Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: OxgXsEugeLRemu7Ei4rph0c3PUKGU9JMO9LVw8WJnrk=
Subject key identifier: 5C:FE:AF:61:30:A5:CA:63:BC:3F:FB:F2:47:D8:7E:55:56:B7:EC:FE
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019D710C852F694A99E9B5CEDDC17E66F832
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 18AF
Signing time: Thu 09 Apr 2026 07:02:19 +0000
Manifest this update: Thu 09 Apr 2026 07:02:19 +0000
Manifest next update: Fri 10 Apr 2026 07:02:19 +0000
Files and hashes: 1: IGA1ulxSxKGkoLSG34jnJfGS8GM.asa (hash: Wb9Cwa31gXG46doK7XO0BE6KGITY40XEAXzduJEsDJA=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: pf2RLoeBiW43JMMbO/hwoTsaZS+uH227LHHES7Y5QI0=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 Apr 2026 00:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:71:0c:85:2f:69:4a:99:e9:b5:ce:dd:c1:7e:66:f8:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Apr 9 07:02:19 2026 GMT
Not After : Apr 10 07:02:19 2026 GMT
Subject: CN=5cfeaf6130a5ca63bc3ffbf247d87e5556b7ecfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:7b:e3:3d:2c:16:24:88:ab:13:d2:37:86:e1:
cb:1d:27:dc:c7:35:13:0e:84:04:40:00:95:05:6f:
a9:c2:cc:0a:2b:be:19:72:a9:92:03:52:68:c1:f8:
46:59:63:ee:04:d6:50:95:74:bd:c2:28:61:8e:8b:
41:b0:53:41:e3:d8:a7:10:6e:8d:f0:96:8e:b3:fc:
54:99:20:67:d1:a0:12:d4:a2:99:06:45:f0:df:7b:
9c:7a:2e:5e:2c:a2:9f:87:8f:3e:54:d5:17:f5:c9:
4d:db:6d:26:63:51:ef:72:f9:08:05:4c:71:ff:04:
17:9f:bd:35:a3:06:0f:22:60:07:23:9a:c6:ee:68:
a0:46:66:7e:c8:67:93:68:b2:08:da:7d:56:dd:37:
ca:06:bf:d3:44:34:10:f6:4b:79:2c:64:da:b3:24:
c4:3e:f4:89:9f:94:37:2c:6f:64:04:4f:e2:b4:a6:
80:9f:71:83:ed:07:17:80:44:bc:82:8d:92:71:7e:
5b:3b:61:8a:b2:4d:f6:a6:15:fe:64:e7:fe:e5:db:
f0:d9:43:c7:7c:9e:87:73:f9:a0:63:73:8b:62:79:
c4:39:7d:c4:c2:99:a1:e2:2d:9a:cd:0d:e2:7f:a5:
2f:29:7a:d7:bf:9c:d2:c0:11:9f:db:7e:ef:4a:eb:
b5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:FE:AF:61:30:A5:CA:63:BC:3F:FB:F2:47:D8:7E:55:56:B7:EC:FE
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:00:78:5b:bb:fd:4a:79:4b:44:5d:19:90:18:b3:14:c9:e5:
78:f0:d5:ea:e7:99:ce:c0:24:bb:3f:fd:32:6e:3f:54:82:43:
e7:95:04:68:03:22:8e:72:17:29:de:b5:5c:05:5c:c0:8a:fc:
06:00:db:04:f2:03:73:91:62:eb:78:17:ab:6d:f0:d8:34:1c:
53:8e:73:dc:1f:43:36:2e:d4:ba:91:67:90:c2:d1:99:a0:21:
12:01:be:5f:d5:61:eb:fa:f7:71:5c:e5:ae:42:99:32:74:7b:
26:d1:60:15:96:a5:cf:64:2d:4c:df:97:b8:29:91:07:de:a6:
a6:a9:9e:bc:12:3c:1b:aa:82:33:dc:06:de:71:cd:ce:5a:9f:
96:d1:af:53:02:ca:b7:38:c2:e6:51:5c:35:4c:a9:48:0f:4a:
77:0c:33:db:d5:56:a5:ce:97:4f:16:1c:43:95:e1:11:bb:5b:
f2:eb:83:93:fa:9f:6a:76:5c:fa:22:20:51:ca:61:c6:54:03:
be:ed:1d:d7:95:cd:50:54:65:aa:d6:7a:db:8d:b3:e2:d7:0f:
ea:f5:cb:1b:77:f6:43:2a:9d:71:58:30:8f:a2:a0:e9:17:dd:
3c:01:b9:7d:da:9e:96:78:b2:5a:c0:8e:cc:ca:84:db:07:af:
ce:d5:fa:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ1xDIUvaUqZ6bXO3cF+ZvgyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwNDA5MDcwMjE5WhcNMjYwNDEwMDcwMjE5WjAzMTEwLwYDVQQD
Eyg1Y2ZlYWY2MTMwYTVjYTYzYmMzZmZiZjI0N2Q4N2U1NTU2YjdlY2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA63vjPSwWJIirE9I3huHLHSfcxzUT
DoQEQACVBW+pwswKK74ZcqmSA1JowfhGWWPuBNZQlXS9wihhjotBsFNB49inEG6N
8JaOs/xUmSBn0aAS1KKZBkXw33ucei5eLKKfh48+VNUX9clN220mY1HvcvkIBUxx
/wQXn701owYPImAHI5rG7migRmZ+yGeTaLII2n1W3TfKBr/TRDQQ9kt5LGTasyTE
PvSJn5Q3LG9kBE/itKaAn3GD7QcXgES8go2ScX5bO2GKsk32phX+ZOf+5dvw2UPH
fJ6Hc/mgY3OLYnnEOX3Ewpmh4i2azQ3if6UvKXrXv5zSwBGf237vSuu1+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFz+r2EwpcpjvD/78kfYflVWt+z+MB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADgB4W7v9
SnlLRF0ZkBizFMnlePDV6ueZzsAkuz/9Mm4/VIJD55UEaAMijnIXKd61XAVcwIr8
BgDbBPIDc5Fi63gXq23w2DQcU45z3B9DNi7UupFnkMLRmaAhEgG+X9Vh6/r3cVzl
rkKZMnR7JtFgFZalz2QtTN+XuCmRB96mpqmevBI8G6qCM9wG3nHNzlqfltGvUwLK
tzjC5lFcNUypSA9Kdwwz29VWpc6XTxYcQ5XhEbtb8uuDk/qfanZc+iIgUcphxlQD
vu0d15XNUFRlqtZ6242z4tcP6vXLG3f2QyqdcVgwj6Kg6RfdPAG5fdqelniyWsCO
zMqE2wevztX6BA==
-----END CERTIFICATE-----
Generated at Thu Apr 9 10:26:43 2026 by rpki-client