Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
File: KhmTnyGLthMV6bOzez24WWCXXRQ.mft (raw, json)
Hash identifier: u9F99FGB37/QRbgSCjWInRtEu4n1BVeaNjJ1x8hu43U=
Subject key identifier: 2F:5E:5D:56:28:E2:DE:A7:8F:88:13:73:AC:22:D3:79:DF:B0:99:28
Authority key identifier: 2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14
Certificate issuer: /CN=2a19939f218bb61315e9b3b37b3db85960975d14
Certificate serial: 019A70DBE662D46CC54184A3E20531D618CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
Manifest number: 1119
Signing time: Tue 11 Nov 2025 03:00:50 +0000
Manifest this update: Tue 11 Nov 2025 03:00:50 +0000
Manifest next update: Wed 12 Nov 2025 03:00:50 +0000
Files and hashes: 1: ICnu7sUwpSSY15uEDFVsgADJKAc.roa (hash: OMIgQNcZqzMDzM+I0pk5KXUbjDdmpf89SBEO3vtX8ZE=)
2: KhmTnyGLthMV6bOzez24WWCXXRQ.crl (hash: V3Bs5bdYukSzoZIetE+QhW8S+kqIARLtEJVW7Rbv+sM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:db:e6:62:d4:6c:c5:41:84:a3:e2:05:31:d6:18:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a19939f218bb61315e9b3b37b3db85960975d14
Validity
Not Before: Nov 11 03:00:50 2025 GMT
Not After : Nov 12 03:00:50 2025 GMT
Subject: CN=2f5e5d5628e2dea78f881373ac22d379dfb09928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:bb:3c:2a:9f:a3:b7:6a:64:b0:97:2a:27:d5:
80:f4:dc:56:dd:57:c4:4e:fa:b3:d3:6f:68:78:9e:
53:e3:ea:3a:ce:90:7b:3a:13:52:b1:60:10:04:2b:
a1:02:98:46:ff:05:bb:0e:c1:f0:9a:67:73:4b:9b:
06:39:7a:d1:51:fa:0f:90:df:53:51:ac:f0:8f:44:
50:27:a6:ef:eb:28:92:67:6a:51:fc:33:4b:93:d1:
3c:bb:7d:6e:96:53:9b:94:eb:4e:f6:25:6b:75:b7:
56:f3:b6:c4:e6:88:93:d2:ee:e0:5d:be:bc:b0:84:
dd:1e:86:dd:56:85:96:9c:29:c9:8d:e4:6d:05:6a:
7b:fb:14:55:a1:76:97:08:aa:d5:0b:da:b5:61:4d:
a1:f6:df:e7:21:39:f2:77:30:a2:05:3d:2d:f6:9d:
f9:9d:01:9f:7d:a4:e0:98:7e:df:f6:e6:e3:2e:80:
f6:3a:fd:2d:95:ec:df:41:70:a1:76:44:6b:7a:94:
f1:e4:a0:68:c2:ea:e3:ba:2f:be:3e:53:17:eb:5d:
14:17:de:ef:fa:23:1c:1b:b4:dc:f0:5e:9b:b4:d5:
f9:e9:42:ea:55:1b:d2:3a:75:f2:ff:9f:a1:28:e8:
05:ff:f9:1a:f5:71:b0:a2:91:f1:a4:ef:6f:93:c6:
a9:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:5E:5D:56:28:E2:DE:A7:8F:88:13:73:AC:22:D3:79:DF:B0:99:28
X509v3 Authority Key Identifier:
keyid:2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bc:3e:fe:a5:4d:77:97:5c:e4:db:84:8b:b9:22:e5:0a:f9:e0:
46:63:a7:eb:88:d5:1e:fc:5b:41:7e:68:14:fa:6d:ec:62:e7:
a0:58:a7:97:c5:19:41:67:cd:6e:f9:85:6a:2d:0d:31:60:73:
c6:26:92:1a:3a:a5:60:49:d4:b6:60:b3:09:4c:82:48:14:92:
ee:25:8c:9b:23:1b:e9:73:64:5e:10:9d:4d:d1:bc:5b:48:df:
cf:6b:b5:d4:e0:e0:fe:df:d4:36:54:9d:15:12:b8:50:8f:92:
87:17:02:b7:71:a5:67:8c:8d:e3:5c:30:07:24:6d:b4:34:36:
1d:49:84:08:1c:34:17:8b:0f:38:c2:f5:8c:e3:7c:b8:69:64:
2f:1d:9a:d4:56:c8:6e:20:48:2f:69:fc:0a:96:e2:ab:51:22:
21:4d:fb:5f:6b:01:06:b6:32:67:74:0c:d8:af:8c:c0:26:ff:
c6:e7:a5:1a:cf:6b:29:45:d2:a1:cb:44:9b:2a:2b:13:fe:13:
80:a7:f9:50:53:7c:d2:c8:7b:21:f5:6a:5c:e7:91:75:f5:17:
7d:c1:bb:0f:97:ba:0a:45:27:f6:cf:9c:8b:85:4a:29:cb:de:
a9:3a:a4:46:6e:b2:9b:18:50:e8:c0:b3:31:08:60:9e:11:3d:
28:f3:c6:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw2+Zi1GzFQYSj4gUx1hjNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTk5MzlmMjE4YmI2MTMxNWU5YjNiMzdiM2RiODU5NjA5
NzVkMTQwHhcNMjUxMTExMDMwMDUwWhcNMjUxMTEyMDMwMDUwWjAzMTEwLwYDVQQD
EygyZjVlNWQ1NjI4ZTJkZWE3OGY4ODEzNzNhYzIyZDM3OWRmYjA5OTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbs8Kp+jt2pksJcqJ9WA9NxW3VfE
Tvqz029oeJ5T4+o6zpB7OhNSsWAQBCuhAphG/wW7DsHwmmdzS5sGOXrRUfoPkN9T
Uazwj0RQJ6bv6yiSZ2pR/DNLk9E8u31ullOblOtO9iVrdbdW87bE5oiT0u7gXb68
sITdHobdVoWWnCnJjeRtBWp7+xRVoXaXCKrVC9q1YU2h9t/nITnydzCiBT0t9p35
nQGffaTgmH7f9ubjLoD2Ov0tlezfQXChdkRrepTx5KBowurjui++PlMX610UF97v
+iMcG7Tc8F6btNX56ULqVRvSOnXy/5+hKOgF//ka9XGwopHxpO9vk8ap2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC9eXVYo4t6nj4gTc6wi03nfsJkoMB8GA1UdIwQY
MBaAFCoZk58hi7YTFemzs3s9uFlgl10UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMt
ZGY1ZjIwZGQ3NmFkLzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMtZGY1ZjIwZGQ3NmFk
LzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvD7+pU13
l1zk24SLuSLlCvngRmOn64jVHvxbQX5oFPpt7GLnoFinl8UZQWfNbvmFai0NMWBz
xiaSGjqlYEnUtmCzCUyCSBSS7iWMmyMb6XNkXhCdTdG8W0jfz2u11ODg/t/UNlSd
FRK4UI+ShxcCt3GlZ4yN41wwByRttDQ2HUmECBw0F4sPOML1jON8uGlkLx2a1FbI
biBIL2n8Cpbiq1EiIU37X2sBBrYyZ3QM2K+MwCb/xuelGs9rKUXSoctEmyorE/4T
gKf5UFN80sh7IfVqXOeRdfUXfcG7D5e6CkUn9s+ci4VKKcveqTqkRm6ymxhQ6MCz
MQhgnhE9KPPGaQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:41:02 2025 by rpki-client