Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/4574bc-296d-4a58-aef7-d2bbd949c452/1/Y1mmSbA2ED6Ao86PPRsBOKYFgdc.mft
File: Y1mmSbA2ED6Ao86PPRsBOKYFgdc.mft (raw, json)
Hash identifier: 1rUHVz2/u4LN+HEtZkbahsptu4GfaeoOtK5STkr30vQ=
Subject key identifier: DE:C0:E6:D3:2A:8A:14:D0:83:BD:A7:39:12:33:0E:34:63:74:4B:1D
Authority key identifier: 63:59:A6:49:B0:36:10:3E:80:A3:CE:8F:3D:1B:01:38:A6:05:81:D7
Certificate issuer: /CN=6359a649b036103e80a3ce8f3d1b0138a60581d7
Certificate serial: 019A72263B064B3C517DB485235738828911
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y1mmSbA2ED6Ao86PPRsBOKYFgdc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/4574bc-296d-4a58-aef7-d2bbd949c452/1/Y1mmSbA2ED6Ao86PPRsBOKYFgdc.mft
Manifest number: 0B2F
Signing time: Tue 11 Nov 2025 09:01:39 +0000
Manifest this update: Tue 11 Nov 2025 09:01:39 +0000
Manifest next update: Wed 12 Nov 2025 09:01:39 +0000
Files and hashes: 1: X6ZYSC-zk_X-vkVmhmsDz5ImQYg.roa (hash: ejdwRSw1lilKiCxqAuj8PMfvm39/1GCNMitYFT+EINw=)
2: Y1mmSbA2ED6Ao86PPRsBOKYFgdc.crl (hash: zQIHXPRZ/pKojn+hoZYB5hntUw9329Dp61uHvZASuC0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/4574bc-296d-4a58-aef7-d2bbd949c452/1/Y1mmSbA2ED6Ao86PPRsBOKYFgdc.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/4574bc-296d-4a58-aef7-d2bbd949c452/1/Y1mmSbA2ED6Ao86PPRsBOKYFgdc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y1mmSbA2ED6Ao86PPRsBOKYFgdc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:3b:06:4b:3c:51:7d:b4:85:23:57:38:82:89:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6359a649b036103e80a3ce8f3d1b0138a60581d7
Validity
Not Before: Nov 11 09:01:39 2025 GMT
Not After : Nov 12 09:01:39 2025 GMT
Subject: CN=dec0e6d32a8a14d083bda73912330e3463744b1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:89:83:ef:d3:53:ef:c9:f6:76:da:3f:aa:aa:
3e:e1:ac:bf:ec:a1:17:e9:56:05:05:25:3b:70:62:
7d:43:ca:54:8b:18:b1:10:45:48:37:8f:53:a6:29:
f9:80:2b:c3:d3:a9:5b:d9:c9:d0:4e:18:2a:94:08:
57:49:8e:ba:bd:09:41:d2:2b:5a:48:1b:f5:47:d6:
cc:59:06:58:a0:96:d0:a1:98:0e:21:24:35:a9:6e:
b1:f1:7b:58:c5:d4:50:ab:1d:f3:4d:9e:1a:bf:2a:
8b:bb:39:00:70:2a:8b:bf:a3:71:5f:dc:bb:19:68:
31:58:9e:e6:39:a4:65:cf:eb:95:4f:4a:94:01:42:
04:bf:a3:ac:cc:9b:5d:7a:fb:64:8f:c0:2d:78:d6:
b1:50:04:9b:05:1b:c2:72:93:d9:df:b1:70:c8:66:
ef:9f:9f:6b:42:80:63:2f:cd:7d:dd:46:25:4e:a0:
08:a6:f8:12:f8:3b:e7:fd:f8:2f:ae:39:c4:3c:9a:
1a:b7:b4:a1:5a:0d:fd:97:e3:5e:dd:a3:74:25:c0:
21:ae:1a:d6:20:18:88:70:dc:b9:cb:c3:1e:02:cc:
78:3e:4c:66:1a:99:54:74:c8:86:50:25:57:33:12:
9d:7a:84:72:b7:fa:00:46:55:09:0f:75:fa:aa:ea:
aa:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:C0:E6:D3:2A:8A:14:D0:83:BD:A7:39:12:33:0E:34:63:74:4B:1D
X509v3 Authority Key Identifier:
