Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
File: KHtQElUXlEJ0oUa7rNZOaRog-gY.mft (raw, json)
Hash identifier: zZX2UL4iUxtVA5pCHpJ3u57Qs+rEoy+dq0n5lkMKYYU=
Subject key identifier: A7:C6:D2:20:2F:6A:31:E1:43:8F:C1:27:1E:13:3F:54:E6:14:B7:0B
Authority key identifier: 28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06
Certificate issuer: /CN=287b50125517944274a146bbacd64e691a20fa06
Certificate serial: 019D3A5490EA3DEB44F4983B57B527B7CEF5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
Manifest number: 113A
Signing time: Sun 29 Mar 2026 16:01:53 +0000
Manifest this update: Sun 29 Mar 2026 16:01:53 +0000
Manifest next update: Mon 30 Mar 2026 16:01:53 +0000
Files and hashes: 1: KHtQElUXlEJ0oUa7rNZOaRog-gY.crl (hash: EJjGanbU1Lkjrh6d19fzESMb18kyQxMVk8LhmLP2Qho=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:54:90:ea:3d:eb:44:f4:98:3b:57:b5:27:b7:ce:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=287b50125517944274a146bbacd64e691a20fa06
Validity
Not Before: Mar 29 16:01:53 2026 GMT
Not After : Mar 30 16:01:53 2026 GMT
Subject: CN=a7c6d2202f6a31e1438fc1271e133f54e614b70b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:98:f5:ab:93:30:12:49:9d:09:97:c9:7f:22:
32:78:6a:2b:c3:a2:ed:da:d8:de:77:60:a5:67:24:
ef:3a:09:a3:ed:cd:d9:9c:1b:f9:2d:0d:af:ca:da:
08:f8:ed:47:d5:8b:83:c2:6e:df:03:eb:d3:1d:0d:
d4:b2:5a:e0:f6:dd:79:aa:e5:6f:30:d5:77:92:23:
69:1a:e3:ec:a0:79:e6:cc:ac:1f:f1:29:b9:64:5b:
7f:8f:83:8d:7c:34:52:05:6f:e1:e0:ad:70:da:d6:
0f:c8:af:fd:c0:b4:c0:6a:a3:67:f8:4a:5d:38:1d:
3b:64:40:c4:29:c4:bd:ea:9d:2b:6f:1a:f6:7f:b5:
79:19:16:b4:9a:a4:33:97:2c:4c:08:89:e1:e9:ed:
a4:4d:d5:3a:ed:f5:0f:0f:9d:e6:1d:44:5c:35:ef:
dd:40:c7:6a:2f:13:a4:d5:77:67:aa:50:dd:3d:59:
41:e9:16:e0:03:79:c9:d0:6b:16:aa:ed:c9:5c:56:
99:38:5a:85:e4:87:7e:be:e5:ac:b9:2c:64:68:7f:
e3:5d:99:a5:98:07:a7:b5:a4:ff:75:30:e0:10:9f:
5a:fd:95:54:d4:cf:e3:1e:c9:b9:1d:a0:0a:5f:47:
fb:fc:0e:ec:30:1d:b8:3e:26:7b:77:ee:94:a6:5d:
97:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:C6:D2:20:2F:6A:31:E1:43:8F:C1:27:1E:13:3F:54:E6:14:B7:0B
X509v3 Authority Key Identifier:
keyid:28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:3c:17:98:62:17:1d:55:be:e2:94:1e:07:3b:42:e6:f2:bd:
a1:71:89:9f:83:17:4a:f4:05:c9:73:65:90:c6:ae:36:4c:09:
e4:8c:93:b8:99:49:ba:88:cf:4d:b3:8b:e8:d5:c3:93:ff:e1:
2b:63:92:74:cb:f6:e6:00:f5:9c:4f:91:9a:f9:80:c7:1f:aa:
f7:ee:e2:ed:6a:8f:69:0a:93:34:e5:2f:72:51:64:41:95:85:
b8:56:b8:b8:f5:f0:04:59:aa:79:63:3b:1b:7b:58:cb:34:7d:
5b:cb:e7:0e:fa:6d:9a:38:dd:d8:7d:a8:01:63:82:65:cf:7c:
46:89:45:d5:09:6c:5d:a7:e3:9e:fe:41:97:28:07:4c:50:cc:
9e:f4:c1:95:80:de:7a:27:ae:a8:99:c7:4e:57:6e:79:9f:c6:
9b:06:00:78:ef:5b:67:a6:ee:14:02:60:58:8a:50:5d:f5:5b:
9f:1e:b0:f8:9e:2b:78:e5:5d:e6:b6:c2:56:9c:bf:d4:7b:7e:
e6:b9:b5:98:a6:1e:1a:c8:4c:02:be:71:79:d7:9f:69:6c:9c:
8e:31:3d:68:bb:9d:d8:c7:89:b0:ad:c1:4a:71:6b:05:b7:ee:
8e:fc:b0:9e:32:78:15:b3:62:4f:3b:ea:a3:d4:d7:c1:bc:6f:
a2:ea:c6:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VJDqPetE9Jg7V7Unt871MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2I1MDEyNTUxNzk0NDI3NGExNDZiYmFjZDY0ZTY5MWEy
MGZhMDYwHhcNMjYwMzI5MTYwMTUzWhcNMjYwMzMwMTYwMTUzWjAzMTEwLwYDVQQD
EyhhN2M2ZDIyMDJmNmEzMWUxNDM4ZmMxMjcxZTEzM2Y1NGU2MTRiNzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5j1q5MwEkmdCZfJfyIyeGorw6Lt
2tjed2ClZyTvOgmj7c3ZnBv5LQ2vytoI+O1H1YuDwm7fA+vTHQ3Uslrg9t15quVv
MNV3kiNpGuPsoHnmzKwf8Sm5ZFt/j4ONfDRSBW/h4K1w2tYPyK/9wLTAaqNn+Epd
OB07ZEDEKcS96p0rbxr2f7V5GRa0mqQzlyxMCInh6e2kTdU67fUPD53mHURcNe/d
QMdqLxOk1XdnqlDdPVlB6RbgA3nJ0GsWqu3JXFaZOFqF5Id+vuWsuSxkaH/jXZml
mAentaT/dTDgEJ9a/ZVU1M/jHsm5HaAKX0f7/A7sMB24PiZ7d+6Upl2XuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKfG0iAvajHhQ4/BJx4TP1TmFLcLMB8GA1UdIwQY
MBaAFCh7UBJVF5RCdKFGu6zWTmkaIPoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgt
YWFiNmM4YmE1YmQ0LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgtYWFiNmM4YmE1YmQ0
LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlTwXmGIX
HVW+4pQeBztC5vK9oXGJn4MXSvQFyXNlkMauNkwJ5IyTuJlJuojPTbOL6NXDk//h
K2OSdMv25gD1nE+RmvmAxx+q9+7i7WqPaQqTNOUvclFkQZWFuFa4uPXwBFmqeWM7
G3tYyzR9W8vnDvptmjjd2H2oAWOCZc98RolF1QlsXafjnv5BlygHTFDMnvTBlYDe
eieuqJnHTldueZ/GmwYAeO9bZ6buFAJgWIpQXfVbnx6w+J4reOVd5rbCVpy/1Ht+
5rm1mKYeGshMAr5xedefaWycjjE9aLud2MeJsK3BSnFrBbfujvywnjJ4FbNiTzvq
o9TXwbxvourGEw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:35:51 2026 by rpki-client