Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
File: KHtQElUXlEJ0oUa7rNZOaRog-gY.mft (raw, json)
Hash identifier: aOyS9dYSTzzzCRIeOxMQHub26RgzWupnTduYiQGt6SA=
Subject key identifier: B6:98:1B:B8:BB:B9:F7:EF:34:34:27:37:7B:B7:0F:4A:91:AE:EB:C4
Authority key identifier: 28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06
Certificate issuer: /CN=287b50125517944274a146bbacd64e691a20fa06
Certificate serial: 0198D660E692F03ECE3EB13F3A1D235E3E69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
Manifest number: 0EF4
Signing time: Sat 23 Aug 2025 10:02:11 +0000
Manifest this update: Sat 23 Aug 2025 10:02:11 +0000
Manifest next update: Sun 24 Aug 2025 10:02:11 +0000
Files and hashes: 1: KHtQElUXlEJ0oUa7rNZOaRog-gY.crl (hash: oa2sFKnTtz4Pg0tuSbYEWg3qWVdiC9MBROt6aHNMokw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:60:e6:92:f0:3e:ce:3e:b1:3f:3a:1d:23:5e:3e:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=287b50125517944274a146bbacd64e691a20fa06
Validity
Not Before: Aug 23 10:02:11 2025 GMT
Not After : Aug 24 10:02:11 2025 GMT
Subject: CN=b6981bb8bbb9f7ef343427377bb70f4a91aeebc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:93:ec:af:59:d0:89:39:57:2b:33:d9:73:ae:
39:d1:f0:cc:32:07:e5:f6:fb:39:bb:f2:91:70:39:
d6:95:20:e0:90:d5:04:44:17:97:2c:a4:24:45:61:
36:43:1f:81:e7:28:ad:85:21:28:10:53:48:8f:aa:
8e:21:3a:84:de:16:38:7e:d3:2c:14:37:4d:6f:cc:
40:5f:71:4e:e7:d9:7a:88:02:26:13:be:85:79:50:
d1:c2:43:4f:b0:8c:3e:4f:4d:e7:ba:92:c4:b2:bd:
67:bf:9d:fc:a0:1d:92:c7:4e:05:51:ad:1d:4d:54:
14:df:01:46:66:c5:88:17:cb:93:95:2b:37:e7:83:
ce:0d:fc:af:f3:c8:cb:78:95:4e:fb:f3:4f:83:01:
36:db:c2:79:99:ac:80:51:88:c4:79:12:f2:5a:d2:
01:40:d9:99:dd:ea:d7:7a:f9:48:e5:55:ab:6a:bf:
ce:7d:dd:3c:04:be:02:36:20:d0:f3:19:38:57:4d:
66:63:0f:c6:8d:5f:cb:a9:1b:8e:fa:2c:3f:37:5e:
e4:f9:50:93:1c:65:2a:49:93:be:87:ca:e7:c0:ad:
60:ac:f8:94:9f:f9:b6:98:22:72:69:8d:19:06:69:
bd:26:68:a8:96:4c:6d:a2:89:3d:b8:c9:95:97:db:
60:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:98:1B:B8:BB:B9:F7:EF:34:34:27:37:7B:B7:0F:4A:91:AE:EB:C4
X509v3 Authority Key Identifier:
keyid:28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a6:2b:f9:48:54:1a:ce:c2:fd:c5:e1:85:63:e7:ad:7f:c6:7d:
72:96:68:03:2b:1a:ac:14:a5:33:41:bc:8d:21:4d:7f:cf:87:
ec:ab:ed:c9:2f:d4:95:ab:70:8d:20:fe:ec:85:42:71:ab:62:
2d:58:f4:13:78:4c:84:b9:c1:4e:85:4e:c5:9d:e7:89:7f:26:
41:05:92:2b:f5:cc:f9:55:9c:5d:86:05:19:01:ea:21:32:f2:
93:08:7e:ad:88:b6:d4:c4:40:93:32:4a:d9:8d:18:59:96:bc:
c9:f4:dc:7d:3e:52:85:56:b7:68:8a:be:4a:56:25:29:6b:5d:
49:ee:2e:60:e4:3e:f1:48:62:66:fa:6d:36:7b:78:4b:9d:5d:
9a:3e:76:7a:b8:24:1a:62:69:89:ef:17:36:d2:00:44:4a:24:
a1:35:2f:a3:d9:5c:d6:3b:a2:12:c5:67:a6:84:5f:54:25:60:
f3:8d:5f:c9:5a:fb:f1:32:83:d3:90:9e:78:59:37:aa:01:4f:
16:fb:b4:10:9f:fc:bc:fe:e2:a8:41:d8:cc:98:bb:7a:c2:17:
64:bb:32:11:59:9b:64:1d:f9:a9:5a:a0:e6:50:64:4c:4b:2b:
42:08:33:67:85:df:30:f2:f7:a1:9f:07:33:cb:64:68:00:51:
08:cb:20:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYOaS8D7OPrE/Oh0jXj5pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2I1MDEyNTUxNzk0NDI3NGExNDZiYmFjZDY0ZTY5MWEy
MGZhMDYwHhcNMjUwODIzMTAwMjExWhcNMjUwODI0MTAwMjExWjAzMTEwLwYDVQQD
EyhiNjk4MWJiOGJiYjlmN2VmMzQzNDI3Mzc3YmI3MGY0YTkxYWVlYmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupPsr1nQiTlXKzPZc6450fDMMgfl
9vs5u/KRcDnWlSDgkNUERBeXLKQkRWE2Qx+B5yithSEoEFNIj6qOITqE3hY4ftMs
FDdNb8xAX3FO59l6iAImE76FeVDRwkNPsIw+T03nupLEsr1nv538oB2Sx04FUa0d
TVQU3wFGZsWIF8uTlSs354PODfyv88jLeJVO+/NPgwE228J5mayAUYjEeRLyWtIB
QNmZ3erXevlI5VWrar/Ofd08BL4CNiDQ8xk4V01mYw/GjV/LqRuO+iw/N17k+VCT
HGUqSZO+h8rnwK1grPiUn/m2mCJyaY0ZBmm9Jmiolkxtook9uMmVl9tg2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLaYG7i7uffvNDQnN3u3D0qRruvEMB8GA1UdIwQY
MBaAFCh7UBJVF5RCdKFGu6zWTmkaIPoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgt
YWFiNmM4YmE1YmQ0LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgtYWFiNmM4YmE1YmQ0
LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApiv5SFQa
zsL9xeGFY+etf8Z9cpZoAysarBSlM0G8jSFNf8+H7KvtyS/UlatwjSD+7IVCcati
LVj0E3hMhLnBToVOxZ3niX8mQQWSK/XM+VWcXYYFGQHqITLykwh+rYi21MRAkzJK
2Y0YWZa8yfTcfT5ShVa3aIq+SlYlKWtdSe4uYOQ+8UhiZvptNnt4S51dmj52ergk
GmJpie8XNtIAREokoTUvo9lc1juiEsVnpoRfVCVg841fyVr78TKD05CeeFk3qgFP
Fvu0EJ/8vP7iqEHYzJi7esIXZLsyEVmbZB35qVqg5lBkTEsrQggzZ4XfMPL3oZ8H
M8tkaABRCMsgdw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:14:36 2025 by rpki-client