Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
File: KhQFaUht0XjbWDoKHklt8iMYXTU.mft (raw, json)
Hash identifier: KukOIznPPkS2KVV6V/cX6MB9QbrlfaKGJYTXarWKHXI=
Subject key identifier: D8:08:E7:10:7D:74:E5:D7:87:8E:44:CE:57:21:3A:B3:E0:FC:A9:04
Authority key identifier: 2A:14:05:69:48:6D:D1:78:DB:58:3A:0A:1E:49:6D:F2:23:18:5D:35
Certificate issuer: /CN=2a140569486dd178db583a0a1e496df223185d35
Certificate serial: 019D9963177E9015E3FA0BCE012D60BE2D25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
Manifest number: 0B07
Signing time: Fri 17 Apr 2026 03:01:41 +0000
Manifest this update: Fri 17 Apr 2026 03:01:41 +0000
Manifest next update: Sat 18 Apr 2026 03:01:41 +0000
Files and hashes: 1: KhQFaUht0XjbWDoKHklt8iMYXTU.crl (hash: Or7FFgPjRgqQ+C0hRi7/BJ0zCFTTlw9+f52NeX2ORPA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 03:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:63:17:7e:90:15:e3:fa:0b:ce:01:2d:60:be:2d:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a140569486dd178db583a0a1e496df223185d35
Validity
Not Before: Apr 17 03:01:41 2026 GMT
Not After : Apr 18 03:01:41 2026 GMT
Subject: CN=d808e7107d74e5d7878e44ce57213ab3e0fca904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:49:5c:ae:16:50:1e:1a:e3:35:d2:fc:6d:b8:
b8:00:cc:e9:a8:1c:3a:23:28:55:f0:a9:4f:67:6c:
7b:de:ba:70:b7:88:cf:7d:21:37:0c:d8:97:50:d0:
d6:e8:d1:2c:4b:90:9e:55:e9:bc:b1:05:db:6d:6a:
7d:21:54:3f:6a:f0:62:a5:1a:d1:cf:e6:d6:4a:9c:
10:85:90:bb:73:c9:77:e2:b4:0d:7f:56:25:bb:dc:
ef:b0:3b:c5:2e:ca:59:8f:34:f7:69:87:e2:87:79:
85:82:f2:24:ac:63:c3:0c:0c:b6:c4:ef:f3:66:b9:
7d:9c:d6:c2:98:4e:fe:9e:b5:29:50:b4:87:88:d7:
7d:f8:b5:c2:b4:a6:da:a0:38:d8:0b:65:f2:55:e4:
e2:68:60:77:7b:c0:0d:cb:94:ee:c2:75:d7:eb:f3:
a7:56:6f:32:ab:16:e2:02:58:bf:69:3f:60:57:6f:
d0:02:da:21:af:e2:29:07:f7:85:39:61:8b:24:d9:
12:0f:6e:4a:af:f1:86:66:77:44:2a:fc:b8:22:ab:
a6:7b:19:09:b0:14:90:5e:9e:b9:1e:b0:8c:50:d9:
de:9c:40:20:68:08:34:33:65:6c:24:8c:4a:9d:32:
f3:56:08:43:14:25:16:b9:7d:7e:4e:64:4d:69:78:
e7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:08:E7:10:7D:74:E5:D7:87:8E:44:CE:57:21:3A:B3:E0:FC:A9:04
X509v3 Authority Key Identifier:
keyid:2A:14:05:69:48:6D:D1:78:DB:58:3A:0A:1E:49:6D:F2:23:18:5D:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:0f:4b:6c:c1:b6:79:a9:fd:4c:f3:2f:8e:96:b5:e7:eb:15:
79:82:ed:d1:f8:0c:95:65:47:8a:09:d9:1f:20:10:6c:3b:aa:
90:d6:e2:5d:00:28:ce:86:e6:d1:cc:b6:ff:1e:ff:7d:0a:07:
2d:38:1f:68:cb:d4:f0:2b:0d:40:54:16:a2:7a:7a:93:d0:46:
1a:14:00:a8:b0:91:b0:4b:4f:8a:c7:1b:a9:3d:fa:4b:8a:52:
e0:c6:1e:23:73:80:77:00:02:08:c7:ef:a5:12:ac:e0:72:43:
ab:28:82:22:77:8d:18:7b:a8:b3:85:99:b3:b5:f8:02:cd:6f:
d5:69:da:1b:d1:ed:b5:ff:88:b5:e0:d2:b3:b2:14:72:ee:c9:
78:c6:7b:36:16:d6:6d:e4:45:fb:55:81:0f:57:b0:b3:2e:75:
2a:b5:9a:5d:9b:fe:a8:e6:0c:9b:4b:91:ba:ee:1d:85:eb:0d:
79:6a:f5:2c:6a:4c:71:8b:64:12:86:70:ca:74:02:9b:f0:c9:
86:19:05:38:6a:28:6e:78:b8:ad:37:b2:2f:e4:6c:11:3b:02:
7e:c9:b7:f0:d7:9f:72:42:f5:fe:8a:3c:5c:06:30:ad:d2:9f:
b4:8b:07:b6:89:5a:1b:9b:98:ef:f6:95:bf:a3:ed:08:c2:92:
7b:55:94:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYxd+kBXj+gvOAS1gvi0lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTQwNTY5NDg2ZGQxNzhkYjU4M2EwYTFlNDk2ZGYyMjMx
ODVkMzUwHhcNMjYwNDE3MDMwMTQxWhcNMjYwNDE4MDMwMTQxWjAzMTEwLwYDVQQD
EyhkODA4ZTcxMDdkNzRlNWQ3ODc4ZTQ0Y2U1NzIxM2FiM2UwZmNhOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjElcrhZQHhrjNdL8bbi4AMzpqBw6
IyhV8KlPZ2x73rpwt4jPfSE3DNiXUNDW6NEsS5CeVem8sQXbbWp9IVQ/avBipRrR
z+bWSpwQhZC7c8l34rQNf1Ylu9zvsDvFLspZjzT3aYfih3mFgvIkrGPDDAy2xO/z
Zrl9nNbCmE7+nrUpULSHiNd9+LXCtKbaoDjYC2XyVeTiaGB3e8ANy5TuwnXX6/On
Vm8yqxbiAli/aT9gV2/QAtohr+IpB/eFOWGLJNkSD25Kr/GGZndEKvy4IqumexkJ
sBSQXp65HrCMUNnenEAgaAg0M2VsJIxKnTLzVghDFCUWuX1+TmRNaXjnhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNgI5xB9dOXXh45EzlchOrPg/KkEMB8GA1UdIwQY
MBaAFCoUBWlIbdF421g6Ch5JbfIjGF01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81Njk1NzQtNDQxZS00MTViLTgwM2Yt
NTRiZDY0OWI0ODUyLzEvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81Njk1NzQtNDQxZS00MTViLTgwM2YtNTRiZDY0OWI0ODUy
LzEvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKg9LbMG2
ean9TPMvjpa15+sVeYLt0fgMlWVHignZHyAQbDuqkNbiXQAozobm0cy2/x7/fQoH
LTgfaMvU8CsNQFQWonp6k9BGGhQAqLCRsEtPiscbqT36S4pS4MYeI3OAdwACCMfv
pRKs4HJDqyiCIneNGHuos4WZs7X4As1v1WnaG9Httf+IteDSs7IUcu7JeMZ7NhbW
beRF+1WBD1ewsy51KrWaXZv+qOYMm0uRuu4dhesNeWr1LGpMcYtkEoZwynQCm/DJ
hhkFOGoobni4rTeyL+RsETsCfsm38NefckL1/oo8XAYwrdKftIsHtolaG5uY7/aV
v6PtCMKSe1WUxw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:54:56 2026 by rpki-client