Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: xh+QacsLf8HouCs6CVr5DTCX4u8YdIwcWFwm5SgzVH0=
Subject key identifier: 52:09:EA:01:3F:88:75:70:8E:98:EC:33:CF:2F:45:4E:04:12:35:25
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019D864A29F7F25858BBB012D33DCB1F4263
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 18BA
Signing time: Mon 13 Apr 2026 10:01:40 +0000
Manifest this update: Mon 13 Apr 2026 10:01:40 +0000
Manifest next update: Tue 14 Apr 2026 10:01:40 +0000
Files and hashes: 1: IGA1ulxSxKGkoLSG34jnJfGS8GM.asa (hash: Wb9Cwa31gXG46doK7XO0BE6KGITY40XEAXzduJEsDJA=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: cGB65v+Ouv9AfWfScbPQikPTIcgr2U/GUnLSYj72Qf4=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 Apr 2026 10:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:86:4a:29:f7:f2:58:58:bb:b0:12:d3:3d:cb:1f:42:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Apr 13 10:01:40 2026 GMT
Not After : Apr 14 10:01:40 2026 GMT
Subject: CN=5209ea013f8875708e98ec33cf2f454e04123525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:06:fc:94:c8:d4:4c:63:ec:1a:a5:b3:76:e6:
fe:bc:b3:1e:3e:06:76:e7:12:32:36:23:88:8a:0c:
2b:47:0c:e9:7d:b2:60:88:c0:c6:93:51:99:1d:7f:
99:eb:af:22:83:36:65:50:e6:77:8b:1c:31:87:c3:
17:d2:62:7d:d0:7a:48:0e:f0:31:54:14:7c:e9:e9:
31:84:e4:1f:59:74:bb:f0:da:a7:50:16:d3:b3:6c:
ee:c9:9c:be:57:cc:31:89:70:0c:af:cd:ef:6d:26:
a7:bd:26:e5:71:8e:af:05:c8:35:6c:dd:90:fa:66:
d0:44:10:dc:5a:6e:d8:d9:48:f3:8e:e4:79:16:18:
fe:9d:87:fd:25:59:6d:44:f6:9a:fb:d9:0e:2c:66:
e7:12:64:56:d8:4d:49:ba:1d:36:07:8b:3a:0c:71:
8f:04:53:8e:ab:a4:99:41:64:2b:b1:fc:b5:62:a1:
92:73:77:d7:1d:1f:1a:4c:08:9c:2c:1d:53:2f:c9:
dd:3e:8a:08:66:7a:f5:4f:fb:82:ab:ed:3a:b3:e5:
9a:70:c6:c6:da:b1:8c:5a:01:11:95:57:8e:c3:0d:
b8:ed:c4:1f:a7:aa:d2:d6:4f:1e:d0:9e:8f:e2:ac:
8f:18:03:82:51:98:32:ea:2e:97:53:e0:4a:6c:c9:
f4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:09:EA:01:3F:88:75:70:8E:98:EC:33:CF:2F:45:4E:04:12:35:25
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:69:43:6e:2a:ba:bf:e9:a7:ae:e6:c1:cc:1f:13:29:34:72:
63:9e:72:0c:fa:1c:cf:fe:21:da:46:8e:72:4d:c3:28:c2:ac:
c1:88:2d:2b:3c:28:12:61:d3:70:dd:09:73:b5:41:6b:70:4b:
4b:ea:52:ee:b9:af:02:d6:9b:06:0c:1e:dd:6f:1a:c2:5e:27:
45:6d:1a:ce:bd:6c:14:82:95:d2:85:2e:60:0b:ac:a6:7d:f9:
50:54:3c:78:f4:4f:89:36:48:da:16:82:4f:f9:d6:c3:12:3e:
7e:21:6e:fc:62:51:be:bf:a1:5a:bc:71:bf:c0:36:70:a4:56:
fe:c7:8c:04:be:24:fb:94:ed:b6:ce:e6:bb:ee:7c:39:56:b9:
ea:3e:76:b9:9a:c3:3c:85:da:7b:68:ad:18:49:87:05:ef:50:
ae:94:ac:e6:94:ec:4c:48:38:f5:04:ff:cc:be:d9:a1:27:bb:
7d:ae:ee:fd:01:48:78:c8:39:65:e3:4f:f1:45:3f:2d:aa:2d:
3d:cf:9b:6f:45:db:98:65:58:7a:c6:1a:39:fe:b6:94:8e:87:
df:4d:db:ef:98:ab:d7:b7:9d:dd:62:67:02:81:be:60:86:54:
f5:b0:15:35:ba:da:72:b5:d6:7f:33:0e:dd:cf:07:24:a9:25:
57:5d:f9:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2GSin38lhYu7AS0z3LH0JjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwNDEzMTAwMTQwWhcNMjYwNDE0MTAwMTQwWjAzMTEwLwYDVQQD
Eyg1MjA5ZWEwMTNmODg3NTcwOGU5OGVjMzNjZjJmNDU0ZTA0MTIzNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Qb8lMjUTGPsGqWzdub+vLMePgZ2
5xIyNiOIigwrRwzpfbJgiMDGk1GZHX+Z668igzZlUOZ3ixwxh8MX0mJ90HpIDvAx
VBR86ekxhOQfWXS78NqnUBbTs2zuyZy+V8wxiXAMr83vbSanvSblcY6vBcg1bN2Q
+mbQRBDcWm7Y2UjzjuR5Fhj+nYf9JVltRPaa+9kOLGbnEmRW2E1Juh02B4s6DHGP
BFOOq6SZQWQrsfy1YqGSc3fXHR8aTAicLB1TL8ndPooIZnr1T/uCq+06s+WacMbG
2rGMWgERlVeOww247cQfp6rS1k8e0J6P4qyPGAOCUZgy6i6XU+BKbMn0iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFIJ6gE/iHVwjpjsM88vRU4EEjUlMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKWlDbiq6
v+mnrubBzB8TKTRyY55yDPocz/4h2kaOck3DKMKswYgtKzwoEmHTcN0Jc7VBa3BL
S+pS7rmvAtabBgwe3W8awl4nRW0azr1sFIKV0oUuYAuspn35UFQ8ePRPiTZI2haC
T/nWwxI+fiFu/GJRvr+hWrxxv8A2cKRW/seMBL4k+5Ttts7mu+58OVa56j52uZrD
PIXae2itGEmHBe9QrpSs5pTsTEg49QT/zL7ZoSe7fa7u/QFIeMg5ZeNP8UU/Laot
Pc+bb0XbmGVYesYaOf62lI6H303b75ir17ed3WJnAoG+YIZU9bAVNbracrXWfzMO
3c8HJKklV1352Q==
-----END CERTIFICATE-----
Generated at Mon Apr 13 16:43:00 2026 by rpki-client