Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
File: KhmTnyGLthMV6bOzez24WWCXXRQ.mft (raw, json)
Hash identifier: 8Z+c+QUmnAy41uK/jnKcWV2sdQ6aQM19hv5MwsLlhQU=
Subject key identifier: EB:8F:56:C8:5A:92:81:B0:83:A8:BC:3C:56:A5:6F:2B:AB:C3:F1:41
Authority key identifier: 2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14
Certificate issuer: /CN=2a19939f218bb61315e9b3b37b3db85960975d14
Certificate serial: 019922C314BDA27ABB65317B54A8F74AD5DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
Manifest number: 106C
Signing time: Sun 07 Sep 2025 06:00:34 +0000
Manifest this update: Sun 07 Sep 2025 06:00:34 +0000
Manifest next update: Mon 08 Sep 2025 06:00:34 +0000
Files and hashes: 1: ICnu7sUwpSSY15uEDFVsgADJKAc.roa (hash: OMIgQNcZqzMDzM+I0pk5KXUbjDdmpf89SBEO3vtX8ZE=)
2: KhmTnyGLthMV6bOzez24WWCXXRQ.crl (hash: j12MR8wK9CyierMOz6HOI8UongOgfnAt7N3qsVpKalw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c3:14:bd:a2:7a:bb:65:31:7b:54:a8:f7:4a:d5:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a19939f218bb61315e9b3b37b3db85960975d14
Validity
Not Before: Sep 7 06:00:34 2025 GMT
Not After : Sep 8 06:00:34 2025 GMT
Subject: CN=eb8f56c85a9281b083a8bc3c56a56f2babc3f141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:18:05:fc:36:0a:2f:5a:7b:f4:5e:70:0f:1a:
ef:26:be:21:2e:6b:bc:aa:8e:89:f4:bf:93:0d:59:
30:75:1f:4f:2e:f9:0a:ee:4e:24:f5:2a:b4:b0:8e:
40:82:88:d2:2e:27:8c:6c:a3:4d:ce:54:9d:59:3f:
b3:d4:d3:00:91:87:21:87:c9:7e:9e:99:5f:f1:a7:
fd:dc:c6:bf:46:a2:76:7b:98:0a:e7:2a:e7:ca:9d:
96:8b:f3:d4:07:1a:2e:5b:ad:67:55:83:a6:3a:08:
7c:9b:0c:24:7d:fe:27:36:9e:d3:46:46:2e:1c:a7:
f8:d7:42:1e:a5:18:2a:38:3c:4a:d0:5a:b7:e9:25:
41:bc:3f:fd:83:8f:95:e1:9d:1a:0b:b0:83:66:fb:
a5:84:e2:7c:d1:1d:71:5a:48:9f:ff:21:57:47:11:
2f:43:90:3c:8a:99:cf:c6:ff:a1:57:68:21:39:ba:
71:dc:ab:f9:5c:b2:df:85:b4:32:63:0f:f2:ff:35:
03:e9:c1:c7:b9:f9:b1:9e:2a:b9:18:c8:05:bf:eb:
ca:6f:a5:bc:1e:97:89:74:c5:9a:67:a0:7e:fe:39:
d3:51:2f:be:4f:91:58:d4:3b:0c:f4:ac:40:3f:46:
81:d9:20:20:36:44:f6:7b:1b:9a:2b:67:2c:b2:2e:
03:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:8F:56:C8:5A:92:81:B0:83:A8:BC:3C:56:A5:6F:2B:AB:C3:F1:41
X509v3 Authority Key Identifier:
keyid:2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a2:27:b4:2b:c4:ec:7d:95:8f:ca:91:30:72:21:6f:1f:45:38:
09:a5:be:fe:43:ee:90:d0:d5:16:a6:15:59:67:12:80:e9:a3:
a8:c7:28:62:1c:b5:f2:5b:74:b7:9b:d4:b1:12:19:77:bd:18:
3f:a1:d3:03:16:6f:29:f4:d2:af:68:cf:2b:18:68:dc:49:43:
e1:c1:74:cd:0a:30:fd:7b:95:98:87:06:59:f0:df:95:4f:1d:
02:9b:94:95:c6:26:ea:15:86:7c:93:58:d0:46:1d:76:dd:51:
02:61:4c:81:68:23:31:5a:88:b3:50:35:de:ff:50:42:b0:43:
21:ae:97:6b:ad:cc:2c:c4:90:7c:f5:80:d4:81:7a:80:5d:44:
27:d9:8f:ea:32:c9:f9:ea:e4:6a:bd:42:80:d8:ac:06:ff:bd:
33:14:9c:d6:f9:1a:ae:ed:a7:54:5e:e3:89:23:30:0e:38:3a:
f9:c3:97:65:83:57:cb:a1:9f:ee:1b:42:36:fe:02:9a:9f:69:
52:34:16:0e:cf:da:fc:9d:52:e1:06:70:99:68:bc:9e:d1:b1:
a5:35:14:e2:90:11:33:f9:b8:d4:39:5d:94:55:5e:ab:0e:fc:
ea:42:43:47:6f:85:02:5d:93:aa:d1:37:2a:fb:6c:64:d4:29:
f6:21:0d:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiwxS9onq7ZTF7VKj3StXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTk5MzlmMjE4YmI2MTMxNWU5YjNiMzdiM2RiODU5NjA5
NzVkMTQwHhcNMjUwOTA3MDYwMDM0WhcNMjUwOTA4MDYwMDM0WjAzMTEwLwYDVQQD
EyhlYjhmNTZjODVhOTI4MWIwODNhOGJjM2M1NmE1NmYyYmFiYzNmMTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BgF/DYKL1p79F5wDxrvJr4hLmu8
qo6J9L+TDVkwdR9PLvkK7k4k9Sq0sI5AgojSLieMbKNNzlSdWT+z1NMAkYchh8l+
nplf8af93Ma/RqJ2e5gK5yrnyp2Wi/PUBxouW61nVYOmOgh8mwwkff4nNp7TRkYu
HKf410IepRgqODxK0Fq36SVBvD/9g4+V4Z0aC7CDZvulhOJ80R1xWkif/yFXRxEv
Q5A8ipnPxv+hV2ghObpx3Kv5XLLfhbQyYw/y/zUD6cHHufmxniq5GMgFv+vKb6W8
HpeJdMWaZ6B+/jnTUS++T5FY1DsM9KxAP0aB2SAgNkT2exuaK2cssi4DoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOuPVshakoGwg6i8PFalbyurw/FBMB8GA1UdIwQY
MBaAFCoZk58hi7YTFemzs3s9uFlgl10UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMt
ZGY1ZjIwZGQ3NmFkLzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMtZGY1ZjIwZGQ3NmFk
LzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoie0K8Ts
fZWPypEwciFvH0U4CaW+/kPukNDVFqYVWWcSgOmjqMcoYhy18lt0t5vUsRIZd70Y
P6HTAxZvKfTSr2jPKxho3ElD4cF0zQow/XuVmIcGWfDflU8dApuUlcYm6hWGfJNY
0EYddt1RAmFMgWgjMVqIs1A13v9QQrBDIa6Xa63MLMSQfPWA1IF6gF1EJ9mP6jLJ
+erkar1CgNisBv+9MxSc1vkaru2nVF7jiSMwDjg6+cOXZYNXy6Gf7htCNv4Cmp9p
UjQWDs/a/J1S4QZwmWi8ntGxpTUU4pARM/m41DldlFVeqw786kJDR2+FAl2TqtE3
KvtsZNQp9iEN0A==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:16:18 2025 by rpki-client