Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
File: khjNJev3TLGwBLAe5QVQP_8kbWE.mft (raw, json)
Hash identifier: 9U7WYCEXiGjSJ1ca/gSxCd0njRiiUMP/fbM5haebEpY=
Subject key identifier: 16:39:A0:6D:E1:10:39:99:E2:83:EB:03:7D:C4:69:85:B2:3B:C9:BB
Authority key identifier: 92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
Certificate issuer: /CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Certificate serial: 019D38D3C72B975DFA84ADF72018D860544B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
Manifest number: 06C7
Signing time: Sun 29 Mar 2026 09:01:36 +0000
Manifest this update: Sun 29 Mar 2026 09:01:36 +0000
Manifest next update: Mon 30 Mar 2026 09:01:36 +0000
Files and hashes: 1: WsvNi9fHVaR-QhhBc-1gHE69wug.roa (hash: Lfbnxpr5l5lYF7k2njm/AqL3hJumFpGwecHcxo26Gqc=)
2: khjNJev3TLGwBLAe5QVQP_8kbWE.crl (hash: T+FzKQEzujCVCJqnAcRawqIdt7sZ5SVIGKizaJPEsXA=)
3: rmPK-2arqwQhilMnOZ0KFnfC2n0.roa (hash: Ik9jCJ7xxR+lg/nG9DpBqXvmyqxrBlr3ClzK4O2QwTU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:c7:2b:97:5d:fa:84:ad:f7:20:18:d8:60:54:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Validity
Not Before: Mar 29 09:01:36 2026 GMT
Not After : Mar 30 09:01:36 2026 GMT
Subject: CN=1639a06de1103999e283eb037dc46985b23bc9bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e9:4e:cb:d8:27:86:94:fb:16:f5:c8:d7:81:
f7:21:be:e7:b3:d3:07:68:d4:89:0f:fc:c4:0e:e8:
c5:86:25:9a:3b:a5:a9:b1:01:f0:4a:b1:93:52:fa:
6c:ff:0f:d1:a5:99:bb:b2:d1:29:b5:3c:ba:41:0d:
06:87:20:f5:1e:1d:66:8c:30:23:1b:33:f8:e5:a3:
38:c2:97:09:a0:82:16:82:75:66:28:d6:9b:78:a6:
c8:af:fd:48:47:67:e4:bc:90:d3:d8:d7:17:bd:50:
20:64:3e:11:dc:f3:d6:82:1c:f9:5d:39:b3:0f:0d:
f8:8c:af:b0:93:8a:ae:e5:94:1a:ba:29:7f:b3:49:
41:b4:b1:16:39:af:c0:b6:82:25:89:5e:39:dd:a6:
1f:ad:26:29:3a:4a:b5:24:3f:e0:9f:23:6c:71:33:
09:1e:2a:1e:b0:6f:7b:3f:d4:63:f8:50:57:18:76:
61:99:0c:87:54:64:ab:cc:22:ac:08:b2:bb:cd:24:
f3:f4:ea:79:ed:64:0f:ab:fd:51:8b:71:fd:62:ff:
93:d6:24:d8:9b:dd:7c:ec:e4:28:71:c0:3b:0d:70:
e3:34:49:69:4b:19:f2:cf:fb:a5:63:ab:1b:5e:fd:
b8:4f:ef:0d:37:3f:9d:16:c5:3c:af:6c:77:f8:52:
56:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:39:A0:6D:E1:10:39:99:E2:83:EB:03:7D:C4:69:85:B2:3B:C9:BB
X509v3 Authority Key Identifier:
