Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: 2/Dza4K6HiluySgVR5xGyFA46KbYZ3VKQ/2ZzATRJXQ=
Subject key identifier: FA:5C:61:5B:41:32:06:73:46:DA:C5:56:26:CD:80:F0:EC:CD:5B:2B
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019DC415D674B6DEDA85BB003999AB20E84C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 18DA
Signing time: Sat 25 Apr 2026 10:00:58 +0000
Manifest this update: Sat 25 Apr 2026 10:00:58 +0000
Manifest next update: Sun 26 Apr 2026 10:00:58 +0000
Files and hashes: 1: IGA1ulxSxKGkoLSG34jnJfGS8GM.asa (hash: Wb9Cwa31gXG46doK7XO0BE6KGITY40XEAXzduJEsDJA=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: OrWeJxWlGH/QZsOZWOi8O++6TvCgjeyP4+ycP7Gco90=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Apr 2026 10:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c4:15:d6:74:b6:de:da:85:bb:00:39:99:ab:20:e8:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Apr 25 10:00:58 2026 GMT
Not After : Apr 26 10:00:58 2026 GMT
Subject: CN=fa5c615b4132067346dac55626cd80f0eccd5b2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:03:39:21:8a:b0:13:59:b2:17:ef:2b:a2:4c:
eb:ac:49:a3:14:9b:5b:5c:82:c2:4d:b3:20:40:fd:
28:10:d3:1e:bd:f2:57:74:25:e7:17:29:3d:37:3a:
69:7e:7a:d7:52:45:ca:7c:da:e1:a7:8e:23:fb:d1:
dd:04:83:83:0e:ab:fe:41:74:73:13:bf:24:be:c8:
78:11:4e:f8:c1:72:51:e3:5c:a3:a2:5b:bc:13:e8:
20:7b:d5:cd:91:1a:8a:9a:67:c4:c1:46:65:23:62:
e0:ec:c5:83:d4:7a:39:7b:aa:0e:13:df:29:58:e6:
0a:b8:a1:58:5e:57:98:a9:cc:cf:97:29:32:b7:57:
31:ae:d8:9c:6a:61:48:60:36:37:bd:fd:80:6c:c7:
c9:d1:b1:39:4f:84:65:29:f6:dc:4e:dd:f4:69:1a:
06:66:ba:17:25:b3:9a:e5:03:fa:07:0b:ba:38:1b:
a6:1f:14:48:aa:bc:a8:3a:cc:5b:33:b1:d0:e2:bb:
cd:ca:64:a0:a8:08:e8:68:d8:83:65:22:ef:7d:50:
30:42:95:e2:bd:78:70:78:3f:fc:7f:8a:c4:60:98:
20:1d:fd:49:ed:0a:07:4c:03:7e:12:dc:7f:39:af:
d9:4b:20:68:d4:04:11:58:32:ba:41:34:79:dd:66:
47:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:5C:61:5B:41:32:06:73:46:DA:C5:56:26:CD:80:F0:EC:CD:5B:2B
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:0a:8d:d1:59:b7:8d:04:7e:ff:de:83:28:9e:bb:ec:97:c2:
99:63:25:b6:1d:66:21:e9:2c:4c:7a:a5:0e:a7:89:cb:9a:c3:
7b:6d:d7:a3:70:75:6a:67:11:8e:fa:21:28:3d:cf:e9:d4:e0:
b0:30:58:5b:ef:1b:9e:8c:fb:4d:a9:f9:c4:96:ea:7c:97:b4:
74:07:ca:59:87:68:14:16:0b:de:cd:c4:fa:03:6b:3e:ad:3b:
5e:b3:01:b1:21:a5:6b:21:6d:48:c4:c9:bd:2e:4b:b1:2d:65:
94:c4:54:26:cd:81:c8:2e:b6:1f:37:07:89:b8:b4:e5:3d:82:
30:de:d7:91:b1:a4:dc:f9:a7:25:12:af:06:38:54:d1:de:e7:
40:ff:a0:5a:35:80:99:df:a5:f9:4f:e5:f7:6a:61:d4:fb:27:
22:06:70:81:0f:e1:b0:14:05:ac:24:ed:e3:be:1e:d7:82:f3:
64:31:1b:ec:c6:ae:04:9c:ab:9f:8a:1f:1b:99:65:8a:9c:2a:
8b:ac:c0:22:76:74:53:ad:78:fa:8b:53:46:ff:72:d9:da:22:
2a:30:c1:e6:c2:d5:35:75:a8:78:cf:f4:05:38:3c:33:4b:f7:
7d:f8:c7:70:71:00:de:ce:54:e3:3f:29:24:17:bd:13:7b:d8:
2d:ed:e2:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3EFdZ0tt7ahbsAOZmrIOhMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwNDI1MTAwMDU4WhcNMjYwNDI2MTAwMDU4WjAzMTEwLwYDVQQD
EyhmYTVjNjE1YjQxMzIwNjczNDZkYWM1NTYyNmNkODBmMGVjY2Q1YjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AM5IYqwE1myF+8rokzrrEmjFJtb
XILCTbMgQP0oENMevfJXdCXnFyk9NzppfnrXUkXKfNrhp44j+9HdBIODDqv+QXRz
E78kvsh4EU74wXJR41yjolu8E+gge9XNkRqKmmfEwUZlI2Lg7MWD1Ho5e6oOE98p
WOYKuKFYXleYqczPlykyt1cxrticamFIYDY3vf2AbMfJ0bE5T4RlKfbcTt30aRoG
ZroXJbOa5QP6Bwu6OBumHxRIqryoOsxbM7HQ4rvNymSgqAjoaNiDZSLvfVAwQpXi
vXhweD/8f4rEYJggHf1J7QoHTAN+Etx/Oa/ZSyBo1AQRWDK6QTR53WZHLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPpcYVtBMgZzRtrFVibNgPDszVsrMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUgqN0Vm3
jQR+/96DKJ677JfCmWMlth1mIeksTHqlDqeJy5rDe23Xo3B1amcRjvohKD3P6dTg
sDBYW+8bnoz7Tan5xJbqfJe0dAfKWYdoFBYL3s3E+gNrPq07XrMBsSGlayFtSMTJ
vS5LsS1llMRUJs2ByC62HzcHibi05T2CMN7XkbGk3PmnJRKvBjhU0d7nQP+gWjWA
md+l+U/l92ph1PsnIgZwgQ/hsBQFrCTt474e14LzZDEb7MauBJyrn4ofG5llipwq
i6zAInZ0U614+otTRv9y2doiKjDB5sLVNXWoeM/0BTg8M0v3ffjHcHEA3s5U4z8p
JBe9E3vYLe3iGQ==
-----END CERTIFICATE-----
Generated at Sat Apr 25 18:06:44 2026 by rpki-client