Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: b9wFNCEEaDbdZdLARApFebTKxAsT/gXQ3cJvm6F3NWo=
Subject key identifier: 25:29:68:3F:4C:AD:FF:8C:D0:D1:CD:02:00:90:93:16:8C:F2:CD:07
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019CD68C75A044B11AB069C8D9416A1806AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 185E
Signing time: Tue 10 Mar 2026 07:00:55 +0000
Manifest this update: Tue 10 Mar 2026 07:00:55 +0000
Manifest next update: Wed 11 Mar 2026 07:00:55 +0000
Files and hashes: 1: 4pTe3zVq_LBaEng6PDXChOvOrYM.asa (hash: ajIeKP46hnwug0OLXYz0+5iBNt1utjAL/IG5/ovLQUU=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: pCh0OIO0c8eq4SBtGlBaYwVYspnWbH+EFWGJLmkClYw=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Mar 2026 06:19:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d6:8c:75:a0:44:b1:1a:b0:69:c8:d9:41:6a:18:06:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Mar 10 07:00:55 2026 GMT
Not After : Mar 11 07:00:55 2026 GMT
Subject: CN=2529683f4cadff8cd0d1cd02009093168cf2cd07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4d:08:bb:e2:df:3b:cd:d1:b1:9a:42:7b:14:
a3:78:7a:52:3c:6a:58:4f:7e:cd:31:ca:10:66:83:
1b:de:be:0b:3c:bb:b6:0b:a5:b2:24:f3:15:b9:15:
b9:7f:22:ff:41:71:86:0c:65:fe:9d:dd:83:bb:5b:
7f:00:b7:37:e3:d1:77:7d:d3:5e:39:ce:42:73:78:
3c:e4:df:01:e5:4e:4e:ee:7c:5c:92:b7:c9:b4:70:
3b:31:56:31:1f:f8:f4:22:d9:6f:30:88:94:e3:07:
dc:81:60:fe:4a:ce:86:08:b3:bd:3f:77:ce:76:2a:
16:0c:f5:31:23:d9:7b:17:4e:e5:2b:8f:fc:9c:40:
92:01:2c:86:8b:a9:a2:35:a9:5b:fd:d9:46:c5:72:
3d:0d:80:d5:02:5c:17:14:cb:28:3a:5d:e1:68:c4:
0c:63:66:57:ae:1b:24:8e:23:5b:cc:63:c3:a3:88:
53:ce:01:73:98:e9:16:83:fd:ed:98:a0:c2:88:c2:
fa:3a:d4:71:83:9e:d1:9a:0a:29:dc:08:85:e6:18:
76:c5:e2:7c:69:49:09:00:3b:32:4a:83:b5:af:0b:
94:85:d0:ed:af:3f:a5:35:6e:e3:70:41:5e:79:e6:
f9:8f:84:2b:30:cc:4c:3a:d2:4e:0c:44:da:8a:45:
9a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:29:68:3F:4C:AD:FF:8C:D0:D1:CD:02:00:90:93:16:8C:F2:CD:07
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:14:0c:41:cc:25:1f:a5:8f:b5:72:32:6d:26:94:8b:34:b0:
99:c9:6d:bc:f0:d1:24:9e:ac:61:e7:f3:75:6b:02:9f:5d:05:
ef:8a:3f:0f:e1:10:c4:e9:29:2a:43:b6:9e:66:ca:da:62:b5:
43:d1:f1:18:28:52:cf:e7:7f:13:c5:53:46:44:3d:97:05:0c:
8b:db:71:82:48:b5:f4:e0:57:5f:59:52:bc:22:3a:9d:94:4a:
0c:37:1b:ac:61:b7:bb:a8:90:1e:27:f0:dc:1a:26:39:ad:ec:
c0:1b:29:df:52:aa:92:4e:14:d0:85:8d:75:a9:4a:f7:2a:d0:
18:62:84:e0:b9:5e:4c:6d:43:b5:9c:7b:63:e6:16:cc:53:88:
2c:d3:52:bf:54:5d:49:f5:43:2f:ae:ca:03:05:58:09:7f:e1:
f0:fa:f8:c3:55:fa:cb:c7:d1:99:47:30:73:1c:cc:7f:93:c5:
a4:28:26:7b:d7:95:52:1a:2c:c0:12:e5:53:9a:5f:fc:a3:ab:
30:8a:70:fa:59:78:3a:a6:87:7c:7d:2b:0b:83:34:01:67:31:
5a:5c:8a:1a:0b:ba:86:6a:7f:e0:f2:12:85:5f:67:b8:b1:18:
83:5a:97:d4:54:a9:30:8c:d6:85:33:a7:08:3d:52:6e:d4:9a:
32:83:57:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzWjHWgRLEasGnI2UFqGAauMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwMzEwMDcwMDU1WhcNMjYwMzExMDcwMDU1WjAzMTEwLwYDVQQD
EygyNTI5NjgzZjRjYWRmZjhjZDBkMWNkMDIwMDkwOTMxNjhjZjJjZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuU0Iu+LfO83RsZpCexSjeHpSPGpY
T37NMcoQZoMb3r4LPLu2C6WyJPMVuRW5fyL/QXGGDGX+nd2Du1t/ALc349F3fdNe
Oc5Cc3g85N8B5U5O7nxckrfJtHA7MVYxH/j0ItlvMIiU4wfcgWD+Ss6GCLO9P3fO
dioWDPUxI9l7F07lK4/8nECSASyGi6miNalb/dlGxXI9DYDVAlwXFMsoOl3haMQM
Y2ZXrhskjiNbzGPDo4hTzgFzmOkWg/3tmKDCiML6OtRxg57Rmgop3AiF5hh2xeJ8
aUkJADsySoO1rwuUhdDtrz+lNW7jcEFeeeb5j4QrMMxMOtJODETaikWa9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCUpaD9Mrf+M0NHNAgCQkxaM8s0HMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmxQMQcwl
H6WPtXIybSaUizSwmcltvPDRJJ6sYefzdWsCn10F74o/D+EQxOkpKkO2nmbK2mK1
Q9HxGChSz+d/E8VTRkQ9lwUMi9txgki19OBXX1lSvCI6nZRKDDcbrGG3u6iQHifw
3BomOa3swBsp31Kqkk4U0IWNdalK9yrQGGKE4LleTG1DtZx7Y+YWzFOILNNSv1Rd
SfVDL67KAwVYCX/h8Pr4w1X6y8fRmUcwcxzMf5PFpCgme9eVUhoswBLlU5pf/KOr
MIpw+ll4OqaHfH0rC4M0AWcxWlyKGgu6hmp/4PIShV9nuLEYg1qX1FSpMIzWhTOn
CD1SbtSaMoNXtQ==
-----END CERTIFICATE-----
Generated at Tue Mar 10 10:40:29 2026 by rpki-client