Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: 7WJzZUjFF3LE4U9bAeEQbtQULZb5MRJvQ+7QXQ/UtdI=
Subject key identifier: 9B:F0:79:46:F4:75:C4:68:5E:FD:50:BE:40:09:14:F4:9B:94:B5:24
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019D807F0E2E0FBF68BEBBA1A4014FDFEFF9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 18B7
Signing time: Sun 12 Apr 2026 07:01:43 +0000
Manifest this update: Sun 12 Apr 2026 07:01:43 +0000
Manifest next update: Mon 13 Apr 2026 07:01:43 +0000
Files and hashes: 1: IGA1ulxSxKGkoLSG34jnJfGS8GM.asa (hash: Wb9Cwa31gXG46doK7XO0BE6KGITY40XEAXzduJEsDJA=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: fD0wrWE9ajJeL+mdjSGuXiBIaYeFfF3CFa8qyNH0tA0=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 Apr 2026 05:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:80:7f:0e:2e:0f:bf:68:be:bb:a1:a4:01:4f:df:ef:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Apr 12 07:01:43 2026 GMT
Not After : Apr 13 07:01:43 2026 GMT
Subject: CN=9bf07946f475c4685efd50be400914f49b94b524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:15:2e:69:65:b8:87:f4:aa:e4:20:73:34:44:
5d:3b:3d:f1:a9:6a:7c:24:3e:34:fd:7a:6e:f8:f0:
56:fd:02:ba:cf:af:e0:03:68:28:34:12:9e:36:2e:
0c:66:7b:e2:e4:33:c1:15:d4:ef:30:b7:66:81:00:
c3:31:94:a4:e8:42:67:8e:27:b6:d1:32:21:f3:a0:
91:1a:ac:08:4a:51:68:ef:c8:00:24:71:ad:a6:08:
84:b5:9c:e7:d3:b8:47:46:35:9f:8f:7b:de:67:ff:
16:6c:6c:94:e6:de:c7:02:4e:94:e4:e0:2f:e1:d5:
ab:35:f9:cc:9c:b8:5f:46:1e:c1:7c:a4:44:92:81:
74:5e:9d:a0:aa:c0:dc:5c:06:d5:8e:23:05:74:41:
fd:9a:f1:67:80:c8:a3:d9:96:4c:43:b0:33:f9:73:
55:13:07:e7:e3:eb:80:d5:00:76:2d:2e:72:6b:0d:
43:f6:16:0d:e2:22:cd:82:7c:a3:34:9c:b4:82:be:
38:00:9f:a5:54:04:f9:c3:74:a0:1d:6b:f9:2a:6b:
bd:bc:d0:b5:00:ca:22:17:46:1e:fe:16:41:3d:c9:
45:ff:33:9e:a0:9a:ab:4e:a3:2c:fc:8d:85:26:7b:
42:f2:b0:87:a6:c9:43:59:95:9e:7f:01:3b:0b:61:
59:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:F0:79:46:F4:75:C4:68:5E:FD:50:BE:40:09:14:F4:9B:94:B5:24
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:f4:40:97:47:38:6b:80:57:64:13:a9:cd:46:8c:88:22:cf:
fc:26:b4:1e:d5:96:55:16:57:11:5d:dc:bf:17:d6:0f:5d:21:
fe:ef:47:98:c0:c2:3c:9a:e1:7b:92:0e:62:db:ed:4d:b7:c0:
04:ae:34:39:03:db:00:da:08:26:42:f2:0a:55:48:91:83:4f:
83:68:3c:81:b7:39:f9:e4:2d:2a:76:54:29:32:8b:a5:5d:30:
58:eb:ce:9b:45:e6:f7:f2:d7:96:79:5b:43:86:1d:eb:68:36:
7f:ac:8c:c4:65:f8:4b:f5:97:6e:cc:3a:89:ea:e6:eb:ae:55:
fe:d3:40:35:c2:01:5c:48:0f:2f:92:ee:2b:f8:85:57:2f:85:
c1:c3:fb:f7:f8:6b:e1:71:be:55:cf:a3:45:c2:23:16:7c:05:
07:ae:65:2e:d1:b9:f1:db:03:f8:ac:74:a4:9e:0c:47:53:df:
e1:8d:90:18:44:0e:24:45:e1:6f:ac:5a:eb:06:31:4d:a6:ce:
fc:90:80:7d:3d:09:5e:d9:1a:f3:8c:25:36:95:0d:c3:18:ba:
96:75:78:bb:9f:e2:4e:34:78:c6:9a:73:6d:dc:0f:db:ef:61:
09:2f:5e:21:5c:9b:c7:57:68:dc:f9:da:aa:82:c5:c6:9b:21:
a0:b1:07:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Afw4uD79ovruhpAFP3+/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwNDEyMDcwMTQzWhcNMjYwNDEzMDcwMTQzWjAzMTEwLwYDVQQD
Eyg5YmYwNzk0NmY0NzVjNDY4NWVmZDUwYmU0MDA5MTRmNDliOTRiNTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhUuaWW4h/Sq5CBzNERdOz3xqWp8
JD40/Xpu+PBW/QK6z6/gA2goNBKeNi4MZnvi5DPBFdTvMLdmgQDDMZSk6EJnjie2
0TIh86CRGqwISlFo78gAJHGtpgiEtZzn07hHRjWfj3veZ/8WbGyU5t7HAk6U5OAv
4dWrNfnMnLhfRh7BfKREkoF0Xp2gqsDcXAbVjiMFdEH9mvFngMij2ZZMQ7Az+XNV
Ewfn4+uA1QB2LS5yaw1D9hYN4iLNgnyjNJy0gr44AJ+lVAT5w3SgHWv5Kmu9vNC1
AMoiF0Ye/hZBPclF/zOeoJqrTqMs/I2FJntC8rCHpslDWZWefwE7C2FZLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJvweUb0dcRoXv1QvkAJFPSblLUkMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKvRAl0c4
a4BXZBOpzUaMiCLP/Ca0HtWWVRZXEV3cvxfWD10h/u9HmMDCPJrhe5IOYtvtTbfA
BK40OQPbANoIJkLyClVIkYNPg2g8gbc5+eQtKnZUKTKLpV0wWOvOm0Xm9/LXlnlb
Q4Yd62g2f6yMxGX4S/WXbsw6ierm665V/tNANcIBXEgPL5LuK/iFVy+FwcP79/hr
4XG+Vc+jRcIjFnwFB65lLtG58dsD+Kx0pJ4MR1Pf4Y2QGEQOJEXhb6xa6wYxTabO
/JCAfT0JXtka84wlNpUNwxi6lnV4u5/iTjR4xppzbdwP2+9hCS9eIVybx1do3Pna
qoLFxpshoLEHRQ==
-----END CERTIFICATE-----
Generated at Sun Apr 12 15:05:18 2026 by rpki-client