Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
File: KhmTnyGLthMV6bOzez24WWCXXRQ.mft (raw, json)
Hash identifier: lnF2O+g5HEaPLpAZqSd1xc4jgELbErlqbMOofcTnam0=
Subject key identifier: 65:EA:BE:47:98:84:C8:B4:B0:8C:98:E5:5C:88:A7:2E:FF:C9:30:4F
Authority key identifier: 2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14
Certificate issuer: /CN=2a19939f218bb61315e9b3b37b3db85960975d14
Certificate serial: 019D38D3CB85D1E18B7CBC4ADC3E6C4D18FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
Manifest number: 128A
Signing time: Sun 29 Mar 2026 09:01:37 +0000
Manifest this update: Sun 29 Mar 2026 09:01:37 +0000
Manifest next update: Mon 30 Mar 2026 09:01:37 +0000
Files and hashes: 1: KhmTnyGLthMV6bOzez24WWCXXRQ.crl (hash: unO1TitLibEw7z4oWT3rpROH8Bkknfghz507KDLcRzs=)
2: Opq729qHLi-8dYaQgIIxGa15kXA.roa (hash: 29AgcIdF39QZ4KXfXzVq7WdeMpA7ZOSG9zMnRXMOq8o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:cb:85:d1:e1:8b:7c:bc:4a:dc:3e:6c:4d:18:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a19939f218bb61315e9b3b37b3db85960975d14
Validity
Not Before: Mar 29 09:01:37 2026 GMT
Not After : Mar 30 09:01:37 2026 GMT
Subject: CN=65eabe479884c8b4b08c98e55c88a72effc9304f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d3:94:fc:82:0b:a1:68:c4:ec:65:07:d6:54:
ed:63:70:25:c0:b7:b1:e6:94:e3:b0:ce:66:25:c3:
18:e5:8d:75:c4:74:8e:59:39:cf:b7:71:44:27:6b:
14:9b:82:cd:3e:88:0f:a8:5a:4e:72:b2:f2:a9:86:
d9:9f:00:47:f5:39:28:ac:48:cf:af:10:98:2d:b3:
45:af:e1:15:b8:7c:30:90:74:bf:38:99:17:94:20:
6d:ae:67:b8:d7:6a:35:f5:79:4f:e0:05:b0:59:46:
a2:ba:e0:5e:c7:ec:d9:5d:d9:12:81:f0:bd:72:f5:
64:db:83:cf:c0:e1:92:50:eb:a8:b8:ed:0e:18:a5:
d1:a2:a2:5b:a9:d1:7a:50:1d:15:2c:94:8b:47:d5:
a4:a6:8a:20:10:90:8c:b5:cc:de:a7:60:bf:6e:b2:
89:3f:6e:0a:b0:05:5d:94:78:c6:71:0e:2a:a8:da:
cd:bb:3d:10:b2:05:10:68:2d:ec:6f:3e:b1:09:46:
b7:7b:0e:88:e1:62:e5:64:a2:9d:c2:3f:77:a1:a4:
ba:99:93:c1:72:58:15:fc:0d:1a:2f:da:c1:60:2b:
fa:99:dd:26:8d:dc:00:13:2b:67:4d:2d:8f:2f:a6:
76:c1:43:24:c3:da:ad:0d:7f:b9:30:4d:eb:98:8b:
c2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:EA:BE:47:98:84:C8:B4:B0:8C:98:E5:5C:88:A7:2E:FF:C9:30:4F
X509v3 Authority Key Identifier:
keyid:2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:67:a7:1e:2a:f9:c9:96:c5:2a:c1:e6:71:7a:48:3b:f8:b5:
fd:4a:c2:93:03:ab:ca:8b:80:83:a8:27:b8:de:c2:c4:1b:93:
f6:35:f2:a9:8e:9b:d0:a3:18:9d:3c:e7:b8:a5:12:f3:6c:02:
33:fa:1d:34:16:b7:1f:1c:56:67:d8:39:ee:d4:d7:07:b3:46:
33:ff:76:53:64:1f:d1:a1:93:63:c4:30:60:db:35:8b:f0:0a:
d2:49:44:dc:82:95:f5:ae:26:64:a5:08:d6:95:db:c0:59:eb:
55:cb:1d:3f:73:c3:67:12:a6:46:c8:15:f0:0e:d8:e5:b0:5c:
9d:b7:ee:ea:05:06:7b:49:03:f2:b7:79:58:23:c2:c0:b2:35:
b3:a9:12:97:2b:ab:55:3c:c7:18:f6:b2:2f:25:b5:6f:22:47:
01:13:30:e2:6f:d8:3f:42:9e:f3:8f:95:04:40:f1:6a:04:f7:
9a:34:6c:9b:8f:4c:25:09:32:a1:87:a1:28:44:a3:33:d7:a9:
1f:8d:a9:61:83:ca:af:f8:2b:72:76:c7:01:e3:1e:6e:99:2e:
c9:7c:35:ae:14:35:25:54:a6:0c:b0:46:50:87:40:d8:9b:62:
7f:63:04:4d:89:f0:17:57:33:4b:5c:d2:8d:d7:fd:a9:6b:b4:
a5:8e:d8:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0408uF0eGLfLxK3D5sTRj6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTk5MzlmMjE4YmI2MTMxNWU5YjNiMzdiM2RiODU5NjA5
NzVkMTQwHhcNMjYwMzI5MDkwMTM3WhcNMjYwMzMwMDkwMTM3WjAzMTEwLwYDVQQD
Eyg2NWVhYmU0Nzk4ODRjOGI0YjA4Yzk4ZTU1Yzg4YTcyZWZmYzkzMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstOU/IILoWjE7GUH1lTtY3AlwLex
5pTjsM5mJcMY5Y11xHSOWTnPt3FEJ2sUm4LNPogPqFpOcrLyqYbZnwBH9TkorEjP
rxCYLbNFr+EVuHwwkHS/OJkXlCBtrme412o19XlP4AWwWUaiuuBex+zZXdkSgfC9
cvVk24PPwOGSUOuouO0OGKXRoqJbqdF6UB0VLJSLR9WkpoogEJCMtczep2C/brKJ
P24KsAVdlHjGcQ4qqNrNuz0QsgUQaC3sbz6xCUa3ew6I4WLlZKKdwj93oaS6mZPB
clgV/A0aL9rBYCv6md0mjdwAEytnTS2PL6Z2wUMkw9qtDX+5ME3rmIvCbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGXqvkeYhMi0sIyY5VyIpy7/yTBPMB8GA1UdIwQY
MBaAFCoZk58hi7YTFemzs3s9uFlgl10UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMt
ZGY1ZjIwZGQ3NmFkLzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMtZGY1ZjIwZGQ3NmFk
LzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALmenHir5
yZbFKsHmcXpIO/i1/UrCkwOryouAg6gnuN7CxBuT9jXyqY6b0KMYnTznuKUS82wC
M/odNBa3HxxWZ9g57tTXB7NGM/92U2Qf0aGTY8QwYNs1i/AK0klE3IKV9a4mZKUI
1pXbwFnrVcsdP3PDZxKmRsgV8A7Y5bBcnbfu6gUGe0kD8rd5WCPCwLI1s6kSlyur
VTzHGPayLyW1byJHARMw4m/YP0Ke84+VBEDxagT3mjRsm49MJQkyoYehKESjM9ep
H42pYYPKr/grcnbHAeMebpkuyXw1rhQ1JVSmDLBGUIdA2Jtif2METYnwF1czS1zS
jdf9qWu0pY7Yrw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:04:08 2026 by rpki-client