Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: 4GFAl7pFHSEVWAg8rlh0fbC8iT1XsdhBygdEMZ93KGI=
Subject key identifier: 43:B3:63:29:6A:E0:23:C1:BA:A2:88:80:CD:28:AA:00:FE:E3:37:AB
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019DDB4333B5446B9832D640D1A23C962C75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 18E6
Signing time: Wed 29 Apr 2026 22:01:47 +0000
Manifest this update: Wed 29 Apr 2026 22:01:47 +0000
Manifest next update: Thu 30 Apr 2026 22:01:47 +0000
Files and hashes: 1: IGA1ulxSxKGkoLSG34jnJfGS8GM.asa (hash: Wb9Cwa31gXG46doK7XO0BE6KGITY40XEAXzduJEsDJA=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: tjZXg4gmyYSu1E9Mg0RcQZ2SLEn30VIkTZlch3+fbhA=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 Apr 2026 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:db:43:33:b5:44:6b:98:32:d6:40:d1:a2:3c:96:2c:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Apr 29 22:01:47 2026 GMT
Not After : Apr 30 22:01:47 2026 GMT
Subject: CN=43b363296ae023c1baa28880cd28aa00fee337ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:32:bb:dd:8e:73:de:ec:07:b2:eb:87:ad:31:
61:22:20:15:56:05:40:23:52:7f:7b:15:41:09:61:
f1:2d:67:79:0b:84:ec:04:d8:a5:2e:61:f2:46:6d:
6c:71:23:7a:96:f0:bc:f4:bc:82:66:97:85:04:3e:
20:c0:5e:9f:03:99:87:89:bd:96:81:f4:85:a8:65:
00:2e:36:3b:ce:8a:69:f2:38:a8:1f:70:04:a2:84:
94:40:fc:02:6e:dd:d2:97:53:ea:4a:5e:f2:08:0c:
1a:81:7a:9b:05:85:59:bf:e7:a9:28:34:ba:6a:0d:
50:56:9c:73:c8:7e:38:a7:0b:90:27:71:99:f8:ca:
24:e6:2c:84:6e:ff:23:69:f1:c1:e1:93:8b:ad:26:
94:bd:74:d9:88:ec:5e:56:f4:c2:f6:f2:e9:ef:51:
50:7d:bb:31:07:eb:60:45:59:22:96:31:12:a0:00:
25:ef:d0:60:f3:08:ac:96:61:c0:ab:0b:29:37:51:
7f:dc:ca:16:76:0a:c7:43:e0:52:4c:53:79:1d:40:
b4:18:4b:a8:ae:71:44:81:dc:22:53:d8:fb:ab:4e:
88:61:7f:fe:05:18:fa:76:be:dc:26:79:a3:de:b0:
79:75:4b:84:9e:11:9c:0d:08:45:72:4c:05:d0:c9:
4d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B3:63:29:6A:E0:23:C1:BA:A2:88:80:CD:28:AA:00:FE:E3:37:AB
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d3:a3:2b:bb:7e:f2:18:75:e1:fa:90:a2:4d:7a:e0:4e:26:14:
ca:59:77:bc:4f:cd:df:ab:87:b6:04:f2:16:43:98:1d:bd:ed:
29:37:b9:7f:16:48:c2:0a:77:46:f1:d2:53:39:30:8d:fd:84:
18:36:f5:ff:58:3c:a5:82:84:51:be:88:e8:b3:07:e5:01:6a:
3b:ca:f0:a1:de:0b:e5:37:f8:fd:44:b3:4c:e6:d7:a7:f5:ca:
7f:d1:7e:8d:97:cd:6a:45:aa:60:26:8f:7b:4e:5e:ab:21:e6:
8e:e3:b9:82:d5:2e:a6:b6:ab:f2:22:7d:3c:b9:c3:f2:af:20:
4f:3b:37:bf:59:af:ec:59:90:e5:52:74:a7:d1:a4:1f:9e:88:
10:f4:09:6c:ae:2b:5d:ad:d1:19:25:aa:08:fc:53:8d:56:f0:
50:e4:09:34:4d:08:52:c8:50:04:93:88:de:e8:61:a6:15:84:
a9:cb:f7:9b:c6:54:ae:33:79:e4:c3:b5:07:e5:6f:b9:52:87:
43:7d:dc:3b:69:d9:3f:15:c3:a0:ff:95:2e:44:f3:47:80:bf:
b7:8e:33:46:22:5c:b3:09:18:37:c7:03:28:36:01:88:b9:dc:
a2:31:ca:6f:ce:5d:14:fa:fd:4b:f9:92:cf:9d:ac:dc:5f:19:
ce:df:74:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3bQzO1RGuYMtZA0aI8lix1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwNDI5MjIwMTQ3WhcNMjYwNDMwMjIwMTQ3WjAzMTEwLwYDVQQD
Eyg0M2IzNjMyOTZhZTAyM2MxYmFhMjg4ODBjZDI4YWEwMGZlZTMzN2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTK73Y5z3uwHsuuHrTFhIiAVVgVA
I1J/exVBCWHxLWd5C4TsBNilLmHyRm1scSN6lvC89LyCZpeFBD4gwF6fA5mHib2W
gfSFqGUALjY7zopp8jioH3AEooSUQPwCbt3Sl1PqSl7yCAwagXqbBYVZv+epKDS6
ag1QVpxzyH44pwuQJ3GZ+Mok5iyEbv8jafHB4ZOLrSaUvXTZiOxeVvTC9vLp71FQ
fbsxB+tgRVkiljESoAAl79Bg8wislmHAqwspN1F/3MoWdgrHQ+BSTFN5HUC0GEuo
rnFEgdwiU9j7q06IYX/+BRj6dr7cJnmj3rB5dUuEnhGcDQhFckwF0MlNnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEOzYylq4CPBuqKIgM0oqgD+4zerMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA06Mru37y
GHXh+pCiTXrgTiYUyll3vE/N36uHtgTyFkOYHb3tKTe5fxZIwgp3RvHSUzkwjf2E
GDb1/1g8pYKEUb6I6LMH5QFqO8rwod4L5Tf4/USzTObXp/XKf9F+jZfNakWqYCaP
e05eqyHmjuO5gtUuprar8iJ9PLnD8q8gTzs3v1mv7FmQ5VJ0p9GkH56IEPQJbK4r
Xa3RGSWqCPxTjVbwUOQJNE0IUshQBJOI3uhhphWEqcv3m8ZUrjN55MO1B+VvuVKH
Q33cO2nZPxXDoP+VLkTzR4C/t44zRiJcswkYN8cDKDYBiLncojHKb85dFPr9S/mS
z52s3F8Zzt90mw==
-----END CERTIFICATE-----
Generated at Thu Apr 30 07:55:43 2026 by rpki-client