Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: ZYXd4heBvnfG2ewcnSGjAR4exrp0nfZxIvgut18znSI=
Subject key identifier: A8:92:88:2D:32:80:01:0F:3B:F5:F8:91:58:51:50:60:D9:FE:5D:FE
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019C8F187DFB649F669B08E10CB97B52E43D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 1839
Signing time: Tue 24 Feb 2026 10:01:12 +0000
Manifest this update: Tue 24 Feb 2026 10:01:12 +0000
Manifest next update: Wed 25 Feb 2026 10:01:12 +0000
Files and hashes: 1: 4pTe3zVq_LBaEng6PDXChOvOrYM.asa (hash: ajIeKP46hnwug0OLXYz0+5iBNt1utjAL/IG5/ovLQUU=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: 5tuYAOaGG3KRZ+kkC3PA9EfL69GnzBN/wzEEQ7eUsPs=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 25 Feb 2026 07:20:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8f:18:7d:fb:64:9f:66:9b:08:e1:0c:b9:7b:52:e4:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Feb 24 10:01:12 2026 GMT
Not After : Feb 25 10:01:12 2026 GMT
Subject: CN=a892882d3280010f3bf5f89158515060d9fe5dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b4:87:d1:c1:17:cb:78:af:fe:2a:7e:65:3a:
37:61:d9:cb:fe:2e:80:6e:35:34:ec:af:55:2d:98:
d6:bf:06:1f:44:f8:73:5e:16:75:8a:0a:63:94:bd:
f9:2a:6a:b3:14:4e:d7:e6:82:b3:03:1f:b2:f5:ff:
ea:3f:9b:b0:df:f7:aa:dc:1c:49:d0:35:a1:63:15:
34:92:f0:33:90:74:d0:94:6a:aa:f3:59:6b:17:e8:
f7:41:84:34:a1:b7:70:f8:7a:05:b2:c0:e5:6a:df:
73:78:89:e1:04:12:8d:70:62:c1:75:44:f6:58:62:
e9:4e:0c:65:96:dc:52:60:67:12:53:03:73:c7:a8:
df:e4:cf:0f:a1:72:26:ac:3b:72:f4:71:af:39:a2:
4a:48:95:37:bc:1b:f1:10:50:d5:96:a0:cc:c6:c7:
fd:5c:3a:70:fc:3b:cc:ff:75:c1:36:d9:03:bf:ce:
a8:52:3e:d0:c1:e3:2c:7a:93:79:c7:df:4c:7d:fb:
1a:d2:4c:89:ec:c3:eb:c8:59:27:ba:b8:25:fb:0a:
12:58:6a:32:9b:5b:3f:9d:3f:b0:c6:b4:de:ed:7c:
55:2a:6a:35:9b:ac:d3:db:19:84:93:8b:f4:ed:f8:
17:2d:ae:20:f3:48:12:c5:f8:65:b7:3a:99:d9:8d:
92:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:92:88:2D:32:80:01:0F:3B:F5:F8:91:58:51:50:60:D9:FE:5D:FE
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c3:55:e2:14:51:e9:f6:b2:64:1d:da:b0:8e:b5:f8:ba:95:ea:
ec:0d:82:14:65:9f:90:77:32:e9:36:54:5b:b2:b9:73:6c:fe:
c1:49:ac:ca:2f:bb:14:cb:b1:0c:de:74:91:fd:a2:04:a2:b9:
bc:28:b0:ae:4e:b9:76:8d:8d:77:e3:62:f6:dc:ed:8a:af:fc:
0e:10:64:71:a8:47:08:f1:73:51:85:1b:02:2c:89:97:e7:a0:
ef:f2:65:75:27:c1:36:00:d9:8c:d0:23:cc:4a:41:38:ff:14:
68:bc:9e:18:d6:a2:f2:9d:22:6f:c3:86:36:8d:bb:fb:37:18:
11:ba:98:aa:29:51:5b:5d:84:38:e9:0f:50:4e:8f:96:a9:50:
ac:cf:4e:72:8f:3b:bd:54:99:66:95:d8:a5:ba:98:02:1f:ed:
15:32:18:91:cf:92:be:45:05:40:be:78:65:d8:e2:ce:75:08:
98:a7:93:f1:66:8e:f0:64:25:b6:f7:80:a7:bb:de:54:b6:41:
8b:42:e5:dc:f1:40:8c:84:6e:7e:f1:f7:01:49:f7:02:9e:10:
e7:ee:b8:28:72:96:23:3f:7a:75:3f:b5:d4:ed:6b:86:26:dc:
a5:7a:4a:f5:e7:45:50:28:46:3c:a2:21:0e:7f:fd:35:51:3e:
ac:18:f4:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyPGH37ZJ9mmwjhDLl7UuQ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwMjI0MTAwMTEyWhcNMjYwMjI1MTAwMTEyWjAzMTEwLwYDVQQD
EyhhODkyODgyZDMyODAwMTBmM2JmNWY4OTE1ODUxNTA2MGQ5ZmU1ZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrSH0cEXy3iv/ip+ZTo3YdnL/i6A
bjU07K9VLZjWvwYfRPhzXhZ1igpjlL35KmqzFE7X5oKzAx+y9f/qP5uw3/eq3BxJ
0DWhYxU0kvAzkHTQlGqq81lrF+j3QYQ0obdw+HoFssDlat9zeInhBBKNcGLBdUT2
WGLpTgxlltxSYGcSUwNzx6jf5M8PoXImrDty9HGvOaJKSJU3vBvxEFDVlqDMxsf9
XDpw/DvM/3XBNtkDv86oUj7QweMsepN5x99Mffsa0kyJ7MPryFknurgl+woSWGoy
m1s/nT+wxrTe7XxVKmo1m6zT2xmEk4v07fgXLa4g80gSxfhltzqZ2Y2SFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKiSiC0ygAEPO/X4kVhRUGDZ/l3+MB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw1XiFFHp
9rJkHdqwjrX4upXq7A2CFGWfkHcy6TZUW7K5c2z+wUmsyi+7FMuxDN50kf2iBKK5
vCiwrk65do2Nd+Ni9tztiq/8DhBkcahHCPFzUYUbAiyJl+eg7/JldSfBNgDZjNAj
zEpBOP8UaLyeGNai8p0ib8OGNo27+zcYEbqYqilRW12EOOkPUE6PlqlQrM9Oco87
vVSZZpXYpbqYAh/tFTIYkc+SvkUFQL54ZdjiznUImKeT8WaO8GQltveAp7veVLZB
i0Ll3PFAjIRufvH3AUn3Ap4Q5+64KHKWIz96dT+11O1rhibcpXpK9edFUChGPKIh
Dn/9NVE+rBj0/Q==
-----END CERTIFICATE-----
Generated at Tue Feb 24 14:07:51 2026 by rpki-client