Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
File: KhmTnyGLthMV6bOzez24WWCXXRQ.mft (raw, json)
Hash identifier: 7BgYINK0jSl3xWx1NkhQao81EW9M03Y7FVTnb5UrQsc=
Subject key identifier: 11:19:E4:BD:EA:CF:19:AC:62:C6:AB:07:66:41:67:F5:AF:7B:5D:66
Authority key identifier: 2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14
Certificate issuer: /CN=2a19939f218bb61315e9b3b37b3db85960975d14
Certificate serial: 019D29615A36651CBBEAAEE8C3807B75926A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
Manifest number: 1282
Signing time: Thu 26 Mar 2026 09:02:18 +0000
Manifest this update: Thu 26 Mar 2026 09:02:18 +0000
Manifest next update: Fri 27 Mar 2026 09:02:18 +0000
Files and hashes: 1: KhmTnyGLthMV6bOzez24WWCXXRQ.crl (hash: PdLePritrR+QbvjeaV62qLVTBgg8gd2cynMnWW4RAEg=)
2: Opq729qHLi-8dYaQgIIxGa15kXA.roa (hash: 29AgcIdF39QZ4KXfXzVq7WdeMpA7ZOSG9zMnRXMOq8o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:61:5a:36:65:1c:bb:ea:ae:e8:c3:80:7b:75:92:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a19939f218bb61315e9b3b37b3db85960975d14
Validity
Not Before: Mar 26 09:02:18 2026 GMT
Not After : Mar 27 09:02:18 2026 GMT
Subject: CN=1119e4bdeacf19ac62c6ab07664167f5af7b5d66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5f:f3:f2:1c:95:e6:c2:8d:38:71:6d:98:08:
7d:e1:80:09:b0:94:94:f7:8d:5e:27:0d:84:63:54:
c6:f2:31:44:b6:dc:8e:87:24:96:f1:93:c8:6f:5a:
1c:f6:3c:c3:a7:f6:a7:a2:f2:65:34:8c:c0:41:a6:
b0:ed:c6:a2:30:12:42:5e:49:24:a5:56:fd:4a:93:
f8:eb:ae:4e:3f:1d:5e:7b:d5:a6:ad:10:d0:eb:0b:
f7:8e:0d:c7:b7:6c:24:5d:12:78:30:56:98:85:1d:
14:be:47:27:4d:1a:83:42:d2:d3:2f:9f:09:f4:54:
5f:88:2f:cf:5a:04:48:0d:ee:ff:73:2f:c3:37:fe:
a6:85:6d:09:71:d9:f4:c6:c4:ec:63:f9:4f:fe:0e:
ae:5a:d5:ce:a0:56:ee:8d:2e:86:27:e7:2a:1b:20:
c2:04:13:ec:c0:db:7e:ba:c1:5d:28:b1:15:d1:2a:
05:fd:db:6d:24:7d:6c:29:4b:a6:75:51:3b:83:9f:
0f:bd:2d:24:58:dd:a8:dc:c9:70:0f:f0:2d:09:9f:
ba:eb:16:8e:43:17:12:01:ec:d8:93:27:15:2a:db:
06:31:b1:69:58:30:3b:af:79:18:ad:65:2e:46:bc:
bd:3f:19:34:ff:e3:24:64:88:21:e9:00:3e:d3:43:
09:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:19:E4:BD:EA:CF:19:AC:62:C6:AB:07:66:41:67:F5:AF:7B:5D:66
X509v3 Authority Key Identifier:
keyid:2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:a1:a6:66:83:6e:06:a4:9f:f4:e6:ca:04:2e:cb:18:b1:75:
c6:1d:4a:b1:04:41:94:05:6d:61:f5:bf:61:cc:ce:83:4a:df:
e1:e5:55:1f:3f:13:da:dd:b9:13:d3:84:04:43:ad:9b:cc:19:
72:ed:49:ea:6c:ee:02:b1:bb:13:9f:38:6f:78:10:3d:fd:62:
6a:eb:b3:f6:1c:3c:26:3a:af:66:5c:73:eb:30:69:75:f2:2e:
c9:ad:cd:94:65:6b:92:97:04:29:6b:e7:29:cf:a9:80:99:c5:
f3:fa:85:a4:32:4a:74:f1:7a:88:7b:23:04:95:4d:ed:5f:b7:
26:11:bb:a1:3f:00:c3:ec:d0:17:46:70:4f:1a:f2:f9:53:7b:
a0:88:a8:a0:f3:f2:86:89:f8:52:d5:9d:e1:c1:cf:6f:25:c3:
af:61:c7:36:22:14:5d:c3:38:b4:ee:6f:a9:d3:53:57:87:20:
23:61:99:f1:28:17:b9:b9:7c:61:ed:42:b4:d6:73:b9:ee:b1:
01:d5:f8:b0:ca:97:3f:38:2e:6f:89:08:ed:07:bf:fb:27:ec:
63:35:d1:5e:19:3a:34:5b:a8:eb:6d:79:1d:2d:19:16:b1:73:
72:af:18:8c:63:a4:7e:ca:54:48:0a:b7:0e:5e:51:0f:fa:13:
10:1e:8d:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYVo2ZRy76q7ow4B7dZJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTk5MzlmMjE4YmI2MTMxNWU5YjNiMzdiM2RiODU5NjA5
NzVkMTQwHhcNMjYwMzI2MDkwMjE4WhcNMjYwMzI3MDkwMjE4WjAzMTEwLwYDVQQD
EygxMTE5ZTRiZGVhY2YxOWFjNjJjNmFiMDc2NjQxNjdmNWFmN2I1ZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwl/z8hyV5sKNOHFtmAh94YAJsJSU
941eJw2EY1TG8jFEttyOhySW8ZPIb1oc9jzDp/anovJlNIzAQaaw7caiMBJCXkkk
pVb9SpP4665OPx1ee9WmrRDQ6wv3jg3Ht2wkXRJ4MFaYhR0UvkcnTRqDQtLTL58J
9FRfiC/PWgRIDe7/cy/DN/6mhW0Jcdn0xsTsY/lP/g6uWtXOoFbujS6GJ+cqGyDC
BBPswNt+usFdKLEV0SoF/dttJH1sKUumdVE7g58PvS0kWN2o3MlwD/AtCZ+66xaO
QxcSAezYkycVKtsGMbFpWDA7r3kYrWUuRry9Pxk0/+MkZIgh6QA+00MJFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBEZ5L3qzxmsYsarB2ZBZ/Wve11mMB8GA1UdIwQY
MBaAFCoZk58hi7YTFemzs3s9uFlgl10UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMt
ZGY1ZjIwZGQ3NmFkLzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMtZGY1ZjIwZGQ3NmFk
LzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN6GmZoNu
BqSf9ObKBC7LGLF1xh1KsQRBlAVtYfW/YczOg0rf4eVVHz8T2t25E9OEBEOtm8wZ
cu1J6mzuArG7E584b3gQPf1iauuz9hw8JjqvZlxz6zBpdfIuya3NlGVrkpcEKWvn
Kc+pgJnF8/qFpDJKdPF6iHsjBJVN7V+3JhG7oT8Aw+zQF0ZwTxry+VN7oIiooPPy
hon4UtWd4cHPbyXDr2HHNiIUXcM4tO5vqdNTV4cgI2GZ8SgXubl8Ye1CtNZzue6x
AdX4sMqXPzgub4kI7Qe/+yfsYzXRXhk6NFuo6215HS0ZFrFzcq8YjGOkfspUSAq3
Dl5RD/oTEB6NpA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:52:02 2026 by rpki-client