXxvjdQiIDRQBtxI
dMtaOURTgUHUgapbvHP0HkHRl7ZEdLjmAArWpdDUMNVx5JSDrreXYyUfUxgt1NYX
0f/gcTEFu7HnPpu6FiQwzs6WX10buSWWHmwyZ52cUiloDk9tuXMvvSmr2KurK7LH
EYYXCP9hHvVQJUhy5m0htjae/FSk9LxlEa4KAVYfRbsCtXgf6AobbudRPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAIaGGcyPn94sg9VAUtaaRa8aJVpMB8GA1UdIwQY
MBaAFJIYzSXr90yxsASwHuUFUD//JG1hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUt
YmM4NzdjZTkwNjFhLzEva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUtYmM4NzdjZTkwNjFh
LzEva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbcKmz2f7
XVDS0imInpnzYkAoDNSRJkTxH5RV+KiqzUo6Ygfkx/XxRpWh8pqh5YQWR/dykGY4
g/2JKuoMvVzACrJRJBb2zs5Y7cU0D3RORT0UVrG1/Z/SQ4vBmMbvMSRb8hXnoqR5
JU7v/b0KM563r92S0iH7ijGVQuySfGTQxJ83PzCL++u45sY/HB1vDztvayLA7aAi
SKkj5h1KYLSJ9yVogmJL/D5a/EPp0iD2vvXY1ihTphbaYTlybUVgz2VWxvywN8lw
zRPk7yLHcs0zeWnDw8StQQ06m53JZ2F8XJmTokKsDsG8aCSoPYp/TTC/tl6+MOLs
aCsKBEPg0eltlA==
-----END CERTIFICATE-----
Generated at Wed Sep 10 13:49:48 2025 by rpki-client