Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.mft
File: hst0KgO8nIVQcheiUgTf_4L8zfk.mft (raw, json)
Hash identifier: NSIivw2rvvUftHaPlHq9lj7xYiCPivT/ks+0uOI21dw=
Subject key identifier: 74:84:3F:0F:13:C1:7B:09:9B:8D:9A:3C:65:80:42:35:37:A5:81:4C
Authority key identifier: 86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
Certificate issuer: /CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Certificate serial: 019CABD8F0A4BBDED4793FC3DD69184CF624
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.mft
Manifest number: 1153
Signing time: Mon 02 Mar 2026 00:00:47 +0000
Manifest this update: Mon 02 Mar 2026 00:00:47 +0000
Manifest next update: Tue 03 Mar 2026 00:00:47 +0000
Files and hashes: 1: FsEYUQUVL6IgAyC_3hTmIC05sYA.roa (hash: erfQp237zxf8AD8EH/ivbDYnw0vQY88Vf8ov2LTkk+Q=)
2: KhePy2KSChqSTO56xjFNB88Adhw.roa (hash: jSbx1Mp1yMnht16w7llcf9K2ZLPdIRkxkGJ6/eCHfII=)
3: Z-DKyWN4NlE9Oe6WxuczFCionOA.roa (hash: DCMKgnjrJbcUZjEDqwNnXXjpRG/93HbByWia9wwVNVM=)
4: hst0KgO8nIVQcheiUgTf_4L8zfk.crl (hash: pBQ0jeUAJAA60dtTDAmgYzey2VEwpiuyyIpym5t2mL4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d8:f0:a4:bb:de:d4:79:3f:c3:dd:69:18:4c:f6:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Validity
Not Before: Mar 2 00:00:47 2026 GMT
Not After : Mar 3 00:00:47 2026 GMT
Subject: CN=74843f0f13c17b099b8d9a3c6580423537a5814c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:f7:6e:9e:85:bb:19:82:75:34:1e:ee:2e:39:
56:76:01:07:dc:78:4a:24:4e:b6:77:69:26:f3:62:
ab:77:85:83:ca:30:8c:95:ac:48:ea:c7:8c:3b:68:
78:02:1f:5a:26:33:df:39:de:d2:44:27:1c:81:61:
8d:af:dd:76:3e:62:48:5d:fe:03:41:d2:bc:92:a8:
de:70:83:e2:c1:68:8a:40:90:35:0e:cb:1a:4a:0e:
8a:d4:f0:fb:ec:3f:31:5a:8b:69:b8:ee:22:ad:5d:
b3:98:5e:52:d1:7e:5d:f9:9b:ca:f7:bc:27:50:70:
46:47:e0:59:ef:d7:49:0a:78:06:00:6b:f0:0d:dc:
83:3c:1c:51:5b:dc:cf:22:b2:47:58:64:88:18:df:
62:0f:90:44:e5:41:6f:12:ac:8c:e0:c6:b4:1c:5e:
eb:e6:90:63:a0:af:db:b0:65:0c:3b:0b:a5:b9:55:
d7:a5:66:7c:c9:70:db:b9:5b:e1:94:69:ff:a0:d4:
46:e4:bd:e4:30:da:4a:c5:b6:68:2b:ee:5f:dd:02:
1e:3e:1f:76:5a:cc:24:91:18:0b:d7:4a:7d:38:d5:
c6:5a:da:69:46:b4:ad:7e:75:55:5b:6f:b8:ba:63:
4b:a9:78:43:3f:ab:8f:8f:2d:2a:3f:a4:89:45:0b:
a4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:84:3F:0F:13:C1:7B:09:9B:8D:9A:3C:65:80:42:35:37:A5:81:4C
