Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/cecd3a-e92a-4509-b590-9f307574051e/1/yDOgOJWSdW5BXN40irvCQxKwLfY.mft
File: yDOgOJWSdW5BXN40irvCQxKwLfY.mft (raw, json)
Hash identifier: 2DG/imOmHOAPKvzMoSV5uFoxSueOCZrmSIhDKNIeafw=
Subject key identifier: C4:6C:2A:C5:F1:EF:D3:BC:6A:C8:FE:30:DD:B0:04:FD:5C:D2:E1:3A
Authority key identifier: C8:33:A0:38:95:92:75:6E:41:5C:DE:34:8A:BB:C2:43:12:B0:2D:F6
Certificate issuer: /CN=c833a0389592756e415cde348abbc24312b02df6
Certificate serial: 019A164E491C0C829C27B203D66F358E7AE3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yDOgOJWSdW5BXN40irvCQxKwLfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/cecd3a-e92a-4509-b590-9f307574051e/1/yDOgOJWSdW5BXN40irvCQxKwLfY.mft
Manifest number: 16F1
Signing time: Fri 24 Oct 2025 13:00:20 +0000
Manifest this update: Fri 24 Oct 2025 13:00:20 +0000
Manifest next update: Sat 25 Oct 2025 13:00:20 +0000
Files and hashes: 1: erRTM1_91VtMTpdLg1tFc8DEnKQ.roa (hash: igv5stthjArSt6knKlRkVvpjhTI9/bVwYZs5FEOn1NI=)
2: yDOgOJWSdW5BXN40irvCQxKwLfY.crl (hash: 9xufkXdIhZiEAXui0hzGft5bALLEIgqFTvI884BI6wI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/cecd3a-e92a-4509-b590-9f307574051e/1/yDOgOJWSdW5BXN40irvCQxKwLfY.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/cecd3a-e92a-4509-b590-9f307574051e/1/yDOgOJWSdW5BXN40irvCQxKwLfY.mft
rsync://rpki.ripe.net/repository/DEFAULT/yDOgOJWSdW5BXN40irvCQxKwLfY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Oct 2025 13:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:16:4e:49:1c:0c:82:9c:27:b2:03:d6:6f:35:8e:7a:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c833a0389592756e415cde348abbc24312b02df6
Validity
Not Before: Oct 24 13:00:20 2025 GMT
Not After : Oct 25 13:00:20 2025 GMT
Subject: CN=c46c2ac5f1efd3bc6ac8fe30ddb004fd5cd2e13a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:01:16:9a:a5:0c:49:b1:66:f0:55:d9:3c:f8:
28:2e:76:f7:a1:8d:b6:55:df:9b:0b:29:a8:93:a4:
af:16:34:97:a1:6a:6f:83:74:f3:bc:26:76:cd:f3:
55:c4:0e:c9:dc:dd:4b:09:04:4e:c0:a9:bb:0b:7b:
a0:5b:00:41:a8:68:e4:5a:c3:39:a4:81:37:33:57:
73:8b:ec:db:0a:32:48:a0:66:6c:c2:fd:48:e7:5a:
64:67:5e:b5:96:7d:3b:a6:70:70:91:5e:66:92:0e:
4d:f2:8d:7c:97:65:8f:a6:3f:d3:93:e2:a1:be:3d:
3e:31:6d:f1:a9:3c:eb:a2:57:37:fc:60:2a:17:bb:
0a:bb:d1:35:38:af:d1:27:32:25:f0:cc:b6:11:a8:
25:4e:45:eb:12:20:c9:28:e7:f9:9d:9f:03:d8:e7:
02:ad:14:71:b9:df:1d:64:d3:7f:bb:2e:fb:d1:8d:
d0:fb:1e:38:d7:0b:c0:55:86:d5:c7:47:03:93:a7:
61:48:2c:a4:32:25:4c:1a:e3:33:bd:0e:e1:88:56:
97:7e:7d:22:4f:b9:78:53:27:d3:90:7f:f1:03:c7:
f4:37:b3:9e:28:84:31:9a:57:aa:af:88:01:3e:96:
de:78:6a:78:10:fe:65:0f:91:57:66:6b:9e:cb:b4:
72:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:6C:2A:C5:F1:EF:D3:BC:6A:C8:FE:30:DD:B0:04:FD:5C:D2:E1:3A
X509v3 Authority Key Identifier:
