Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: F/AxAIK0hf2CUYXVkumS5C5SoCNWdAIpRfjyPzjiHOw=
Subject key identifier: DD:E6:72:D6:21:DC:FF:CD:B8:20:BA:1E:1B:41:77:FA:AB:C2:C6:9E
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019F0DAD3A0BB880FF82CA9B31EAD3B50F45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 1985
Signing time: Sun 28 Jun 2026 10:01:24 +0000
Manifest this update: Sun 28 Jun 2026 10:01:24 +0000
Manifest next update: Mon 29 Jun 2026 10:01:24 +0000
Files and hashes: 1: H-yLjUcnBU32gfTzCq1c3LA4yww.asa (hash: PBQ22jXmW2kScgr9tVTXfL6hDBrDuWL0+iTLcGowRjQ=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: F3g24TibbGWtmnRDECDwDiyctkmhDiMx7s2LpRYO7AA=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Jun 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:0d:ad:3a:0b:b8:80:ff:82:ca:9b:31:ea:d3:b5:0f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Jun 28 10:01:24 2026 GMT
Not After : Jun 29 10:01:24 2026 GMT
Subject: CN=dde672d621dcffcdb820ba1e1b4177faabc2c69e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:86:70:74:3e:26:a1:fe:90:25:8a:0e:a8:44:
89:79:e6:22:7a:79:22:b4:71:6e:9a:b8:b6:c5:94:
70:a5:da:8f:46:4e:45:b1:ec:6b:63:2a:8d:93:31:
14:58:fe:2d:07:92:c3:23:9c:b4:dc:98:15:96:7b:
16:5b:e3:79:63:af:db:f7:30:df:6a:99:1c:e6:c3:
d2:e1:55:a4:79:9c:ee:3f:17:d1:cb:79:ed:b0:ea:
70:89:25:13:72:18:42:e1:52:2b:f4:3c:bf:e3:84:
9e:a4:dd:16:7d:53:dc:07:a0:8b:d9:aa:49:bc:98:
60:01:e5:30:15:fd:24:32:23:70:e3:a6:10:d7:b8:
3b:4d:a8:d6:51:64:a7:50:9d:bf:1e:c8:2b:ff:e2:
99:35:b7:48:17:ef:9e:05:bf:7a:75:18:12:e5:cf:
dd:bc:1d:40:5c:23:7d:4c:56:64:d3:33:ea:53:02:
3b:be:c8:5f:88:07:5b:93:2e:3d:1e:f7:38:16:91:
e7:b4:81:1c:0d:4f:fd:ab:03:f3:15:35:70:6c:ac:
77:aa:e7:f6:ba:47:a3:f2:21:51:fc:3d:58:25:00:
71:9c:15:68:44:06:0a:43:31:84:8b:ed:b8:ff:4c:
80:50:4e:2a:af:2c:75:58:36:54:5f:bc:6d:f3:42:
c5:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:E6:72:D6:21:DC:FF:CD:B8:20:BA:1E:1B:41:77:FA:AB:C2:C6:9E
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:14:c8:19:72:bd:9d:12:3e:a8:e5:03:12:71:2f:14:93:1f:
64:fb:7f:dc:2b:e3:f5:62:92:04:33:27:2b:38:b3:72:89:54:
1f:23:0d:be:17:e8:76:ed:1d:1f:59:99:61:d0:71:47:a5:f4:
8a:70:8c:72:6d:47:1e:6a:92:87:30:59:a9:64:17:c2:f2:09:
1a:82:b8:b8:8d:df:80:c5:36:bf:f8:8b:15:ac:26:6d:2b:99:
9d:ee:5f:10:8d:14:b0:b1:9f:7b:61:21:a7:9f:9e:57:1e:11:
e2:db:54:1f:1c:96:95:4b:d8:d7:7f:80:97:6f:c8:b8:68:09:
21:74:9e:51:55:ba:2f:58:36:6d:00:e6:3f:3f:69:57:d0:52:
06:f5:95:d9:16:7a:96:8e:6c:24:c5:5f:d6:98:39:29:92:76:
b0:22:7e:d2:72:8f:32:39:1f:12:db:4e:b2:36:b6:b8:e5:2b:
13:a5:80:e2:38:42:73:3b:25:15:cf:28:26:25:e5:df:3c:a4:
f0:f2:01:26:3c:37:c2:2d:51:69:1d:22:fc:fb:ed:8c:e4:57:
5e:54:35:74:1e:fd:3f:fb:41:95:59:cb:c1:0e:d0:26:ba:75:
ea:60:a7:13:36:fb:ba:6b:da:96:a5:ea:9a:76:7a:29:02:43:
97:54:30:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8NrToLuID/gsqbMerTtQ9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwNjI4MTAwMTI0WhcNMjYwNjI5MTAwMTI0WjAzMTEwLwYDVQQD
EyhkZGU2NzJkNjIxZGNmZmNkYjgyMGJhMWUxYjQxNzdmYWFiYzJjNjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYZwdD4mof6QJYoOqESJeeYienki
tHFumri2xZRwpdqPRk5FsexrYyqNkzEUWP4tB5LDI5y03JgVlnsWW+N5Y6/b9zDf
apkc5sPS4VWkeZzuPxfRy3ntsOpwiSUTchhC4VIr9Dy/44SepN0WfVPcB6CL2apJ
vJhgAeUwFf0kMiNw46YQ17g7TajWUWSnUJ2/Hsgr/+KZNbdIF++eBb96dRgS5c/d
vB1AXCN9TFZk0zPqUwI7vshfiAdbky49Hvc4FpHntIEcDU/9qwPzFTVwbKx3quf2
ukej8iFR/D1YJQBxnBVoRAYKQzGEi+24/0yAUE4qryx1WDZUX7xt80LFjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3mctYh3P/NuCC6HhtBd/qrwsaeMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAExTIGXK9
nRI+qOUDEnEvFJMfZPt/3Cvj9WKSBDMnKzizcolUHyMNvhfodu0dH1mZYdBxR6X0
inCMcm1HHmqShzBZqWQXwvIJGoK4uI3fgMU2v/iLFawmbSuZne5fEI0UsLGfe2Eh
p5+eVx4R4ttUHxyWlUvY13+Al2/IuGgJIXSeUVW6L1g2bQDmPz9pV9BSBvWV2RZ6
lo5sJMVf1pg5KZJ2sCJ+0nKPMjkfEttOsja2uOUrE6WA4jhCczslFc8oJiXl3zyk
8PIBJjw3wi1RaR0i/PvtjORXXlQ1dB79P/tBlVnLwQ7QJrp16mCnEzb7umvalqXq
mnZ6KQJDl1QwhA==
-----END CERTIFICATE-----
Generated at Sun Jun 28 18:33:33 2026 by rpki-client