Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: +VWsTHNBr5nRP0bH4UysRkxWYrmU33KfURqywKJKB+w=
Subject key identifier: 88:4E:52:FD:31:4A:7F:E4:ED:B3:91:FF:27:23:47:9A:50:9F:E8:7E
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019DCFAC4C67BC3CD71B92CC3324C49D64BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 18E0
Signing time: Mon 27 Apr 2026 16:01:08 +0000
Manifest this update: Mon 27 Apr 2026 16:01:08 +0000
Manifest next update: Tue 28 Apr 2026 16:01:08 +0000
Files and hashes: 1: IGA1ulxSxKGkoLSG34jnJfGS8GM.asa (hash: Wb9Cwa31gXG46doK7XO0BE6KGITY40XEAXzduJEsDJA=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: 7yCusM1iE3GBlZPMUHjyTq9/H4ligID0IY/2NmhlUUc=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 14:27:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:ac:4c:67:bc:3c:d7:1b:92:cc:33:24:c4:9d:64:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Apr 27 16:01:08 2026 GMT
Not After : Apr 28 16:01:08 2026 GMT
Subject: CN=884e52fd314a7fe4edb391ff2723479a509fe87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:33:2f:21:80:d2:1b:dd:c5:6b:27:7e:b3:8c:
b6:b1:02:8d:aa:3e:6a:85:66:e5:50:83:27:3a:7f:
cc:53:70:40:60:27:4b:da:d3:8e:88:3e:22:e8:47:
3f:fc:94:ee:d8:1b:b8:cf:82:f9:7b:da:a6:11:b5:
74:0a:dc:82:94:47:61:36:5b:f7:f0:55:f2:18:36:
f0:38:5c:07:05:f4:70:34:de:30:d5:ba:ca:dd:10:
81:06:76:60:b8:57:0b:27:99:64:7e:c3:a6:72:8d:
84:b9:58:85:ab:03:f1:20:41:8e:aa:22:54:29:ed:
22:1d:50:ae:e5:84:49:01:87:18:75:3b:6e:6d:10:
42:36:23:e9:a8:ca:13:68:b6:c3:e2:59:66:d0:8f:
36:54:64:b8:20:34:c0:84:a8:1f:66:a6:56:6c:47:
04:90:ef:e9:d9:4b:ba:4b:dc:3d:74:0c:6c:0d:d8:
0d:95:82:27:46:91:9d:a3:38:a5:6f:85:63:cf:08:
a5:bd:28:eb:44:af:5f:78:66:89:af:fb:8f:80:ea:
b3:69:93:3e:2b:a5:16:91:10:53:66:84:ff:fc:ae:
10:0f:dc:7c:ae:1c:ac:22:b3:a6:92:d5:93:42:f3:
c6:27:a0:f3:9b:42:9d:b4:59:c0:db:ce:79:33:4a:
e2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:4E:52:FD:31:4A:7F:E4:ED:B3:91:FF:27:23:47:9A:50:9F:E8:7E
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:2d:78:f4:5c:60:6b:fe:ea:bf:a6:92:b2:cc:e9:5e:45:10:
7f:12:a8:d8:1c:5d:2d:d1:ed:12:7d:ad:91:6d:25:a1:12:6a:
35:64:6b:c5:4a:9d:e9:19:bd:f2:39:cb:23:41:bc:d8:93:15:
9b:f4:4f:f7:39:f0:c6:ef:7c:1c:0f:2d:d0:f8:23:3b:db:19:
0c:d8:84:8f:cd:b5:23:b7:05:9e:ae:84:e6:64:0d:7b:8f:d7:
be:84:73:c0:f5:08:a6:d8:89:53:2c:e8:bc:b0:11:91:1d:ad:
7c:8a:0f:38:a1:59:f3:12:fb:27:aa:58:df:1a:e9:aa:d6:f9:
a6:e1:40:34:8e:bb:63:2a:39:57:08:15:44:40:d0:18:8b:eb:
17:2d:eb:7b:36:e3:2d:64:fd:dd:95:f3:03:79:70:c6:41:b8:
b7:a3:2f:18:86:db:6c:b7:4d:32:1f:de:29:63:23:b4:7b:21:
06:84:01:c1:7f:bf:75:29:d4:77:f1:8e:58:e9:d1:7e:96:75:
40:82:23:6f:43:86:3e:55:14:00:dc:47:f9:bd:29:9c:00:a2:
bf:56:5d:be:d2:04:9d:ae:ff:75:aa:ae:e9:3c:09:71:78:0d:
af:3d:82:d1:55:b2:6d:b7:39:d4:ab:1f:0d:2a:46:66:cb:83:
66:ab:db:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3PrExnvDzXG5LMMyTEnWS+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwNDI3MTYwMTA4WhcNMjYwNDI4MTYwMTA4WjAzMTEwLwYDVQQD
Eyg4ODRlNTJmZDMxNGE3ZmU0ZWRiMzkxZmYyNzIzNDc5YTUwOWZlODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzMvIYDSG93Fayd+s4y2sQKNqj5q
hWblUIMnOn/MU3BAYCdL2tOOiD4i6Ec//JTu2Bu4z4L5e9qmEbV0CtyClEdhNlv3
8FXyGDbwOFwHBfRwNN4w1brK3RCBBnZguFcLJ5lkfsOmco2EuViFqwPxIEGOqiJU
Ke0iHVCu5YRJAYcYdTtubRBCNiPpqMoTaLbD4llm0I82VGS4IDTAhKgfZqZWbEcE
kO/p2Uu6S9w9dAxsDdgNlYInRpGdozilb4VjzwilvSjrRK9feGaJr/uPgOqzaZM+
K6UWkRBTZoT//K4QD9x8rhysIrOmktWTQvPGJ6Dzm0KdtFnA2855M0risQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIhOUv0xSn/k7bOR/ycjR5pQn+h+MB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaC149Fxg
a/7qv6aSsszpXkUQfxKo2BxdLdHtEn2tkW0loRJqNWRrxUqd6Rm98jnLI0G82JMV
m/RP9znwxu98HA8t0PgjO9sZDNiEj821I7cFnq6E5mQNe4/XvoRzwPUIptiJUyzo
vLARkR2tfIoPOKFZ8xL7J6pY3xrpqtb5puFANI67Yyo5VwgVREDQGIvrFy3rezbj
LWT93ZXzA3lwxkG4t6MvGIbbbLdNMh/eKWMjtHshBoQBwX+/dSnUd/GOWOnRfpZ1
QIIjb0OGPlUUANxH+b0pnACiv1ZdvtIEna7/daqu6TwJcXgNrz2C0VWybbc51Ksf
DSpGZsuDZqvb6A==
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:06:02 2026 by rpki-client