Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
File: KH4cl_cfNVhn4_uHfyGqUTC2z10.mft (raw, json)
Hash identifier: CJbzWF+ygwx/yY/p4qwhGFztOEZKqM5ZczAxvCY8DfY=
Subject key identifier: 87:12:99:97:EA:CD:9B:38:CB:3D:B9:78:85:BE:99:8E:60:CA:03:FD
Authority key identifier: 28:7E:1C:97:F7:1F:35:58:67:E3:FB:87:7F:21:AA:51:30:B6:CF:5D
Certificate issuer: /CN=287e1c97f71f355867e3fb877f21aa5130b6cf5d
Certificate serial: 019CAAFD5ED6B2B9AD87CD89BED0302F1B28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
Manifest number: 0C92
Signing time: Sun 01 Mar 2026 20:00:57 +0000
Manifest this update: Sun 01 Mar 2026 20:00:57 +0000
Manifest next update: Mon 02 Mar 2026 20:00:57 +0000
Files and hashes: 1: 4VL55TR7n8zY5sjEwyy-tDqTfgs.roa (hash: 7BDvUnPmZt5rM/QuBJhcT4U2nlJB/FKzg2OukOPZ9uQ=)
2: KH4cl_cfNVhn4_uHfyGqUTC2z10.crl (hash: 7PRoSch2ofEqZQBWQtMmtunk1Ysun+UnqZ39xx/6aK8=)
3: KnCfg8nTQsfpTcM_cEW8Uzz8x5M.roa (hash: 2VYLtBiQmGKXrUCSv3SxyNnrS3C6FcV2aiRtsHxSXSI=)
4: arOEcwZhUNm3Hj36Uwng_wKeV9E.roa (hash: B20xitz9JymuHol/jxxjXdJ6lXpi2xW/yyUd53yf3d8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 20:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:fd:5e:d6:b2:b9:ad:87:cd:89:be:d0:30:2f:1b:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=287e1c97f71f355867e3fb877f21aa5130b6cf5d
Validity
Not Before: Mar 1 20:00:57 2026 GMT
Not After : Mar 2 20:00:57 2026 GMT
Subject: CN=87129997eacd9b38cb3db97885be998e60ca03fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a3:b2:1e:38:6f:fa:8f:14:49:46:0e:1d:d4:
a8:bb:17:ca:c0:2e:0d:19:c6:76:bb:84:ff:e0:28:
8b:f0:3e:63:01:1a:77:d0:a6:07:6c:8d:3f:eb:0b:
b5:fd:71:5e:79:96:f0:73:4b:b7:a0:ad:48:89:dd:
ac:a9:f3:41:df:43:e8:88:d5:6c:2a:39:57:50:40:
98:e7:8d:ec:fe:8e:e0:59:a5:42:a3:b8:e1:6a:df:
89:8d:42:4f:e1:d8:e6:ea:14:e4:c4:bc:70:a3:b9:
3a:0d:2d:2a:94:a1:51:b8:45:2c:89:0c:e9:8f:7f:
e5:62:64:07:e6:e8:ed:fd:50:7b:55:38:af:1f:5b:
14:dc:9d:3d:b7:44:b8:f9:3b:c0:55:27:35:3b:cd:
a4:97:70:18:ba:4c:c3:14:6e:d5:7f:07:7f:36:2d:
d8:10:c4:ed:58:cc:c7:04:3c:5b:a1:e0:4a:39:1c:
b5:9d:47:ba:52:bf:9c:ef:16:69:72:00:74:8a:5d:
c3:ea:a7:39:9f:f0:11:83:76:f4:8f:99:4f:72:20:
1d:76:c7:1b:dd:d4:65:55:b8:6d:3f:46:d6:84:7d:
ac:ae:a3:c8:a0:89:4b:4c:0f:bf:9c:43:21:d7:6e:
c2:f0:3f:13:d3:64:b8:6e:c9:22:d3:f7:3b:79:48:
e3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:12:99:97:EA:CD:9B:38:CB:3D:B9:78:85:BE:99:8E:60:CA:03:FD
X509v3 Authority Key Identifier:
