Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
File: kh2gU5IfUoNniBiPgvYt1aqXP-k.mft (raw, json)
Hash identifier: bSEx+IujNZhjYey0GUliHwou56D4VSYpUY9IjhnniZk=
Subject key identifier: E3:ED:3F:C8:67:88:C1:B7:71:58:BE:E1:2B:73:70:D1:79:D3:FD:DA
Authority key identifier: 92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9
Certificate issuer: /CN=921da053921f52836788188f82f62dd5aa973fe9
Certificate serial: 019A4F6253C08A097BC4E0CE59BFCCA44001
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
Manifest number: 0FD2
Signing time: Tue 04 Nov 2025 15:00:35 +0000
Manifest this update: Tue 04 Nov 2025 15:00:35 +0000
Manifest next update: Wed 05 Nov 2025 15:00:35 +0000
Files and hashes: 1: kh2gU5IfUoNniBiPgvYt1aqXP-k.crl (hash: NTYExuLsVtTeC0CXr1QuAq4m4EZgiKgMd7FuWR1myA4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:62:53:c0:8a:09:7b:c4:e0:ce:59:bf:cc:a4:40:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921da053921f52836788188f82f62dd5aa973fe9
Validity
Not Before: Nov 4 15:00:35 2025 GMT
Not After : Nov 5 15:00:35 2025 GMT
Subject: CN=e3ed3fc86788c1b77158bee12b7370d179d3fdda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:51:e9:be:23:ec:17:e8:ee:f8:4a:a3:ff:78:
fd:14:04:b1:91:ab:87:d2:64:bf:f0:e6:70:82:5b:
83:0a:24:74:62:04:be:13:44:6d:94:3c:7d:4a:cc:
01:6e:35:20:78:61:b2:0c:35:61:4e:ea:ad:af:e3:
86:5d:80:c5:69:37:26:38:32:15:4e:23:d0:c5:66:
d4:f4:7c:21:3e:e8:fb:a1:d9:41:8a:ed:09:65:4d:
84:df:3b:b5:b7:73:a4:38:b9:b1:e8:f1:8e:b9:2b:
f9:e3:23:ad:a0:58:5b:f9:58:21:ee:4f:8b:96:eb:
89:47:5e:b2:7d:78:60:4c:3d:ee:a2:9a:f9:08:ee:
84:bb:7d:23:27:66:9f:a3:33:96:d8:53:76:8f:20:
85:ff:d1:d1:3b:7b:70:53:bb:06:08:ef:d6:d7:15:
bf:9f:9b:f6:85:a0:4e:27:c9:1d:b2:d3:30:46:8c:
c3:34:52:e3:c6:0e:6f:9f:77:6a:3b:a1:5c:e6:a6:
b7:09:7c:67:61:a8:e2:3d:d6:72:1d:e9:3a:83:29:
7e:f6:34:e8:1f:55:3a:89:e2:82:ae:c0:07:9e:b2:
c6:19:d3:de:50:f4:0f:b2:51:32:4c:f2:20:a8:5d:
c3:84:95:03:64:2a:7e:3d:b6:24:f3:97:d9:14:79:
31:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:ED:3F:C8:67:88:C1:B7:71:58:BE:E1:2B:73:70:D1:79:D3:FD:DA
X509v3 Authority Key Identifier:
keyid:92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:6b:2f:82:8f:2b:da:36:66:0f:a1:58:d6:c7:a1:f4:03:bf:
66:70:2f:31:15:ff:17:4d:54:d0:ed:fb:e8:d6:8c:8f:90:a7:
f4:c1:20:7c:f6:e8:20:2e:41:36:77:20:03:d7:91:d2:a7:42:
6a:df:18:ee:7d:fd:32:d2:79:e9:60:e9:b4:ae:88:a8:b5:70:
38:81:99:34:6f:f1:14:64:e2:d2:e1:82:78:83:f4:58:1e:85:
34:d4:55:cd:2c:92:21:57:f2:6f:6d:af:bb:c3:86:52:a4:b5:
59:37:5e:9b:e3:6c:25:12:5f:b5:bd:57:b0:50:64:c3:de:5d:
f9:db:48:ba:9c:b3:67:b7:28:c1:2b:7e:6f:83:cc:24:f3:23:
5f:53:7e:67:c0:aa:56:ab:80:e0:b6:f0:25:ba:87:77:d9:bc:
25:e3:b9:64:30:dd:f5:5a:4d:72:3b:67:66:fa:37:10:28:2f:
c5:ba:03:6f:0c:58:27:b7:22:6e:50:d7:cb:78:23:0e:30:f4:
11:21:d6:40:4e:c6:be:4b:3d:74:9e:25:14:8a:19:2f:a2:93:
0e:3e:33:ea:e5:93:94:1b:57:76:c3:a1:c2:72:15:60:c6:ba:
52:eb:75:19:ce:10:6a:cc:63:72:36:28:e6:3c:b9:47:24:79:
25:ff:1b:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYlPAigl7xODOWb/MpEABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWRhMDUzOTIxZjUyODM2Nzg4MTg4ZjgyZjYyZGQ1YWE5
NzNmZTkwHhcNMjUxMTA0MTUwMDM1WhcNMjUxMTA1MTUwMDM1WjAzMTEwLwYDVQQD
EyhlM2VkM2ZjODY3ODhjMWI3NzE1OGJlZTEyYjczNzBkMTc5ZDNmZGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVHpviPsF+ju+Eqj/3j9FASxkauH
0mS/8OZwgluDCiR0YgS+E0RtlDx9SswBbjUgeGGyDDVhTuqtr+OGXYDFaTcmODIV
TiPQxWbU9HwhPuj7odlBiu0JZU2E3zu1t3OkOLmx6PGOuSv54yOtoFhb+Vgh7k+L
luuJR16yfXhgTD3uopr5CO6Eu30jJ2afozOW2FN2jyCF/9HRO3twU7sGCO/W1xW/
n5v2haBOJ8kdstMwRozDNFLjxg5vn3dqO6Fc5qa3CXxnYajiPdZyHek6gyl+9jTo
H1U6ieKCrsAHnrLGGdPeUPQPslEyTPIgqF3DhJUDZCp+PbYk85fZFHkxewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOPtP8hniMG3cVi+4StzcNF50/3aMB8GA1UdIwQY
MBaAFJIdoFOSH1KDZ4gYj4L2LdWqlz/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMt
ZWIzNDZkOWNlOWUwLzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMtZWIzNDZkOWNlOWUw
LzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHmsvgo8r
2jZmD6FY1seh9AO/ZnAvMRX/F01U0O376NaMj5Cn9MEgfPboIC5BNncgA9eR0qdC
at8Y7n39MtJ56WDptK6IqLVwOIGZNG/xFGTi0uGCeIP0WB6FNNRVzSySIVfyb22v
u8OGUqS1WTdem+NsJRJftb1XsFBkw95d+dtIupyzZ7cowSt+b4PMJPMjX1N+Z8Cq
VquA4LbwJbqHd9m8JeO5ZDDd9VpNcjtnZvo3ECgvxboDbwxYJ7ciblDXy3gjDjD0
ESHWQE7Gvks9dJ4lFIoZL6KTDj4z6uWTlBtXdsOhwnIVYMa6Uut1Gc4QasxjcjYo
5jy5RyR5Jf8b/A==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:20:50 2025 by rpki-client