Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: hW8Nwnu+YpthPnafzO/wfL6N4U0R0mEdAw6NHcR5GY0=
Subject key identifier: DA:0F:43:2E:39:C8:4E:19:98:5A:44:0C:90:33:3F:D2:4E:92:83:F3
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019D1C1271E54F3EEEF16FEC75BE7117452F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 1882
Signing time: Mon 23 Mar 2026 19:01:03 +0000
Manifest this update: Mon 23 Mar 2026 19:01:03 +0000
Manifest next update: Tue 24 Mar 2026 19:01:03 +0000
Files and hashes: 1: 4pTe3zVq_LBaEng6PDXChOvOrYM.asa (hash: ajIeKP46hnwug0OLXYz0+5iBNt1utjAL/IG5/ovLQUU=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: aoozPE5IrGskJi8WIh3mgkoAbF/3eR+UWl8uIrKaOzk=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 24 Mar 2026 19:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1c:12:71:e5:4f:3e:ee:f1:6f:ec:75:be:71:17:45:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Mar 23 19:01:03 2026 GMT
Not After : Mar 24 19:01:03 2026 GMT
Subject: CN=da0f432e39c84e19985a440c90333fd24e9283f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:55:f7:d2:78:20:23:1a:9c:cb:92:01:fa:e1:
46:d5:3f:00:24:ce:ce:55:ad:62:47:e7:b2:93:95:
40:c7:0e:a3:d2:d5:c2:10:83:84:0e:34:2a:8b:1f:
ae:09:6f:ff:dd:d8:e5:98:7e:57:93:3e:06:09:cf:
b1:74:24:93:73:fa:23:dc:ef:0a:73:b0:55:a1:e0:
16:d0:b9:9b:05:32:21:68:f9:a0:4f:b2:46:e0:0e:
2f:f0:a6:ec:b9:a4:c1:c4:d8:bd:1d:42:40:b5:4d:
2d:c9:65:91:13:a6:85:52:27:4f:f0:d0:02:59:fb:
64:93:6f:85:80:9a:b1:da:b0:53:e2:79:d2:e8:60:
3e:ab:00:00:ee:a3:59:d7:9d:30:d0:d6:58:f6:04:
8e:26:91:15:48:1e:79:3b:70:95:8b:b4:b0:cd:73:
da:36:f6:d2:db:09:2c:39:58:9b:df:d8:3a:28:e0:
c5:28:cf:9f:d0:62:b2:93:5a:e8:67:3f:ba:e0:94:
40:2c:6a:b2:be:11:bd:87:02:c0:e6:75:18:66:7b:
b3:3f:30:11:f0:3e:1e:a9:0e:e0:b0:0f:5d:11:29:
fb:83:a5:d0:ae:14:bf:55:ae:36:f5:1c:be:b1:0d:
a3:e4:dc:1a:59:18:c3:7d:b1:30:4a:85:5d:8d:69:
c9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:0F:43:2E:39:C8:4E:19:98:5A:44:0C:90:33:3F:D2:4E:92:83:F3
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:d4:2e:ac:0f:7d:22:fa:fb:38:9b:75:42:96:b8:f9:35:99:
c0:fa:a1:ad:fe:7f:e1:42:57:6a:97:75:af:f0:b5:1b:60:78:
ac:af:b5:78:9d:2d:22:53:03:94:3e:be:16:02:c4:78:6c:54:
1a:42:a6:3f:bd:70:34:02:c5:50:24:58:98:89:0c:1d:ca:71:
fd:15:0f:d9:80:3a:96:8b:b5:c4:ae:0e:a2:1f:43:26:8a:7c:
1c:11:62:ba:18:9b:f9:17:6e:fa:4b:b9:4a:64:58:1a:c0:51:
ac:29:27:67:9b:cc:76:fc:46:75:27:21:04:51:37:e3:7b:15:
c2:39:41:a5:cf:48:d3:19:79:02:1f:c7:ac:33:1d:e2:9a:65:
d5:75:54:57:9a:25:49:c0:18:2d:24:59:01:a9:48:e2:c9:20:
6e:00:ce:7b:e1:91:87:1a:cb:0b:7f:d3:c2:b8:bb:62:a2:4f:
0f:7f:5b:eb:da:eb:bc:e9:91:cd:79:c9:01:eb:af:7e:12:94:
c1:29:70:39:89:13:7f:f8:35:d2:0d:43:de:e1:2c:29:9c:b2:
db:5f:db:a5:80:dd:63:c4:8f:b1:fd:00:37:1e:87:ae:3c:21:
92:cd:4a:1c:ef:7a:6c:25:50:e6:f5:39:dd:6f:37:5e:93:80:
2b:f2:e0:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0cEnHlTz7u8W/sdb5xF0UvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwMzIzMTkwMTAzWhcNMjYwMzI0MTkwMTAzWjAzMTEwLwYDVQQD
EyhkYTBmNDMyZTM5Yzg0ZTE5OTg1YTQ0MGM5MDMzM2ZkMjRlOTI4M2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FX30nggIxqcy5IB+uFG1T8AJM7O
Va1iR+eyk5VAxw6j0tXCEIOEDjQqix+uCW//3djlmH5Xkz4GCc+xdCSTc/oj3O8K
c7BVoeAW0LmbBTIhaPmgT7JG4A4v8KbsuaTBxNi9HUJAtU0tyWWRE6aFUidP8NAC
Wftkk2+FgJqx2rBT4nnS6GA+qwAA7qNZ150w0NZY9gSOJpEVSB55O3CVi7SwzXPa
NvbS2wksOVib39g6KODFKM+f0GKyk1roZz+64JRALGqyvhG9hwLA5nUYZnuzPzAR
8D4eqQ7gsA9dESn7g6XQrhS/Va429Ry+sQ2j5NwaWRjDfbEwSoVdjWnJlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNoPQy45yE4ZmFpEDJAzP9JOkoPzMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMtQurA99
Ivr7OJt1Qpa4+TWZwPqhrf5/4UJXapd1r/C1G2B4rK+1eJ0tIlMDlD6+FgLEeGxU
GkKmP71wNALFUCRYmIkMHcpx/RUP2YA6lou1xK4Ooh9DJop8HBFiuhib+Rdu+ku5
SmRYGsBRrCknZ5vMdvxGdSchBFE343sVwjlBpc9I0xl5Ah/HrDMd4ppl1XVUV5ol
ScAYLSRZAalI4skgbgDOe+GRhxrLC3/Twri7YqJPD39b69rrvOmRzXnJAeuvfhKU
wSlwOYkTf/g10g1D3uEsKZyy21/bpYDdY8SPsf0ANx6Hrjwhks1KHO96bCVQ5vU5
3W83XpOAK/LgWA==
-----END CERTIFICATE-----
Generated at Tue Mar 24 04:16:09 2026 by rpki-client