Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier: H24fU+KVGgIlP6ZyWK2ZSQpTgWX/9Y7mJpjPHVsmnw0=
Subject key identifier: E4:4B:24:6F:93:68:60:99:D3:DE:5C:14:0C:4D:C0:3F:4D:CD:51:B0
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 019D25BA75E8945170EB4A6D05D9C10C0B4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number: 1887
Signing time: Wed 25 Mar 2026 16:01:09 +0000
Manifest this update: Wed 25 Mar 2026 16:01:09 +0000
Manifest next update: Thu 26 Mar 2026 16:01:09 +0000
Files and hashes: 1: 4pTe3zVq_LBaEng6PDXChOvOrYM.asa (hash: ajIeKP46hnwug0OLXYz0+5iBNt1utjAL/IG5/ovLQUU=)
2: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: f5/WJjF+mMOXeJwE+fpNvXSiJMQfKg5y2AoR++FvJ8I=)
3: xJQowT_Tnb4ieuT2nnX57E1i8Bg.roa (hash: FZ2f/lnbWXsd7+lHlVJ1AgksXQQVTj6Vr+zQW+G3nfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:ba:75:e8:94:51:70:eb:4a:6d:05:d9:c1:0c:0b:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Mar 25 16:01:09 2026 GMT
Not After : Mar 26 16:01:09 2026 GMT
Subject: CN=e44b246f93686099d3de5c140c4dc03f4dcd51b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:94:a0:92:b9:b2:7d:51:d3:44:89:f1:35:e6:
6c:e3:75:9c:18:0d:e8:b9:d5:67:9a:86:a2:55:77:
10:60:3f:4a:53:c3:0c:7d:b2:00:14:3f:6b:1c:36:
c7:11:bb:54:6c:bd:32:d1:b9:e4:d1:21:fe:0c:66:
63:06:a4:b4:34:2d:78:55:ac:fd:23:4b:4e:bf:85:
cf:b2:56:9f:fe:13:48:c6:66:38:bd:c9:83:46:80:
dc:27:f6:7e:d9:06:2b:cc:65:7b:72:c8:94:a5:71:
fa:1f:79:7f:fc:48:56:aa:6f:91:77:9a:f1:21:51:
66:f7:67:0d:ef:68:1e:de:52:fc:e9:c5:dc:ae:ee:
3d:9a:28:85:a5:ce:5e:e8:bd:b4:3f:92:41:4e:b8:
7e:14:44:98:3d:d2:c7:5e:84:1b:e6:76:ef:5a:bb:
a3:4d:1e:0f:88:d9:83:e4:ee:a5:96:d2:52:a3:63:
58:40:8e:eb:76:67:e7:68:e8:87:45:44:c6:be:97:
69:30:59:d9:f8:73:dc:92:a2:ed:25:82:41:8d:05:
7d:43:ab:bd:cc:be:41:52:5f:ce:6c:04:75:71:93:
68:23:de:7a:63:c2:42:08:0a:92:f9:1d:a1:f2:ef:
06:a6:a1:d4:25:13:d8:e7:45:a4:e5:cf:7d:01:17:
6f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:4B:24:6F:93:68:60:99:D3:DE:5C:14:0C:4D:C0:3F:4D:CD:51:B0
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:b9:45:28:2e:73:10:57:a9:ca:99:70:42:e3:e5:f0:3e:bc:
77:38:3d:ec:f6:13:ba:f0:84:a1:b6:da:9c:78:fa:c7:3b:0a:
37:a9:5c:6e:bb:85:c1:91:1b:25:25:69:2a:23:65:99:c0:a5:
84:20:ab:22:dd:ae:46:97:09:86:a8:d5:6c:0a:ca:90:dc:af:
02:9d:a6:0b:47:0e:63:80:3b:ad:79:84:23:67:75:f2:fe:99:
b8:aa:d9:4e:69:19:25:ba:2b:0d:ac:23:1c:43:74:65:29:58:
74:74:75:d5:ed:a4:8e:db:b3:3f:66:b2:ed:32:a8:93:40:a2:
49:cc:73:2d:49:a8:61:2e:69:5c:7b:4c:60:b8:14:ef:4a:9b:
87:a0:07:65:3f:a0:35:9b:6c:0a:dd:3a:3c:b2:09:f3:02:21:
bc:cc:f8:be:18:ed:ea:a4:ad:e4:d2:c0:e1:c7:93:3c:93:7c:
d0:d1:ff:6e:4c:dd:07:68:d0:00:33:51:f1:84:39:09:51:a0:
0b:1a:df:2a:c7:d4:e0:b7:7c:95:f8:60:6f:97:96:ef:3a:3e:
20:25:bb:a1:99:a3:09:ba:57:f0:fa:a7:72:cb:54:c6:7d:5b:
8f:ec:6e:ee:1b:66:ce:e6:6a:28:b1:31:86:20:ec:2e:ac:e7:
a4:b4:74:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lunXolFFw60ptBdnBDAtKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjYwMzI1MTYwMTA5WhcNMjYwMzI2MTYwMTA5WjAzMTEwLwYDVQQD
EyhlNDRiMjQ2ZjkzNjg2MDk5ZDNkZTVjMTQwYzRkYzAzZjRkY2Q1MWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3pSgkrmyfVHTRInxNeZs43WcGA3o
udVnmoaiVXcQYD9KU8MMfbIAFD9rHDbHEbtUbL0y0bnk0SH+DGZjBqS0NC14Vaz9
I0tOv4XPslaf/hNIxmY4vcmDRoDcJ/Z+2QYrzGV7csiUpXH6H3l//EhWqm+Rd5rx
IVFm92cN72ge3lL86cXcru49miiFpc5e6L20P5JBTrh+FESYPdLHXoQb5nbvWruj
TR4PiNmD5O6lltJSo2NYQI7rdmfnaOiHRUTGvpdpMFnZ+HPckqLtJYJBjQV9Q6u9
zL5BUl/ObAR1cZNoI956Y8JCCAqS+R2h8u8GpqHUJRPY50Wk5c99ARdvvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFORLJG+TaGCZ095cFAxNwD9NzVGwMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUrlFKC5z
EFepyplwQuPl8D68dzg97PYTuvCEobbanHj6xzsKN6lcbruFwZEbJSVpKiNlmcCl
hCCrIt2uRpcJhqjVbArKkNyvAp2mC0cOY4A7rXmEI2d18v6ZuKrZTmkZJborDawj
HEN0ZSlYdHR11e2kjtuzP2ay7TKok0CiScxzLUmoYS5pXHtMYLgU70qbh6AHZT+g
NZtsCt06PLIJ8wIhvMz4vhjt6qSt5NLA4ceTPJN80NH/bkzdB2jQADNR8YQ5CVGg
CxrfKsfU4Ld8lfhgb5eW7zo+ICW7oZmjCbpX8PqncstUxn1bj+xu7htmzuZqKLEx
hiDsLqznpLR0Uw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:46:27 2026 by rpki-client