Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
File: KHtQElUXlEJ0oUa7rNZOaRog-gY.mft (raw, json)
Hash identifier: JbR/enZMOdKVKMFO75WUEpmIp6mxBUi0ugRwV0fI1s0=
Subject key identifier: EB:5C:12:FE:E8:82:AF:84:5F:1C:BC:0A:F7:28:F4:54:6B:13:4A:28
Authority key identifier: 28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06
Certificate issuer: /CN=287b50125517944274a146bbacd64e691a20fa06
Certificate serial: 019A4EF3FFC61DE17B2C98F0EDFB2462864F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
Manifest number: 0FB7
Signing time: Tue 04 Nov 2025 13:00:04 +0000
Manifest this update: Tue 04 Nov 2025 13:00:04 +0000
Manifest next update: Wed 05 Nov 2025 13:00:04 +0000
Files and hashes: 1: KHtQElUXlEJ0oUa7rNZOaRog-gY.crl (hash: gg5Ct77s7BPl5Zx+rvOFLaZNz1qGKvM/aisx4wGaTog=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f3:ff:c6:1d:e1:7b:2c:98:f0:ed:fb:24:62:86:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=287b50125517944274a146bbacd64e691a20fa06
Validity
Not Before: Nov 4 13:00:04 2025 GMT
Not After : Nov 5 13:00:04 2025 GMT
Subject: CN=eb5c12fee882af845f1cbc0af728f4546b134a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:5d:ba:9f:22:10:74:22:0e:ac:9f:36:35:d4:
36:1c:71:f6:b3:20:7b:f2:8b:30:04:94:45:57:66:
d0:92:8b:1f:35:72:39:74:fb:82:7a:b1:36:40:47:
bc:eb:b9:11:5d:08:3b:10:e9:43:b0:ac:ef:10:63:
cb:ec:3f:88:b4:e0:7e:08:54:3e:d5:e2:fc:ff:cc:
95:c8:1f:07:78:04:a8:69:ea:ef:7c:83:b8:de:30:
5d:cf:80:4f:3f:fb:2b:d1:a7:97:6a:53:03:3b:7c:
07:f5:ef:18:dc:6f:09:99:07:e5:e0:cd:6d:98:d7:
9c:ec:8f:30:e1:5e:4a:58:58:f3:56:43:b5:ad:cd:
45:31:96:76:38:8a:6e:57:4b:95:e3:d3:cc:5c:d7:
aa:b5:32:6e:d2:d5:98:25:51:7b:f4:06:9d:2c:e7:
5b:62:e9:12:93:fa:0b:d6:e8:f9:29:fa:08:c0:51:
e6:83:3b:b7:ff:2d:ce:f1:4a:61:f7:7a:95:89:3b:
5c:db:b6:f0:a8:83:b0:84:9d:53:f8:d9:40:97:7f:
e3:2e:60:fd:8a:ce:c1:a9:82:fc:4e:3f:8f:e4:ae:
07:c4:a4:b0:ef:07:ca:0e:c5:ed:43:9b:1a:9d:f8:
81:2f:cf:96:84:1d:8a:50:22:ec:36:dd:86:52:6a:
a1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:5C:12:FE:E8:82:AF:84:5F:1C:BC:0A:F7:28:F4:54:6B:13:4A:28
X509v3 Authority Key Identifier:
keyid:28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:15:56:0d:87:02:b3:be:69:20:21:91:cb:bc:8c:24:83:bb:
0c:58:0e:e4:3c:1f:8c:85:26:7b:e6:b4:f8:aa:27:10:50:ed:
80:53:49:a8:d1:1c:ce:a6:c0:63:dc:5a:e7:2f:6d:63:7a:a0:
f3:09:c0:54:87:de:67:33:eb:f3:ae:9c:62:d0:fa:7d:50:13:
78:d8:d8:b1:56:6f:ca:9b:6b:a9:d2:3a:de:a1:53:29:4e:59:
26:d5:6d:ce:e8:e6:a8:77:96:d7:5b:6f:bf:e0:88:53:e5:39:
5c:d9:cb:20:a0:62:e2:de:bd:c8:37:c4:ee:ad:a5:aa:24:72:
70:18:f8:ec:46:91:eb:a6:1f:a4:f4:a5:73:ef:0a:d1:57:60:
c8:9f:31:49:fd:4d:8c:ca:04:75:25:97:cb:c5:44:9c:bf:38:
c5:7a:fb:1a:ba:0f:7b:5c:75:87:59:6f:0f:6c:6c:15:70:13:
91:e8:fb:68:4a:b6:fe:8e:58:68:ac:ac:7f:41:ce:ac:d1:73:
6b:2e:17:1b:f9:48:09:1a:b5:ae:b3:83:08:72:c0:64:c0:8c:
4b:c5:9b:48:7d:78:01:ce:84:1a:be:75:fe:2b:fb:db:96:27:
a6:a9:5a:fd:f7:af:34:d8:2c:41:6e:87:6c:64:9a:dc:5b:6f:
24:d8:de:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO8//GHeF7LJjw7fskYoZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2I1MDEyNTUxNzk0NDI3NGExNDZiYmFjZDY0ZTY5MWEy
MGZhMDYwHhcNMjUxMTA0MTMwMDA0WhcNMjUxMTA1MTMwMDA0WjAzMTEwLwYDVQQD
EyhlYjVjMTJmZWU4ODJhZjg0NWYxY2JjMGFmNzI4ZjQ1NDZiMTM0YTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4126nyIQdCIOrJ82NdQ2HHH2syB7
8oswBJRFV2bQkosfNXI5dPuCerE2QEe867kRXQg7EOlDsKzvEGPL7D+ItOB+CFQ+
1eL8/8yVyB8HeASoaervfIO43jBdz4BPP/sr0aeXalMDO3wH9e8Y3G8JmQfl4M1t
mNec7I8w4V5KWFjzVkO1rc1FMZZ2OIpuV0uV49PMXNeqtTJu0tWYJVF79AadLOdb
YukSk/oL1uj5KfoIwFHmgzu3/y3O8Uph93qViTtc27bwqIOwhJ1T+NlAl3/jLmD9
is7BqYL8Tj+P5K4HxKSw7wfKDsXtQ5sanfiBL8+WhB2KUCLsNt2GUmqh7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOtcEv7ogq+EXxy8Cvco9FRrE0ooMB8GA1UdIwQY
MBaAFCh7UBJVF5RCdKFGu6zWTmkaIPoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgt
YWFiNmM4YmE1YmQ0LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgtYWFiNmM4YmE1YmQ0
LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbhVWDYcC
s75pICGRy7yMJIO7DFgO5DwfjIUme+a0+KonEFDtgFNJqNEczqbAY9xa5y9tY3qg
8wnAVIfeZzPr866cYtD6fVATeNjYsVZvyptrqdI63qFTKU5ZJtVtzujmqHeW11tv
v+CIU+U5XNnLIKBi4t69yDfE7q2lqiRycBj47EaR66YfpPSlc+8K0VdgyJ8xSf1N
jMoEdSWXy8VEnL84xXr7GroPe1x1h1lvD2xsFXATkej7aEq2/o5YaKysf0HOrNFz
ay4XG/lICRq1rrODCHLAZMCMS8WbSH14Ac6EGr51/iv725Ynpqla/fevNNgsQW6H
bGSa3FtvJNjeFQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:55:38 2025 by rpki-client