Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
File: khjNJev3TLGwBLAe5QVQP_8kbWE.mft (raw, json)
Hash identifier: FwM7U/W2rOyvlMKHcFPI4JJa0GzBAIGaaH00iaf+DJ0=
Subject key identifier: 2D:A0:CE:4A:DA:A6:1F:C4:54:24:1F:D0:9F:57:D8:A1:EC:AC:DB:DD
Authority key identifier: 92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
Certificate issuer: /CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Certificate serial: 01987D8B1C59456FE35E04C94D15E06E8DCA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
Manifest number: 0453
Signing time: Wed 06 Aug 2025 04:02:05 +0000
Manifest this update: Wed 06 Aug 2025 04:02:05 +0000
Manifest next update: Thu 07 Aug 2025 04:02:05 +0000
Files and hashes: 1: TrlRH64mTqxgPbbyg2lJDlsMeB0.roa (hash: Ar7RtZkoApHXI4MhYkDHCkz8Varr+3EYOSwaeqk+kiE=)
2: eWQbNDk7Bizpa1HJwWi556Oud3s.roa (hash: PwNs4nRmZS0NVFzVnjZatxVrXUe/B08COyWu1QU2ZLs=)
3: khjNJev3TLGwBLAe5QVQP_8kbWE.crl (hash: Y8sDgzBCT9BJcn6KbnOcEuDU+D5tWaU/C+UqqJOGeq8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 23:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7d:8b:1c:59:45:6f:e3:5e:04:c9:4d:15:e0:6e:8d:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Validity
Not Before: Aug 6 04:02:05 2025 GMT
Not After : Aug 7 04:02:05 2025 GMT
Subject: CN=2da0ce4adaa61fc454241fd09f57d8a1ecacdbdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:72:2f:c5:6c:a6:8f:55:1b:8b:9a:15:ce:d7:
cd:73:0b:10:20:ae:67:09:bc:91:2d:2d:60:aa:a3:
5a:ea:c7:66:45:15:18:35:a4:a9:89:74:6f:66:22:
8b:60:a0:58:95:a8:e5:7b:33:e5:23:07:1b:fe:a6:
77:e9:b1:bf:c4:93:11:92:c8:23:0f:bd:ff:e3:10:
a3:ce:8b:08:75:a0:d4:3e:6c:86:c2:f6:eb:37:30:
40:ac:6b:09:45:ad:82:13:0d:66:4f:f3:c7:23:f1:
b7:91:25:c7:5a:09:64:90:74:6b:6d:92:03:94:b6:
c5:41:57:cf:ab:02:1e:16:b7:6a:92:40:ce:59:f9:
59:cc:5b:48:8d:40:91:d5:c6:14:7c:ae:48:9c:5c:
53:94:15:a7:c4:d1:0d:18:b4:1c:80:58:83:00:82:
34:b0:92:27:5a:ed:6a:bd:f6:9a:05:34:f7:8a:25:
9c:86:b3:a8:f6:ad:49:76:9f:12:95:66:f7:75:cf:
a2:43:06:8e:b6:3d:2e:ef:6a:b0:3b:05:20:d1:3d:
d8:46:75:29:d9:33:98:3e:2a:cb:c4:c8:01:e1:03:
83:02:84:99:91:eb:f9:75:6a:03:05:c4:54:13:6a:
c0:fe:cf:d6:08:24:ba:e4:b5:35:8f:cb:d9:0e:fc:
b4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:A0:CE:4A:DA:A6:1F:C4:54:24:1F:D0:9F:57:D8:A1:EC:AC:DB:DD
X509v3 Authority Key Identifier:
