Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
File: KHtQElUXlEJ0oUa7rNZOaRog-gY.mft (raw, json)
Hash identifier: cAkJkopGysgTh9KnOylUf+e/JeN3BCNPorBIXUTwcTI=
Subject key identifier: 09:94:D2:4F:6F:5C:25:D6:15:40:50:89:E1:BC:2D:76:04:33:75:7F
Authority key identifier: 28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06
Certificate issuer: /CN=287b50125517944274a146bbacd64e691a20fa06
Certificate serial: 019D98F53122C34ED7A4726CBF45D9DA3473
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
Manifest number: 116B
Signing time: Fri 17 Apr 2026 01:01:38 +0000
Manifest this update: Fri 17 Apr 2026 01:01:38 +0000
Manifest next update: Sat 18 Apr 2026 01:01:38 +0000
Files and hashes: 1: KHtQElUXlEJ0oUa7rNZOaRog-gY.crl (hash: JIMKgZICraRv9sDpT5E3YGTT2Sq3B5S6m5JW4I2OaXE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 01:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:f5:31:22:c3:4e:d7:a4:72:6c:bf:45:d9:da:34:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=287b50125517944274a146bbacd64e691a20fa06
Validity
Not Before: Apr 17 01:01:38 2026 GMT
Not After : Apr 18 01:01:38 2026 GMT
Subject: CN=0994d24f6f5c25d615405089e1bc2d760433757f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b0:14:fb:91:d4:57:1b:71:47:4c:9d:25:cc:
d4:52:ee:e4:ad:c8:3e:bd:3e:01:19:b3:50:45:60:
30:c2:ba:32:b8:d1:da:ad:10:9d:96:34:46:a8:7e:
77:f6:07:33:f6:d2:c1:5e:85:b9:61:3a:39:24:63:
e9:54:dc:60:cb:74:b2:85:5a:ec:83:ee:b4:88:ac:
7e:56:b7:20:20:b5:63:f8:64:6a:78:da:e4:81:a3:
97:98:0e:4d:0f:d0:ac:d4:b7:35:ae:9d:94:e7:a0:
a8:9c:49:0c:19:4f:97:e7:0f:bd:8e:f0:8a:18:c5:
38:fc:23:68:d1:12:78:ec:cb:6f:af:f2:bf:ad:4c:
23:62:00:31:d2:f6:c9:44:2f:ba:0c:c5:ec:a8:84:
c9:ce:0d:b0:12:e9:a8:d2:75:fb:8b:6a:b8:59:67:
a4:7e:0e:94:82:83:6b:0b:c2:c8:ca:fd:a5:1c:d6:
92:e2:fe:0d:29:f1:a5:52:8e:8f:71:87:fe:7d:84:
87:5d:02:06:21:a3:f5:e5:6d:01:36:b9:2b:c7:d8:
be:98:ae:98:55:c7:a5:e7:75:99:9f:4e:b1:49:92:
f8:1f:3f:86:86:92:04:b1:59:f9:e1:e8:c4:09:38:
46:12:8a:c2:a0:83:ad:2e:77:96:eb:59:67:70:54:
59:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:94:D2:4F:6F:5C:25:D6:15:40:50:89:E1:BC:2D:76:04:33:75:7F
X509v3 Authority Key Identifier:
keyid:28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:8f:71:76:1e:1e:56:da:99:fa:d1:0b:70:23:3a:50:62:07:
20:3b:55:cf:91:81:d5:61:31:17:87:e8:49:77:6d:1b:a9:78:
d2:7d:30:60:3a:af:83:66:ec:62:d1:48:63:e7:de:6d:58:9b:
d9:df:4c:ae:ec:e9:1f:ec:3e:98:3c:42:a9:5b:ea:72:ef:cc:
1b:c5:e8:52:a3:15:f4:bc:ad:f5:12:84:8f:a7:18:2a:ab:5b:
e3:0f:64:df:46:de:1f:c9:ab:32:8e:52:f1:65:8c:4d:63:bb:
f0:01:e6:36:da:5a:5b:5f:24:76:ce:21:1b:67:4e:29:74:b4:
1e:da:0a:cb:cc:df:27:a6:38:f1:79:b2:b3:c7:df:19:d6:a5:
f7:87:07:0f:aa:c7:5d:15:79:b8:05:77:39:0c:26:81:2f:b4:
45:1a:c4:b5:af:cf:a7:98:e9:6a:03:cb:01:90:6d:c8:d0:34:
cc:25:5d:29:4b:e6:01:46:5e:ee:c2:42:8c:64:65:16:5a:4a:
20:56:39:b0:a0:37:eb:9b:36:88:2a:67:9e:c6:fd:f0:ee:ce:
2b:af:0b:39:3b:0d:91:71:88:2a:72:98:e5:d7:64:fa:c0:e8:
97:b9:a0:b7:9f:f1:41:1e:20:bb:05:1c:82:72:e3:e5:4b:72:
e5:e6:8b:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9TEiw07XpHJsv0XZ2jRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2I1MDEyNTUxNzk0NDI3NGExNDZiYmFjZDY0ZTY5MWEy
MGZhMDYwHhcNMjYwNDE3MDEwMTM4WhcNMjYwNDE4MDEwMTM4WjAzMTEwLwYDVQQD
EygwOTk0ZDI0ZjZmNWMyNWQ2MTU0MDUwODllMWJjMmQ3NjA0MzM3NTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7AU+5HUVxtxR0ydJczUUu7krcg+
vT4BGbNQRWAwwroyuNHarRCdljRGqH539gcz9tLBXoW5YTo5JGPpVNxgy3SyhVrs
g+60iKx+VrcgILVj+GRqeNrkgaOXmA5ND9Cs1Lc1rp2U56ConEkMGU+X5w+9jvCK
GMU4/CNo0RJ47Mtvr/K/rUwjYgAx0vbJRC+6DMXsqITJzg2wEumo0nX7i2q4WWek
fg6UgoNrC8LIyv2lHNaS4v4NKfGlUo6PcYf+fYSHXQIGIaP15W0BNrkrx9i+mK6Y
Vcel53WZn06xSZL4Hz+GhpIEsVn54ejECThGEorCoIOtLneW61lncFRZwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAmU0k9vXCXWFUBQieG8LXYEM3V/MB8GA1UdIwQY
MBaAFCh7UBJVF5RCdKFGu6zWTmkaIPoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgt
YWFiNmM4YmE1YmQ0LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgtYWFiNmM4YmE1YmQ0
LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS49xdh4e
VtqZ+tELcCM6UGIHIDtVz5GB1WExF4foSXdtG6l40n0wYDqvg2bsYtFIY+febVib
2d9MruzpH+w+mDxCqVvqcu/MG8XoUqMV9Lyt9RKEj6cYKqtb4w9k30beH8mrMo5S
8WWMTWO78AHmNtpaW18kds4hG2dOKXS0HtoKy8zfJ6Y48Xmys8ffGdal94cHD6rH
XRV5uAV3OQwmgS+0RRrEta/Pp5jpagPLAZBtyNA0zCVdKUvmAUZe7sJCjGRlFlpK
IFY5sKA365s2iCpnnsb98O7OK68LOTsNkXGIKnKY5ddk+sDol7mgt5/xQR4guwUc
gnLj5Uty5eaLiw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:09:35 2026 by rpki-client