Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: fl3qSUlohsN5WUYs3bS7VyU4BefPziKXRmiZz6+39Ec=
Subject key identifier: 5A:0D:5B:24:18:A3:DC:E6:EE:36:65:62:68:B6:01:E7:7B:91:CD:72
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019D40C389188A678360E746A75E6B02F9EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 1895
Signing time: Mon 30 Mar 2026 22:00:49 +0000
Manifest this update: Mon 30 Mar 2026 22:00:49 +0000
Manifest next update: Tue 31 Mar 2026 22:00:49 +0000
Files and hashes: 1: 4pTe3zVq_LBaEng6PDXChOvOrYM.asa (hash: ajIeKP46hnwug0OLXYz0+5iBNt1utjAL/IG5/ovLQUU=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: oKUSP7j0DdCmuRHcgOeEy3zWxRjdujCxqiqwId2ISds=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 31 Mar 2026 19:28:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:40:c3:89:18:8a:67:83:60:e7:46:a7:5e:6b:02:f9:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Mar 30 22:00:49 2026 GMT
Not After : Mar 31 22:00:49 2026 GMT
Subject: CN=5a0d5b2418a3dce6ee36656268b601e77b91cd72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:fa:6c:d6:9a:df:1b:e9:22:b1:9e:d0:dd:a1:
69:86:36:20:63:7a:be:4c:14:ab:65:f5:36:69:17:
e8:69:c3:55:42:f2:d0:c8:2d:13:f7:b9:b3:5b:58:
3a:7b:d6:b9:69:9a:6a:5a:a7:52:38:3e:9f:8c:30:
f7:eb:fc:4f:a7:64:64:ed:e0:f1:1a:07:83:e4:c8:
5b:95:6c:d7:d0:ac:3a:fe:4f:b0:37:a3:3b:4a:fe:
d5:7b:3e:3e:2a:f7:85:ee:75:0a:cc:81:05:b6:79:
fa:6b:6a:70:c4:dd:2a:6e:47:48:95:62:8a:01:3d:
2e:f3:1c:82:5c:eb:9c:64:ec:ec:6e:d6:08:1d:c1:
08:b8:1b:d1:8a:3a:b2:e5:4e:d7:03:3a:d6:b4:e5:
26:65:ae:6f:f1:f4:e1:2d:30:92:7b:a5:fa:17:8c:
35:cc:cf:95:70:d4:b0:b4:eb:44:64:37:7f:85:a9:
b7:1c:8d:7d:aa:2d:02:bc:42:45:98:21:ee:b4:65:
3b:2c:b9:88:d6:79:47:72:d4:5f:af:ad:f5:6b:28:
bf:c1:52:c1:4b:73:8b:8d:f6:79:1f:53:60:9c:c2:
10:09:67:27:ad:97:f3:cd:95:36:c9:6f:40:92:00:
91:4a:e2:61:24:05:8c:ce:2c:84:18:32:df:55:ad:
4b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:0D:5B:24:18:A3:DC:E6:EE:36:65:62:68:B6:01:E7:7B:91:CD:72
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:24:87:74:a5:0e:97:04:63:6c:43:0d:f0:c7:ae:1e:0c:d8:
0b:a3:be:27:61:08:0c:52:d9:83:cd:6f:67:6c:e1:f4:65:c4:
70:9f:49:05:c0:84:40:8b:a1:02:ae:a8:b2:4c:b4:62:55:bd:
f5:70:81:70:a6:de:65:50:2d:85:4b:84:6d:fd:fe:36:17:97:
5f:53:f6:33:66:b3:6a:4f:70:7f:3e:4c:93:45:61:76:3f:90:
1e:43:ee:ef:0f:ab:87:e5:06:61:0b:cf:74:dc:70:f3:15:ac:
84:f7:dc:35:da:fe:9a:10:d5:f8:0b:88:a4:f0:00:6e:96:ed:
95:29:ad:5b:06:94:ab:81:51:5a:22:69:63:a6:2b:e8:d0:1c:
89:15:7e:79:f6:48:9f:48:c7:e5:54:b5:38:0d:d3:3e:d7:d2:
08:68:8f:10:87:84:34:83:bc:47:09:74:c8:2d:8c:f4:f3:26:
e5:82:18:a2:73:c3:71:84:e6:ee:c3:7c:42:e2:c2:38:e5:49:
c5:a8:55:79:46:58:ee:24:20:b2:f9:31:a9:3c:89:6e:69:fd:
01:b5:a1:28:ff:78:03:42:91:5f:87:23:f6:e9:a8:c9:c7:8a:
41:f6:96:05:c3:88:0c:ed:88:9a:9c:65:0f:5f:b9:50:b0:41:
c9:65:39:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ1Aw4kYimeDYOdGp15rAvnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwMzMwMjIwMDQ5WhcNMjYwMzMxMjIwMDQ5WjAzMTEwLwYDVQQD
Eyg1YTBkNWIyNDE4YTNkY2U2ZWUzNjY1NjI2OGI2MDFlNzdiOTFjZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9vps1prfG+kisZ7Q3aFphjYgY3q+
TBSrZfU2aRfoacNVQvLQyC0T97mzW1g6e9a5aZpqWqdSOD6fjDD36/xPp2Rk7eDx
GgeD5MhblWzX0Kw6/k+wN6M7Sv7Vez4+KveF7nUKzIEFtnn6a2pwxN0qbkdIlWKK
AT0u8xyCXOucZOzsbtYIHcEIuBvRijqy5U7XAzrWtOUmZa5v8fThLTCSe6X6F4w1
zM+VcNSwtOtEZDd/ham3HI19qi0CvEJFmCHutGU7LLmI1nlHctRfr631ayi/wVLB
S3OLjfZ5H1NgnMIQCWcnrZfzzZU2yW9AkgCRSuJhJAWMziyEGDLfVa1L5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFoNWyQYo9zm7jZlYmi2Aed7kc1yMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbSSHdKUO
lwRjbEMN8MeuHgzYC6O+J2EIDFLZg81vZ2zh9GXEcJ9JBcCEQIuhAq6osky0YlW9
9XCBcKbeZVAthUuEbf3+NheXX1P2M2azak9wfz5Mk0Vhdj+QHkPu7w+rh+UGYQvP
dNxw8xWshPfcNdr+mhDV+AuIpPAAbpbtlSmtWwaUq4FRWiJpY6Yr6NAciRV+efZI
n0jH5VS1OA3TPtfSCGiPEIeENIO8Rwl0yC2M9PMm5YIYonPDcYTm7sN8QuLCOOVJ
xahVeUZY7iQgsvkxqTyJbmn9AbWhKP94A0KRX4cj9umoyceKQfaWBcOIDO2Impxl
D1+5ULBByWU5nw==
-----END CERTIFICATE-----
Generated at Tue Mar 31 02:14:38 2026 by rpki-client