Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
File: KHtQElUXlEJ0oUa7rNZOaRog-gY.mft (raw, json)
Hash identifier: pNGI4lXRcCCyWtNcbvj029YvEyCWQxGwgUUXxZZWVUg=
Subject key identifier: AF:AC:C4:C5:85:FA:E8:6B:7C:15:F9:CE:09:A8:F3:D3:8C:9D:08:89
Authority key identifier: 28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06
Certificate issuer: /CN=287b50125517944274a146bbacd64e691a20fa06
Certificate serial: 019CAB6B229403282B55BFA4145F0736B705
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
Manifest number: 10F0
Signing time: Sun 01 Mar 2026 22:00:50 +0000
Manifest this update: Sun 01 Mar 2026 22:00:50 +0000
Manifest next update: Mon 02 Mar 2026 22:00:50 +0000
Files and hashes: 1: KHtQElUXlEJ0oUa7rNZOaRog-gY.crl (hash: 6aoklPk2LYUdCKtD93uI4zPPyqGZ/ReXJSCVXCfidSI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 22:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:6b:22:94:03:28:2b:55:bf:a4:14:5f:07:36:b7:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=287b50125517944274a146bbacd64e691a20fa06
Validity
Not Before: Mar 1 22:00:50 2026 GMT
Not After : Mar 2 22:00:50 2026 GMT
Subject: CN=afacc4c585fae86b7c15f9ce09a8f3d38c9d0889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:98:a5:43:31:c7:77:a2:6c:47:a3:49:a9:33:
b3:a4:bb:7e:5f:62:29:ff:09:e9:53:8b:61:a6:42:
21:a3:1a:d7:5c:e1:51:bb:a2:b3:e4:50:50:ed:5c:
ee:f9:36:67:ad:05:5e:03:4d:f0:e7:ae:a7:98:21:
e4:28:d3:44:ef:01:6d:f1:f5:3f:ca:a9:cf:0b:ee:
c3:e7:84:6b:6e:64:9c:25:91:f8:0b:ca:eb:83:27:
c1:a2:9e:49:9f:0b:d3:a2:f3:41:78:25:c4:2c:54:
46:d0:b1:8e:9c:8a:a0:6a:8f:8c:dc:2c:f4:39:1d:
28:be:10:62:3e:85:ae:ce:95:93:6f:4c:11:b8:ee:
a1:d5:70:d3:70:ce:43:84:37:ae:a1:8c:2c:ae:46:
3d:ba:8a:50:56:63:b5:9d:e5:d9:8e:e1:78:78:a8:
52:30:39:74:8b:2d:b1:d7:ff:cf:0f:61:5c:5e:90:
15:55:66:b6:9c:7a:50:e0:b6:69:23:86:ab:4e:53:
3f:1d:da:bb:a8:cb:89:aa:eb:47:0c:b5:72:46:95:
06:4b:a7:eb:c2:af:3c:b3:8c:e4:06:5e:a7:f0:48:
ae:82:15:51:69:c9:d6:ce:05:b1:e3:e4:20:6a:26:
ab:22:5d:56:cc:01:31:6d:91:4a:d8:0f:91:d9:30:
1e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:AC:C4:C5:85:FA:E8:6B:7C:15:F9:CE:09:A8:F3:D3:8C:9D:08:89
X509v3 Authority Key Identifier:
keyid:28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:38:2c:d9:8b:76:1e:0b:0f:27:67:01:a7:85:52:b7:db:55:
33:4a:11:ed:b9:f7:b3:e4:d4:3a:2c:e1:ab:70:62:56:b4:d1:
c5:0a:9d:06:2f:69:46:c4:3c:51:c7:d5:84:60:a9:86:e5:db:
54:be:a9:b1:51:ea:27:b7:70:42:24:97:c6:00:4c:56:6f:23:
d4:fa:90:f0:4c:68:dd:6f:33:bb:af:cd:85:5b:b1:37:e0:33:
83:18:3d:2d:22:05:00:53:dd:f0:d5:bc:41:c4:0d:63:75:4e:
45:ae:69:d3:1c:40:36:f4:9b:21:06:d8:1c:27:03:1a:5c:b7:
23:dc:89:70:7e:2a:38:79:50:c6:89:47:ba:5d:a3:25:54:7d:
2e:17:82:9d:6d:27:78:3e:b2:e0:4c:40:8d:58:be:b5:fc:aa:
93:f3:a7:06:91:5a:5c:b1:92:da:68:cb:8f:2f:a9:61:4f:49:
7d:83:68:a7:f3:a9:c0:ab:e4:10:d7:fd:fd:fb:c0:be:a6:dd:
9f:71:49:df:8b:4d:01:a0:55:37:5f:cd:fa:ba:fe:3a:75:a5:
34:63:80:6a:bf:a1:84:dc:61:fe:1a:47:df:fd:d0:bc:a4:ca:
9b:77:8c:10:1e:62:25:f4:e1:fe:b4:e2:7f:8b:9c:35:29:ee:
d4:02:9e:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrayKUAygrVb+kFF8HNrcFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2I1MDEyNTUxNzk0NDI3NGExNDZiYmFjZDY0ZTY5MWEy
MGZhMDYwHhcNMjYwMzAxMjIwMDUwWhcNMjYwMzAyMjIwMDUwWjAzMTEwLwYDVQQD
EyhhZmFjYzRjNTg1ZmFlODZiN2MxNWY5Y2UwOWE4ZjNkMzhjOWQwODg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupilQzHHd6JsR6NJqTOzpLt+X2Ip
/wnpU4thpkIhoxrXXOFRu6Kz5FBQ7Vzu+TZnrQVeA03w566nmCHkKNNE7wFt8fU/
yqnPC+7D54RrbmScJZH4C8rrgyfBop5JnwvTovNBeCXELFRG0LGOnIqgao+M3Cz0
OR0ovhBiPoWuzpWTb0wRuO6h1XDTcM5DhDeuoYwsrkY9uopQVmO1neXZjuF4eKhS
MDl0iy2x1//PD2FcXpAVVWa2nHpQ4LZpI4arTlM/Hdq7qMuJqutHDLVyRpUGS6fr
wq88s4zkBl6n8EiughVRacnWzgWx4+QgaiarIl1WzAExbZFK2A+R2TAeWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+sxMWF+uhrfBX5zgmo89OMnQiJMB8GA1UdIwQY
MBaAFCh7UBJVF5RCdKFGu6zWTmkaIPoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgt
YWFiNmM4YmE1YmQ0LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgtYWFiNmM4YmE1YmQ0
LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHTgs2Yt2
HgsPJ2cBp4VSt9tVM0oR7bn3s+TUOizhq3BiVrTRxQqdBi9pRsQ8UcfVhGCphuXb
VL6psVHqJ7dwQiSXxgBMVm8j1PqQ8Exo3W8zu6/NhVuxN+Azgxg9LSIFAFPd8NW8
QcQNY3VORa5p0xxANvSbIQbYHCcDGly3I9yJcH4qOHlQxolHul2jJVR9LheCnW0n
eD6y4ExAjVi+tfyqk/OnBpFaXLGS2mjLjy+pYU9JfYNop/OpwKvkENf9/fvAvqbd
n3FJ34tNAaBVN1/N+rr+OnWlNGOAar+hhNxh/hpH3/3QvKTKm3eMEB5iJfTh/rTi
f4ucNSnu1AKeAA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:24:21 2026 by rpki-client