Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/cecd3a-e92a-4509-b590-9f307574051e/1/yDOgOJWSdW5BXN40irvCQxKwLfY.mft
File: yDOgOJWSdW5BXN40irvCQxKwLfY.mft (raw, json)
Hash identifier: 37CLzDirtXVmh7KwC2a7btIfJ5PcGvmoh9W0Ws/KwpM=
Subject key identifier: 17:B1:3F:84:E7:5E:1D:36:6B:D8:A9:9D:DD:02:D4:67:46:88:90:FE
Authority key identifier: C8:33:A0:38:95:92:75:6E:41:5C:DE:34:8A:BB:C2:43:12:B0:2D:F6
Certificate issuer: /CN=c833a0389592756e415cde348abbc24312b02df6
Certificate serial: 019D371B7CF790CBB1B0A55689C836F3362D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yDOgOJWSdW5BXN40irvCQxKwLfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/cecd3a-e92a-4509-b590-9f307574051e/1/yDOgOJWSdW5BXN40irvCQxKwLfY.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 01:00:41 +0000
Manifest this update: Sun 29 Mar 2026 01:00:41 +0000
Manifest next update: Mon 30 Mar 2026 01:00:41 +0000
Files and hashes: 1: 3TtBL0qA5kisjEdyIAiW0RrkR5Y.roa (hash: IIwZ4eNX/TnLbTOdzNJ7spbedu7ExR/vuLghC48r7Rc=)
2: yDOgOJWSdW5BXN40irvCQxKwLfY.crl (hash: cgwyqNZa0+XOe4HdCsgU0KyulAZyj4yi29E+2lj2esw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/cecd3a-e92a-4509-b590-9f307574051e/1/yDOgOJWSdW5BXN40irvCQxKwLfY.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/cecd3a-e92a-4509-b590-9f307574051e/1/yDOgOJWSdW5BXN40irvCQxKwLfY.mft
rsync://rpki.ripe.net/repository/DEFAULT/yDOgOJWSdW5BXN40irvCQxKwLfY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 01:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:1b:7c:f7:90:cb:b1:b0:a5:56:89:c8:36:f3:36:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c833a0389592756e415cde348abbc24312b02df6
Validity
Not Before: Mar 29 01:00:41 2026 GMT
Not After : Mar 30 01:00:41 2026 GMT
Subject: CN=17b13f84e75e1d366bd8a99ddd02d467468890fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:99:c8:7f:c3:d1:b9:31:0a:82:c7:2e:e6:f8:
c3:72:26:44:0d:54:ca:67:b6:01:fe:79:33:0d:47:
6e:a6:7d:37:2c:ee:4d:52:3d:90:a7:1b:93:85:28:
7f:98:a8:b0:d8:5a:51:6e:bb:ac:df:e5:cb:97:5f:
d0:87:8f:da:d9:28:77:b9:00:75:0f:96:5c:1a:61:
35:2e:12:65:e5:32:e7:9a:b3:f3:2c:75:f2:c3:38:
00:ba:a1:cb:63:8d:df:99:6f:d2:1f:3f:ba:5d:e5:
7f:5d:87:8b:5a:d6:9b:96:e2:48:33:09:0b:a9:f0:
9c:88:d5:c0:9c:b9:79:79:31:ef:f2:0c:f6:9f:5a:
6d:6b:a0:fc:80:b0:51:bb:e6:3c:b8:2d:ad:04:26:
17:a3:6b:7e:26:32:42:99:45:4e:6e:76:3c:f6:c3:
a2:db:a6:42:7b:ef:cd:0c:39:5d:29:3e:f2:10:a9:
6e:2c:a0:f7:9b:3c:02:c1:a4:4f:f0:96:d8:09:bc:
37:a8:f5:73:9f:ce:e5:fc:b1:9c:63:59:4a:df:98:
6b:7b:5c:7c:77:e3:ab:e6:80:e6:f2:26:ca:9e:32:
41:a1:af:c3:88:e2:0c:7f:6a:01:98:de:31:e1:d9:
cf:c7:c0:88:64:c2:df:51:cf:23:b1:92:1e:94:53:
89:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B1:3F:84:E7:5E:1D:36:6B:D8:A9:9D:DD:02:D4:67:46:88:90:FE
X509v3 Authority Key Identifier:
