Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: oHT6siamnAtioETwKmYwZZ8dkDd+gVZojYqf2N30GVo=
Subject key identifier: BD:55:9D:49:72:88:31:F0:E2:46:4B:2D:E4:28:DD:66:93:77:F2:77
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019DD766194E1C930AB5CD7ED74371780BBC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 18E4
Signing time: Wed 29 Apr 2026 04:01:25 +0000
Manifest this update: Wed 29 Apr 2026 04:01:25 +0000
Manifest next update: Thu 30 Apr 2026 04:01:25 +0000
Files and hashes: 1: IGA1ulxSxKGkoLSG34jnJfGS8GM.asa (hash: Wb9Cwa31gXG46doK7XO0BE6KGITY40XEAXzduJEsDJA=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: aahPsSDUJXuTEKt1qWD308I79GaK0YgaO2uSPTr6hmI=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d7:66:19:4e:1c:93:0a:b5:cd:7e:d7:43:71:78:0b:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Apr 29 04:01:25 2026 GMT
Not After : Apr 30 04:01:25 2026 GMT
Subject: CN=bd559d49728831f0e2464b2de428dd669377f277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8e:f5:25:e6:ab:8f:47:a5:27:76:14:16:31:
4d:7b:f4:33:bc:c2:ff:88:8e:f4:c7:62:ab:c7:09:
61:33:b6:69:9b:af:fc:d4:d7:4f:ca:f8:b2:35:91:
9f:cb:c4:27:6b:be:83:ff:83:89:d2:5f:65:49:84:
1c:97:c5:1e:db:c9:8c:b3:9b:e8:49:f2:77:98:a8:
ad:8e:ae:1b:05:c7:6f:d0:d0:3d:c5:7c:e1:08:d6:
d5:bc:c0:be:db:01:63:75:fd:68:ac:8a:eb:66:42:
db:c9:83:2b:19:55:2e:e6:d6:2b:2e:de:db:c7:cb:
68:05:d4:69:d3:00:db:27:94:5c:ed:31:04:83:55:
68:4f:1d:aa:62:79:1b:1d:47:62:cc:98:b8:ad:aa:
8f:eb:f4:52:20:ec:29:a6:5a:af:a5:0b:81:68:7d:
3a:9d:58:7d:c3:dc:d8:32:26:e1:ec:7e:86:0d:10:
fa:64:06:94:e2:26:34:6a:f6:33:36:eb:05:52:77:
a7:cc:e5:3a:72:83:6d:66:ce:18:91:73:14:3d:c9:
10:7e:6b:b0:d9:65:de:da:f5:98:7a:82:49:f1:fb:
3e:16:74:4b:b8:a9:30:da:4d:10:29:1c:c3:2c:ef:
4a:26:55:9c:9c:b2:2f:08:9f:b2:2a:1c:43:ab:a6:
ea:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:55:9D:49:72:88:31:F0:E2:46:4B:2D:E4:28:DD:66:93:77:F2:77
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:c0:21:db:88:68:3d:c8:ea:85:d4:ef:b8:c3:20:f3:69:41:
c4:6a:12:fa:2e:e8:c3:84:63:2f:96:56:df:5f:7c:8f:8f:87:
45:01:10:0c:15:02:35:48:a9:ef:dd:ea:66:f2:8a:3c:9f:c6:
b5:80:3c:2f:c8:27:86:66:5a:85:26:ab:e6:48:75:3a:89:f8:
e5:47:ad:4a:fd:a1:de:25:35:ff:8c:7a:63:45:c4:b0:59:38:
7f:61:3c:52:4e:98:62:b0:bd:19:8b:fc:9c:44:b8:cc:52:5d:
f3:ee:60:47:d6:a4:f5:67:69:cf:42:23:87:29:20:95:aa:23:
83:8b:52:d4:7f:22:66:b6:1d:62:5f:5e:b0:14:02:c0:ee:3f:
bc:8d:83:eb:99:f0:bd:43:8b:ca:dd:72:5d:87:c8:e5:48:1c:
6f:cf:3a:98:c0:24:69:5b:35:84:f4:f9:6e:51:24:f7:eb:84:
49:4f:b9:72:e7:4d:a1:b8:98:17:e7:00:43:fe:7e:02:ac:e2:
9c:90:c4:5f:e4:32:21:89:dd:fe:94:a6:b3:71:bc:67:84:13:
7f:19:92:76:e8:14:a6:46:89:fe:72:8f:cf:62:f5:a7:a1:1c:
35:a0:a3:cc:68:62:4c:25:0c:53:9f:0e:b8:ba:3b:31:a7:fc:
10:2e:d4:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3XZhlOHJMKtc1+10NxeAu8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwNDI5MDQwMTI1WhcNMjYwNDMwMDQwMTI1WjAzMTEwLwYDVQQD
EyhiZDU1OWQ0OTcyODgzMWYwZTI0NjRiMmRlNDI4ZGQ2NjkzNzdmMjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Y71Jearj0elJ3YUFjFNe/QzvML/
iI70x2KrxwlhM7Zpm6/81NdPyviyNZGfy8Qna76D/4OJ0l9lSYQcl8Ue28mMs5vo
SfJ3mKitjq4bBcdv0NA9xXzhCNbVvMC+2wFjdf1orIrrZkLbyYMrGVUu5tYrLt7b
x8toBdRp0wDbJ5Rc7TEEg1VoTx2qYnkbHUdizJi4raqP6/RSIOwpplqvpQuBaH06
nVh9w9zYMibh7H6GDRD6ZAaU4iY0avYzNusFUnenzOU6coNtZs4YkXMUPckQfmuw
2WXe2vWYeoJJ8fs+FnRLuKkw2k0QKRzDLO9KJlWcnLIvCJ+yKhxDq6bq5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL1VnUlyiDHw4kZLLeQo3WaTd/J3MB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEsAh24ho
PcjqhdTvuMMg82lBxGoS+i7ow4RjL5ZW3198j4+HRQEQDBUCNUip793qZvKKPJ/G
tYA8L8gnhmZahSar5kh1Oon45UetSv2h3iU1/4x6Y0XEsFk4f2E8Uk6YYrC9GYv8
nES4zFJd8+5gR9ak9Wdpz0Ijhykglaojg4tS1H8iZrYdYl9esBQCwO4/vI2D65nw
vUOLyt1yXYfI5Ugcb886mMAkaVs1hPT5blEk9+uESU+5cudNobiYF+cAQ/5+Aqzi
nJDEX+QyIYnd/pSms3G8Z4QTfxmSdugUpkaJ/nKPz2L1p6EcNaCjzGhiTCUMU58O
uLo7Maf8EC7U6Q==
-----END CERTIFICATE-----
Generated at Wed Apr 29 07:28:56 2026 by rpki-client