Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
File: KHtQElUXlEJ0oUa7rNZOaRog-gY.mft (raw, json)
Hash identifier: 1oEA0qnwJgXJLugGfHbB1ZIw8mhqZzI4oKbuVHVRp+s=
Subject key identifier: F1:9E:6C:35:78:9B:C0:48:BE:1F:35:35:01:77:58:E2:CA:05:6B:94
Authority key identifier: 28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06
Certificate issuer: /CN=287b50125517944274a146bbacd64e691a20fa06
Certificate serial: 0199FFC820E774B13F8249327B14D505DB2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
Manifest number: 0F8E
Signing time: Mon 20 Oct 2025 04:02:09 +0000
Manifest this update: Mon 20 Oct 2025 04:02:09 +0000
Manifest next update: Tue 21 Oct 2025 04:02:09 +0000
Files and hashes: 1: KHtQElUXlEJ0oUa7rNZOaRog-gY.crl (hash: 6EctjdCAjlU4+30zC1fnOTYstWDg34QqzhD7pUfx9Xw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 04:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:c8:20:e7:74:b1:3f:82:49:32:7b:14:d5:05:db:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=287b50125517944274a146bbacd64e691a20fa06
Validity
Not Before: Oct 20 04:02:09 2025 GMT
Not After : Oct 21 04:02:09 2025 GMT
Subject: CN=f19e6c35789bc048be1f3535017758e2ca056b94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7b:2b:bb:15:48:f7:c8:25:b1:54:d8:04:86:
ec:9e:53:72:50:32:df:a6:96:62:f1:4a:b3:a5:16:
be:11:b7:d0:c4:fc:be:e6:b3:66:34:c5:1a:c3:7d:
69:08:44:80:56:97:d0:bd:07:ad:b3:8b:6c:a2:57:
24:a2:6a:eb:c2:1c:b1:79:24:18:91:a5:ca:5f:1c:
a9:fb:46:76:4d:05:e7:2d:1e:5d:fb:32:c6:87:12:
36:4e:c9:15:31:27:3a:2c:5e:70:89:0a:96:45:51:
f0:b2:71:b5:15:80:4d:5c:4b:b7:b6:b5:63:be:d1:
9b:0f:33:12:d8:44:29:47:5f:93:8f:22:ed:dc:af:
83:b5:c5:0a:c3:9d:7f:cd:d8:38:97:28:1b:9f:8e:
8f:56:c1:3a:3d:14:20:f4:8d:00:c8:cc:8e:b1:a8:
de:70:3c:56:e8:70:48:69:5a:b2:16:b1:1e:75:96:
c6:7a:73:98:48:93:e3:f2:40:6c:af:eb:f2:f2:e1:
cd:79:b7:52:4b:17:66:d6:89:c9:29:5b:da:41:cb:
f4:16:64:89:f9:df:20:6e:da:0d:0f:8c:7d:63:59:
03:5d:6c:1a:7d:66:65:60:0c:44:3d:f7:37:dd:33:
67:1c:03:ba:df:18:99:26:16:04:36:f4:0a:67:2d:
44:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:9E:6C:35:78:9B:C0:48:BE:1F:35:35:01:77:58:E2:CA:05:6B:94
X509v3 Authority Key Identifier:
keyid:28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:3d:eb:fe:3b:1f:51:9a:9c:54:a9:74:af:f2:80:77:0b:fd:
b5:6b:86:cd:bb:a6:f8:2f:07:46:46:40:01:df:41:5f:a2:e8:
80:2d:c7:bc:38:c9:53:aa:7e:a6:1a:3a:f8:12:e8:d4:ec:a6:
a7:e8:95:6d:38:36:1f:0f:c4:1c:9e:9a:37:cb:eb:62:a3:49:
b4:12:0b:7c:ba:47:be:63:e3:0a:4f:cb:83:c4:35:3f:c9:00:
a2:4a:b8:c2:ab:3a:cf:b6:14:d8:11:2b:a1:82:b4:0e:e5:81:
b5:00:8d:db:14:52:79:06:c5:9c:89:d0:68:f5:a6:a1:b4:0e:
90:27:fc:7e:09:2a:5b:32:0e:17:77:5f:d6:77:0b:d3:a0:9c:
d8:41:93:46:ae:2c:42:92:96:92:b0:90:e4:5b:bb:40:6b:26:
a9:fb:66:94:5b:c0:30:5a:b4:5d:3f:c0:3f:de:23:58:2b:28:
05:aa:6c:cc:14:30:01:d4:c1:03:75:c1:a3:e6:df:35:73:3c:
5e:1a:64:75:21:68:3a:cb:4e:4d:56:2b:0c:51:e5:4c:cc:90:
67:9c:9a:e2:ef:36:45:b9:92:26:78:be:1b:db:a3:6e:a6:2c:
50:11:a3:cc:78:6f:e2:9c:fc:12:00:8c:32:41:de:77:e8:8d:
56:20:b1:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yCDndLE/gkkyexTVBdssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2I1MDEyNTUxNzk0NDI3NGExNDZiYmFjZDY0ZTY5MWEy
MGZhMDYwHhcNMjUxMDIwMDQwMjA5WhcNMjUxMDIxMDQwMjA5WjAzMTEwLwYDVQQD
EyhmMTllNmMzNTc4OWJjMDQ4YmUxZjM1MzUwMTc3NThlMmNhMDU2Yjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXsruxVI98glsVTYBIbsnlNyUDLf
ppZi8UqzpRa+EbfQxPy+5rNmNMUaw31pCESAVpfQvQets4tsolckomrrwhyxeSQY
kaXKXxyp+0Z2TQXnLR5d+zLGhxI2TskVMSc6LF5wiQqWRVHwsnG1FYBNXEu3trVj
vtGbDzMS2EQpR1+TjyLt3K+DtcUKw51/zdg4lygbn46PVsE6PRQg9I0AyMyOsaje
cDxW6HBIaVqyFrEedZbGenOYSJPj8kBsr+vy8uHNebdSSxdm1onJKVvaQcv0FmSJ
+d8gbtoND4x9Y1kDXWwafWZlYAxEPfc33TNnHAO63xiZJhYENvQKZy1EWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPGebDV4m8BIvh81NQF3WOLKBWuUMB8GA1UdIwQY
MBaAFCh7UBJVF5RCdKFGu6zWTmkaIPoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgt
YWFiNmM4YmE1YmQ0LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgtYWFiNmM4YmE1YmQ0
LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACD3r/jsf
UZqcVKl0r/KAdwv9tWuGzbum+C8HRkZAAd9BX6LogC3HvDjJU6p+pho6+BLo1Oym
p+iVbTg2Hw/EHJ6aN8vrYqNJtBILfLpHvmPjCk/Lg8Q1P8kAokq4wqs6z7YU2BEr
oYK0DuWBtQCN2xRSeQbFnInQaPWmobQOkCf8fgkqWzIOF3df1ncL06Cc2EGTRq4s
QpKWkrCQ5Fu7QGsmqftmlFvAMFq0XT/AP94jWCsoBapszBQwAdTBA3XBo+bfNXM8
XhpkdSFoOstOTVYrDFHlTMyQZ5ya4u82RbmSJni+G9ujbqYsUBGjzHhv4pz8EgCM
MkHed+iNViCxKQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:45:03 2025 by rpki-client