keyid:92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c9:c2:aa:ac:b6:6b:6e:a5:b9:83:9a:49:cc:68:cf:55:4d:80:
c9:cb:26:47:0e:75:d6:2a:a0:fe:f6:7f:99:7a:a9:7d:71:86:
5e:3c:b1:cb:92:73:5b:15:b5:8d:17:89:53:a3:52:9a:fe:7e:
60:f1:fe:b3:e5:cd:27:0e:92:22:77:e8:23:de:01:b0:aa:99:
7e:f5:22:20:f2:47:b8:56:a5:2b:92:c6:54:4e:9b:c6:42:16:
36:f0:eb:03:d6:91:84:e1:9f:65:54:6b:71:b4:1f:b9:b4:f1:
77:d8:df:ae:17:e8:43:19:0c:44:20:62:1e:dc:a4:44:fe:cb:
26:de:b3:04:4e:2b:8b:95:f0:b7:0e:fb:e6:58:5a:f3:9a:b2:
e0:5e:31:5d:02:91:74:8c:3b:ab:47:9c:2b:ac:21:8b:fc:32:
ff:08:f0:98:7f:24:dd:7a:41:4c:cb:00:92:b9:40:0b:eb:fa:
62:6e:88:c9:98:2e:bb:d9:76:3d:25:c0:05:96:66:30:65:bb:
e0:3f:d3:cb:1f:b0:b7:cf:a0:46:c3:d8:55:2b:50:ae:95:4d:
c5:12:5d:a6:e7:d2:cd:92:d1:5e:9b:ca:4f:fb:a9:90:1e:40:
f8:93:95:ed:31:90:e9:42:e8:69:e3:18:e7:c5:06:ff:a2:29:
cb:7c:56:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0408crl136hK33IBjYYFRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMThjZDI1ZWJmNzRjYjFiMDA0YjAxZWU1MDU1MDNmZmYy
NDZkNjEwHhcNMjYwMzI5MDkwMTM2WhcNMjYwMzMwMDkwMTM2WjAzMTEwLwYDVQQD
EygxNjM5YTA2ZGUxMTAzOTk5ZTI4M2ViMDM3ZGM0Njk4NWIyM2JjOWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnulOy9gnhpT7FvXI14H3Ib7ns9MH
aNSJD/zEDujFhiWaO6WpsQHwSrGTUvps/w/RpZm7stEptTy6QQ0GhyD1Hh1mjDAj
GzP45aM4wpcJoIIWgnVmKNabeKbIr/1IR2fkvJDT2NcXvVAgZD4R3PPWghz5XTmz
Dw34jK+wk4qu5ZQauil/s0lBtLEWOa/AtoIliV453aYfrSYpOkq1JD/gnyNscTMJ
HioesG97P9Rj+FBXGHZhmQyHVGSrzCKsCLK7zSTz9Op57WQPq/1Ri3H9Yv+T1iTY
m9187OQoccA7DXDjNElpSxnyz/ulY6sbXv24T+8NNz+dFsU8r2x3+FJW/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBY5oG3hEDmZ4oPrA33EaYWyO8m7MB8GA1UdIwQY
MBaAFJIYzSXr90yxsASwHuUFUD//JG1hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUt
YmM4NzdjZTkwNjFhLzEva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUtYmM4NzdjZTkwNjFh
LzEva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAycKqrLZr
bqW5g5pJzGjPVU2AycsmRw511iqg/vZ/mXqpfXGGXjyxy5JzWxW1jReJU6NSmv5+
YPH+s+XNJw6SInfoI94BsKqZfvUiIPJHuFalK5LGVE6bxkIWNvDrA9aRhOGfZVRr
cbQfubTxd9jfrhfoQxkMRCBiHtykRP7LJt6zBE4ri5Xwtw775lha85qy4F4xXQKR
dIw7q0ecK6whi/wy/wjwmH8k3XpBTMsAkrlAC+v6Ym6IyZguu9l2PSXABZZmMGW7
4D/Tyx+wt8+gRsPYVStQrpVNxRJdpufSzZLRXpvKT/upkB5A+JOV7TGQ6ULoaeMY
58UG/6Ipy3xWgg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:56:57 2026 by rpki-client