Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: 3Ba4Z50p+FPElLMQJvDVyxmB4OsTLq0xwPvhQTXGy8g=
Subject key identifier: 84:5B:AC:92:47:3A:E8:AE:35:BC:99:A6:5A:A9:91:F0:05:09:86:62
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019E01E2361079991E9BCE2B40FFE038AD02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 18FA
Signing time: Thu 07 May 2026 10:01:02 +0000
Manifest this update: Thu 07 May 2026 10:01:02 +0000
Manifest next update: Fri 08 May 2026 10:01:02 +0000
Files and hashes: 1: IGA1ulxSxKGkoLSG34jnJfGS8GM.asa (hash: Wb9Cwa31gXG46doK7XO0BE6KGITY40XEAXzduJEsDJA=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: IeefWzKhTnfNkquYKA26cGaVV0O8kYELhylW0+MFOkw=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 May 2026 07:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:01:e2:36:10:79:99:1e:9b:ce:2b:40:ff:e0:38:ad:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: May 7 10:01:02 2026 GMT
Not After : May 8 10:01:02 2026 GMT
Subject: CN=845bac92473ae8ae35bc99a65aa991f005098662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:87:4b:fa:0b:f1:25:52:bd:24:98:4c:85:e9:
ef:aa:b9:9f:cb:30:c4:eb:7a:97:d3:5e:39:84:e9:
68:1c:57:dd:cb:f3:c7:d8:c3:c3:7c:76:2b:46:52:
1e:0a:d4:92:6b:af:f0:cf:52:da:4a:b4:83:82:42:
75:b5:f7:99:3a:ae:f8:04:76:60:9f:48:4e:74:6c:
79:02:8c:c5:34:19:68:db:a7:98:5b:b6:d5:b5:cd:
f4:3b:6a:ef:88:b7:ce:4b:93:d2:b0:e2:de:b0:42:
3a:94:a9:a2:3c:3f:fa:27:ba:08:97:56:56:58:f4:
79:15:26:f7:1b:c0:39:49:4f:06:27:1c:5c:15:20:
4a:ee:21:25:3a:01:b9:52:2e:52:b0:2b:1c:35:3b:
33:54:9c:1c:d0:80:f0:3b:39:7c:5d:60:37:c8:80:
a7:11:46:04:0d:84:e2:49:e3:9f:da:6a:07:04:2b:
ee:71:08:d2:8c:52:43:61:91:52:1b:15:a2:dc:28:
5a:e4:3b:f0:ec:7e:03:15:21:b4:e1:4c:c8:8d:f7:
e2:1b:67:c4:82:ab:a3:97:71:2f:c7:e4:98:55:6b:
92:cf:13:a4:3a:c6:b1:48:6f:18:31:24:d0:e7:2f:
d7:ea:1f:96:09:22:f6:e9:53:22:57:1f:21:17:e8:
b8:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:5B:AC:92:47:3A:E8:AE:35:BC:99:A6:5A:A9:91:F0:05:09:86:62
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c6:ea:2e:41:31:02:c9:e5:0d:45:cf:55:f5:96:05:eb:68:6e:
f9:50:d8:ab:2f:d8:7a:02:9c:0e:d7:05:35:f2:43:9e:ca:f7:
fd:c2:09:21:b3:37:5e:44:fb:b4:70:0e:db:96:e4:de:a6:eb:
96:4c:24:25:25:28:f9:01:a5:9d:e8:53:0f:4c:d9:7f:7a:1b:
04:c9:75:e6:06:51:73:0a:42:30:2c:93:ff:4c:85:f5:40:8b:
2b:6d:a3:e1:e2:49:e3:80:17:52:6e:b6:64:f0:1b:96:c5:18:
3c:29:74:0e:42:de:4d:5d:c5:e2:7a:b5:ce:d1:96:7f:d8:31:
59:75:f0:b5:72:70:b6:90:2c:fd:07:67:e8:d3:6e:80:c1:b3:
53:c4:b0:b2:4d:d3:b0:67:ff:9d:17:a7:95:d2:a3:ae:6f:e8:
0e:46:c8:e8:0a:fc:ef:6e:97:77:4d:db:62:af:ec:29:fd:dd:
7c:39:a2:ef:e1:ad:a8:b4:33:11:7d:7a:b8:1b:3d:e8:6a:2e:
cb:bf:70:9d:3f:0a:a5:9e:3b:72:a5:d4:42:dd:61:ec:40:f8:
e0:36:d6:2c:eb:20:73:e5:16:44:ff:8d:36:ec:60:d2:17:57:
35:fc:48:f2:f3:1a:4e:17:3e:71:75:45:c1:53:d8:46:f5:d0:
f5:d3:b4:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4B4jYQeZkem84rQP/gOK0CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwNTA3MTAwMTAyWhcNMjYwNTA4MTAwMTAyWjAzMTEwLwYDVQQD
Eyg4NDViYWM5MjQ3M2FlOGFlMzViYzk5YTY1YWE5OTFmMDA1MDk4NjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4dL+gvxJVK9JJhMhenvqrmfyzDE
63qX0145hOloHFfdy/PH2MPDfHYrRlIeCtSSa6/wz1LaSrSDgkJ1tfeZOq74BHZg
n0hOdGx5AozFNBlo26eYW7bVtc30O2rviLfOS5PSsOLesEI6lKmiPD/6J7oIl1ZW
WPR5FSb3G8A5SU8GJxxcFSBK7iElOgG5Ui5SsCscNTszVJwc0IDwOzl8XWA3yICn
EUYEDYTiSeOf2moHBCvucQjSjFJDYZFSGxWi3Cha5Dvw7H4DFSG04UzIjffiG2fE
gqujl3Evx+SYVWuSzxOkOsaxSG8YMSTQ5y/X6h+WCSL26VMiVx8hF+i4xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRbrJJHOuiuNbyZplqpkfAFCYZiMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxuouQTEC
yeUNRc9V9ZYF62hu+VDYqy/YegKcDtcFNfJDnsr3/cIJIbM3XkT7tHAO25bk3qbr
lkwkJSUo+QGlnehTD0zZf3obBMl15gZRcwpCMCyT/0yF9UCLK22j4eJJ44AXUm62
ZPAblsUYPCl0DkLeTV3F4nq1ztGWf9gxWXXwtXJwtpAs/Qdn6NNugMGzU8Swsk3T
sGf/nRenldKjrm/oDkbI6Ar8726Xd03bYq/sKf3dfDmi7+GtqLQzEX16uBs96Gou
y79wnT8KpZ47cqXUQt1h7ED44DbWLOsgc+UWRP+NNuxg0hdXNfxI8vMaThc+cXVF
wVPYRvXQ9dO0yg==
-----END CERTIFICATE-----
Generated at Thu May 7 14:26:32 2026 by rpki-client