keyid:C8:33:A0:38:95:92:75:6E:41:5C:DE:34:8A:BB:C2:43:12:B0:2D:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yDOgOJWSdW5BXN40irvCQxKwLfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/cecd3a-e92a-4509-b590-9f307574051e/1/yDOgOJWSdW5BXN40irvCQxKwLfY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/cecd3a-e92a-4509-b590-9f307574051e/1/yDOgOJWSdW5BXN40irvCQxKwLfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:d8:4f:04:f7:41:5b:78:54:4b:89:93:ca:6f:ae:fc:98:5a:
43:06:3b:e5:55:54:08:3b:d3:5b:98:b4:16:c7:42:7b:09:df:
2f:a3:ef:63:50:d6:89:4c:d2:11:9e:8b:2f:ee:bb:51:96:b7:
c0:0b:c9:94:0f:58:3e:26:8f:d6:8f:6a:a9:bd:a3:31:ea:e2:
a6:af:c3:3d:b8:24:b5:68:f4:b8:a1:90:6c:7a:92:85:7e:67:
3d:5c:5e:e8:e3:1a:cf:89:ae:e2:59:6e:60:67:84:bd:39:c1:
46:1d:c3:a4:1a:9d:65:9e:e7:27:18:19:5c:5e:84:47:a6:af:
95:f1:87:00:1f:c7:4b:3d:f6:02:a8:1b:40:b1:20:32:9c:7f:
d6:f6:69:4f:f0:2d:fd:50:61:f0:4c:b8:5c:36:4c:ea:1b:df:
12:5c:88:cb:23:67:35:88:9e:5a:5a:e1:73:df:0f:91:b6:a6:
11:0c:c3:2d:26:68:50:07:49:89:2a:2b:2b:60:a4:e0:13:cd:
5c:37:bd:9b:c8:6b:ff:21:58:fc:ce:6d:07:c2:99:72:88:e1:
48:20:ba:d0:8d:f1:80:c6:30:15:5e:90:19:1f:4d:59:c1:14:
ea:7a:25:63:22:40:01:75:0d:99:0f:af:7b:02:80:36:a3:eb:
c6:d2:a6:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G3z3kMuxsKVWicg28zYtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MzNhMDM4OTU5Mjc1NmU0MTVjZGUzNDhhYmJjMjQzMTJi
MDJkZjYwHhcNMjYwMzI5MDEwMDQxWhcNMjYwMzMwMDEwMDQxWjAzMTEwLwYDVQQD
EygxN2IxM2Y4NGU3NWUxZDM2NmJkOGE5OWRkZDAyZDQ2NzQ2ODg5MGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpnIf8PRuTEKgscu5vjDciZEDVTK
Z7YB/nkzDUdupn03LO5NUj2QpxuThSh/mKiw2FpRbrus3+XLl1/Qh4/a2Sh3uQB1
D5ZcGmE1LhJl5TLnmrPzLHXywzgAuqHLY43fmW/SHz+6XeV/XYeLWtabluJIMwkL
qfCciNXAnLl5eTHv8gz2n1pta6D8gLBRu+Y8uC2tBCYXo2t+JjJCmUVObnY89sOi
26ZCe+/NDDldKT7yEKluLKD3mzwCwaRP8JbYCbw3qPVzn87l/LGcY1lK35hre1x8
d+Or5oDm8ibKnjJBoa/DiOIMf2oBmN4x4dnPx8CIZMLfUc8jsZIelFOJaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBexP4TnXh02a9ipnd0C1GdGiJD+MB8GA1UdIwQY
MBaAFMgzoDiVknVuQVzeNIq7wkMSsC32MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveURPZ09KV1NkVzVCWE40MGlydkNReEt3TGZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9jZWNkM2EtZTkyYS00NTA5LWI1OTAt
OWYzMDc1NzQwNTFlLzEveURPZ09KV1NkVzVCWE40MGlydkNReEt3TGZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9jZWNkM2EtZTkyYS00NTA5LWI1OTAtOWYzMDc1NzQwNTFl
LzEveURPZ09KV1NkVzVCWE40MGlydkNReEt3TGZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKthPBPdB
W3hUS4mTym+u/JhaQwY75VVUCDvTW5i0FsdCewnfL6PvY1DWiUzSEZ6LL+67UZa3
wAvJlA9YPiaP1o9qqb2jMeripq/DPbgktWj0uKGQbHqShX5nPVxe6OMaz4mu4llu
YGeEvTnBRh3DpBqdZZ7nJxgZXF6ER6avlfGHAB/HSz32AqgbQLEgMpx/1vZpT/At
/VBh8Ey4XDZM6hvfElyIyyNnNYieWlrhc98PkbamEQzDLSZoUAdJiSorK2Ck4BPN
XDe9m8hr/yFY/M5tB8KZcojhSCC60I3xgMYwFV6QGR9NWcEU6nolYyJAAXUNmQ+v
ewKANqPrxtKmlg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:13:05 2026 by rpki-client