keyid:63:59:A6:49:B0:36:10:3E:80:A3:CE:8F:3D:1B:01:38:A6:05:81:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y1mmSbA2ED6Ao86PPRsBOKYFgdc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/4574bc-296d-4a58-aef7-d2bbd949c452/1/Y1mmSbA2ED6Ao86PPRsBOKYFgdc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/4574bc-296d-4a58-aef7-d2bbd949c452/1/Y1mmSbA2ED6Ao86PPRsBOKYFgdc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:8e:a1:97:b8:03:10:7a:a9:a3:f4:a1:85:fd:e1:49:8c:9d:
5c:25:9f:19:4b:f9:9b:fc:ba:23:a6:bd:2c:b5:f0:10:63:a0:
20:54:0d:3c:8e:35:b4:7e:6e:38:b9:78:fe:94:23:a8:37:ad:
48:29:28:a3:03:a3:21:c3:d0:6b:7b:e1:71:ca:e0:cf:2c:6f:
62:69:23:d9:6a:05:cf:e4:de:25:e4:b1:f6:7c:f1:02:43:08:
03:65:05:d3:5c:40:e7:99:cc:4d:6d:8b:49:4e:b4:c6:f0:6a:
8e:00:0d:70:22:49:87:28:40:e4:76:3c:50:b3:20:cf:9e:3a:
99:a2:a3:1c:2d:28:ed:b5:14:2a:f3:64:0b:b0:f3:14:52:0e:
c6:da:c0:45:17:d7:98:f5:a2:bb:fa:ef:7d:ff:54:38:b3:89:
88:67:9c:64:88:f0:68:51:d5:17:4e:e1:03:97:66:cf:68:ab:
0e:fc:b8:9c:fe:8b:76:cb:d8:d1:7f:31:1f:66:93:ae:82:4f:
58:d8:12:93:ad:ce:5d:88:43:61:81:c3:e0:10:b6:90:38:9a:
5c:87:c6:59:4d:58:a1:e8:50:28:46:26:46:fe:3c:0a:4e:16:
8c:78:45:72:6c:00:90:6c:31:15:0e:89:af:46:5b:67:ec:5b:
3d:aa:23:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJjsGSzxRfbSFI1c4gokRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNTlhNjQ5YjAzNjEwM2U4MGEzY2U4ZjNkMWIwMTM4YTYw
NTgxZDcwHhcNMjUxMTExMDkwMTM5WhcNMjUxMTEyMDkwMTM5WjAzMTEwLwYDVQQD
EyhkZWMwZTZkMzJhOGExNGQwODNiZGE3MzkxMjMzMGUzNDYzNzQ0YjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwomD79NT78n2dto/qqo+4ay/7KEX
6VYFBSU7cGJ9Q8pUixixEEVIN49Tpin5gCvD06lb2cnQThgqlAhXSY66vQlB0ita
SBv1R9bMWQZYoJbQoZgOISQ1qW6x8XtYxdRQqx3zTZ4avyqLuzkAcCqLv6NxX9y7
GWgxWJ7mOaRlz+uVT0qUAUIEv6OszJtdevtkj8AteNaxUASbBRvCcpPZ37FwyGbv
n59rQoBjL8193UYlTqAIpvgS+Dvn/fgvrjnEPJoat7ShWg39l+Ne3aN0JcAhrhrW
IBiIcNy5y8MeAsx4PkxmGplUdMiGUCVXMxKdeoRyt/oARlUJD3X6quqqlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN7A5tMqihTQg72nORIzDjRjdEsdMB8GA1UdIwQY
MBaAFGNZpkmwNhA+gKPOjz0bATimBYHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTFtbVNiQTJFRDZBbzg2UFBSc0JPS1lGZ2RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi80NTc0YmMtMjk2ZC00YTU4LWFlZjct
ZDJiYmQ5NDljNDUyLzEvWTFtbVNiQTJFRDZBbzg2UFBSc0JPS1lGZ2RjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi80NTc0YmMtMjk2ZC00YTU4LWFlZjctZDJiYmQ5NDljNDUy
LzEvWTFtbVNiQTJFRDZBbzg2UFBSc0JPS1lGZ2RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU46hl7gD
EHqpo/Shhf3hSYydXCWfGUv5m/y6I6a9LLXwEGOgIFQNPI41tH5uOLl4/pQjqDet
SCkoowOjIcPQa3vhccrgzyxvYmkj2WoFz+TeJeSx9nzxAkMIA2UF01xA55nMTW2L
SU60xvBqjgANcCJJhyhA5HY8ULMgz546maKjHC0o7bUUKvNkC7DzFFIOxtrARRfX
mPWiu/rvff9UOLOJiGecZIjwaFHVF07hA5dmz2irDvy4nP6LdsvY0X8xH2aTroJP
WNgSk63OXYhDYYHD4BC2kDiaXIfGWU1YoehQKEYmRv48Ck4WjHhFcmwAkGwxFQ6J
r0ZbZ+xbPaojCg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:59:54 2025 by rpki-client