Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: OGNbW+OobNVqkGyRZ7TkwK0sk6bwdH5ZebaW2HsCRgA=
Subject key identifier: D2:1B:19:3D:39:CA:FB:55:4C:A4:F2:E0:FC:85:C6:6A:05:61:5E:3E
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019DD19A4A5AE6CAEA32A76E5B8FABCA8E3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 18E1
Signing time: Tue 28 Apr 2026 01:00:42 +0000
Manifest this update: Tue 28 Apr 2026 01:00:42 +0000
Manifest next update: Wed 29 Apr 2026 01:00:42 +0000
Files and hashes: 1: IGA1ulxSxKGkoLSG34jnJfGS8GM.asa (hash: Wb9Cwa31gXG46doK7XO0BE6KGITY40XEAXzduJEsDJA=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: y09R8vtiSfY32NbsL/f1xKVQq32iEBvdqqSuEv06Mp8=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 01:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d1:9a:4a:5a:e6:ca:ea:32:a7:6e:5b:8f:ab:ca:8e:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Apr 28 01:00:42 2026 GMT
Not After : Apr 29 01:00:42 2026 GMT
Subject: CN=d21b193d39cafb554ca4f2e0fc85c66a05615e3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:48:e1:81:3f:0e:0c:6f:f4:b1:56:85:04:1d:
cb:48:2c:59:67:c9:d2:ff:e3:ac:eb:2e:6d:e8:14:
86:eb:06:9c:94:f6:3c:7a:c0:24:71:ee:43:dc:7d:
60:4d:35:c6:3d:14:40:02:28:3a:9c:13:26:d5:2e:
01:89:6f:17:ed:3f:11:b5:5c:52:fb:44:f1:09:5b:
06:af:d8:6e:31:1f:ac:09:17:4e:eb:40:7d:db:02:
7a:12:64:f6:c9:92:1c:d8:16:76:29:35:69:48:fa:
48:f5:22:65:ba:21:70:34:2e:d9:8d:5a:08:52:6a:
72:83:71:7a:58:88:0a:9f:f6:60:fb:6b:76:ee:4e:
d8:3c:19:ca:a5:0e:dc:f1:4f:75:a8:0d:4c:43:20:
0e:f6:8d:27:16:db:6f:32:e4:ea:00:a9:8c:dd:cd:
4b:fe:39:f3:7f:52:2e:11:39:bb:ee:a2:3f:c8:a8:
22:e6:b7:65:bc:4b:21:d9:db:08:36:6e:7b:23:e1:
3d:73:55:47:ef:98:ea:ff:f4:b1:f4:42:25:fe:73:
a9:ef:e8:3c:fa:91:a2:24:98:9c:b6:4e:5c:7b:b4:
d4:25:d7:ac:95:48:16:de:ac:64:64:97:39:03:da:
03:08:a1:66:27:fb:88:da:e1:e4:d6:ff:c8:0a:8b:
8f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:1B:19:3D:39:CA:FB:55:4C:A4:F2:E0:FC:85:C6:6A:05:61:5E:3E
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:18:5d:4e:a5:ba:8e:47:12:f7:04:f1:ce:ff:36:8e:ac:54:
5f:cb:07:a3:fd:78:89:4c:89:08:f4:3b:61:2e:df:f2:73:07:
74:e3:71:e7:62:ca:e9:c8:c7:c8:14:07:9c:b8:bd:71:7c:7d:
07:3f:84:4b:30:66:a7:d8:35:b9:6a:6a:89:cf:21:f1:5b:6a:
26:d2:87:06:6e:23:af:cb:5d:47:e2:95:28:60:fb:0a:ab:0e:
54:24:ba:8a:94:25:1b:6c:a7:c3:0c:ff:b3:de:f4:6a:6d:68:
d4:da:8f:eb:91:77:6f:88:0e:f1:2b:b3:9a:f1:3a:47:61:14:
b2:cc:da:a3:cd:68:e0:29:51:2b:1d:e8:c1:ae:cc:d4:e7:83:
2f:ac:7f:24:f3:86:4a:dd:3c:9f:37:54:5a:9b:4b:b4:7e:6c:
f1:a9:2b:44:8c:13:1d:3c:23:de:cd:29:ee:aa:08:c2:58:a0:
44:ab:8d:ef:aa:75:23:35:28:f7:6c:79:ff:67:2a:b1:61:9f:
a5:36:2f:ab:ca:4a:0d:5d:51:59:44:e1:e4:8d:07:05:c2:38:
dd:5b:b8:5d:a8:5d:7e:5f:30:91:ef:64:53:f0:59:0d:00:b7:
75:19:9e:ce:ef:dd:a2:95:41:29:26:f0:5d:ab:90:a0:55:5f:
b7:21:a1:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3Rmkpa5srqMqduW4+ryo4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwNDI4MDEwMDQyWhcNMjYwNDI5MDEwMDQyWjAzMTEwLwYDVQQD
EyhkMjFiMTkzZDM5Y2FmYjU1NGNhNGYyZTBmYzg1YzY2YTA1NjE1ZTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30jhgT8ODG/0sVaFBB3LSCxZZ8nS
/+Os6y5t6BSG6waclPY8esAkce5D3H1gTTXGPRRAAig6nBMm1S4BiW8X7T8RtVxS
+0TxCVsGr9huMR+sCRdO60B92wJ6EmT2yZIc2BZ2KTVpSPpI9SJluiFwNC7ZjVoI
Umpyg3F6WIgKn/Zg+2t27k7YPBnKpQ7c8U91qA1MQyAO9o0nFttvMuTqAKmM3c1L
/jnzf1IuETm77qI/yKgi5rdlvEsh2dsINm57I+E9c1VH75jq//Sx9EIl/nOp7+g8
+pGiJJictk5ce7TUJdeslUgW3qxkZJc5A9oDCKFmJ/uI2uHk1v/ICouP7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNIbGT05yvtVTKTy4PyFxmoFYV4+MB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAERhdTqW6
jkcS9wTxzv82jqxUX8sHo/14iUyJCPQ7YS7f8nMHdONx52LK6cjHyBQHnLi9cXx9
Bz+ESzBmp9g1uWpqic8h8VtqJtKHBm4jr8tdR+KVKGD7CqsOVCS6ipQlG2ynwwz/
s970am1o1NqP65F3b4gO8SuzmvE6R2EUsszao81o4ClRKx3owa7M1OeDL6x/JPOG
St08nzdUWptLtH5s8akrRIwTHTwj3s0p7qoIwligRKuN76p1IzUo92x5/2cqsWGf
pTYvq8pKDV1RWUTh5I0HBcI43Vu4Xahdfl8wke9kU/BZDQC3dRmezu/dopVBKSbw
XauQoFVftyGh2w==
-----END CERTIFICATE-----
Generated at Tue Apr 28 07:06:54 2026 by rpki-client