Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.mft
File: khxP2jZ8U4OxXCpxQ61LEMlVzqA.mft (raw, json)
Hash identifier: V0FMUP9FhEr+fKueAuYuBfDDbSvb8czpRzRS2Pxl7ds=
Subject key identifier: CE:14:57:0C:DD:B0:5C:B5:FB:F0:44:02:A4:F7:51:3E:37:CC:16:23
Authority key identifier: 92:1C:4F:DA:36:7C:53:83:B1:5C:2A:71:43:AD:4B:10:C9:55:CE:A0
Certificate issuer: /CN=921c4fda367c5383b15c2a7143ad4b10c955cea0
Certificate serial: 019D38D3CD6E46338D93043340499FE6A700
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khxP2jZ8U4OxXCpxQ61LEMlVzqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.mft
Manifest number: 15A2
Signing time: Sun 29 Mar 2026 09:01:37 +0000
Manifest this update: Sun 29 Mar 2026 09:01:37 +0000
Manifest next update: Mon 30 Mar 2026 09:01:37 +0000
Files and hashes: 1: khxP2jZ8U4OxXCpxQ61LEMlVzqA.crl (hash: 7U0MODswNBB0Gul9AEiDljlzF3Uj64/rPpWckyeX7I4=)
2: wzQ_1HuFlBCWtBgTiIg-4_ON4Ec.roa (hash: Po5isFSJ0zw1oEwxSbVlxEIJ6Q1+V1FNWqf4intCsK4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.mft
rsync://rpki.ripe.net/repository/DEFAULT/khxP2jZ8U4OxXCpxQ61LEMlVzqA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:cd:6e:46:33:8d:93:04:33:40:49:9f:e6:a7:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921c4fda367c5383b15c2a7143ad4b10c955cea0
Validity
Not Before: Mar 29 09:01:37 2026 GMT
Not After : Mar 30 09:01:37 2026 GMT
Subject: CN=ce14570cddb05cb5fbf04402a4f7513e37cc1623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8c:22:ce:1a:47:27:9d:5e:d1:0e:7c:50:8e:
bb:8d:38:de:18:32:d4:78:81:59:d8:d6:7a:b0:92:
8e:37:a1:c9:54:3b:49:f6:07:a9:97:07:34:1b:d6:
17:91:ce:7b:44:90:92:ff:5d:72:cf:2e:81:00:d7:
e6:59:3c:cc:cc:82:ba:24:79:c6:15:c4:b1:02:c8:
39:22:49:8f:5d:88:b0:1f:b5:6a:b9:11:e6:c9:21:
89:6a:f9:b2:19:c7:9d:7f:e5:de:21:00:fe:6f:9a:
ea:c9:95:45:51:f3:5e:b4:fb:60:14:9f:59:f8:02:
56:29:9b:71:d2:cc:3a:89:24:88:dd:fb:6c:d5:2f:
81:2a:44:6e:9c:9b:37:51:a1:8e:2b:cc:8b:50:5b:
98:cf:20:f4:56:b1:60:b0:ed:74:09:94:95:87:ba:
1e:74:62:aa:9f:c3:38:05:83:e2:9f:f3:cb:e2:72:
8d:18:62:f6:2b:73:3d:ec:26:15:b0:0a:7b:6e:39:
9d:07:5a:f0:59:96:fe:80:90:45:38:ca:af:e6:ea:
79:fa:03:d3:4d:8a:57:ff:3b:a7:a4:0c:8e:4d:70:
a9:a7:b7:de:bd:d6:cf:67:39:06:79:61:56:c7:56:
a9:7a:fd:e5:22:86:79:5e:d8:27:28:30:c8:14:7e:
f1:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:14:57:0C:DD:B0:5C:B5:FB:F0:44:02:A4:F7:51:3E:37:CC:16:23
X509v3 Authority Key Identifier:
keyid:92:1C:4F:DA:36:7C:53:83:B1:5C:2A:71:43:AD:4B:10:C9:55:CE:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khxP2jZ8U4OxXCpxQ61LEMlVzqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:c9:8f:67:c2:73:e9:a7:9b:07:ed:85:b0:ba:b8:55:a0:88:
3c:a3:7d:6e:42:4e:c4:43:20:c2:d9:23:e8:a1:fd:37:76:d1:
ec:3f:7a:b9:cf:21:d0:92:90:31:42:74:4f:ff:b4:11:ee:f7:
9b:76:fe:81:10:8c:48:89:96:ed:f7:aa:11:2c:9b:13:75:83:
1e:54:60:b2:0c:59:79:3e:db:4f:b6:f7:3a:ce:bf:b6:78:fe:
fc:3a:1f:af:72:b6:58:a4:bd:00:e9:12:3d:12:f0:ef:04:22:
bf:3b:30:bf:c0:a0:73:6c:85:a5:60:4a:e8:80:29:a6:c5:90:
ed:2d:67:9d:a3:ce:33:e9:f7:9f:2a:9f:90:a5:89:e3:69:8f:
f4:07:db:74:f3:c2:ab:1c:17:f1:1a:44:df:0d:5a:d7:06:91:
bc:11:28:59:a4:db:26:f4:28:41:4b:60:c4:af:d8:a3:03:45:
3b:10:85:6a:47:9b:f7:a2:3f:20:b0:a4:4c:57:47:0b:8a:50:
f8:ad:95:1c:ef:8b:a0:42:ef:47:2f:5b:e1:15:d1:05:23:68:
5f:2f:df:22:cb:92:fd:d1:e8:0b:e2:46:b5:6e:b9:22:54:e4:
9c:df:79:81:ad:1b:c4:48:a4:15:4f:17:a3:06:82:5e:99:77:
f8:73:ae:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04081uRjONkwQzQEmf5qcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWM0ZmRhMzY3YzUzODNiMTVjMmE3MTQzYWQ0YjEwYzk1
NWNlYTAwHhcNMjYwMzI5MDkwMTM3WhcNMjYwMzMwMDkwMTM3WjAzMTEwLwYDVQQD
EyhjZTE0NTcwY2RkYjA1Y2I1ZmJmMDQ0MDJhNGY3NTEzZTM3Y2MxNjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYwizhpHJ51e0Q58UI67jTjeGDLU
eIFZ2NZ6sJKON6HJVDtJ9geplwc0G9YXkc57RJCS/11yzy6BANfmWTzMzIK6JHnG
FcSxAsg5IkmPXYiwH7VquRHmySGJavmyGcedf+XeIQD+b5rqyZVFUfNetPtgFJ9Z
+AJWKZtx0sw6iSSI3fts1S+BKkRunJs3UaGOK8yLUFuYzyD0VrFgsO10CZSVh7oe
dGKqn8M4BYPin/PL4nKNGGL2K3M97CYVsAp7bjmdB1rwWZb+gJBFOMqv5up5+gPT
TYpX/zunpAyOTXCpp7fevdbPZzkGeWFWx1apev3lIoZ5XtgnKDDIFH7xPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM4UVwzdsFy1+/BEAqT3UT43zBYjMB8GA1UdIwQY
MBaAFJIcT9o2fFODsVwqcUOtSxDJVc6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h4UDJqWjhVNE94WENweFE2MUxFTWxWenFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zZDZiMWEtNmQ2MS00NGI4LThjYmIt
MjM2MDhmNmFlMmVhLzEva2h4UDJqWjhVNE94WENweFE2MUxFTWxWenFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zZDZiMWEtNmQ2MS00NGI4LThjYmItMjM2MDhmNmFlMmVh
LzEva2h4UDJqWjhVNE94WENweFE2MUxFTWxWenFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX8mPZ8Jz
6aebB+2FsLq4VaCIPKN9bkJOxEMgwtkj6KH9N3bR7D96uc8h0JKQMUJ0T/+0Ee73
m3b+gRCMSImW7feqESybE3WDHlRgsgxZeT7bT7b3Os6/tnj+/Dofr3K2WKS9AOkS
PRLw7wQivzswv8Cgc2yFpWBK6IAppsWQ7S1nnaPOM+n3nyqfkKWJ42mP9AfbdPPC
qxwX8RpE3w1a1waRvBEoWaTbJvQoQUtgxK/YowNFOxCFakeb96I/ILCkTFdHC4pQ
+K2VHO+LoELvRy9b4RXRBSNoXy/fIsuS/dHoC+JGtW65IlTknN95ga0bxEikFU8X
owaCXpl3+HOuvg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:27:31 2026 by rpki-client