keyid:92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c8:47:24:42:8a:ce:40:b0:a1:02:84:23:fd:b7:96:da:65:3b:
71:9d:5d:48:6d:6f:84:03:46:34:4d:65:6a:5d:e7:22:bb:3b:
3b:d6:1b:89:ad:7d:7c:cd:be:83:af:54:0e:cd:87:71:c4:77:
a1:28:dc:66:b7:a7:e2:c1:bc:04:2b:45:f9:20:c6:cb:1b:ba:
e3:95:a0:d3:4e:54:47:af:dd:6f:37:b8:d2:62:90:ac:5b:44:
02:81:07:a0:92:35:b1:99:3d:bd:cd:a7:45:04:95:54:1a:f1:
b2:3d:4f:d8:d0:ee:8d:90:21:67:40:69:29:5f:cf:c6:42:97:
83:6e:b7:36:24:f1:42:23:26:cf:c1:d2:b0:66:b4:90:72:62:
eb:df:93:81:6b:d9:a5:e2:a4:06:f5:a4:0b:25:0f:cb:57:f6:
48:0a:cc:d6:13:c9:d1:74:87:7d:a3:30:cf:ac:a1:1a:a1:3c:
18:5a:a5:96:d4:a5:16:36:44:59:0d:7c:c2:1e:bc:54:9b:41:
5b:f4:69:d4:7a:a2:15:d8:66:f9:d8:97:e9:ba:f4:cc:56:2b:
45:a9:c0:97:a5:fb:2f:b0:7d:f5:30:f3:1c:bc:00:c0:ff:2a:
6c:87:05:47:29:ee:e1:ae:cc:43:fb:0c:3a:18:27:00:ad:84:
a7:56:93:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9ixxZRW/jXgTJTRXgbo3KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMThjZDI1ZWJmNzRjYjFiMDA0YjAxZWU1MDU1MDNmZmYy
NDZkNjEwHhcNMjUwODA2MDQwMjA1WhcNMjUwODA3MDQwMjA1WjAzMTEwLwYDVQQD
EygyZGEwY2U0YWRhYTYxZmM0NTQyNDFmZDA5ZjU3ZDhhMWVjYWNkYmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXIvxWymj1Ubi5oVztfNcwsQIK5n
CbyRLS1gqqNa6sdmRRUYNaSpiXRvZiKLYKBYlajlezPlIwcb/qZ36bG/xJMRksgj
D73/4xCjzosIdaDUPmyGwvbrNzBArGsJRa2CEw1mT/PHI/G3kSXHWglkkHRrbZID
lLbFQVfPqwIeFrdqkkDOWflZzFtIjUCR1cYUfK5InFxTlBWnxNENGLQcgFiDAII0
sJInWu1qvfaaBTT3iiWchrOo9q1Jdp8SlWb3dc+iQwaOtj0u72qwOwUg0T3YRnUp
2TOYPirLxMgB4QODAoSZkev5dWoDBcRUE2rA/s/WCCS65LU1j8vZDvy0eQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2gzkraph/EVCQf0J9X2KHsrNvdMB8GA1UdIwQY
MBaAFJIYzSXr90yxsASwHuUFUD//JG1hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUt
YmM4NzdjZTkwNjFhLzEva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUtYmM4NzdjZTkwNjFh
LzEva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyEckQorO
QLChAoQj/beW2mU7cZ1dSG1vhANGNE1lal3nIrs7O9Ybia19fM2+g69UDs2HccR3
oSjcZren4sG8BCtF+SDGyxu645Wg005UR6/dbze40mKQrFtEAoEHoJI1sZk9vc2n
RQSVVBrxsj1P2NDujZAhZ0BpKV/PxkKXg263NiTxQiMmz8HSsGa0kHJi69+TgWvZ
peKkBvWkCyUPy1f2SArM1hPJ0XSHfaMwz6yhGqE8GFqlltSlFjZEWQ18wh68VJtB
W/Rp1HqiFdhm+diX6br0zFYrRanAl6X7L7B99TDzHLwAwP8qbIcFRynu4a7MQ/sM
OhgnAK2Ep1aTRw==
-----END CERTIFICATE-----
Generated at Wed Aug 6 09:31:06 2025 by rpki-client