X509v3 Authority Key Identifier:
keyid:86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:4f:40:7f:9e:d2:0f:2a:f7:25:02:fd:ac:a5:5f:2f:a6:f0:
40:97:22:45:e4:4d:40:76:ae:11:55:c2:29:8b:9f:b3:c3:f4:
e6:a2:f9:c8:fb:39:5b:bb:a2:be:c3:4e:76:53:f7:a3:ed:62:
3c:23:f4:d4:ed:d0:cf:ca:b3:6d:63:47:d4:58:a6:3f:83:6d:
2b:31:7e:f7:c8:1d:4b:48:02:4f:0f:68:d4:23:4b:1d:be:d6:
7c:98:47:13:3d:c3:7a:c3:3a:fd:2b:6a:1e:0b:d1:78:e2:a5:
6b:08:b4:b5:82:4b:9d:43:69:3f:40:45:ba:10:36:53:06:cf:
bc:01:0a:fb:1a:5e:8e:36:7e:0f:21:d5:c1:3a:8e:09:49:a9:
47:f2:6f:a8:b0:c1:78:0f:67:ce:e3:23:8f:84:b7:cf:fb:55:
a9:27:5d:eb:9b:4c:fe:4c:69:dc:16:a9:22:02:56:1d:6f:e2:
37:1e:89:18:2c:ef:9c:4c:0f:51:41:96:79:77:03:63:ec:9e:
4d:2f:78:93:a5:92:26:1c:bd:8c:13:51:da:2f:04:51:ca:cc:
9c:bb:8f:d6:71:73:ac:55:e2:3c:25:ce:93:6d:4b:d9:e8:e8:
13:36:4c:ae:c8:e8:fd:5b:b7:4c:e1:9f:78:0a:7b:69:64:35:
eb:63:93:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2PCku97UeT/D3WkYTPYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2I3NDJhMDNiYzljODU1MDcyMTdhMjUyMDRkZmZmODJm
Y2NkZjkwHhcNMjYwMzAyMDAwMDQ3WhcNMjYwMzAzMDAwMDQ3WjAzMTEwLwYDVQQD
Eyg3NDg0M2YwZjEzYzE3YjA5OWI4ZDlhM2M2NTgwNDIzNTM3YTU4MTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PdunoW7GYJ1NB7uLjlWdgEH3HhK
JE62d2km82Krd4WDyjCMlaxI6seMO2h4Ah9aJjPfOd7SRCccgWGNr912PmJIXf4D
QdK8kqjecIPiwWiKQJA1DssaSg6K1PD77D8xWotpuO4irV2zmF5S0X5d+ZvK97wn
UHBGR+BZ79dJCngGAGvwDdyDPBxRW9zPIrJHWGSIGN9iD5BE5UFvEqyM4Ma0HF7r
5pBjoK/bsGUMOwuluVXXpWZ8yXDbuVvhlGn/oNRG5L3kMNpKxbZoK+5f3QIePh92
WswkkRgL10p9ONXGWtppRrStfnVVW2+4umNLqXhDP6uPjy0qP6SJRQukgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHSEPw8TwXsJm42aPGWAQjU3pYFMMB8GA1UdIwQY
MBaAFIbLdCoDvJyFUHIXolIE3/+C/M35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgt
MDVmMThmYzIxMmE3LzEvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgtMDVmMThmYzIxMmE3
LzEvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjk9Af57S
Dyr3JQL9rKVfL6bwQJciReRNQHauEVXCKYufs8P05qL5yPs5W7uivsNOdlP3o+1i
PCP01O3Qz8qzbWNH1FimP4NtKzF+98gdS0gCTw9o1CNLHb7WfJhHEz3DesM6/Stq
HgvReOKlawi0tYJLnUNpP0BFuhA2UwbPvAEK+xpejjZ+DyHVwTqOCUmpR/JvqLDB
eA9nzuMjj4S3z/tVqSdd65tM/kxp3BapIgJWHW/iNx6JGCzvnEwPUUGWeXcDY+ye
TS94k6WSJhy9jBNR2i8EUcrMnLuP1nFzrFXiPCXOk21L2ejoEzZMrsjo/Vu3TOGf
eAp7aWQ162OT4g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:49:37 2026 by rpki-client