Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.mft
File: ySi2NBei54heM4gakkqsnUCqymA.mft (raw, json)
Hash identifier: M4tNrwM5NrmPIJ7+V4XD3yVNO93T7GYcVd3d8OVB/e8=
Subject key identifier: 52:10:95:35:3F:53:91:49:F9:A7:FA:60:47:AA:7F:5D:FB:DB:DC:B8
Authority key identifier: C9:28:B6:34:17:A2:E7:88:5E:33:88:1A:92:4A:AC:9D:40:AA:CA:60
Certificate issuer: /CN=c928b63417a2e7885e33881a924aac9d40aaca60
Certificate serial: 019A71131D91B6B066C21E25D394881AB094
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ySi2NBei54heM4gakkqsnUCqymA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.mft
Manifest number: 057C
Signing time: Tue 11 Nov 2025 04:01:09 +0000
Manifest this update: Tue 11 Nov 2025 04:01:09 +0000
Manifest next update: Wed 12 Nov 2025 04:01:09 +0000
Files and hashes: 1: 6MMtZ0p0S3UErh0fFksqehnDVrk.roa (hash: aSANX+R++VciglglpvxzYCwuVSwi4gwoCdbTa6Ro3gg=)
2: ySi2NBei54heM4gakkqsnUCqymA.crl (hash: 7JPYIxksbTuUtVUh83uxV6RvE5LKIwu/tXIk4IqeBmw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ySi2NBei54heM4gakkqsnUCqymA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:1d:91:b6:b0:66:c2:1e:25:d3:94:88:1a:b0:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c928b63417a2e7885e33881a924aac9d40aaca60
Validity
Not Before: Nov 11 04:01:09 2025 GMT
Not After : Nov 12 04:01:09 2025 GMT
Subject: CN=521095353f539149f9a7fa6047aa7f5dfbdbdcb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:32:f8:7d:a7:b3:98:41:0e:b6:5b:01:70:75:
c7:55:42:d8:89:b6:e9:76:c1:ed:2b:94:d3:34:bb:
61:bc:8b:4d:ad:02:7a:b1:d8:5d:0f:ae:f1:bf:2d:
d0:84:9a:4e:94:61:b6:cf:25:d1:e4:17:1e:b4:53:
3f:9c:28:eb:cb:c9:91:ad:ce:14:59:7e:c0:df:b7:
18:db:2a:85:54:0f:2f:e9:50:c3:17:ba:53:b9:e2:
51:9e:c9:09:d1:87:80:99:81:05:96:41:47:41:9f:
fe:dc:d8:ff:8e:84:f8:1b:7c:cd:1b:01:dd:0c:52:
06:f2:cd:1e:8a:64:9a:13:9f:de:25:36:0c:bb:74:
05:04:17:69:d6:f9:ae:1e:40:f1:5c:1d:b1:b6:fe:
18:8b:39:e4:22:4d:52:60:ae:c1:77:31:5f:53:eb:
3f:0f:18:07:f7:40:72:c5:c9:a5:03:ce:16:5c:f2:
46:0c:50:f4:cc:79:6b:21:d1:3f:49:8c:16:62:02:
e5:0d:da:e6:d9:aa:18:8d:45:53:33:eb:f3:64:70:
26:b8:72:eb:4c:11:fb:0a:a6:76:6f:96:95:f3:19:
31:da:62:c2:0e:48:9a:fa:d7:41:13:d3:6e:be:0d:
bc:c3:0e:a0:00:86:67:e7:a5:2b:2b:3f:9b:c6:f7:
2d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:10:95:35:3F:53:91:49:F9:A7:FA:60:47:AA:7F:5D:FB:DB:DC:B8
X509v3 Authority Key Identifier:
keyid:C9:28:B6:34:17:A2:E7:88:5E:33:88:1A:92:4A:AC:9D:40:AA:CA:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ySi2NBei54heM4gakkqsnUCqymA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
