Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: X6tgyMWL7ZHQ6glsZaHRc7XMxkZ/MlA1DWCMQkzNdYc=
Subject key identifier: D4:D2:AB:0F:71:67:AB:FD:21:1D:37:95:81:2D:BC:5A:FA:C0:C4:AB
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019D9F647A582D5314481B1FBE12ADEA4CC3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 18C7
Signing time: Sat 18 Apr 2026 07:00:55 +0000
Manifest this update: Sat 18 Apr 2026 07:00:55 +0000
Manifest next update: Sun 19 Apr 2026 07:00:55 +0000
Files and hashes: 1: IGA1ulxSxKGkoLSG34jnJfGS8GM.asa (hash: Wb9Cwa31gXG46doK7XO0BE6KGITY40XEAXzduJEsDJA=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: w+zn3E6k2GSkYuMfh26iT9Pz+IpZcOqev0CWqa/Q6HQ=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 07:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9f:64:7a:58:2d:53:14:48:1b:1f:be:12:ad:ea:4c:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Apr 18 07:00:55 2026 GMT
Not After : Apr 19 07:00:55 2026 GMT
Subject: CN=d4d2ab0f7167abfd211d3795812dbc5afac0c4ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d9:26:d6:8d:56:42:f4:0d:4c:2c:e0:ae:86:
69:ad:81:81:44:73:13:0e:cd:4a:42:63:f5:25:00:
09:5d:8c:a2:c4:a6:b9:24:b6:af:d6:76:93:df:9b:
08:cf:6e:a4:26:d8:99:5c:d2:03:97:05:84:20:46:
30:ac:ef:dc:63:03:5e:88:f3:dc:46:cd:c8:9f:c3:
94:d0:a9:af:0d:c1:56:fc:db:77:29:ab:d4:df:f7:
13:39:e9:67:94:db:c1:8f:3c:c8:7c:80:b6:0c:c9:
0c:b8:98:ef:7b:85:45:f5:54:23:40:e2:84:94:51:
fb:77:7a:9b:a8:29:39:b8:33:93:72:9b:e8:74:46:
37:22:0d:33:31:83:6d:3d:89:2a:e0:21:17:42:6a:
0b:73:d0:b5:6c:f7:08:33:ec:72:6e:70:62:eb:f4:
ac:ef:ed:a4:c1:f2:1c:f8:9b:eb:ca:19:9b:24:bc:
ba:bc:bd:f8:1b:e1:cb:d1:9a:64:6c:79:c4:16:75:
af:e5:2e:ab:03:30:3e:49:26:d7:ee:c5:09:fd:3f:
af:7b:f5:93:5a:56:98:92:01:70:3b:00:d1:65:b7:
bf:09:51:f7:11:d1:ca:e0:da:46:02:61:d9:9d:14:
00:29:b7:17:d2:a7:7e:8c:5c:31:57:47:29:cd:4d:
c1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D2:AB:0F:71:67:AB:FD:21:1D:37:95:81:2D:BC:5A:FA:C0:C4:AB
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c5:b1:d7:27:1b:51:af:0c:73:70:b2:9a:a7:dc:f7:aa:ec:bc:
ed:e6:14:15:9f:30:38:25:e1:dd:e5:ca:41:da:c0:ab:b9:1b:
92:9b:be:c8:66:6d:58:b7:58:6a:55:1c:71:5e:af:a7:de:64:
32:b6:4a:66:0e:a4:59:1f:1b:ae:81:bd:24:db:48:bb:f0:4c:
27:1a:e2:2e:3a:55:22:dd:a3:b9:c4:80:a3:58:f1:17:52:69:
b4:94:b7:6a:95:25:96:dd:c7:98:cf:0a:77:67:e6:d7:0a:d0:
c6:bf:ee:fd:22:15:21:66:d3:44:10:49:03:cd:24:41:e8:87:
f8:6b:c3:95:95:64:77:72:14:91:b4:eb:72:20:36:93:82:a0:
df:d8:15:50:80:a7:ec:59:cb:07:24:dc:fd:06:ac:b0:97:23:
5b:c6:8a:e2:cc:44:cd:20:d9:fc:8c:c7:5f:6a:89:31:50:07:
75:73:10:bd:4c:a7:f3:d5:f6:8a:e7:fa:a4:19:f4:cc:37:a9:
b0:c0:2e:90:ec:dc:82:81:d2:6a:9f:cc:37:13:aa:1b:f5:40:
b7:77:32:c9:18:51:ab:9c:fb:3b:bb:2f:9e:db:0c:6b:28:5a:
49:ce:9c:2c:08:66:a0:bd:49:3c:a4:37:43:68:9b:f8:47:d5:
55:9f:17:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2fZHpYLVMUSBsfvhKt6kzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwNDE4MDcwMDU1WhcNMjYwNDE5MDcwMDU1WjAzMTEwLwYDVQQD
EyhkNGQyYWIwZjcxNjdhYmZkMjExZDM3OTU4MTJkYmM1YWZhYzBjNGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tkm1o1WQvQNTCzgroZprYGBRHMT
Ds1KQmP1JQAJXYyixKa5JLav1naT35sIz26kJtiZXNIDlwWEIEYwrO/cYwNeiPPc
Rs3In8OU0KmvDcFW/Nt3KavU3/cTOelnlNvBjzzIfIC2DMkMuJjve4VF9VQjQOKE
lFH7d3qbqCk5uDOTcpvodEY3Ig0zMYNtPYkq4CEXQmoLc9C1bPcIM+xybnBi6/Ss
7+2kwfIc+JvryhmbJLy6vL34G+HL0ZpkbHnEFnWv5S6rAzA+SSbX7sUJ/T+ve/WT
WlaYkgFwOwDRZbe/CVH3EdHK4NpGAmHZnRQAKbcX0qd+jFwxV0cpzU3BMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNTSqw9xZ6v9IR03lYEtvFr6wMSrMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxbHXJxtR
rwxzcLKap9z3quy87eYUFZ8wOCXh3eXKQdrAq7kbkpu+yGZtWLdYalUccV6vp95k
MrZKZg6kWR8broG9JNtIu/BMJxriLjpVIt2jucSAo1jxF1JptJS3apUllt3HmM8K
d2fm1wrQxr/u/SIVIWbTRBBJA80kQeiH+GvDlZVkd3IUkbTrciA2k4Kg39gVUICn
7FnLByTc/QassJcjW8aK4sxEzSDZ/IzHX2qJMVAHdXMQvUyn89X2iuf6pBn0zDep
sMAukOzcgoHSap/MNxOqG/VAt3cyyRhRq5z7O7svntsMayhaSc6cLAhmoL1JPKQ3
Q2ib+EfVVZ8XVA==
-----END CERTIFICATE-----
Generated at Sat Apr 18 17:54:52 2026 by rpki-client