Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: 6o2LynI+tuyAjgGG1LtGVkr8UJvo4IajTRSma8i0XIY=
Subject key identifier: D2:20:AD:65:2E:16:40:05:E4:56:07:B8:FE:40:98:02:BE:69:10:15
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019D0C9F5CED2A7A6ABD750C1AC36D2ED602
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 187A
Signing time: Fri 20 Mar 2026 19:01:03 +0000
Manifest this update: Fri 20 Mar 2026 19:01:03 +0000
Manifest next update: Sat 21 Mar 2026 19:01:03 +0000
Files and hashes: 1: 4pTe3zVq_LBaEng6PDXChOvOrYM.asa (hash: ajIeKP46hnwug0OLXYz0+5iBNt1utjAL/IG5/ovLQUU=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: ubEbqP2XeYd9GsJjQlSj3nRjZTjiYGPey5Kr2TX9pPw=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Mar 2026 17:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0c:9f:5c:ed:2a:7a:6a:bd:75:0c:1a:c3:6d:2e:d6:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Mar 20 19:01:03 2026 GMT
Not After : Mar 21 19:01:03 2026 GMT
Subject: CN=d220ad652e164005e45607b8fe409802be691015
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0b:67:6b:b7:f0:d2:73:4f:25:d8:f2:01:d6:
13:20:44:9c:87:3d:bf:51:4b:23:be:be:48:7e:75:
ec:a6:fc:4c:98:da:b2:9b:ec:06:d6:e6:68:00:3d:
6b:89:5f:2c:47:8c:35:ac:e0:3c:df:3d:b9:d3:5d:
ac:d9:21:eb:59:ef:70:1c:02:e1:83:ad:3d:37:19:
1d:a1:2a:4a:35:99:ec:d7:ed:7d:f4:32:09:fc:43:
45:b9:d5:79:a8:32:05:cd:80:7c:ad:64:a5:d0:41:
a7:c3:9a:9b:fc:8b:cf:bd:aa:f3:7e:e5:56:27:82:
e6:2f:5d:9b:76:27:bb:86:47:23:9a:93:50:ca:e0:
c0:9b:99:10:95:ec:f5:97:77:e7:2b:4d:a3:29:b2:
1a:82:4f:74:52:e6:49:fd:79:cd:d7:82:ee:c0:b4:
fb:88:c9:2d:a7:ce:eb:0c:82:2f:f1:9e:f6:38:ef:
5b:0a:9a:93:ab:03:39:9e:5b:dd:66:3c:f4:bd:3f:
15:10:54:9a:a1:e1:eb:a8:cf:0e:0c:9c:76:61:fa:
39:4d:bb:65:81:70:73:23:72:32:16:94:bd:55:20:
3b:58:f8:eb:05:c3:68:99:f5:e7:ec:bf:c5:ab:e8:
34:82:96:7c:a7:0d:29:cf:fa:49:48:64:b6:59:65:
4e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:20:AD:65:2E:16:40:05:E4:56:07:B8:FE:40:98:02:BE:69:10:15
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c7:e7:59:d4:20:91:17:f7:e2:0e:30:3e:fb:ba:54:f4:4a:28:
7b:fa:56:ca:37:e0:fe:c1:69:d3:89:8e:77:4c:56:9a:1b:97:
3b:f6:58:dd:71:8c:7d:be:63:aa:8d:21:e0:9a:3e:2d:82:ad:
4b:20:03:bb:21:00:91:a4:2f:9d:4e:78:f6:7e:da:d3:84:a7:
24:02:3f:35:82:ac:22:00:08:3b:e6:fa:eb:35:ad:dd:b1:d1:
e9:b4:b4:2e:ae:b4:18:25:5f:8c:11:98:d2:23:83:5f:5a:62:
e6:e0:87:b3:71:3e:38:47:04:4a:6d:bf:05:de:8a:e2:af:20:
ac:55:ca:48:e9:60:44:03:87:fa:a6:f2:8e:46:89:18:01:05:
23:16:20:9f:89:e5:f5:e2:99:f7:b8:a3:d9:d2:67:0c:0a:68:
1a:66:fb:a5:5c:5f:86:1a:e7:42:74:4b:e7:46:e4:43:9f:af:
a5:1c:16:d7:fb:bf:c5:24:25:3b:b5:93:34:6e:77:6e:d6:cf:
f5:0f:53:a9:dc:6a:d8:ed:8d:97:7d:99:c5:9d:be:eb:a9:84:
51:3d:f7:95:4c:8e:80:7a:64:5b:65:ca:23:59:78:db:b6:d1:
ed:53:27:86:99:43:38:98:39:27:e8:7d:fd:c8:37:36:78:7c:
19:4a:80:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0Mn1ztKnpqvXUMGsNtLtYCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwMzIwMTkwMTAzWhcNMjYwMzIxMTkwMTAzWjAzMTEwLwYDVQQD
EyhkMjIwYWQ2NTJlMTY0MDA1ZTQ1NjA3YjhmZTQwOTgwMmJlNjkxMDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gtna7fw0nNPJdjyAdYTIESchz2/
UUsjvr5IfnXspvxMmNqym+wG1uZoAD1riV8sR4w1rOA83z25012s2SHrWe9wHALh
g609NxkdoSpKNZns1+199DIJ/ENFudV5qDIFzYB8rWSl0EGnw5qb/IvPvarzfuVW
J4LmL12bdie7hkcjmpNQyuDAm5kQlez1l3fnK02jKbIagk90UuZJ/XnN14LuwLT7
iMktp87rDIIv8Z72OO9bCpqTqwM5nlvdZjz0vT8VEFSaoeHrqM8ODJx2Yfo5Tbtl
gXBzI3IyFpS9VSA7WPjrBcNomfXn7L/Fq+g0gpZ8pw0pz/pJSGS2WWVONwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNIgrWUuFkAF5FYHuP5AmAK+aRAVMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAx+dZ1CCR
F/fiDjA++7pU9Eooe/pWyjfg/sFp04mOd0xWmhuXO/ZY3XGMfb5jqo0h4Jo+LYKt
SyADuyEAkaQvnU549n7a04SnJAI/NYKsIgAIO+b66zWt3bHR6bS0Lq60GCVfjBGY
0iODX1pi5uCHs3E+OEcESm2/Bd6K4q8grFXKSOlgRAOH+qbyjkaJGAEFIxYgn4nl
9eKZ97ij2dJnDApoGmb7pVxfhhrnQnRL50bkQ5+vpRwW1/u/xSQlO7WTNG53btbP
9Q9Tqdxq2O2Nl32ZxZ2+66mEUT33lUyOgHpkW2XKI1l427bR7VMnhplDOJg5J+h9
/cg3Nnh8GUqAkA==
-----END CERTIFICATE-----
Generated at Sat Mar 21 00:21:01 2026 by rpki-client