Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: CtUiUvDMpGB2bq52RYz5kN5BF5B/RBW1NVIFJ8JV4FI=
Subject key identifier: D4:EB:4B:59:BE:D3:BF:60:BC:0C:79:74:11:AE:5D:74:76:3C:6D:1E
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019E73D2AF77DED4263B8C680A0EA8292BC5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 1935
Signing time: Fri 29 May 2026 13:00:47 +0000
Manifest this update: Fri 29 May 2026 13:00:47 +0000
Manifest next update: Sat 30 May 2026 13:00:47 +0000
Files and hashes: 1: IGA1ulxSxKGkoLSG34jnJfGS8GM.asa (hash: Wb9Cwa31gXG46doK7XO0BE6KGITY40XEAXzduJEsDJA=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: djpfT/tsANtM7hr/BaUM8yM8sHdGKalbG91mZdgAYdI=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 30 May 2026 13:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:73:d2:af:77:de:d4:26:3b:8c:68:0a:0e:a8:29:2b:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: May 29 13:00:47 2026 GMT
Not After : May 30 13:00:47 2026 GMT
Subject: CN=d4eb4b59bed3bf60bc0c797411ae5d74763c6d1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:42:f3:b9:59:87:86:8b:7b:54:fd:dc:4d:4f:
33:01:7f:0c:94:f8:da:7d:6b:e4:73:95:da:78:29:
0b:38:21:ee:79:e8:93:b9:e3:45:8a:23:8a:21:cc:
d5:b4:29:d3:7b:06:2a:1e:70:11:0d:04:23:25:7a:
ca:2e:a6:6d:85:de:6c:dd:1c:6e:1f:ec:45:e4:ed:
e5:6b:72:bb:56:a5:31:f9:b4:54:29:0e:8e:68:6f:
c1:56:41:2b:ff:58:f7:ac:7b:59:41:ef:31:5e:30:
ba:f5:64:b4:af:32:e4:e7:42:7e:70:12:4e:a2:77:
c5:b7:67:6b:9b:91:2b:c4:cf:ae:91:b7:32:e0:65:
3f:30:73:c0:1f:2b:fd:28:92:4a:e4:40:3d:e4:b9:
67:bb:12:59:1c:9c:c9:7f:6a:61:7a:9e:f2:75:b6:
03:f7:24:6a:f2:1c:9e:95:37:1b:55:2a:07:46:5d:
2d:7e:9a:46:d5:26:5d:04:7f:6f:a7:7a:72:67:f7:
86:4c:aa:a0:7c:07:f3:fb:d2:4c:c3:c8:57:97:ac:
51:be:27:6e:c6:c2:2c:00:03:d4:f2:a8:6a:7e:5c:
ad:1c:4b:ac:01:ff:90:58:2b:92:cf:31:ca:d2:da:
25:aa:b3:0b:e3:9f:4a:30:a1:db:24:71:c3:0c:92:
9e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:EB:4B:59:BE:D3:BF:60:BC:0C:79:74:11:AE:5D:74:76:3C:6D:1E
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:e2:da:81:17:26:de:92:00:4a:b5:9d:11:47:00:94:c6:62:
e0:2b:0f:83:e9:ae:a9:7d:35:19:5f:45:70:05:c3:93:67:ad:
2c:2b:8e:b7:d9:c3:82:68:c1:4e:71:4d:8d:13:ed:b5:c4:ba:
dc:45:fa:98:f4:a8:cd:e3:79:aa:41:91:38:09:05:61:5c:73:
08:0d:a5:95:98:a9:31:43:44:88:83:9c:f4:b7:af:4f:19:4a:
54:2d:78:40:5f:0d:ed:d1:12:60:ae:3d:6f:6e:20:7b:65:f1:
fa:28:ac:df:18:ce:21:f8:2f:14:47:f1:0a:ef:33:01:cb:83:
52:68:02:b6:04:b4:63:dc:c2:4e:3f:1f:28:40:86:71:45:75:
df:c5:f7:ea:79:2d:b8:b9:be:17:ca:09:1c:8c:2c:1c:7e:e6:
22:09:f4:b8:b2:e5:6b:15:51:e9:f6:a0:d2:5a:f0:fa:6f:f4:
7e:c4:c2:f8:45:3c:8d:07:e0:90:a6:9d:83:93:d5:e4:65:d6:
c8:d1:63:48:0a:31:74:72:cc:6b:d0:b2:97:83:5c:11:7d:0c:
0a:b7:8b:f5:77:69:f9:dd:24:79:3a:7d:37:28:83:2f:1c:87:
0c:7a:ce:25:9a:e5:ad:c9:66:7c:9f:c1:af:69:96:54:27:a7:
81:03:b3:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ5z0q933tQmO4xoCg6oKSvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwNTI5MTMwMDQ3WhcNMjYwNTMwMTMwMDQ3WjAzMTEwLwYDVQQD
EyhkNGViNGI1OWJlZDNiZjYwYmMwYzc5NzQxMWFlNWQ3NDc2M2M2ZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0LzuVmHhot7VP3cTU8zAX8MlPja
fWvkc5XaeCkLOCHueeiTueNFiiOKIczVtCnTewYqHnARDQQjJXrKLqZthd5s3Rxu
H+xF5O3la3K7VqUx+bRUKQ6OaG/BVkEr/1j3rHtZQe8xXjC69WS0rzLk50J+cBJO
onfFt2drm5ErxM+ukbcy4GU/MHPAHyv9KJJK5EA95LlnuxJZHJzJf2phep7ydbYD
9yRq8hyelTcbVSoHRl0tfppG1SZdBH9vp3pyZ/eGTKqgfAfz+9JMw8hXl6xRvidu
xsIsAAPU8qhqflytHEusAf+QWCuSzzHK0tolqrML459KMKHbJHHDDJKeiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNTrS1m+079gvAx5dBGuXXR2PG0eMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXOLagRcm
3pIASrWdEUcAlMZi4CsPg+muqX01GV9FcAXDk2etLCuOt9nDgmjBTnFNjRPttcS6
3EX6mPSozeN5qkGROAkFYVxzCA2llZipMUNEiIOc9LevTxlKVC14QF8N7dESYK49
b24ge2Xx+iis3xjOIfgvFEfxCu8zAcuDUmgCtgS0Y9zCTj8fKECGcUV138X36nkt
uLm+F8oJHIwsHH7mIgn0uLLlaxVR6fag0lrw+m/0fsTC+EU8jQfgkKadg5PV5GXW
yNFjSAoxdHLMa9Cyl4NcEX0MCreL9Xdp+d0keTp9NyiDLxyHDHrOJZrlrclmfJ/B
r2mWVCengQOzHQ==
-----END CERTIFICATE-----
Generated at Fri May 29 23:16:05 2026 by rpki-client