Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/97c353-0c36-4066-a56b-139a496cd59c/1/0kMistCnlP0Ha4Xo3FeKuw0D7EA.mft
File: 0kMistCnlP0Ha4Xo3FeKuw0D7EA.mft (raw, json)
Hash identifier: HymuTmKFln/DSRClIxWqB8UhZZ71NhZkdso+geXD7L4=
Subject key identifier: 5B:F9:5E:29:13:7C:E2:5B:02:F1:55:E0:EE:AA:B6:CA:EE:A2:EA:20
Authority key identifier: D2:43:22:B2:D0:A7:94:FD:07:6B:85:E8:DC:57:8A:BB:0D:03:EC:40
Certificate issuer: /CN=d24322b2d0a794fd076b85e8dc578abb0d03ec40
Certificate serial: 019D3789537C6D4B3679C1E530258802E2C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0kMistCnlP0Ha4Xo3FeKuw0D7EA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/97c353-0c36-4066-a56b-139a496cd59c/1/0kMistCnlP0Ha4Xo3FeKuw0D7EA.mft
Manifest number: 0824
Signing time: Sun 29 Mar 2026 03:00:39 +0000
Manifest this update: Sun 29 Mar 2026 03:00:39 +0000
Manifest next update: Mon 30 Mar 2026 03:00:39 +0000
Files and hashes: 1: 0kMistCnlP0Ha4Xo3FeKuw0D7EA.crl (hash: +z1LTlDLAoNP/PNCGAkF5db2dvHolDfvl7G+ERIFTsM=)
2: 5pjm21HKetM46w6qM9uy-i6WybY.roa (hash: 3eNVlKLJuRP0y0hZciHBdm9TPYgKCSF9C2o8FyAPzb8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/97c353-0c36-4066-a56b-139a496cd59c/1/0kMistCnlP0Ha4Xo3FeKuw0D7EA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/97c353-0c36-4066-a56b-139a496cd59c/1/0kMistCnlP0Ha4Xo3FeKuw0D7EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/0kMistCnlP0Ha4Xo3FeKuw0D7EA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:53:7c:6d:4b:36:79:c1:e5:30:25:88:02:e2:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d24322b2d0a794fd076b85e8dc578abb0d03ec40
Validity
Not Before: Mar 29 03:00:39 2026 GMT
Not After : Mar 30 03:00:39 2026 GMT
Subject: CN=5bf95e29137ce25b02f155e0eeaab6caeea2ea20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7d:ce:71:41:9d:bc:b5:d1:c5:ad:b5:a1:67:
4e:d3:ac:ed:fd:5f:4b:ff:35:cf:ef:87:ec:44:c5:
0b:cf:4d:d6:ff:6c:1d:70:c9:ac:3d:c7:d8:b4:c0:
d0:0f:bd:ab:3a:cf:d5:24:07:19:6e:6c:5d:b3:92:
50:8c:05:7c:e9:39:ff:bc:23:3d:e3:cc:56:a0:ab:
0f:eb:2d:3d:fd:8b:af:ed:e9:58:99:b6:cc:d3:4c:
3a:2e:be:3b:57:9a:68:0f:bf:c7:9a:f9:25:d5:69:
23:1a:17:52:ba:dd:9d:2f:18:b4:0c:27:93:e2:6d:
73:0b:ac:16:e6:c4:eb:b4:27:30:b9:f5:62:a1:d5:
62:4a:31:47:e2:ff:23:84:c9:df:80:2f:7b:e0:1c:
4f:27:8c:9d:9d:4e:c6:66:35:4a:bc:4c:89:4c:7a:
3c:95:53:15:48:fd:ef:f6:67:9d:ec:cd:ee:01:a7:
60:74:37:c6:94:c6:54:4a:67:21:50:12:5f:32:89:
33:9c:e1:a3:7b:67:4c:9f:26:50:d0:4e:01:76:f6:
4c:7a:86:79:30:89:97:9e:ab:d1:cf:8e:b6:67:0b:
07:12:6a:9f:ad:3d:a4:3e:09:5e:5c:7f:55:04:47:
37:93:e3:9d:58:5f:3f:9c:38:78:31:ef:5e:25:68:
67:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:F9:5E:29:13:7C:E2:5B:02:F1:55:E0:EE:AA:B6:CA:EE:A2:EA:20
X509v3 Authority Key Identifier:
