Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: 5CRwwrgxB3aF4BCqQa/ZVOdCdCguEhD9wooflKQHwuk=
Subject key identifier: 13:14:A8:CC:C1:22:07:0A:7B:42:45:1C:47:7F:86:AB:06:03:DB:C5
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019D8E035D54299227773E06902FB12AAA78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 18BE
Signing time: Tue 14 Apr 2026 22:01:18 +0000
Manifest this update: Tue 14 Apr 2026 22:01:18 +0000
Manifest next update: Wed 15 Apr 2026 22:01:18 +0000
Files and hashes: 1: IGA1ulxSxKGkoLSG34jnJfGS8GM.asa (hash: Wb9Cwa31gXG46doK7XO0BE6KGITY40XEAXzduJEsDJA=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: 38JtsyzWFxMOmxEFMy09MXBcNVgDzMDcZsiJwPalY6I=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 15 Apr 2026 22:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8e:03:5d:54:29:92:27:77:3e:06:90:2f:b1:2a:aa:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Apr 14 22:01:18 2026 GMT
Not After : Apr 15 22:01:18 2026 GMT
Subject: CN=1314a8ccc122070a7b42451c477f86ab0603dbc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:fe:e7:5a:09:c0:1c:a8:87:51:d4:ec:da:7b:
97:74:ea:b8:fb:62:b1:89:37:2d:ae:b3:1a:14:54:
27:9d:5c:be:ea:80:6d:d2:0d:75:af:a3:9a:6f:80:
ae:07:0f:9d:d3:b6:c8:72:90:c6:41:e6:95:71:2f:
5b:3c:fe:a8:c1:27:c4:9c:77:cb:a5:48:e6:86:5e:
40:10:e5:30:dc:29:97:95:29:08:fb:9a:69:5e:1d:
87:fe:39:a5:be:bf:0f:79:75:2f:fd:b2:09:e0:75:
64:a8:1e:8b:d5:52:87:8d:7c:1e:e3:32:ed:f8:55:
00:14:17:fe:b2:28:85:d2:44:01:4e:7f:a7:09:26:
58:31:70:76:76:38:1a:57:7d:28:0a:8e:6b:38:f6:
6d:01:41:b3:6d:28:75:e2:a7:75:63:e4:a6:7e:d3:
00:af:46:ed:0b:a8:71:7d:03:3e:74:fc:5d:b6:8e:
8a:f4:b4:ff:b4:c6:aa:ae:a7:67:58:33:0e:41:5a:
4f:74:e9:29:06:03:e6:81:58:f0:49:94:8f:84:2f:
d8:fa:44:f8:67:bc:73:75:11:4a:f1:df:a8:ca:e7:
e3:9a:7c:d0:89:b1:81:28:38:8a:94:ec:4b:a7:20:
b0:97:c5:70:6d:a1:df:5e:92:34:57:11:3c:5d:67:
a3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:14:A8:CC:C1:22:07:0A:7B:42:45:1C:47:7F:86:AB:06:03:DB:C5
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:35:a1:b5:9f:08:49:3f:3d:22:0f:78:cb:6c:59:61:75:40:
87:77:8a:b8:9f:14:ba:f8:20:ba:6e:50:cd:eb:06:d0:81:2c:
c4:da:c1:fb:b5:ab:6e:d3:27:89:d3:20:9b:9a:a6:ee:f8:ef:
28:62:4f:7a:dc:86:5f:c5:a4:24:9e:62:1a:b1:1e:42:3b:0d:
fa:a8:de:77:fd:9a:fe:a0:49:41:28:d7:be:bd:c0:b7:7e:b5:
94:24:1d:89:52:7a:d5:65:58:62:e8:4e:d8:09:bd:d0:f9:67:
21:8b:5c:12:cc:22:6c:f1:49:7f:8f:8c:61:5e:53:2a:05:37:
66:24:23:45:26:37:19:88:cb:44:83:89:fc:5c:f9:34:58:a3:
26:24:0b:70:32:6f:97:d0:28:71:31:93:b3:07:c7:f0:34:41:
5b:cf:8b:b1:2b:c3:c0:a4:0f:6c:94:e7:90:92:19:0b:1a:29:
4e:80:1d:82:99:6e:79:60:f5:15:2e:f8:44:dd:b3:f0:e0:39:
50:fd:c9:77:4d:be:19:74:81:7a:25:a5:b0:64:09:1b:c7:0f:
7c:8e:c8:d0:39:4c:93:a5:b9:c2:80:6a:e3:a6:68:10:17:33:
52:13:aa:ac:f5:9a:f1:1f:86:03:f9:bc:c6:db:85:62:50:9b:
88:73:4c:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2OA11UKZIndz4GkC+xKqp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwNDE0MjIwMTE4WhcNMjYwNDE1MjIwMTE4WjAzMTEwLwYDVQQD
EygxMzE0YThjY2MxMjIwNzBhN2I0MjQ1MWM0NzdmODZhYjA2MDNkYmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1v7nWgnAHKiHUdTs2nuXdOq4+2Kx
iTctrrMaFFQnnVy+6oBt0g11r6Oab4CuBw+d07bIcpDGQeaVcS9bPP6owSfEnHfL
pUjmhl5AEOUw3CmXlSkI+5ppXh2H/jmlvr8PeXUv/bIJ4HVkqB6L1VKHjXwe4zLt
+FUAFBf+siiF0kQBTn+nCSZYMXB2djgaV30oCo5rOPZtAUGzbSh14qd1Y+SmftMA
r0btC6hxfQM+dPxdto6K9LT/tMaqrqdnWDMOQVpPdOkpBgPmgVjwSZSPhC/Y+kT4
Z7xzdRFK8d+oyufjmnzQibGBKDiKlOxLpyCwl8VwbaHfXpI0VxE8XWejgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBMUqMzBIgcKe0JFHEd/hqsGA9vFMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjzWhtZ8I
ST89Ig94y2xZYXVAh3eKuJ8Uuvggum5QzesG0IEsxNrB+7WrbtMnidMgm5qm7vjv
KGJPetyGX8WkJJ5iGrEeQjsN+qjed/2a/qBJQSjXvr3At361lCQdiVJ61WVYYuhO
2Am90PlnIYtcEswibPFJf4+MYV5TKgU3ZiQjRSY3GYjLRIOJ/Fz5NFijJiQLcDJv
l9AocTGTswfH8DRBW8+LsSvDwKQPbJTnkJIZCxopToAdgplueWD1FS74RN2z8OA5
UP3Jd02+GXSBeiWlsGQJG8cPfI7I0DlMk6W5woBq46ZoEBczUhOqrPWa8R+GA/m8
xtuFYlCbiHNMDQ==
-----END CERTIFICATE-----
Generated at Wed Apr 15 05:07:37 2026 by rpki-client