Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
File: kh2gU5IfUoNniBiPgvYt1aqXP-k.mft (raw, json)
Hash identifier: /sE2Wrkc0XMhUZzE7V060gMuAXdIntfmxJiuLtedjBQ=
Subject key identifier: 30:82:1B:31:A3:9E:18:3C:E8:E9:A4:55:7C:59:2F:80:29:E2:78:67
Authority key identifier: 92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9
Certificate issuer: /CN=921da053921f52836788188f82f62dd5aa973fe9
Certificate serial: 019A7225EF88DF00E9995ECB6A1688CF1EFD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
Manifest number: 0FE4
Signing time: Tue 11 Nov 2025 09:01:20 +0000
Manifest this update: Tue 11 Nov 2025 09:01:20 +0000
Manifest next update: Wed 12 Nov 2025 09:01:20 +0000
Files and hashes: 1: kh2gU5IfUoNniBiPgvYt1aqXP-k.crl (hash: kpMpT2ljq5hhVmAEPKeay3TfdvUG5iWcG5J7sErgj7I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:ef:88:df:00:e9:99:5e:cb:6a:16:88:cf:1e:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921da053921f52836788188f82f62dd5aa973fe9
Validity
Not Before: Nov 11 09:01:20 2025 GMT
Not After : Nov 12 09:01:20 2025 GMT
Subject: CN=30821b31a39e183ce8e9a4557c592f8029e27867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:2d:8d:22:12:94:b5:93:6d:07:95:88:93:24:
d5:71:7f:5e:05:cc:56:e6:66:f3:f9:76:62:2d:11:
59:ff:49:9e:94:5e:57:2d:02:e8:c5:de:7e:20:bd:
92:74:a6:32:bf:49:da:4b:02:21:cd:e3:e1:d2:cb:
cb:5f:4d:9f:a9:49:9e:15:45:cc:47:d7:39:bc:67:
d3:b6:96:0a:c8:ae:5e:f5:c1:59:aa:45:e5:af:3d:
dd:d5:4b:ab:7d:0a:48:5b:31:4f:5e:a6:23:1d:a3:
dd:1b:4c:90:92:41:b8:c7:6b:06:4f:f5:7b:dd:d2:
b4:7a:fa:77:1b:10:8b:96:b1:77:1f:2c:c6:60:86:
b5:17:e7:2f:ce:20:cb:69:69:25:a9:0b:e9:58:58:
3a:cd:c9:66:9c:8f:bd:6f:a9:9e:d3:23:63:60:e8:
ad:b2:d6:7c:41:1e:d5:7f:20:5b:53:6f:a8:18:b1:
a9:25:61:dc:8c:6f:8c:52:19:e5:32:ff:49:49:e5:
29:38:1d:b4:7e:2a:ba:17:e5:21:b5:f3:8e:2d:72:
b4:bd:14:6e:1d:31:5d:74:8c:7f:32:78:b9:f9:9f:
1e:a1:3d:2d:45:eb:3e:2f:a1:b9:ba:2b:fa:85:ef:
f7:2f:4d:80:a4:ca:a5:a2:63:9d:95:fe:01:5a:76:
34:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:82:1B:31:A3:9E:18:3C:E8:E9:A4:55:7C:59:2F:80:29:E2:78:67
X509v3 Authority Key Identifier:
keyid:92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b7:7a:7e:e0:c9:a0:b4:bd:29:7d:c6:7c:42:60:87:61:a9:c1:
a0:d4:e7:c7:74:00:bc:59:3b:b8:b7:7b:85:3f:15:88:0c:ea:
31:d6:e5:18:fa:bc:cb:12:d3:cc:67:b5:4a:58:b9:90:67:14:
ab:7e:19:d9:55:fa:59:ae:60:30:fe:89:1e:da:c3:78:19:ff:
61:ea:8e:52:75:eb:d8:c0:56:70:1d:8e:ce:db:1f:fe:39:a0:
94:f7:0a:2a:88:4c:1c:74:be:38:c8:20:52:a8:da:22:27:1b:
6d:68:53:36:00:45:d4:18:88:e2:c6:ca:69:3c:27:77:6f:99:
6b:46:23:f8:e2:38:fb:16:18:bd:b0:90:2a:fb:11:0a:ab:ee:
16:5d:7a:c2:09:54:89:ef:05:f6:39:12:5d:29:bd:f1:51:04:
5e:e6:57:d2:1e:6d:2f:51:c6:48:4b:da:c3:9e:92:31:87:0d:
04:0e:8b:c2:63:90:4e:b7:e9:44:1c:eb:a4:b9:d3:ab:18:ef:
5d:6a:e5:83:a4:e3:ef:7a:e9:c0:8f:5b:9c:c0:b7:66:74:7a:
27:9f:49:7d:6b:49:fb:03:83:0d:b0:1c:ba:1e:ea:61:74:ae:
01:65:1d:99:25:17:66:4f:3c:99:5a:b0:46:1b:d1:cb:c4:3c:
bc:a7:27:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJe+I3wDpmV7LahaIzx79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWRhMDUzOTIxZjUyODM2Nzg4MTg4ZjgyZjYyZGQ1YWE5
NzNmZTkwHhcNMjUxMTExMDkwMTIwWhcNMjUxMTEyMDkwMTIwWjAzMTEwLwYDVQQD
EygzMDgyMWIzMWEzOWUxODNjZThlOWE0NTU3YzU5MmY4MDI5ZTI3ODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8C2NIhKUtZNtB5WIkyTVcX9eBcxW
5mbz+XZiLRFZ/0melF5XLQLoxd5+IL2SdKYyv0naSwIhzePh0svLX02fqUmeFUXM
R9c5vGfTtpYKyK5e9cFZqkXlrz3d1UurfQpIWzFPXqYjHaPdG0yQkkG4x2sGT/V7
3dK0evp3GxCLlrF3HyzGYIa1F+cvziDLaWklqQvpWFg6zclmnI+9b6me0yNjYOit
stZ8QR7VfyBbU2+oGLGpJWHcjG+MUhnlMv9JSeUpOB20fiq6F+UhtfOOLXK0vRRu
HTFddIx/Mni5+Z8eoT0tRes+L6G5uiv6he/3L02ApMqlomOdlf4BWnY0xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDCCGzGjnhg86OmkVXxZL4Ap4nhnMB8GA1UdIwQY
MBaAFJIdoFOSH1KDZ4gYj4L2LdWqlz/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMt
ZWIzNDZkOWNlOWUwLzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMtZWIzNDZkOWNlOWUw
LzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt3p+4Mmg
tL0pfcZ8QmCHYanBoNTnx3QAvFk7uLd7hT8ViAzqMdblGPq8yxLTzGe1Sli5kGcU
q34Z2VX6Wa5gMP6JHtrDeBn/YeqOUnXr2MBWcB2Oztsf/jmglPcKKohMHHS+OMgg
UqjaIicbbWhTNgBF1BiI4sbKaTwnd2+Za0Yj+OI4+xYYvbCQKvsRCqvuFl16wglU
ie8F9jkSXSm98VEEXuZX0h5tL1HGSEvaw56SMYcNBA6LwmOQTrfpRBzrpLnTqxjv
XWrlg6Tj73rpwI9bnMC3ZnR6J59JfWtJ+wODDbAcuh7qYXSuAWUdmSUXZk88mVqw
RhvRy8Q8vKcnBA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:43 2025 by rpki-client