keyid:D2:43:22:B2:D0:A7:94:FD:07:6B:85:E8:DC:57:8A:BB:0D:03:EC:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kMistCnlP0Ha4Xo3FeKuw0D7EA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/97c353-0c36-4066-a56b-139a496cd59c/1/0kMistCnlP0Ha4Xo3FeKuw0D7EA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/97c353-0c36-4066-a56b-139a496cd59c/1/0kMistCnlP0Ha4Xo3FeKuw0D7EA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:97:83:a7:78:0f:87:4e:12:a4:18:90:c9:a8:30:7a:c9:61:
64:9d:b8:06:38:c6:d0:5a:b8:23:6d:8c:33:c9:b2:dc:cb:e0:
64:ae:05:05:db:4a:ad:57:96:c0:14:43:d3:27:8b:89:68:89:
31:44:3b:a6:ef:61:13:d7:26:9c:c5:d1:77:11:47:17:3a:20:
99:73:82:25:e9:4b:6c:6f:c5:06:b3:a9:db:35:7b:9c:33:93:
8d:ef:00:bb:11:b2:bb:55:4a:ed:6c:54:c4:fb:8d:79:b2:eb:
9a:2d:0a:08:a4:6b:26:22:d4:f0:dd:01:a7:0a:be:d6:81:a1:
37:1d:92:a4:2b:ac:ee:fb:8f:34:f9:87:17:85:61:7b:77:3b:
24:df:02:ca:a6:d2:10:ef:80:f0:19:a4:fa:62:40:00:f2:7e:
77:36:52:f3:c6:d6:2e:cc:9d:d3:10:d8:3a:20:33:1c:4e:0f:
f0:66:a4:15:3a:d9:b8:fe:86:6c:44:aa:59:22:a5:3e:db:d2:
ef:5b:3d:5d:6f:f5:4d:2a:37:9e:62:c4:00:66:3e:c7:9a:c3:
05:ee:b2:6e:9a:a8:b9:67:49:3c:2d:e4:90:4b:b0:19:fc:a4:
48:40:e3:40:e6:90:6a:04:a9:0e:12:4a:ad:d3:3c:b9:39:7f:
c1:a6:3a:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iVN8bUs2ecHlMCWIAuLJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNDMyMmIyZDBhNzk0ZmQwNzZiODVlOGRjNTc4YWJiMGQw
M2VjNDAwHhcNMjYwMzI5MDMwMDM5WhcNMjYwMzMwMDMwMDM5WjAzMTEwLwYDVQQD
Eyg1YmY5NWUyOTEzN2NlMjViMDJmMTU1ZTBlZWFhYjZjYWVlYTJlYTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmn3OcUGdvLXRxa21oWdO06zt/V9L
/zXP74fsRMULz03W/2wdcMmsPcfYtMDQD72rOs/VJAcZbmxds5JQjAV86Tn/vCM9
48xWoKsP6y09/Yuv7elYmbbM00w6Lr47V5poD7/Hmvkl1WkjGhdSut2dLxi0DCeT
4m1zC6wW5sTrtCcwufViodViSjFH4v8jhMnfgC974BxPJ4ydnU7GZjVKvEyJTHo8
lVMVSP3v9med7M3uAadgdDfGlMZUSmchUBJfMokznOGje2dMnyZQ0E4BdvZMeoZ5
MImXnqvRz462ZwsHEmqfrT2kPgleXH9VBEc3k+OdWF8/nDh4Me9eJWhnywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFv5XikTfOJbAvFV4O6qtsruouogMB8GA1UdIwQY
MBaAFNJDIrLQp5T9B2uF6NxXirsNA+xAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtNaXN0Q25sUDBIYTRYbzNGZUt1dzBEN0VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy85N2MzNTMtMGMzNi00MDY2LWE1NmIt
MTM5YTQ5NmNkNTljLzEvMGtNaXN0Q25sUDBIYTRYbzNGZUt1dzBEN0VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy85N2MzNTMtMGMzNi00MDY2LWE1NmItMTM5YTQ5NmNkNTlj
LzEvMGtNaXN0Q25sUDBIYTRYbzNGZUt1dzBEN0VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWZeDp3gP
h04SpBiQyagweslhZJ24BjjG0Fq4I22MM8my3MvgZK4FBdtKrVeWwBRD0yeLiWiJ
MUQ7pu9hE9cmnMXRdxFHFzogmXOCJelLbG/FBrOp2zV7nDOTje8AuxGyu1VK7WxU
xPuNebLrmi0KCKRrJiLU8N0Bpwq+1oGhNx2SpCus7vuPNPmHF4Vhe3c7JN8CyqbS
EO+A8Bmk+mJAAPJ+dzZS88bWLsyd0xDYOiAzHE4P8GakFTrZuP6GbESqWSKlPtvS
71s9XW/1TSo3nmLEAGY+x5rDBe6ybpqouWdJPC3kkEuwGfykSEDjQOaQagSpDhJK
rdM8uTl/waY6bw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:13:42 2026 by rpki-client