Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
File: KhmTnyGLthMV6bOzez24WWCXXRQ.mft (raw, json)
Hash identifier: GqLfwAua63+zep79VOBSatUOoFiBAWOBUJHxoG8fHcY=
Subject key identifier: C1:0D:B2:2D:B9:34:79:D2:98:A7:C5:04:BF:E5:F4:87:FE:C0:28:9C
Authority key identifier: 2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14
Certificate issuer: /CN=2a19939f218bb61315e9b3b37b3db85960975d14
Certificate serial: 0198D5836370F3873FCD0C154CFC26ED688A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
Manifest number: 1044
Signing time: Sat 23 Aug 2025 06:00:14 +0000
Manifest this update: Sat 23 Aug 2025 06:00:14 +0000
Manifest next update: Sun 24 Aug 2025 06:00:14 +0000
Files and hashes: 1: ICnu7sUwpSSY15uEDFVsgADJKAc.roa (hash: OMIgQNcZqzMDzM+I0pk5KXUbjDdmpf89SBEO3vtX8ZE=)
2: KhmTnyGLthMV6bOzez24WWCXXRQ.crl (hash: 5gCr2mTzrEddLRHzF4g4HNA8P/q90RSpvNxwySO5b/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 06:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:83:63:70:f3:87:3f:cd:0c:15:4c:fc:26:ed:68:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a19939f218bb61315e9b3b37b3db85960975d14
Validity
Not Before: Aug 23 06:00:14 2025 GMT
Not After : Aug 24 06:00:14 2025 GMT
Subject: CN=c10db22db93479d298a7c504bfe5f487fec0289c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:2e:c9:cf:78:91:2b:21:4e:00:83:d3:6d:d5:
82:c5:52:2a:e5:6a:16:b8:2a:ee:6f:39:89:c1:29:
9c:7b:70:4a:b3:15:8c:07:cf:f5:27:a8:75:1d:da:
04:46:05:75:c1:be:d0:9e:64:8d:4b:b5:bb:3c:ee:
b1:ff:21:6c:ee:5f:12:05:a8:3f:43:ab:5a:b0:d3:
99:9e:53:5a:5b:2b:57:34:36:8a:e5:fe:64:a6:35:
09:ea:f0:2c:e4:f5:0f:a8:d9:87:80:96:d4:4f:71:
be:0e:3b:08:ce:05:05:54:6c:4e:44:08:79:bc:4d:
ea:d1:11:71:f0:d7:bc:61:b0:66:b7:f2:74:2b:9e:
7f:15:4e:8b:90:01:97:19:d7:d8:aa:c0:3e:0b:cb:
f8:b5:c1:7b:8d:4e:b2:5e:a5:c5:8d:5c:c3:a4:01:
44:c2:28:eb:7c:ca:46:28:db:a7:05:cd:e6:e2:3d:
dc:27:16:ff:08:fc:0f:11:2b:5d:13:fb:f7:d1:92:
f3:f9:12:ae:45:b1:bd:8d:94:9e:fc:c2:fa:b8:57:
93:77:16:a6:8a:a4:dc:23:96:a8:73:63:f6:ac:42:
1f:d4:e6:17:eb:53:f5:22:20:28:80:f9:77:d2:f0:
95:e7:a8:fa:33:60:79:98:47:1e:7b:69:ea:54:fb:
4a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:0D:B2:2D:B9:34:79:D2:98:A7:C5:04:BF:E5:F4:87:FE:C0:28:9C
X509v3 Authority Key Identifier:
keyid:2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:c5:89:75:e6:c5:c0:1f:0c:96:cf:ba:f0:3d:0f:91:07:67:
a5:c6:f9:42:23:e2:13:0a:ff:68:a7:eb:bf:ac:ff:f8:d3:2a:
23:af:e0:fd:94:bb:44:d0:67:54:9b:ef:ed:39:90:70:ac:92:
7a:56:f2:da:c9:db:14:ac:71:92:4f:74:e0:17:d8:73:54:e3:
e4:91:d0:68:df:93:7f:db:c6:50:2e:60:fd:44:01:80:36:9f:
32:33:00:49:8e:88:8c:f2:4a:2e:6d:65:68:64:ae:e4:4b:62:
fe:05:c1:cc:98:4e:8e:67:8a:d5:10:bf:4d:36:6b:ea:f6:ac:
e3:98:a1:b7:c1:34:c7:ff:a1:f5:6d:63:34:0e:df:1d:fd:ad:
cd:6a:81:d8:75:cc:72:57:cb:8c:1b:47:76:4e:59:8a:28:50:
a9:75:5d:8f:0a:18:f8:c7:4a:28:4d:58:76:fe:56:28:31:ac:
0b:01:f3:4c:d0:85:61:b3:a9:0d:a3:30:a3:7a:7a:d2:5c:c3:
e9:44:1f:ec:fc:1a:8c:9c:03:7d:03:50:ab:97:23:f8:a6:5c:
2c:00:6f:c5:e1:ce:f5:87:2c:47:a5:a9:6b:05:77:1f:6d:81:
76:f1:cf:b1:e0:c6:36:ff:6f:07:58:26:ff:38:41:b8:e8:d3:
ff:94:a1:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg2Nw84c/zQwVTPwm7WiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTk5MzlmMjE4YmI2MTMxNWU5YjNiMzdiM2RiODU5NjA5
NzVkMTQwHhcNMjUwODIzMDYwMDE0WhcNMjUwODI0MDYwMDE0WjAzMTEwLwYDVQQD
EyhjMTBkYjIyZGI5MzQ3OWQyOThhN2M1MDRiZmU1ZjQ4N2ZlYzAyODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7y7Jz3iRKyFOAIPTbdWCxVIq5WoW
uCrubzmJwSmce3BKsxWMB8/1J6h1HdoERgV1wb7QnmSNS7W7PO6x/yFs7l8SBag/
Q6tasNOZnlNaWytXNDaK5f5kpjUJ6vAs5PUPqNmHgJbUT3G+DjsIzgUFVGxORAh5
vE3q0RFx8Ne8YbBmt/J0K55/FU6LkAGXGdfYqsA+C8v4tcF7jU6yXqXFjVzDpAFE
wijrfMpGKNunBc3m4j3cJxb/CPwPEStdE/v30ZLz+RKuRbG9jZSe/ML6uFeTdxam
iqTcI5aoc2P2rEIf1OYX61P1IiAogPl30vCV56j6M2B5mEcee2nqVPtKZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMENsi25NHnSmKfFBL/l9If+wCicMB8GA1UdIwQY
MBaAFCoZk58hi7YTFemzs3s9uFlgl10UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMt
ZGY1ZjIwZGQ3NmFkLzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMtZGY1ZjIwZGQ3NmFk
LzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr8WJdebF
wB8Mls+68D0PkQdnpcb5QiPiEwr/aKfrv6z/+NMqI6/g/ZS7RNBnVJvv7TmQcKyS
elby2snbFKxxkk904BfYc1Tj5JHQaN+Tf9vGUC5g/UQBgDafMjMASY6IjPJKLm1l
aGSu5Eti/gXBzJhOjmeK1RC/TTZr6vas45iht8E0x/+h9W1jNA7fHf2tzWqB2HXM
clfLjBtHdk5ZiihQqXVdjwoY+MdKKE1Ydv5WKDGsCwHzTNCFYbOpDaMwo3p60lzD
6UQf7PwajJwDfQNQq5cj+KZcLABvxeHO9YcsR6WpawV3H22BdvHPseDGNv9vB1gm
/zhBuOjT/5ShpQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:27:59 2025 by rpki-client