Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: GjtTLmMTqXgljGN2jjPJ/W3g9miNCyPggs0J+TTddgA=
Subject key identifier: F9:04:B0:96:A2:02:10:77:38:30:5B:B1:80:73:DE:91:47:7E:00:13
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019D845C3F7B2D8FB05F385EA0B6DB97C91C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 18B9
Signing time: Mon 13 Apr 2026 01:02:11 +0000
Manifest this update: Mon 13 Apr 2026 01:02:11 +0000
Manifest next update: Tue 14 Apr 2026 01:02:11 +0000
Files and hashes: 1: IGA1ulxSxKGkoLSG34jnJfGS8GM.asa (hash: Wb9Cwa31gXG46doK7XO0BE6KGITY40XEAXzduJEsDJA=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: uX7Cm2zh0VuxhvqHxe4QFb66bNJUpj5rdUYCeUMTkP4=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 Apr 2026 21:31:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:84:5c:3f:7b:2d:8f:b0:5f:38:5e:a0:b6:db:97:c9:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Apr 13 01:02:11 2026 GMT
Not After : Apr 14 01:02:11 2026 GMT
Subject: CN=f904b096a202107738305bb18073de91477e0013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:73:0b:1b:d8:0d:81:cf:51:1e:a5:5e:db:b6:
64:d6:41:d5:44:f3:00:f6:1c:5b:a8:cf:bc:c6:57:
a3:32:67:f7:aa:19:11:ab:1a:04:f3:55:82:24:50:
a1:11:68:d8:d3:af:bd:18:3f:ec:f0:75:d2:45:b1:
21:60:bf:88:14:bf:3f:28:e8:35:ea:ed:80:92:4f:
0c:40:2d:2e:83:f7:6d:52:eb:07:b9:bb:22:75:71:
ef:87:f6:f4:22:6d:f0:de:bf:46:01:6a:9e:49:92:
a2:cf:a7:4b:22:e4:fa:e7:43:53:c1:7e:2b:bd:25:
df:e2:3f:4d:4b:6e:42:e5:4e:be:07:5f:18:a7:50:
2f:b6:d5:8d:5e:24:21:1c:ff:6c:11:c8:73:1e:61:
fd:4c:35:12:79:06:a1:39:05:bd:b7:1a:fa:db:04:
1f:52:bd:c0:d5:d5:00:5e:69:f2:65:88:31:d6:32:
74:ff:da:14:2e:a3:1d:68:08:4a:13:38:c5:e8:9c:
54:e9:75:d3:44:6f:97:9e:49:3b:02:e6:fc:d4:2b:
0e:67:74:49:a1:10:f6:30:df:59:eb:a4:20:91:8e:
cf:fb:70:e7:16:47:58:23:d9:61:fd:88:c8:ac:75:
12:43:af:bf:80:dc:b5:81:6e:42:63:b7:90:01:5d:
0e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:04:B0:96:A2:02:10:77:38:30:5B:B1:80:73:DE:91:47:7E:00:13
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:a7:b3:3d:db:17:66:09:44:24:ce:31:a7:09:e9:2f:93:ed:
4f:18:57:5c:42:3b:84:4f:b5:fe:33:df:54:97:60:63:0c:b3:
50:ad:7c:41:ee:9c:58:8e:2c:ef:a1:59:4a:cd:5d:b0:d5:fb:
c8:1c:a2:db:5d:86:e2:a3:ae:78:15:32:06:a7:31:96:70:c9:
fd:01:96:93:b7:c3:2d:1b:fe:d3:e0:cb:07:04:91:6a:e8:7f:
93:98:65:4a:59:b5:37:87:5f:56:91:ed:fb:7f:32:f2:52:40:
08:50:f4:1c:53:b5:ae:ce:89:9f:db:d4:a8:3a:75:06:2b:e9:
b4:03:fb:7d:6b:38:e2:5c:20:15:15:0f:b5:1e:8b:c5:e0:74:
14:83:29:4a:42:ec:ef:5f:c1:d4:80:af:1a:62:f4:c2:e7:9d:
60:26:15:3c:08:1a:e2:bc:1b:36:aa:21:58:f1:fe:85:da:c6:
63:ea:25:01:37:d8:f7:21:8b:27:3b:df:b5:ae:99:d6:f6:75:
b8:1a:86:1d:3a:c9:a4:3d:64:ad:89:e3:c9:0b:30:e7:40:6e:
a6:85:4d:1e:25:9f:75:02:82:f8:77:fc:b4:e8:fb:ff:45:05:
ef:ad:2b:cf:4b:c1:f5:52:4a:ef:74:6d:99:a8:65:80:dd:97:
6c:ff:73:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2EXD97LY+wXzheoLbbl8kcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwNDEzMDEwMjExWhcNMjYwNDE0MDEwMjExWjAzMTEwLwYDVQQD
EyhmOTA0YjA5NmEyMDIxMDc3MzgzMDViYjE4MDczZGU5MTQ3N2UwMDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnMLG9gNgc9RHqVe27Zk1kHVRPMA
9hxbqM+8xlejMmf3qhkRqxoE81WCJFChEWjY06+9GD/s8HXSRbEhYL+IFL8/KOg1
6u2Akk8MQC0ug/dtUusHubsidXHvh/b0Im3w3r9GAWqeSZKiz6dLIuT650NTwX4r
vSXf4j9NS25C5U6+B18Yp1AvttWNXiQhHP9sEchzHmH9TDUSeQahOQW9txr62wQf
Ur3A1dUAXmnyZYgx1jJ0/9oULqMdaAhKEzjF6JxU6XXTRG+Xnkk7Aub81CsOZ3RJ
oRD2MN9Z66QgkY7P+3DnFkdYI9lh/YjIrHUSQ6+/gNy1gW5CY7eQAV0O6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPkEsJaiAhB3ODBbsYBz3pFHfgATMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZaezPdsX
ZglEJM4xpwnpL5PtTxhXXEI7hE+1/jPfVJdgYwyzUK18Qe6cWI4s76FZSs1dsNX7
yByi212G4qOueBUyBqcxlnDJ/QGWk7fDLRv+0+DLBwSRauh/k5hlSlm1N4dfVpHt
+38y8lJACFD0HFO1rs6Jn9vUqDp1BivptAP7fWs44lwgFRUPtR6LxeB0FIMpSkLs
71/B1ICvGmL0wuedYCYVPAga4rwbNqohWPH+hdrGY+olATfY9yGLJzvfta6Z1vZ1
uBqGHTrJpD1krYnjyQsw50BupoVNHiWfdQKC+Hf8tOj7/0UF760rz0vB9VJK73Rt
mahlgN2XbP9zpA==
-----END CERTIFICATE-----
Generated at Mon Apr 13 04:23:12 2026 by rpki-client