Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
File: khjNJev3TLGwBLAe5QVQP_8kbWE.mft (raw, json)
Hash identifier: 73B21t+kY458aiEn08amuEhnjDFUfou4AjgB81Tl9Ks=
Subject key identifier: 38:AD:9A:67:B3:0B:D4:F1:57:3B:66:0D:09:0F:DC:2F:EF:BE:1B:4A
Authority key identifier: 92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
Certificate issuer: /CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Certificate serial: 01976EF538182EBBEA7E0C533C2FA890A1B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
Manifest number: 03C7
Signing time: Sat 14 Jun 2025 15:00:53 +0000
Manifest this update: Sat 14 Jun 2025 15:00:53 +0000
Manifest next update: Sun 15 Jun 2025 15:00:53 +0000
Files and hashes: 1: TrlRH64mTqxgPbbyg2lJDlsMeB0.roa (hash: Ar7RtZkoApHXI4MhYkDHCkz8Varr+3EYOSwaeqk+kiE=)
2: eWQbNDk7Bizpa1HJwWi556Oud3s.roa (hash: PwNs4nRmZS0NVFzVnjZatxVrXUe/B08COyWu1QU2ZLs=)
3: khjNJev3TLGwBLAe5QVQP_8kbWE.crl (hash: O7tfXSzeukpTaM9RmrwSh8dpUFk/kLJUD/gdRWarmBQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 10:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6e:f5:38:18:2e:bb:ea:7e:0c:53:3c:2f:a8:90:a1:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Validity
Not Before: Jun 14 15:00:53 2025 GMT
Not After : Jun 15 15:00:53 2025 GMT
Subject: CN=38ad9a67b30bd4f1573b660d090fdc2fefbe1b4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6a:29:c9:18:20:c5:94:d4:82:5a:b8:06:5f:
d8:df:f4:22:a6:c9:39:37:fb:c5:30:3d:fb:8a:f9:
d1:ff:e0:05:ef:ea:5e:10:e0:e9:34:23:8c:f4:79:
9b:4c:95:d1:71:af:30:9c:cc:dd:28:c9:a9:44:25:
22:5f:6e:67:9b:9d:4b:1b:36:b8:b1:5b:c3:ee:f4:
8e:13:9f:da:95:79:9b:77:10:d0:ea:03:c3:16:71:
5d:31:32:1f:f2:78:43:39:35:e8:43:3e:77:ef:60:
3e:fd:34:a2:d9:4b:f8:c7:fb:42:16:d2:9b:af:bd:
a4:dd:8a:37:b1:88:28:4e:ba:01:ef:87:c8:75:c5:
b5:95:d6:21:3d:44:1b:4a:31:7b:70:c2:a6:c6:f7:
bc:4b:49:a5:e0:0a:91:33:92:c4:a0:56:5c:f9:92:
d7:6a:81:39:5f:5a:62:5b:4c:c7:84:a3:bc:19:c8:
bf:e5:f0:bc:0f:49:5c:bd:78:f4:97:3e:88:f2:92:
91:ef:5b:ee:70:d5:2d:87:bc:98:85:3c:d7:e9:a6:
47:cf:f5:86:8d:fb:76:17:44:e5:d5:1f:0c:e2:f5:
10:41:98:7c:fc:be:f7:a5:72:2a:b2:02:44:8f:cf:
06:9c:36:46:f8:64:74:e1:ef:0b:34:41:92:cf:95:
02:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AD:9A:67:B3:0B:D4:F1:57:3B:66:0D:09:0F:DC:2F:EF:BE:1B:4A
X509v3 Authority Key Identifier:
keyid:92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:ac:51:98:b5:49:ee:93:6e:4c:c8:8a:dd:5a:c9:2a:a4:1d:
fb:e5:54:28:c8:12:7a:3d:23:7a:62:3f:b7:b7:8a:b9:74:2c:
39:5f:1a:2d:23:aa:ac:10:53:2f:fe:88:17:f1:6d:21:a7:49:
eb:d7:ff:1c:a9:be:fd:bb:cc:7f:39:bb:a1:2d:71:4c:6a:b3:
a1:d9:a3:d3:bb:fb:e1:36:49:c0:60:75:44:1e:fe:9b:22:d5:
3a:53:f8:4e:d0:be:f1:10:9f:0e:e1:d1:14:ac:40:14:08:d9:
ec:b1:82:73:8e:89:ee:a1:57:d7:86:61:21:ae:c1:e8:30:20:
81:8e:23:52:aa:38:4c:32:f7:e2:d4:69:62:b2:2a:a4:93:3c:
2d:12:e6:3e:a9:4f:e9:c7:dd:ba:d0:04:1c:67:90:79:50:d8:
54:36:13:2a:a6:d3:f2:78:36:ce:9c:1e:77:b6:c9:11:2a:4e:
f7:60:a8:23:c3:b1:a4:e0:be:f8:8d:8a:f9:f6:ca:f8:58:12:
29:75:d1:2e:8d:c1:ec:90:bc:6b:ea:e0:2c:63:50:e8:34:c0:
7d:23:fc:99:ec:8e:a4:bd:f2:5f:58:0b:3d:84:15:8c:a2:ec:
37:81:93:6f:c0:bc:b3:d7:6c:8e:c0:8e:f7:c2:fa:8f:43:3a:
32:72:07:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdu9TgYLrvqfgxTPC+okKG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMThjZDI1ZWJmNzRjYjFiMDA0YjAxZWU1MDU1MDNmZmYy
NDZkNjEwHhcNMjUwNjE0MTUwMDUzWhcNMjUwNjE1MTUwMDUzWjAzMTEwLwYDVQQD
EygzOGFkOWE2N2IzMGJkNGYxNTczYjY2MGQwOTBmZGMyZmVmYmUxYjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2opyRggxZTUglq4Bl/Y3/Qipsk5
N/vFMD37ivnR/+AF7+peEODpNCOM9HmbTJXRca8wnMzdKMmpRCUiX25nm51LGza4
sVvD7vSOE5/alXmbdxDQ6gPDFnFdMTIf8nhDOTXoQz5372A+/TSi2Uv4x/tCFtKb
r72k3Yo3sYgoTroB74fIdcW1ldYhPUQbSjF7cMKmxve8S0ml4AqRM5LEoFZc+ZLX
aoE5X1piW0zHhKO8Gci/5fC8D0lcvXj0lz6I8pKR71vucNUth7yYhTzX6aZHz/WG
jft2F0Tl1R8M4vUQQZh8/L73pXIqsgJEj88GnDZG+GR04e8LNEGSz5UCtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDitmmezC9TxVztmDQkP3C/vvhtKMB8GA1UdIwQY
MBaAFJIYzSXr90yxsASwHuUFUD//JG1hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUt
YmM4NzdjZTkwNjFhLzEva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUtYmM4NzdjZTkwNjFh
LzEva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOKxRmLVJ
7pNuTMiK3VrJKqQd++VUKMgSej0jemI/t7eKuXQsOV8aLSOqrBBTL/6IF/FtIadJ
69f/HKm+/bvMfzm7oS1xTGqzodmj07v74TZJwGB1RB7+myLVOlP4TtC+8RCfDuHR
FKxAFAjZ7LGCc46J7qFX14ZhIa7B6DAggY4jUqo4TDL34tRpYrIqpJM8LRLmPqlP
6cfdutAEHGeQeVDYVDYTKqbT8ng2zpwed7bJESpO92CoI8OxpOC++I2K+fbK+FgS
KXXRLo3B7JC8a+rgLGNQ6DTAfSP8meyOpL3yX1gLPYQVjKLsN4GTb8C8s9dsjsCO
98L6j0M6MnIHTQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 20:34:06 2025 by rpki-client