93:f3:a8:59:22:be:fb:0d:b1:2d:51:b7:be:9c:99:45:c0:c6:
c6:83:32:cd:7c:bc:2e:40:b1:44:0c:cf:cd:eb:ba:f9:4a:b8:
8a:09:56:cc:a6:06:ea:bc:6a:1c:d8:fb:5f:39:24:00:22:38:
a0:3c:8e:23:10:cb:6a:8d:00:85:09:4d:42:f5:b3:b4:5e:33:
34:29:01:26:f3:e2:d8:3a:97:7f:24:af:4d:35:0c:23:e2:81:
8a:db:8b:58:5b:9d:c5:a3:21:08:8e:fe:08:d8:10:40:dc:a7:
1a:9b:bb:5e:57:97:7f:f9:e5:35:cc:37:92:6b:c9:99:a4:1f:
a8:ee:64:91:ea:f5:59:1e:84:c3:c6:9b:c5:e4:fe:0f:0b:07:
03:fb:10:13:4d:c7:de:13:55:d3:bb:11:bb:1d:06:fa:80:f3:
0d:74:02:ff:15:82:09:74:22:ae:3a:da:79:5f:92:33:0a:0c:
c1:dd:8a:40:e1:4d:e6:ca:8c:c0:c1:81:61:98:6c:14:9a:99:
50:6c:dc:b7:46:20:22:58:4a:7d:d2:ac:44:ef:39:86:6c:29:
c8:59:6f:27:cd:f1:f5:f1:96:4d:45:cd:06:a0:2b:7d:ef:ca:
fe:24:1c:ca:b4:53:b3:92:5f:7d:31:e3:56:57:77:c5:55:04:
3c:e1:8a:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEx2RtrBmwh4l05SIGrCUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MjhiNjM0MTdhMmU3ODg1ZTMzODgxYTkyNGFhYzlkNDBh
YWNhNjAwHhcNMjUxMTExMDQwMTA5WhcNMjUxMTEyMDQwMTA5WjAzMTEwLwYDVQQD
Eyg1MjEwOTUzNTNmNTM5MTQ5ZjlhN2ZhNjA0N2FhN2Y1ZGZiZGJkY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TL4faezmEEOtlsBcHXHVULYibbp
dsHtK5TTNLthvItNrQJ6sdhdD67xvy3QhJpOlGG2zyXR5BcetFM/nCjry8mRrc4U
WX7A37cY2yqFVA8v6VDDF7pTueJRnskJ0YeAmYEFlkFHQZ/+3Nj/joT4G3zNGwHd
DFIG8s0eimSaE5/eJTYMu3QFBBdp1vmuHkDxXB2xtv4YiznkIk1SYK7BdzFfU+s/
DxgH90ByxcmlA84WXPJGDFD0zHlrIdE/SYwWYgLlDdrm2aoYjUVTM+vzZHAmuHLr
TBH7CqZ2b5aV8xkx2mLCDkia+tdBE9Nuvg28ww6gAIZn56UrKz+bxvctzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFIQlTU/U5FJ+af6YEeqf13729y4MB8GA1UdIwQY
MBaAFMkotjQXoueIXjOIGpJKrJ1AqspgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVNpMk5CZWk1NGhlTTRnYWtrcXNuVUNxeW1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi85ZDdlNmEtMGVhZS00MzRmLTlhMzUt
OGM5NzE2MWUwNjJmLzEveVNpMk5CZWk1NGhlTTRnYWtrcXNuVUNxeW1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi85ZDdlNmEtMGVhZS00MzRmLTlhMzUtOGM5NzE2MWUwNjJm
LzEveVNpMk5CZWk1NGhlTTRnYWtrcXNuVUNxeW1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk/OoWSK+
+w2xLVG3vpyZRcDGxoMyzXy8LkCxRAzPzeu6+Uq4iglWzKYG6rxqHNj7XzkkACI4
oDyOIxDLao0AhQlNQvWztF4zNCkBJvPi2DqXfySvTTUMI+KBituLWFudxaMhCI7+
CNgQQNynGpu7XleXf/nlNcw3kmvJmaQfqO5kker1WR6Ew8abxeT+DwsHA/sQE03H
3hNV07sRux0G+oDzDXQC/xWCCXQirjraeV+SMwoMwd2KQOFN5sqMwMGBYZhsFJqZ
UGzct0YgIlhKfdKsRO85hmwpyFlvJ83x9fGWTUXNBqArfe/K/iQcyrRTs5JffTHj
Vld3xVUEPOGKdQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:54:01 2025 by rpki-client