Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/kmhshS82--n8i-d8QJtSJqbuVNU.mft
File: kmhshS82--n8i-d8QJtSJqbuVNU.mft (raw, json)
Hash identifier: ZewaGmmexy/G3fOi5pBqGFtJeQqmDsmeQQDAX9ySYzI=
Subject key identifier: AD:54:37:05:BD:63:CB:A1:03:8A:D7:3B:69:3F:8E:B6:49:63:8D:87
Authority key identifier: 92:68:6C:85:2F:36:FB:E9:FC:8B:E7:7C:40:9B:52:26:A6:EE:54:D5
Certificate issuer: /CN=92686c852f36fbe9fc8be77c409b5226a6ee54d5
Certificate serial: 019A725CD7069B0602BB7CC7C472370CD4F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmhshS82--n8i-d8QJtSJqbuVNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/kmhshS82--n8i-d8QJtSJqbuVNU.mft
Manifest number: 1722
Signing time: Tue 11 Nov 2025 10:01:18 +0000
Manifest this update: Tue 11 Nov 2025 10:01:18 +0000
Manifest next update: Wed 12 Nov 2025 10:01:18 +0000
Files and hashes: 1: IvJ7HvT-6tCK5GKbaPNyk54ml9M.roa (hash: 7zWh/VLAgd5GsVxZJpmQ4YamOZV0jGAf5fVHM29zO30=)
2: kmhshS82--n8i-d8QJtSJqbuVNU.crl (hash: atmTT1dsSdfRxBjX+101gmuqst4VbSWOHlTbBLx/kDc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/kmhshS82--n8i-d8QJtSJqbuVNU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/kmhshS82--n8i-d8QJtSJqbuVNU.mft
rsync://rpki.ripe.net/repository/DEFAULT/kmhshS82--n8i-d8QJtSJqbuVNU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:d7:06:9b:06:02:bb:7c:c7:c4:72:37:0c:d4:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92686c852f36fbe9fc8be77c409b5226a6ee54d5
Validity
Not Before: Nov 11 10:01:18 2025 GMT
Not After : Nov 12 10:01:18 2025 GMT
Subject: CN=ad543705bd63cba1038ad73b693f8eb649638d87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a7:44:9e:40:56:98:fe:6a:38:4d:ab:0f:15:
9f:c0:ef:ea:20:7f:4c:f5:c6:b8:1d:70:8c:14:b0:
74:40:c6:5c:ef:12:7b:d2:6b:db:36:04:f3:f2:84:
8f:45:43:c5:4a:ba:61:13:7c:4c:0d:fd:21:23:fc:
79:e8:83:a7:e0:6a:a8:18:c2:cb:c0:6b:33:9c:08:
9e:8e:56:6f:7d:d7:9d:9d:43:db:c4:6f:7a:5a:3e:
c2:1e:38:06:7a:0c:f9:7f:6e:ac:16:15:1b:c4:52:
e9:5e:49:c9:8d:11:58:ca:8d:28:18:13:80:7d:23:
b2:d7:13:29:78:a0:e7:8e:2a:78:a0:2e:09:08:58:
7a:22:44:d4:e9:44:0f:71:af:3e:17:be:b1:2c:de:
7f:b8:b4:e5:5e:c9:99:66:4d:3e:a4:52:27:79:f4:
c1:0f:79:85:f6:ce:18:8d:78:da:1a:f2:4c:6c:69:
9e:57:ab:c8:37:47:20:32:f2:35:80:7e:a1:72:6e:
85:4e:ed:18:5d:3b:c4:f6:a0:9b:40:d0:95:cf:29:
87:fd:b3:33:d1:c0:59:be:a5:8f:f8:47:12:02:29:
61:6c:b5:f7:22:b1:33:97:e3:51:64:bb:aa:8c:2b:
3f:dd:c3:07:f2:87:c4:fa:0a:b4:e0:a0:3a:df:4b:
17:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:54:37:05:BD:63:CB:A1:03:8A:D7:3B:69:3F:8E:B6:49:63:8D:87
X509v3 Authority Key Identifier:
keyid:92:68:6C:85:2F:36:FB:E9:FC:8B:E7:7C:40:9B:52:26:A6:EE:54:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmhshS82--n8i-d8QJtSJqbuVNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/kmhshS82--n8i-d8QJtSJqbuVNU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/kmhshS82--n8i-d8QJtSJqbuVNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:3a:bd:f7:cf:0a:56:dc:31:c7:08:f9:b5:ac:af:9f:6a:6d:
58:b5:fc:20:ad:b5:ba:c7:de:ce:8d:29:4d:6d:98:51:14:66:
91:15:80:f4:91:b0:f4:6f:4c:6d:e2:e8:f9:b5:e4:76:5c:c1:
82:bc:e1:99:57:12:55:c0:27:22:e4:38:38:b6:b0:4f:cf:8d:
0f:f0:57:85:10:f4:cd:26:08:80:22:ae:11:f0:df:c9:3c:81:
d4:3c:8a:4b:1b:a4:88:36:88:31:61:a4:f9:5f:70:ea:af:8d:
d3:80:5d:b2:03:6d:66:e6:63:9d:ed:8c:70:7c:ef:ca:fd:00:
7c:db:9e:ba:b0:2a:8a:d0:ee:d0:bd:27:92:35:62:fc:11:5e:
b4:ec:75:fb:e5:1f:26:93:44:92:e8:ee:cd:8a:20:9e:37:b0:
04:5e:e6:6f:12:26:6c:ad:9c:00:73:8b:e8:c7:5e:63:ee:d8:
1a:34:16:14:db:ba:a1:af:bb:4c:5b:6a:90:90:79:77:cf:81:
c6:d6:dd:73:71:58:36:d7:37:0f:9d:9a:90:0c:26:0c:4b:51:
73:d0:42:2f:e9:bf:f0:28:1e:31:6c:57:33:a7:9a:7f:ba:56:
a4:cb:92:ae:8d:01:5d:6f:b8:43:20:f7:d6:59:98:40:4c:4a:
c0:31:f2:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXNcGmwYCu3zHxHI3DNT2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNjg2Yzg1MmYzNmZiZTlmYzhiZTc3YzQwOWI1MjI2YTZl
ZTU0ZDUwHhcNMjUxMTExMTAwMTE4WhcNMjUxMTEyMTAwMTE4WjAzMTEwLwYDVQQD
EyhhZDU0MzcwNWJkNjNjYmExMDM4YWQ3M2I2OTNmOGViNjQ5NjM4ZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAladEnkBWmP5qOE2rDxWfwO/qIH9M
9ca4HXCMFLB0QMZc7xJ70mvbNgTz8oSPRUPFSrphE3xMDf0hI/x56IOn4GqoGMLL
wGsznAiejlZvfdednUPbxG96Wj7CHjgGegz5f26sFhUbxFLpXknJjRFYyo0oGBOA
fSOy1xMpeKDnjip4oC4JCFh6IkTU6UQPca8+F76xLN5/uLTlXsmZZk0+pFInefTB
D3mF9s4YjXjaGvJMbGmeV6vIN0cgMvI1gH6hcm6FTu0YXTvE9qCbQNCVzymH/bMz
0cBZvqWP+EcSAilhbLX3IrEzl+NRZLuqjCs/3cMH8ofE+gq04KA630sXXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK1UNwW9Y8uhA4rXO2k/jrZJY42HMB8GA1UdIwQY
MBaAFJJobIUvNvvp/IvnfECbUiam7lTVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva21oc2hTODItLW44aS1kOFFKdFNKcWJ1Vk5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9kNTU5YjItNGIzMy00ZjhkLTlkMjEt
YmE3MWZiZGIwMzc0LzEva21oc2hTODItLW44aS1kOFFKdFNKcWJ1Vk5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9kNTU5YjItNGIzMy00ZjhkLTlkMjEtYmE3MWZiZGIwMzc0
LzEva21oc2hTODItLW44aS1kOFFKdFNKcWJ1Vk5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADDq9988K
Vtwxxwj5tayvn2ptWLX8IK21usfezo0pTW2YURRmkRWA9JGw9G9MbeLo+bXkdlzB
grzhmVcSVcAnIuQ4OLawT8+ND/BXhRD0zSYIgCKuEfDfyTyB1DyKSxukiDaIMWGk
+V9w6q+N04BdsgNtZuZjne2McHzvyv0AfNueurAqitDu0L0nkjVi/BFetOx1++Uf
JpNEkujuzYognjewBF7mbxImbK2cAHOL6MdeY+7YGjQWFNu6oa+7TFtqkJB5d8+B
xtbdc3FYNtc3D52akAwmDEtRc9BCL+m/8CgeMWxXM6eaf7pWpMuSro0BXW+4QyD3
1lmYQExKwDHyRQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:46 2025 by rpki-client