Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: p96smtJog6SalAiOXnPi/7J+BU6Z0HXLRv9OSHtINCE=
Subject key identifier: C7:78:27:CA:75:53:2D:5F:F4:C1:23:12:51:15:FE:C1:EE:3A:53:AD
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019DC9E1215FE8B03173C9B183D3CEB88C7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 18DD
Signing time: Sun 26 Apr 2026 13:01:07 +0000
Manifest this update: Sun 26 Apr 2026 13:01:07 +0000
Manifest next update: Mon 27 Apr 2026 13:01:07 +0000
Files and hashes: 1: IGA1ulxSxKGkoLSG34jnJfGS8GM.asa (hash: Wb9Cwa31gXG46doK7XO0BE6KGITY40XEAXzduJEsDJA=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: nqmdv78VS1TLU2vxVYEZvJzcgSkuV7Vn04IJAXDK7H0=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 12:42:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c9:e1:21:5f:e8:b0:31:73:c9:b1:83:d3:ce:b8:8c:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Apr 26 13:01:07 2026 GMT
Not After : Apr 27 13:01:07 2026 GMT
Subject: CN=c77827ca75532d5ff4c123125115fec1ee3a53ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fb:d7:30:62:7b:50:6b:a8:20:e0:c0:77:ad:
2b:4a:61:31:39:c5:56:c5:f3:91:79:78:04:2e:c7:
ac:bf:42:28:01:1a:46:f8:4f:7b:70:00:1b:c8:50:
4d:ec:34:52:c6:7a:97:48:ee:dd:ce:73:fa:7e:5d:
78:58:22:20:50:c3:61:37:f8:e1:d5:b6:61:11:dc:
27:22:5e:f3:90:5a:93:03:b2:32:18:30:a2:04:c7:
20:47:fb:30:34:8f:1b:55:6c:c0:4f:79:ad:43:32:
4b:aa:c2:c1:d2:cd:73:79:29:59:70:ea:dc:3f:1b:
45:4e:b9:21:1e:be:1e:fb:36:71:32:c1:fd:a9:31:
99:4a:06:d6:41:ae:9c:34:bb:d0:54:3c:5e:e1:a0:
ac:8f:41:49:e4:53:19:17:13:ff:46:e4:13:4b:05:
55:c9:c4:5f:94:23:52:50:8c:82:c0:92:f8:f2:14:
42:85:56:78:56:34:b5:a4:fd:92:33:b5:21:4d:8b:
4b:b6:02:f0:42:d7:1a:14:00:66:27:e0:e0:da:88:
35:b9:25:8c:c4:90:e6:27:40:93:3d:c0:4e:9a:55:
d6:ec:c0:b7:3d:c8:43:7e:e5:33:5c:31:f5:a4:a9:
98:9c:df:5d:5e:2a:bf:ae:ba:26:32:eb:e0:86:45:
2b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:78:27:CA:75:53:2D:5F:F4:C1:23:12:51:15:FE:C1:EE:3A:53:AD
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:30:6b:2c:58:0b:4b:68:8d:2f:46:ab:3c:05:28:57:d4:87:
8d:a0:16:7f:85:d0:81:4e:e7:5b:ce:10:12:de:fd:e0:b0:6f:
cc:a8:a1:92:d0:b4:dd:82:13:4f:38:a8:d9:53:d4:4b:66:eb:
dc:03:e9:9a:7f:e5:16:cf:db:87:42:ee:53:88:8a:20:0f:e7:
9f:58:3e:29:f7:ce:33:4c:2c:86:f7:08:93:1e:c4:cb:8b:0a:
d0:7e:45:7d:82:a6:fa:cb:d1:4c:04:2e:f2:64:de:8f:cd:27:
62:7b:71:f9:19:b0:9e:a8:8e:04:34:ab:df:d4:ee:98:38:d0:
d4:6b:6f:2e:b1:c1:dd:22:91:cc:8c:eb:a2:92:e3:b8:e9:72:
5e:e3:23:31:da:5f:1b:bf:5e:51:e7:bc:a5:c5:92:24:3e:20:
38:29:3c:1a:eb:9b:cb:3f:73:ce:7c:01:8c:5e:30:fc:d8:4a:
a1:e8:5e:c1:9b:9d:df:6a:0b:07:9c:ea:86:44:ac:4c:f9:7b:
a5:53:81:3e:61:49:a6:ee:69:6e:76:6c:69:4c:be:a4:cb:9a:
2a:2f:f0:55:91:c3:e9:4a:0e:ca:53:42:66:50:82:52:98:37:
a2:3a:83:41:09:2c:cc:a9:b6:fb:b5:4a:1b:d8:25:88:eb:0e:
26:cf:fb:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3J4SFf6LAxc8mxg9POuIx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwNDI2MTMwMTA3WhcNMjYwNDI3MTMwMTA3WjAzMTEwLwYDVQQD
EyhjNzc4MjdjYTc1NTMyZDVmZjRjMTIzMTI1MTE1ZmVjMWVlM2E1M2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPvXMGJ7UGuoIODAd60rSmExOcVW
xfOReXgELsesv0IoARpG+E97cAAbyFBN7DRSxnqXSO7dznP6fl14WCIgUMNhN/jh
1bZhEdwnIl7zkFqTA7IyGDCiBMcgR/swNI8bVWzAT3mtQzJLqsLB0s1zeSlZcOrc
PxtFTrkhHr4e+zZxMsH9qTGZSgbWQa6cNLvQVDxe4aCsj0FJ5FMZFxP/RuQTSwVV
ycRflCNSUIyCwJL48hRChVZ4VjS1pP2SM7UhTYtLtgLwQtcaFABmJ+Dg2og1uSWM
xJDmJ0CTPcBOmlXW7MC3PchDfuUzXDH1pKmYnN9dXiq/rromMuvghkUrcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMd4J8p1Uy1f9MEjElEV/sHuOlOtMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQDBrLFgL
S2iNL0arPAUoV9SHjaAWf4XQgU7nW84QEt794LBvzKihktC03YITTzio2VPUS2br
3APpmn/lFs/bh0LuU4iKIA/nn1g+KffOM0wshvcIkx7Ey4sK0H5FfYKm+svRTAQu
8mTej80nYntx+RmwnqiOBDSr39TumDjQ1GtvLrHB3SKRzIzropLjuOlyXuMjMdpf
G79eUee8pcWSJD4gOCk8Guubyz9zznwBjF4w/NhKoehewZud32oLB5zqhkSsTPl7
pVOBPmFJpu5pbnZsaUy+pMuaKi/wVZHD6UoOylNCZlCCUpg3ojqDQQkszKm2+7VK
G9gliOsOJs/7VA==
-----END CERTIFICATE-----
Generated at Sun Apr 26 18:58:36 2026 by rpki-client