Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
File: kh2gU5IfUoNniBiPgvYt1aqXP-k.mft (raw, json)
Hash identifier: 38m00RFUAl4PSrHjfyRmRKA/Imi3SkakVJCChA3Que0=
Subject key identifier: 83:CD:BF:BF:C8:AF:4A:0D:04:9E:F2:4F:73:89:26:83:88:9F:C9:12
Authority key identifier: 92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9
Certificate issuer: /CN=921da053921f52836788188f82f62dd5aa973fe9
Certificate serial: 019D38D30F3BCC19694A6456C4F33EFAD24B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
Manifest number: 1154
Signing time: Sun 29 Mar 2026 09:00:49 +0000
Manifest this update: Sun 29 Mar 2026 09:00:49 +0000
Manifest next update: Mon 30 Mar 2026 09:00:49 +0000
Files and hashes: 1: kh2gU5IfUoNniBiPgvYt1aqXP-k.crl (hash: K5yY7LFGZC72ccqqT8EkNtdPUpoM3GSW9e9bjcTve/s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:0f:3b:cc:19:69:4a:64:56:c4:f3:3e:fa:d2:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921da053921f52836788188f82f62dd5aa973fe9
Validity
Not Before: Mar 29 09:00:49 2026 GMT
Not After : Mar 30 09:00:49 2026 GMT
Subject: CN=83cdbfbfc8af4a0d049ef24f73892683889fc912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:16:65:a5:b5:28:de:12:e9:ee:aa:4f:6e:16:
aa:9e:c8:8e:be:97:77:00:a2:4d:c8:b9:a7:20:21:
93:6d:34:d4:16:d6:a0:08:39:96:fb:71:04:30:c2:
d4:aa:94:67:1a:c7:50:70:e5:49:f3:6e:bc:2d:d0:
f5:fe:8f:a9:2c:b3:7d:31:1c:23:c3:8a:96:5b:5d:
db:03:17:59:71:20:93:1c:16:7f:fc:2b:c8:f6:56:
b9:e1:e6:2e:ec:9f:6c:ae:7d:a9:75:24:f7:1a:20:
6e:79:26:8e:2f:df:9c:f7:62:ea:e9:ce:29:1e:a9:
db:d9:7e:bd:fd:75:06:01:1a:c9:63:42:07:7f:4d:
1c:18:e3:04:c8:20:f8:29:2d:90:2b:9f:95:0f:83:
3c:23:c0:a0:94:ca:18:6c:90:87:3d:27:4f:5d:7a:
20:c4:00:ae:f1:5d:0e:25:86:2d:b1:f6:f4:1c:15:
c9:e5:de:74:d9:87:9b:2a:4a:81:c7:80:54:45:58:
e6:94:67:ee:35:7a:c8:d5:b8:0e:2a:d0:c9:e1:4f:
58:8f:b3:b5:8a:1e:b8:27:c5:ba:05:03:a2:2c:59:
ed:72:d0:6e:a7:b4:4b:81:cf:30:5b:99:de:f6:70:
cd:c6:12:7c:91:05:4f:67:3c:e7:1f:c6:d7:74:fd:
9a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:CD:BF:BF:C8:AF:4A:0D:04:9E:F2:4F:73:89:26:83:88:9F:C9:12
X509v3 Authority Key Identifier:
keyid:92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:a8:03:a3:7a:a5:1d:92:c7:e9:35:c3:b5:5e:a6:ee:57:c9:
56:9b:ef:ef:04:e9:a1:cb:b5:8b:96:56:53:1a:bd:42:f2:f3:
d8:9c:96:6a:0a:20:9a:99:4b:38:90:1c:63:d1:f8:1f:2c:17:
f1:54:5e:92:5c:0b:ce:fd:c9:4b:6b:2b:9e:65:0a:51:e8:b7:
5e:44:a6:64:16:a6:94:92:09:8b:8d:d6:97:b2:bf:b8:fc:9a:
31:4f:59:09:29:e2:24:e9:96:2d:f4:d6:ce:bd:c7:5e:4a:83:
e8:de:b2:d2:7f:3f:fb:14:b8:79:14:07:d5:dc:41:85:14:76:
14:9c:6e:1d:fe:e7:07:f6:17:a8:b9:22:a3:d3:65:01:e9:f7:
ca:d2:e3:9a:6f:7b:31:1c:fb:e3:f1:e2:32:eb:0e:7e:02:cb:
d7:61:6f:af:7f:26:69:75:fe:14:f5:3b:2e:3a:fa:60:ef:90:
32:18:da:a8:0c:be:6c:53:bc:ea:c4:22:ee:6d:36:ab:0a:e5:
a4:45:ef:73:73:59:fb:62:92:5d:a4:6e:85:74:ee:27:cb:a1:
e3:e0:f7:f5:2f:b9:e9:a6:fb:4b:77:af:1a:d9:69:95:7f:f9:
d4:78:64:3b:0f:80:54:ff:e6:43:69:c7:e1:c0:dc:b0:48:8e:
af:28:04:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040w87zBlpSmRWxPM++tJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWRhMDUzOTIxZjUyODM2Nzg4MTg4ZjgyZjYyZGQ1YWE5
NzNmZTkwHhcNMjYwMzI5MDkwMDQ5WhcNMjYwMzMwMDkwMDQ5WjAzMTEwLwYDVQQD
Eyg4M2NkYmZiZmM4YWY0YTBkMDQ5ZWYyNGY3Mzg5MjY4Mzg4OWZjOTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxZlpbUo3hLp7qpPbhaqnsiOvpd3
AKJNyLmnICGTbTTUFtagCDmW+3EEMMLUqpRnGsdQcOVJ8268LdD1/o+pLLN9MRwj
w4qWW13bAxdZcSCTHBZ//CvI9la54eYu7J9srn2pdST3GiBueSaOL9+c92Lq6c4p
Hqnb2X69/XUGARrJY0IHf00cGOMEyCD4KS2QK5+VD4M8I8CglMoYbJCHPSdPXXog
xACu8V0OJYYtsfb0HBXJ5d502YebKkqBx4BURVjmlGfuNXrI1bgOKtDJ4U9Yj7O1
ih64J8W6BQOiLFntctBup7RLgc8wW5ne9nDNxhJ8kQVPZzznH8bXdP2a2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIPNv7/Ir0oNBJ7yT3OJJoOIn8kSMB8GA1UdIwQY
MBaAFJIdoFOSH1KDZ4gYj4L2LdWqlz/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMt
ZWIzNDZkOWNlOWUwLzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMtZWIzNDZkOWNlOWUw
LzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoagDo3ql
HZLH6TXDtV6m7lfJVpvv7wTpocu1i5ZWUxq9QvLz2JyWagogmplLOJAcY9H4HywX
8VReklwLzv3JS2srnmUKUei3XkSmZBamlJIJi43Wl7K/uPyaMU9ZCSniJOmWLfTW
zr3HXkqD6N6y0n8/+xS4eRQH1dxBhRR2FJxuHf7nB/YXqLkio9NlAen3ytLjmm97
MRz74/HiMusOfgLL12Fvr38maXX+FPU7Ljr6YO+QMhjaqAy+bFO86sQi7m02qwrl
pEXvc3NZ+2KSXaRuhXTuJ8uh4+D39S+56ab7S3evGtlplX/51HhkOw+AVP/mQ2nH
4cDcsEiOrygEGQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:41:45 2026 by rpki-client