Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
File: kh2gU5IfUoNniBiPgvYt1aqXP-k.mft (raw, json)
Hash identifier: FYWJJhcYqZqlhHM/+sWppaAIGtcCOgJdS6IYuIZMt8M=
Subject key identifier: E2:3C:CA:03:0B:BA:D7:F0:B3:3F:C4:90:CC:BC:01:F8:6D:F4:14:65
Authority key identifier: 92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9
Certificate issuer: /CN=921da053921f52836788188f82f62dd5aa973fe9
Certificate serial: 019D2772A3D92A557DEB8575A78BAAAE7201
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
Manifest number: 114B
Signing time: Thu 26 Mar 2026 00:01:57 +0000
Manifest this update: Thu 26 Mar 2026 00:01:57 +0000
Manifest next update: Fri 27 Mar 2026 00:01:57 +0000
Files and hashes: 1: kh2gU5IfUoNniBiPgvYt1aqXP-k.crl (hash: e0Rycmthmk5KEa8ehMplliOsswUPWQ/kR6RGJMg8NWA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:72:a3:d9:2a:55:7d:eb:85:75:a7:8b:aa:ae:72:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921da053921f52836788188f82f62dd5aa973fe9
Validity
Not Before: Mar 26 00:01:57 2026 GMT
Not After : Mar 27 00:01:57 2026 GMT
Subject: CN=e23cca030bbad7f0b33fc490ccbc01f86df41465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fb:19:fb:90:b8:55:f9:53:be:1c:85:52:ab:
63:ee:b1:50:ab:4d:6f:7f:56:d2:81:66:53:f6:ac:
0f:83:f5:be:a6:55:ae:a6:6e:45:dc:de:5b:73:31:
7d:b5:7c:04:95:f8:15:4c:18:79:37:db:84:81:65:
54:1e:bd:78:2f:cf:4b:cd:f2:8a:46:83:de:a1:eb:
4b:9f:d0:62:69:24:25:3f:d0:be:40:5e:da:05:59:
ce:8c:62:1e:fc:b2:e5:83:db:66:53:38:36:5f:af:
e8:e3:7a:b0:c3:bb:33:0b:fd:ab:e7:21:09:d9:4d:
e5:19:83:a0:27:2d:51:62:76:dd:ec:c9:21:53:e4:
c7:28:cf:0d:57:42:d5:0b:53:01:da:0a:08:d6:a9:
58:aa:25:60:bb:0e:a6:10:9c:64:9f:bd:83:ae:80:
40:ff:3e:33:82:04:e9:dd:dd:9a:bb:1d:c0:ab:d8:
b5:44:f2:86:77:19:39:83:a4:22:a0:fd:cf:25:79:
f9:4d:1f:87:2e:4c:a5:a1:5d:07:d3:98:0c:75:6a:
be:a9:b6:f2:c6:af:15:1d:1e:8b:4a:17:83:f8:12:
c7:a9:6d:7d:e4:02:a2:6a:e2:e5:33:bb:0e:f5:0e:
5c:af:fb:a4:22:be:ec:76:0b:4e:e0:15:57:0a:43:
4c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:3C:CA:03:0B:BA:D7:F0:B3:3F:C4:90:CC:BC:01:F8:6D:F4:14:65
X509v3 Authority Key Identifier:
keyid:92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:a2:2c:de:f8:d5:cd:f8:4f:3f:f8:46:4f:0e:d1:99:a6:fb:
f3:8e:93:0e:d3:44:96:b8:d0:ac:ad:25:20:0a:88:85:b9:cb:
db:62:1c:fc:97:db:47:16:a2:01:77:e4:14:72:73:42:29:35:
ba:0f:bf:f0:7e:b4:de:e5:00:54:2d:42:27:ac:cb:63:d8:d2:
b0:da:56:f0:ee:7d:4a:cb:0e:8f:6b:91:8a:4c:0c:05:b2:47:
c3:2b:6e:a9:2c:b1:ba:4f:77:53:eb:e9:6a:6d:81:ce:4b:9c:
c9:37:a2:c9:1d:b0:5d:1e:7c:25:5b:cd:64:70:b8:f5:e2:fa:
66:fd:fe:48:b5:7f:95:d1:54:58:cb:09:0b:7d:97:e7:ce:a7:
7b:84:4e:db:a0:90:1d:d2:ed:6e:c2:67:ff:61:36:b6:22:91:
8a:a3:5d:fc:67:f9:be:03:02:1e:64:99:94:f2:1e:49:6d:af:
66:22:61:b5:53:3c:2e:3e:02:88:13:14:b2:9a:9b:f0:d5:26:
b2:43:15:be:aa:d2:ea:b8:f7:43:20:cd:62:6b:53:3c:04:08:
0b:ba:7a:b6:df:53:72:6d:ba:eb:ee:79:61:f0:ef:13:14:97:
c1:f7:13:52:ad:c1:f6:fb:bc:1b:35:07:6c:16:c7:90:ce:95:
1c:0b:8d:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncqPZKlV964V1p4uqrnIBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWRhMDUzOTIxZjUyODM2Nzg4MTg4ZjgyZjYyZGQ1YWE5
NzNmZTkwHhcNMjYwMzI2MDAwMTU3WhcNMjYwMzI3MDAwMTU3WjAzMTEwLwYDVQQD
EyhlMjNjY2EwMzBiYmFkN2YwYjMzZmM0OTBjY2JjMDFmODZkZjQxNDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/sZ+5C4VflTvhyFUqtj7rFQq01v
f1bSgWZT9qwPg/W+plWupm5F3N5bczF9tXwElfgVTBh5N9uEgWVUHr14L89LzfKK
RoPeoetLn9BiaSQlP9C+QF7aBVnOjGIe/LLlg9tmUzg2X6/o43qww7szC/2r5yEJ
2U3lGYOgJy1RYnbd7MkhU+THKM8NV0LVC1MB2goI1qlYqiVguw6mEJxkn72DroBA
/z4zggTp3d2aux3Aq9i1RPKGdxk5g6QioP3PJXn5TR+HLkyloV0H05gMdWq+qbby
xq8VHR6LSheD+BLHqW195AKiauLlM7sO9Q5cr/ukIr7sdgtO4BVXCkNMnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOI8ygMLutfwsz/EkMy8Afht9BRlMB8GA1UdIwQY
MBaAFJIdoFOSH1KDZ4gYj4L2LdWqlz/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMt
ZWIzNDZkOWNlOWUwLzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMtZWIzNDZkOWNlOWUw
LzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALaIs3vjV
zfhPP/hGTw7Rmab7846TDtNElrjQrK0lIAqIhbnL22Ic/JfbRxaiAXfkFHJzQik1
ug+/8H603uUAVC1CJ6zLY9jSsNpW8O59SssOj2uRikwMBbJHwytuqSyxuk93U+vp
am2BzkucyTeiyR2wXR58JVvNZHC49eL6Zv3+SLV/ldFUWMsJC32X586ne4RO26CQ
HdLtbsJn/2E2tiKRiqNd/Gf5vgMCHmSZlPIeSW2vZiJhtVM8Lj4CiBMUspqb8NUm
skMVvqrS6rj3QyDNYmtTPAQIC7p6tt9Tcm266+55YfDvExSXwfcTUq3B9vu8GzUH
bBbHkM6VHAuNsQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:01:18 2026 by rpki-client