
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
File: kh2gU5IfUoNniBiPgvYt1aqXP-k.mft (raw, json)
Hash identifier: OR6BLr1P2jc1luVFwpmaExFMk6Fns4zTUiUgzOUwVzg=
Subject key identifier: 7D:E9:68:9A:EC:84:7A:67:F0:79:7C:59:E5:0E:8A:08:F8:41:97:E2
Authority key identifier: 92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9
Certificate issuer: /CN=921da053921f52836788188f82f62dd5aa973fe9
Certificate serial: 0199FC58E3950074CAF13C414B013C0EA901
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
Manifest number: 0FA7
Signing time: Sun 19 Oct 2025 12:01:47 +0000
Manifest this update: Sun 19 Oct 2025 12:01:47 +0000
Manifest next update: Mon 20 Oct 2025 12:01:47 +0000
Files and hashes: 1: kh2gU5IfUoNniBiPgvYt1aqXP-k.crl (hash: 0Rr6YvjUOkSxJX7Yp4+0pvq1xamKBqOaQhMr0+pQ2dk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:58:e3:95:00:74:ca:f1:3c:41:4b:01:3c:0e:a9:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921da053921f52836788188f82f62dd5aa973fe9
Validity
Not Before: Oct 19 12:01:47 2025 GMT
Not After : Oct 20 12:01:47 2025 GMT
Subject: CN=7de9689aec847a67f0797c59e50e8a08f84197e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:37:a5:a2:76:66:e5:f0:8b:74:e6:8c:3e:9e:
ab:7a:8d:fd:88:57:f9:83:3e:a4:56:a0:80:e9:c1:
61:34:91:38:36:4e:ed:2c:9d:12:83:b7:c1:ab:fe:
97:a8:6a:1c:08:17:27:35:25:dd:55:af:7f:09:9f:
6b:ac:60:e4:02:2d:b4:8d:a5:c3:7e:33:ef:d5:5f:
20:4a:3a:7d:ea:ba:c9:2a:82:fc:ef:aa:d9:fa:2b:
f6:b9:30:ca:32:7b:2f:01:71:ac:e6:af:4e:e2:12:
f1:54:36:53:bd:7b:33:d7:28:89:c8:77:5c:ff:0a:
ea:ff:46:90:91:22:b5:e4:a0:fb:7d:35:61:aa:3e:
c8:72:6f:8a:a8:b4:70:de:39:51:da:6b:bf:20:ac:
90:01:1c:ad:5e:c2:35:a0:25:6f:7a:95:c1:58:84:
ab:32:5f:19:93:89:05:97:db:a4:67:07:6f:76:2a:
b7:72:7c:bc:a1:40:fa:c9:e6:f7:2a:b4:68:b6:28:
46:9b:5b:8f:ce:a2:4e:98:0b:a6:f4:7c:f5:ad:99:
17:1d:64:14:fe:cb:f0:aa:af:f2:9b:73:ac:f1:e1:
73:32:3e:81:bc:77:db:ed:56:1d:7c:6a:8d:2d:c8:
d3:be:80:f1:dd:7e:4b:ce:fb:c2:64:9d:98:b1:2e:
52:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:E9:68:9A:EC:84:7A:67:F0:79:7C:59:E5:0E:8A:08:F8:41:97:E2
X509v3 Authority Key Identifier:
keyid:92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:1e:f6:3b:f7:51:e3:5b:a0:38:18:2f:28:32:9b:a1:1c:2d:
0d:12:61:4a:5d:ef:bb:3f:aa:91:49:ec:89:4f:1f:dd:f5:5c:
12:55:cd:4b:7f:b2:45:f5:38:16:d3:82:59:2c:bd:9e:1b:a7:
ee:37:9e:92:2f:15:b3:85:b1:07:1d:18:f0:fe:9e:69:22:ec:
71:f6:33:08:94:03:4a:5f:27:f8:2b:4c:a7:75:0d:ab:9d:a1:
f9:d9:e6:f7:24:92:75:c5:74:01:ca:b1:d5:ff:a6:4b:e9:b8:
65:3e:c8:df:18:56:c1:79:5a:11:cd:0f:08:c2:ea:1a:58:f4:
a4:23:5b:04:74:0e:2a:ca:d5:95:d7:81:32:eb:9a:a9:c7:26:
70:c4:c6:6b:cc:c5:96:ac:a2:eb:9b:ee:b4:63:8b:f1:df:26:
d8:5b:04:56:14:0f:2f:06:f6:5c:46:71:d3:f3:ee:b4:9f:39:
87:0f:3e:80:e6:3f:b9:0b:af:69:76:65:ce:5b:03:5b:78:ce:
5f:6d:30:b6:8b:77:9d:62:d8:e5:a2:90:1e:93:57:ed:ad:1d:
24:4b:91:67:e5:2c:25:b1:d6:24:24:9c:43:ab:c4:0e:5b:82:
81:42:00:1c:f8:be:74:3d:f4:38:66:bc:79:49:be:bf:e8:90:
a3:8b:79:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WOOVAHTK8TxBSwE8DqkBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWRhMDUzOTIxZjUyODM2Nzg4MTg4ZjgyZjYyZGQ1YWE5
NzNmZTkwHhcNMjUxMDE5MTIwMTQ3WhcNMjUxMDIwMTIwMTQ3WjAzMTEwLwYDVQQD
Eyg3ZGU5Njg5YWVjODQ3YTY3ZjA3OTdjNTllNTBlOGEwOGY4NDE5N2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjelonZm5fCLdOaMPp6reo39iFf5
gz6kVqCA6cFhNJE4Nk7tLJ0Sg7fBq/6XqGocCBcnNSXdVa9/CZ9rrGDkAi20jaXD
fjPv1V8gSjp96rrJKoL876rZ+iv2uTDKMnsvAXGs5q9O4hLxVDZTvXsz1yiJyHdc
/wrq/0aQkSK15KD7fTVhqj7Icm+KqLRw3jlR2mu/IKyQARytXsI1oCVvepXBWISr
Ml8Zk4kFl9ukZwdvdiq3cny8oUD6yeb3KrRotihGm1uPzqJOmAum9Hz1rZkXHWQU
/svwqq/ym3Os8eFzMj6BvHfb7VYdfGqNLcjTvoDx3X5LzvvCZJ2YsS5SzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH3paJrshHpn8Hl8WeUOigj4QZfiMB8GA1UdIwQY
MBaAFJIdoFOSH1KDZ4gYj4L2LdWqlz/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMt
ZWIzNDZkOWNlOWUwLzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMtZWIzNDZkOWNlOWUw
LzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbx72O/dR
41ugOBgvKDKboRwtDRJhSl3vuz+qkUnsiU8f3fVcElXNS3+yRfU4FtOCWSy9nhun
7jeeki8Vs4WxBx0Y8P6eaSLscfYzCJQDSl8n+CtMp3UNq52h+dnm9ySSdcV0Acqx
1f+mS+m4ZT7I3xhWwXlaEc0PCMLqGlj0pCNbBHQOKsrVldeBMuuaqccmcMTGa8zF
lqyi65vutGOL8d8m2FsEVhQPLwb2XEZx0/PutJ85hw8+gOY/uQuvaXZlzlsDW3jO
X20wtot3nWLY5aKQHpNX7a0dJEuRZ+UsJbHWJCScQ6vEDluCgUIAHPi+dD30OGa8
eUm+v+iQo4t5qw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:14:08 2025 by rpki-client