keyid:28:7E:1C:97:F7:1F:35:58:67:E3:FB:87:7F:21:AA:51:30:B6:CF:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:c4:dd:eb:96:0a:4e:07:ff:59:b8:ca:6c:79:d0:64:e0:d2:
c6:58:5c:bb:32:71:be:08:88:58:af:2c:82:24:98:b5:81:9e:
a1:c6:fd:bd:69:53:dd:6f:a3:f4:ce:e3:32:d3:bc:81:29:ae:
90:71:1c:2c:88:69:97:ef:1a:f7:ed:ed:15:34:70:de:a1:91:
4d:0f:a9:31:f0:89:f8:cd:f3:94:94:94:fb:db:8f:6e:cd:40:
34:b6:aa:9f:ae:41:c3:76:cc:8e:fa:00:a3:3d:a7:8f:60:71:
75:09:97:d4:bb:6b:11:6c:36:37:c0:f2:7f:1f:1a:87:36:86:
a6:08:08:bb:88:a4:c5:56:fd:eb:88:7d:95:3f:92:12:5e:6a:
0e:76:4d:9c:81:11:ae:fd:12:96:7e:f7:f4:dd:97:cd:93:69:
6b:02:f7:d8:64:5a:ab:8b:62:86:e2:0f:82:0f:06:1f:d8:fc:
0a:56:38:20:03:73:f0:e8:46:30:37:77:1b:77:08:fd:aa:43:
8f:e2:1a:26:17:db:b2:ca:80:aa:ca:fc:db:3f:a9:e9:b9:17:
eb:56:16:4e:cd:25:7c:29:9a:45:87:e4:02:c8:86:26:c8:5f:
5c:c8:d6:b4:c9:b9:a3:40:a8:a1:a5:b1:22:1b:35:83:0e:7e:
73:e6:c5:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/V7Wsrmth82JvtAwLxsoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2UxYzk3ZjcxZjM1NTg2N2UzZmI4NzdmMjFhYTUxMzBi
NmNmNWQwHhcNMjYwMzAxMjAwMDU3WhcNMjYwMzAyMjAwMDU3WjAzMTEwLwYDVQQD
Eyg4NzEyOTk5N2VhY2Q5YjM4Y2IzZGI5Nzg4NWJlOTk4ZTYwY2EwM2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqOyHjhv+o8USUYOHdSouxfKwC4N
GcZ2u4T/4CiL8D5jARp30KYHbI0/6wu1/XFeeZbwc0u3oK1Iid2sqfNB30PoiNVs
KjlXUECY543s/o7gWaVCo7jhat+JjUJP4djm6hTkxLxwo7k6DS0qlKFRuEUsiQzp
j3/lYmQH5ujt/VB7VTivH1sU3J09t0S4+TvAVSc1O82kl3AYukzDFG7Vfwd/Ni3Y
EMTtWMzHBDxboeBKORy1nUe6Ur+c7xZpcgB0il3D6qc5n/ARg3b0j5lPciAddscb
3dRlVbhtP0bWhH2srqPIoIlLTA+/nEMh127C8D8T02S4bski0/c7eUjj/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIcSmZfqzZs4yz25eIW+mY5gygP9MB8GA1UdIwQY
MBaAFCh+HJf3HzVYZ+P7h38hqlEwts9dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hZjE2MWItZWY1MS00NGJkLThlMGEt
OWViM2M2ODJiMDA5LzEvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hZjE2MWItZWY1MS00NGJkLThlMGEtOWViM2M2ODJiMDA5
LzEvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc8Td65YK
Tgf/WbjKbHnQZODSxlhcuzJxvgiIWK8sgiSYtYGeocb9vWlT3W+j9M7jMtO8gSmu
kHEcLIhpl+8a9+3tFTRw3qGRTQ+pMfCJ+M3zlJSU+9uPbs1ANLaqn65Bw3bMjvoA
oz2nj2BxdQmX1LtrEWw2N8Dyfx8ahzaGpggIu4ikxVb964h9lT+SEl5qDnZNnIER
rv0Sln739N2XzZNpawL32GRaq4tihuIPgg8GH9j8ClY4IANz8OhGMDd3G3cI/apD
j+IaJhfbssqAqsr82z+p6bkX61YWTs0lfCmaRYfkAsiGJshfXMjWtMm5o0CooaWx
Ihs1gw5+c+bFXw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:39:52 2026 by rpki-client