Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: k7GHLqB7mQ4vTJsnrjR4TzGBG470eu7MgmvSoCoa8Mo=
Subject key identifier: 02:BD:09:43:E0:7D:07:E3:31:D3:59:9C:CF:B4:C4:C7:04:62:28:3B
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019D5036A34649FC083F13A06831BA6CC076
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 189D
Signing time: Thu 02 Apr 2026 22:00:51 +0000
Manifest this update: Thu 02 Apr 2026 22:00:51 +0000
Manifest next update: Fri 03 Apr 2026 22:00:51 +0000
Files and hashes: 1: 4pTe3zVq_LBaEng6PDXChOvOrYM.asa (hash: ajIeKP46hnwug0OLXYz0+5iBNt1utjAL/IG5/ovLQUU=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: 2r9p5esiSDADC3gSORDzXsVDTDMBBaGEyDWnac4v+LQ=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 Apr 2026 22:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:50:36:a3:46:49:fc:08:3f:13:a0:68:31:ba:6c:c0:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Apr 2 22:00:51 2026 GMT
Not After : Apr 3 22:00:51 2026 GMT
Subject: CN=02bd0943e07d07e331d3599ccfb4c4c70462283b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:51:3c:22:15:71:36:c1:e8:bc:7e:56:86:54:
29:21:06:cc:64:4a:f0:25:66:1e:ef:74:42:85:48:
1f:43:8e:ac:37:58:a1:d0:d5:65:a5:8d:b4:48:ca:
ea:ad:ce:17:6a:44:b5:cb:7c:b1:24:f4:6a:c6:c4:
cf:65:c1:10:09:fa:65:16:35:a8:d4:2b:71:7c:96:
92:8c:f4:6b:75:2c:55:59:47:eb:c6:83:f5:c9:b8:
36:5d:7c:db:77:af:14:7c:6b:9d:dd:7f:ca:11:c1:
c7:51:7d:ad:ab:a2:26:92:39:1c:64:13:11:3c:49:
16:da:93:17:71:dd:a8:d7:56:92:4b:22:6a:2b:a9:
14:be:80:f1:d2:f7:e5:79:2e:27:93:85:1d:b1:6d:
d6:8d:7f:22:f0:db:3b:c8:95:2e:c5:13:81:80:de:
f6:af:d6:fa:c6:7d:26:2e:3d:1c:c6:8c:93:6c:65:
ba:2d:04:09:09:3e:6c:91:af:9a:1a:00:00:c5:95:
40:f3:db:fd:64:11:74:f4:86:0c:33:cb:d3:66:69:
c1:75:a2:61:72:fa:60:a4:4d:00:15:d1:ad:2a:a5:
83:ce:fa:8f:85:05:1a:99:32:b1:00:b5:b0:0a:67:
9d:a3:28:29:ba:35:55:bd:a5:12:35:bd:af:e8:57:
6a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:BD:09:43:E0:7D:07:E3:31:D3:59:9C:CF:B4:C4:C7:04:62:28:3B
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c2:1f:de:7b:82:59:b4:17:d8:22:12:98:5b:12:72:3c:32:fd:
e5:d4:2f:a1:45:67:52:bc:62:7e:75:b7:0a:86:5c:7b:b8:f8:
cd:c6:b8:d3:17:b5:70:bc:ab:af:f7:77:1a:ca:0d:cb:07:b9:
91:01:d9:d2:44:20:cd:69:00:fc:d1:72:71:01:30:e4:56:9b:
6e:42:68:62:87:0a:b0:93:1a:87:d1:c7:6a:61:12:9c:64:69:
9f:83:f6:8a:34:b5:ad:cb:11:65:50:03:e2:a4:f3:a4:b5:52:
fb:f9:52:2a:a2:17:28:9c:05:ae:65:25:33:7a:62:4b:53:9d:
4b:92:bd:e6:b9:1d:44:ca:bd:ea:1d:f0:5c:70:32:f8:58:37:
bd:49:b3:50:c4:73:c9:da:da:af:29:40:b2:b8:b6:92:80:a7:
29:2e:64:e7:e3:e5:72:c5:ae:0b:cf:16:81:6a:17:a7:40:98:
39:fd:42:a3:de:87:fe:5a:cc:9a:23:5c:8e:90:af:03:31:e9:
b4:c9:01:d8:68:7d:9a:27:74:bf:1a:73:1a:16:e8:04:db:75:
55:45:54:c6:26:c1:cd:ba:d8:3b:06:16:c2:98:69:a3:c5:73:
d3:00:2d:f1:42:fc:62:ac:88:64:9b:8f:50:f7:be:3c:1a:e8:
2c:0f:22:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ1QNqNGSfwIPxOgaDG6bMB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwNDAyMjIwMDUxWhcNMjYwNDAzMjIwMDUxWjAzMTEwLwYDVQQD
EygwMmJkMDk0M2UwN2QwN2UzMzFkMzU5OWNjZmI0YzRjNzA0NjIyODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1E8IhVxNsHovH5WhlQpIQbMZErw
JWYe73RChUgfQ46sN1ih0NVlpY20SMrqrc4XakS1y3yxJPRqxsTPZcEQCfplFjWo
1CtxfJaSjPRrdSxVWUfrxoP1ybg2XXzbd68UfGud3X/KEcHHUX2tq6ImkjkcZBMR
PEkW2pMXcd2o11aSSyJqK6kUvoDx0vfleS4nk4UdsW3WjX8i8Ns7yJUuxROBgN72
r9b6xn0mLj0cxoyTbGW6LQQJCT5ska+aGgAAxZVA89v9ZBF09IYMM8vTZmnBdaJh
cvpgpE0AFdGtKqWDzvqPhQUamTKxALWwCmedoygpujVVvaUSNb2v6FdqRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAK9CUPgfQfjMdNZnM+0xMcEYig7MB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwh/ee4JZ
tBfYIhKYWxJyPDL95dQvoUVnUrxifnW3CoZce7j4zca40xe1cLyrr/d3GsoNywe5
kQHZ0kQgzWkA/NFycQEw5FabbkJoYocKsJMah9HHamESnGRpn4P2ijS1rcsRZVAD
4qTzpLVS+/lSKqIXKJwFrmUlM3piS1OdS5K95rkdRMq96h3wXHAy+Fg3vUmzUMRz
ydrarylAsri2koCnKS5k5+PlcsWuC88WgWoXp0CYOf1Co96H/lrMmiNcjpCvAzHp
tMkB2Gh9mid0vxpzGhboBNt1VUVUxibBzbrYOwYWwphpo8Vz0wAt8UL8YqyIZJuP
UPe+PBroLA8ivw==
-----END CERTIFICATE-----
Generated at Fri Apr 3 03:44:05 2026 by rpki-client