Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: KjlE1TkfCdU6Es6A3LZ20P6Jqlw0rNPQvZeDjRAOJh0=
Subject key identifier: 86:DD:23:33:28:5D:A7:B1:43:44:E0:EC:53:6E:41:69:4C:8E:3E:CA
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019D9998E3E02C167E24743ACB67A7E0E4DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 18C4
Signing time: Fri 17 Apr 2026 04:00:27 +0000
Manifest this update: Fri 17 Apr 2026 04:00:27 +0000
Manifest next update: Sat 18 Apr 2026 04:00:27 +0000
Files and hashes: 1: IGA1ulxSxKGkoLSG34jnJfGS8GM.asa (hash: Wb9Cwa31gXG46doK7XO0BE6KGITY40XEAXzduJEsDJA=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: vfdzLYFQxoiVeEjcpUDe0pXAM31Zv/0Dp7HYIJ99Of4=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 04:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:98:e3:e0:2c:16:7e:24:74:3a:cb:67:a7:e0:e4:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Apr 17 04:00:27 2026 GMT
Not After : Apr 18 04:00:27 2026 GMT
Subject: CN=86dd2333285da7b14344e0ec536e41694c8e3eca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:82:c7:d8:18:d6:61:61:76:9c:78:fb:ce:79:
67:7b:03:75:a4:5a:40:45:81:f4:2e:d8:c6:f7:58:
3d:55:2e:be:00:68:ec:48:79:81:02:d5:cd:cc:de:
9d:b5:bf:df:e4:40:67:08:a9:5e:16:f0:14:1f:15:
ee:7b:ba:02:e7:d8:12:01:f0:9f:29:5c:b1:01:2c:
a8:f2:2d:7b:4e:c0:ec:ae:f5:2f:d3:49:a6:c6:44:
43:05:da:d8:e0:bd:80:5b:3c:9f:7c:68:4e:fb:69:
46:73:99:57:85:09:31:94:90:9b:66:37:22:42:eb:
2f:4a:2e:bd:bd:04:55:fe:4e:3d:19:fd:9c:5a:75:
62:f9:95:25:a2:57:81:1f:97:a3:ca:98:7a:20:8b:
5b:cf:be:00:43:f1:06:5f:33:f9:b9:0c:e8:7d:9f:
33:9f:d3:dd:8f:88:a8:a7:90:55:83:9c:fe:3b:c2:
0e:34:46:b4:ef:a1:15:4f:4f:ac:61:22:05:78:c5:
3a:f8:b0:4f:ab:a9:d0:81:27:58:a4:ae:34:f9:b4:
37:85:3d:61:cf:88:9e:b5:c9:21:24:12:e5:e0:3b:
0c:62:e1:69:c6:80:65:fb:0e:60:81:fc:c4:ee:4e:
1c:1f:a8:7b:f3:df:0a:1f:93:4e:1f:01:00:d6:75:
12:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:DD:23:33:28:5D:A7:B1:43:44:E0:EC:53:6E:41:69:4C:8E:3E:CA
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:d8:dc:49:8e:94:e4:61:6e:3f:03:9e:11:ee:72:91:0c:ca:
b2:66:b0:4f:49:03:12:50:d6:2a:64:d6:d9:cc:09:0c:6c:cc:
07:09:ac:56:51:07:bc:04:11:e4:dd:c6:00:37:e7:02:ef:b3:
f8:3c:f8:1e:55:c3:f9:f8:41:78:0f:42:c5:4d:a4:30:e0:be:
d9:1c:f7:75:0a:da:52:8e:4c:cf:3e:85:05:71:64:30:8b:a2:
0f:fe:05:3f:b1:24:de:cc:de:aa:22:8c:80:96:25:09:59:f2:
09:88:8a:4b:dd:20:fe:18:f0:7f:69:cf:11:ba:f8:3d:45:7f:
c1:02:3a:55:d9:28:dc:77:bb:6e:66:d2:6f:0a:4b:22:52:fe:
64:97:ba:3e:2f:9b:98:4a:50:8f:3a:66:e6:1a:1f:7a:05:d1:
40:dd:35:c3:6d:08:fe:5d:ec:5f:cc:3f:f7:61:a5:4e:44:f7:
19:44:29:b2:aa:e6:49:9b:45:80:33:fc:dd:61:ef:bc:dc:bd:
a1:71:e5:ee:06:6f:6a:c9:4e:c0:51:75:32:04:fc:c5:f1:62:
d4:a0:6f:34:fe:2f:5d:19:a4:e6:98:39:f5:a1:1e:cf:c9:a3:
6a:70:e4:10:79:b0:d1:98:5a:86:f9:9e:5a:9b:5b:2a:93:ff:
20:f7:3e:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmOPgLBZ+JHQ6y2en4OTfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwNDE3MDQwMDI3WhcNMjYwNDE4MDQwMDI3WjAzMTEwLwYDVQQD
Eyg4NmRkMjMzMzI4NWRhN2IxNDM0NGUwZWM1MzZlNDE2OTRjOGUzZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzILH2BjWYWF2nHj7znlnewN1pFpA
RYH0LtjG91g9VS6+AGjsSHmBAtXNzN6dtb/f5EBnCKleFvAUHxXue7oC59gSAfCf
KVyxASyo8i17TsDsrvUv00mmxkRDBdrY4L2AWzyffGhO+2lGc5lXhQkxlJCbZjci
QusvSi69vQRV/k49Gf2cWnVi+ZUloleBH5ejyph6IItbz74AQ/EGXzP5uQzofZ8z
n9Pdj4iop5BVg5z+O8IONEa076EVT0+sYSIFeMU6+LBPq6nQgSdYpK40+bQ3hT1h
z4ietckhJBLl4DsMYuFpxoBl+w5ggfzE7k4cH6h7898KH5NOHwEA1nUS+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIbdIzMoXaexQ0Tg7FNuQWlMjj7KMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASdjcSY6U
5GFuPwOeEe5ykQzKsmawT0kDElDWKmTW2cwJDGzMBwmsVlEHvAQR5N3GADfnAu+z
+Dz4HlXD+fhBeA9CxU2kMOC+2Rz3dQraUo5Mzz6FBXFkMIuiD/4FP7Ek3szeqiKM
gJYlCVnyCYiKS90g/hjwf2nPEbr4PUV/wQI6Vdko3He7bmbSbwpLIlL+ZJe6Pi+b
mEpQjzpm5hofegXRQN01w20I/l3sX8w/92GlTkT3GUQpsqrmSZtFgDP83WHvvNy9
oXHl7gZvaslOwFF1MgT8xfFi1KBvNP4vXRmk5pg59aEez8mjanDkEHmw0Zhahvme
WptbKpP/IPc+yg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:40:35 2026 by rpki-client