Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
File: KH4cl_cfNVhn4_uHfyGqUTC2z10.mft (raw, json)
Hash identifier: PwYnvW3iaNQU8nlKwfaIMW5wln7XixFUPE6czBvtTWI=
Subject key identifier: 9C:8E:B0:71:A7:75:74:F2:49:C4:86:36:75:A5:C3:CA:6D:8C:7E:4E
Authority key identifier: 28:7E:1C:97:F7:1F:35:58:67:E3:FB:87:7F:21:AA:51:30:B6:CF:5D
Certificate issuer: /CN=287e1c97f71f355867e3fb877f21aa5130b6cf5d
Certificate serial: 019D9A74EF523B3AE0DDE4EC53CFDF8AD6BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
Manifest number: 0D0E
Signing time: Fri 17 Apr 2026 08:00:47 +0000
Manifest this update: Fri 17 Apr 2026 08:00:47 +0000
Manifest next update: Sat 18 Apr 2026 08:00:47 +0000
Files and hashes: 1: 4VL55TR7n8zY5sjEwyy-tDqTfgs.roa (hash: 7BDvUnPmZt5rM/QuBJhcT4U2nlJB/FKzg2OukOPZ9uQ=)
2: KH4cl_cfNVhn4_uHfyGqUTC2z10.crl (hash: HuSgjWZdrAGtRyBydCDBIBbBGg52s+FlNbhmzfBp9DM=)
3: KnCfg8nTQsfpTcM_cEW8Uzz8x5M.roa (hash: 2VYLtBiQmGKXrUCSv3SxyNnrS3C6FcV2aiRtsHxSXSI=)
4: arOEcwZhUNm3Hj36Uwng_wKeV9E.roa (hash: B20xitz9JymuHol/jxxjXdJ6lXpi2xW/yyUd53yf3d8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 08:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:74:ef:52:3b:3a:e0:dd:e4:ec:53:cf:df:8a:d6:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=287e1c97f71f355867e3fb877f21aa5130b6cf5d
Validity
Not Before: Apr 17 08:00:47 2026 GMT
Not After : Apr 18 08:00:47 2026 GMT
Subject: CN=9c8eb071a77574f249c4863675a5c3ca6d8c7e4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c4:36:5d:70:ed:6e:79:44:8a:01:5b:31:fa:
7e:ed:b8:11:e7:16:b4:67:39:31:d9:84:cf:18:ed:
2d:b0:6f:b8:d6:af:e7:d5:d6:c7:20:50:f4:13:4d:
30:a8:83:09:10:fb:73:8e:7b:62:78:1b:66:97:f6:
50:a7:f5:8c:8c:db:24:0a:17:f6:cf:23:85:7c:34:
b8:92:4d:00:3b:fe:a6:d0:f0:a3:8b:69:fd:2a:3b:
1a:18:7a:87:61:e9:e7:6c:b8:ed:6f:30:df:a5:db:
38:84:0e:d0:2e:14:82:24:b0:59:b6:26:93:de:48:
bc:98:a2:93:69:16:79:59:72:02:82:ab:81:09:3a:
a7:bf:96:9f:6d:3e:9a:6c:70:81:e8:9d:e3:3f:83:
4b:97:14:db:7e:66:33:20:e7:54:ba:93:51:88:d1:
8c:70:41:30:9c:26:11:d8:b7:9f:76:d0:aa:a6:c3:
9e:3e:3d:5f:e9:82:67:56:f8:51:d6:84:85:0b:d2:
d7:f8:9c:ca:8e:33:5d:c1:58:2f:66:2e:31:05:ab:
e6:15:ec:22:d0:42:bc:2f:94:45:68:3d:00:56:2c:
54:60:93:b9:22:4b:c5:8f:c9:03:95:14:af:0e:58:
33:57:60:23:5c:f6:93:de:28:ef:82:b6:d9:de:52:
8b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:8E:B0:71:A7:75:74:F2:49:C4:86:36:75:A5:C3:CA:6D:8C:7E:4E
X509v3 Authority Key Identifier:
