Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
File: KHtQElUXlEJ0oUa7rNZOaRog-gY.mft (raw, json)
Hash identifier: 44G29/LeWSHYURj5/642DSkDIAPEMhdRlQ0Ta1WGp4k=
Subject key identifier: D6:02:71:7D:16:78:FD:E8:90:EF:A4:1C:E1:B0:D3:ED:8C:B9:B9:44
Authority key identifier: 28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06
Certificate issuer: /CN=287b50125517944274a146bbacd64e691a20fa06
Certificate serial: 019D2AE109BA99ECC49601DAA451F82E1020
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
Manifest number: 1132
Signing time: Thu 26 Mar 2026 16:01:24 +0000
Manifest this update: Thu 26 Mar 2026 16:01:24 +0000
Manifest next update: Fri 27 Mar 2026 16:01:24 +0000
Files and hashes: 1: KHtQElUXlEJ0oUa7rNZOaRog-gY.crl (hash: FC2Tleb+gqD9+EaKjFcWEm06qlxwXZ/wa4DKZZOZANw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:e1:09:ba:99:ec:c4:96:01:da:a4:51:f8:2e:10:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=287b50125517944274a146bbacd64e691a20fa06
Validity
Not Before: Mar 26 16:01:24 2026 GMT
Not After : Mar 27 16:01:24 2026 GMT
Subject: CN=d602717d1678fde890efa41ce1b0d3ed8cb9b944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:90:65:db:22:ee:fd:fc:22:64:fd:a7:0e:10:
66:64:48:e9:7f:93:b0:67:31:56:b7:52:e8:4e:68:
13:f0:61:54:19:3b:f5:54:f3:28:1a:4c:ec:6f:cd:
fc:c9:a1:bf:fa:f1:be:8d:26:79:29:ee:f0:44:6d:
ec:f3:9b:4d:f1:96:97:a1:22:4c:42:d0:e7:4b:06:
40:2c:c9:c3:f3:47:35:dd:78:38:a2:93:aa:08:e7:
23:ac:0a:be:0a:8e:1f:a2:57:ff:02:76:ef:c7:c9:
ce:d4:a9:37:25:52:68:77:bd:66:a4:dd:cf:b0:80:
4a:f6:eb:47:ea:c1:6b:1d:9c:6e:da:bf:f1:bf:a1:
58:8d:d3:bf:ad:c3:e1:64:7e:cd:79:5b:c1:50:0f:
73:7b:3d:e2:d2:3c:34:d6:eb:c9:82:c7:57:84:7a:
9c:82:d8:f4:6e:5a:62:0c:57:08:65:3e:f6:95:91:
c6:ae:39:f7:ef:a9:75:01:2f:09:02:02:e5:39:6e:
5c:7c:8c:89:25:91:fc:ae:cf:6d:a5:e4:71:e7:a0:
2c:dd:a6:59:08:db:27:dc:ce:f7:19:4f:6f:d5:f9:
6b:5e:f8:b0:35:48:23:40:b4:9f:82:72:c5:86:f8:
5d:32:0d:8d:7f:3a:a1:43:15:8d:39:7f:fe:6a:58:
1c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:02:71:7D:16:78:FD:E8:90:EF:A4:1C:E1:B0:D3:ED:8C:B9:B9:44
X509v3 Authority Key Identifier:
keyid:28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:16:4c:72:61:77:8a:16:65:9a:1c:52:81:d0:fc:81:63:f8:
8a:71:a7:d7:09:77:21:31:52:a1:52:5e:27:82:04:59:e0:e1:
6b:91:6b:33:e1:f5:dd:4a:b8:46:49:ea:a2:f8:23:e1:3d:bb:
7d:a7:ed:67:7d:a2:6a:f2:e7:8c:3e:d8:de:45:77:55:ec:20:
57:49:61:b1:34:91:09:23:e5:32:05:5a:31:84:62:96:26:eb:
17:ed:48:05:6c:ff:93:1f:89:74:aa:59:30:b8:a6:b7:06:cf:
4f:d0:6a:d2:93:ad:fd:13:16:8c:f8:cc:4e:54:2b:5a:ff:d1:
88:7c:93:b5:99:4b:4b:c5:0d:08:75:1f:05:cf:f3:4f:86:5c:
26:e0:ef:53:3e:27:61:07:f3:83:20:68:b9:05:83:36:08:64:
26:53:19:fd:4b:f3:a0:6f:23:a4:d8:14:f4:c3:b5:0f:24:9d:
da:29:53:83:c5:73:03:4a:d9:b0:d9:f5:e2:f0:e1:70:da:63:
1a:9c:ea:41:74:ce:0a:3a:ef:e6:40:ef:c8:bd:8a:f7:2d:67:
04:e7:4c:2a:1a:bc:9b:3a:f5:a3:f3:2e:31:95:d9:7a:69:62:
85:f8:b4:76:51:e3:68:1c:d8:c1:aa:c6:0d:62:39:ab:ae:fc:
c0:7b:89:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4Qm6mezElgHapFH4LhAgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2I1MDEyNTUxNzk0NDI3NGExNDZiYmFjZDY0ZTY5MWEy
MGZhMDYwHhcNMjYwMzI2MTYwMTI0WhcNMjYwMzI3MTYwMTI0WjAzMTEwLwYDVQQD
EyhkNjAyNzE3ZDE2NzhmZGU4OTBlZmE0MWNlMWIwZDNlZDhjYjliOTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpBl2yLu/fwiZP2nDhBmZEjpf5Ow
ZzFWt1LoTmgT8GFUGTv1VPMoGkzsb838yaG/+vG+jSZ5Ke7wRG3s85tN8ZaXoSJM
QtDnSwZALMnD80c13Xg4opOqCOcjrAq+Co4folf/Anbvx8nO1Kk3JVJod71mpN3P
sIBK9utH6sFrHZxu2r/xv6FYjdO/rcPhZH7NeVvBUA9zez3i0jw01uvJgsdXhHqc
gtj0blpiDFcIZT72lZHGrjn376l1AS8JAgLlOW5cfIyJJZH8rs9tpeRx56As3aZZ
CNsn3M73GU9v1flrXviwNUgjQLSfgnLFhvhdMg2NfzqhQxWNOX/+algcuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNYCcX0WeP3okO+kHOGw0+2MublEMB8GA1UdIwQY
MBaAFCh7UBJVF5RCdKFGu6zWTmkaIPoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgt
YWFiNmM4YmE1YmQ0LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgtYWFiNmM4YmE1YmQ0
LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQhZMcmF3
ihZlmhxSgdD8gWP4inGn1wl3ITFSoVJeJ4IEWeDha5FrM+H13Uq4Rknqovgj4T27
faftZ32iavLnjD7Y3kV3VewgV0lhsTSRCSPlMgVaMYRilibrF+1IBWz/kx+JdKpZ
MLimtwbPT9Bq0pOt/RMWjPjMTlQrWv/RiHyTtZlLS8UNCHUfBc/zT4ZcJuDvUz4n
YQfzgyBouQWDNghkJlMZ/UvzoG8jpNgU9MO1DySd2ilTg8VzA0rZsNn14vDhcNpj
GpzqQXTOCjrv5kDvyL2K9y1nBOdMKhq8mzr1o/MuMZXZemlihfi0dlHjaBzYwarG
DWI5q678wHuJDg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:19:10 2026 by rpki-client