keyid:C8:33:A0:38:95:92:75:6E:41:5C:DE:34:8A:BB:C2:43:12:B0:2D:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yDOgOJWSdW5BXN40irvCQxKwLfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/cecd3a-e92a-4509-b590-9f307574051e/1/yDOgOJWSdW5BXN40irvCQxKwLfY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/cecd3a-e92a-4509-b590-9f307574051e/1/yDOgOJWSdW5BXN40irvCQxKwLfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bd:41:43:23:b5:46:f4:ba:c6:70:a4:fa:f6:5a:33:c9:f9:72:
d2:39:12:bb:82:54:fd:60:81:d9:50:d9:28:8b:75:df:cd:92:
72:25:37:0f:7e:1d:51:40:99:b0:f6:2f:da:5d:9e:ed:9c:f2:
63:1e:96:b7:84:f4:81:0d:24:f9:e5:b9:34:d3:de:20:0e:b5:
63:82:f3:b4:62:e4:56:04:5b:14:0b:cd:30:96:c4:c4:c3:86:
04:9d:68:14:53:25:04:90:cf:64:76:29:a9:1c:bc:58:ee:e9:
9b:52:d4:00:44:04:1b:a2:bf:51:9d:bb:66:e3:58:66:47:e0:
85:3b:a5:cf:44:fb:2e:1a:ab:df:4b:0e:b3:30:74:b6:22:50:
86:08:b4:ef:51:d9:ad:51:e3:64:ac:bc:cc:97:35:50:45:b7:
a2:98:bb:95:25:95:ce:3a:80:58:3d:c1:e5:74:94:0c:88:d2:
5d:05:40:9b:4f:72:92:40:be:85:ce:45:f3:f1:45:8d:84:92:
b4:55:92:22:5e:40:88:11:d2:1c:34:fb:71:ac:15:6a:bf:23:
de:32:60:70:03:9d:15:c2:c0:ce:8e:59:f2:f6:57:75:aa:32:
4b:49:68:e8:94:d0:2c:4d:5c:e4:01:4c:1c:85:d4:ac:89:94:
d6:09:40:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoWTkkcDIKcJ7ID1m81jnrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MzNhMDM4OTU5Mjc1NmU0MTVjZGUzNDhhYmJjMjQzMTJi
MDJkZjYwHhcNMjUxMDI0MTMwMDIwWhcNMjUxMDI1MTMwMDIwWjAzMTEwLwYDVQQD
EyhjNDZjMmFjNWYxZWZkM2JjNmFjOGZlMzBkZGIwMDRmZDVjZDJlMTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQEWmqUMSbFm8FXZPPgoLnb3oY22
Vd+bCymok6SvFjSXoWpvg3TzvCZ2zfNVxA7J3N1LCQROwKm7C3ugWwBBqGjkWsM5
pIE3M1dzi+zbCjJIoGZswv1I51pkZ161ln07pnBwkV5mkg5N8o18l2WPpj/Tk+Kh
vj0+MW3xqTzrolc3/GAqF7sKu9E1OK/RJzIl8My2EaglTkXrEiDJKOf5nZ8D2OcC
rRRxud8dZNN/uy770Y3Q+x441wvAVYbVx0cDk6dhSCykMiVMGuMzvQ7hiFaXfn0i
T7l4UyfTkH/xA8f0N7OeKIQxmleqr4gBPpbeeGp4EP5lD5FXZmuey7RyHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMRsKsXx79O8asj+MN2wBP1c0uE6MB8GA1UdIwQY
MBaAFMgzoDiVknVuQVzeNIq7wkMSsC32MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveURPZ09KV1NkVzVCWE40MGlydkNReEt3TGZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9jZWNkM2EtZTkyYS00NTA5LWI1OTAt
OWYzMDc1NzQwNTFlLzEveURPZ09KV1NkVzVCWE40MGlydkNReEt3TGZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9jZWNkM2EtZTkyYS00NTA5LWI1OTAtOWYzMDc1NzQwNTFl
LzEveURPZ09KV1NkVzVCWE40MGlydkNReEt3TGZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvUFDI7VG
9LrGcKT69lozyfly0jkSu4JU/WCB2VDZKIt1382SciU3D34dUUCZsPYv2l2e7Zzy
Yx6Wt4T0gQ0k+eW5NNPeIA61Y4LztGLkVgRbFAvNMJbExMOGBJ1oFFMlBJDPZHYp
qRy8WO7pm1LUAEQEG6K/UZ27ZuNYZkfghTulz0T7Lhqr30sOszB0tiJQhgi071HZ
rVHjZKy8zJc1UEW3opi7lSWVzjqAWD3B5XSUDIjSXQVAm09ykkC+hc5F8/FFjYSS
tFWSIl5AiBHSHDT7cawVar8j3jJgcAOdFcLAzo5Z8vZXdaoyS0lo6JTQLE1c5AFM
HIXUrImU1glA5Q==
-----END CERTIFICATE-----
Generated at Fri Oct 24 19:18:44 2025 by rpki-client