keyid:28:7E:1C:97:F7:1F:35:58:67:E3:FB:87:7F:21:AA:51:30:B6:CF:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:09:6c:bb:09:37:f0:46:cb:e6:c3:66:b1:b6:8a:d5:05:db:
09:06:32:11:e9:78:be:37:83:b6:a1:c0:df:40:c5:48:82:12:
42:3f:ff:11:67:4e:7c:40:20:48:5b:f7:78:20:f2:8a:87:d5:
46:b8:75:48:6b:52:69:7b:a1:7c:2f:dd:90:ae:b4:fa:2d:8d:
bc:91:70:36:c4:0f:e7:c6:d1:4c:64:4b:d9:25:da:7c:54:85:
15:34:f5:14:85:55:31:57:94:4c:65:17:e6:84:53:65:25:a3:
12:c0:9a:39:2f:54:5c:e2:76:e7:f9:75:eb:af:26:9d:dc:e1:
29:04:78:cf:83:b0:58:9a:0c:75:3f:4b:06:59:fa:fe:1b:5c:
4f:dc:3e:c9:80:af:bf:52:f8:52:d8:f4:59:15:b8:7b:60:61:
26:bf:42:f0:6b:f8:01:3f:61:94:07:4a:ec:53:03:0c:59:6f:
76:00:51:a6:2b:d9:b1:b9:4f:54:30:09:c8:3e:5c:2e:35:30:
47:72:5d:9b:b8:67:bd:de:92:af:2f:97:c9:bb:d6:c7:b9:7e:
16:37:84:b6:6c:6e:9c:68:e0:11:fb:63:56:16:0a:08:74:fb:
2b:a9:97:ae:48:e0:a3:b9:2f:bd:8c:b7:d4:50:66:8f:a5:f6:
48:29:26:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2adO9SOzrg3eTsU8/fita8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2UxYzk3ZjcxZjM1NTg2N2UzZmI4NzdmMjFhYTUxMzBi
NmNmNWQwHhcNMjYwNDE3MDgwMDQ3WhcNMjYwNDE4MDgwMDQ3WjAzMTEwLwYDVQQD
Eyg5YzhlYjA3MWE3NzU3NGYyNDljNDg2MzY3NWE1YzNjYTZkOGM3ZTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsQ2XXDtbnlEigFbMfp+7bgR5xa0
Zzkx2YTPGO0tsG+41q/n1dbHIFD0E00wqIMJEPtzjntieBtml/ZQp/WMjNskChf2
zyOFfDS4kk0AO/6m0PCji2n9KjsaGHqHYennbLjtbzDfpds4hA7QLhSCJLBZtiaT
3ki8mKKTaRZ5WXICgquBCTqnv5afbT6abHCB6J3jP4NLlxTbfmYzIOdUupNRiNGM
cEEwnCYR2LefdtCqpsOePj1f6YJnVvhR1oSFC9LX+JzKjjNdwVgvZi4xBavmFewi
0EK8L5RFaD0AVixUYJO5IkvFj8kDlRSvDlgzV2AjXPaT3ijvgrbZ3lKLoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJyOsHGndXTyScSGNnWlw8ptjH5OMB8GA1UdIwQY
MBaAFCh+HJf3HzVYZ+P7h38hqlEwts9dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hZjE2MWItZWY1MS00NGJkLThlMGEt
OWViM2M2ODJiMDA5LzEvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hZjE2MWItZWY1MS00NGJkLThlMGEtOWViM2M2ODJiMDA5
LzEvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYAlsuwk3
8EbL5sNmsbaK1QXbCQYyEel4vjeDtqHA30DFSIISQj//EWdOfEAgSFv3eCDyiofV
Rrh1SGtSaXuhfC/dkK60+i2NvJFwNsQP58bRTGRL2SXafFSFFTT1FIVVMVeUTGUX
5oRTZSWjEsCaOS9UXOJ25/l1668mndzhKQR4z4OwWJoMdT9LBln6/htcT9w+yYCv
v1L4Utj0WRW4e2BhJr9C8Gv4AT9hlAdK7FMDDFlvdgBRpivZsblPVDAJyD5cLjUw
R3Jdm7hnvd6Sry+XybvWx7l+FjeEtmxunGjgEftjVhYKCHT7K6mXrkjgo7kvvYy3
1FBmj6X2SCkmDg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:03:14 2026 by rpki-client