Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
File: y78j_5hnaDYlSUYv4JLGMV6sykA.mft (raw, json)
Hash identifier: d0MxdKDxD4I85JlVUnkUf/WwhFYS3oLoze3f0Vhum/s=
Subject key identifier: 84:49:33:02:78:0D:53:94:66:73:C6:42:0D:FF:FF:F7:11:E7:5C:64
Authority key identifier: CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40
Certificate issuer: /CN=cbbf23ff986768362549462fe092c6315eacca40
Certificate serial: 019A7337F48A3373953A87DF5CE3C7375BA9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 14:00:38 +0000
Manifest this update: Tue 11 Nov 2025 14:00:38 +0000
Manifest next update: Wed 12 Nov 2025 14:00:38 +0000
Files and hashes: 1: a0gi81K4PU-mZZPSh82aNeLjsVI.roa (hash: Id1bqvDurbpWKdNvf29qBzclAu3m5HKcR5Kg3lRHGKE=)
2: y78j_5hnaDYlSUYv4JLGMV6sykA.crl (hash: J5bwTg6jJMlOh7ZZJsVzL96R3JjmVjB48ONiPFi74uY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:37:f4:8a:33:73:95:3a:87:df:5c:e3:c7:37:5b:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbbf23ff986768362549462fe092c6315eacca40
Validity
Not Before: Nov 11 14:00:38 2025 GMT
Not After : Nov 12 14:00:38 2025 GMT
Subject: CN=84493302780d53946673c6420dfffff711e75c64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:01:ad:97:c4:a7:2f:56:53:96:86:16:fd:ad:
9d:5b:b1:e0:fc:6f:08:c2:a1:4c:e8:bd:82:d1:ba:
13:65:b2:4a:d4:a0:21:3c:0f:86:07:48:8a:97:f7:
ec:46:4e:9d:94:72:e7:52:5d:86:9a:02:8f:5a:c3:
22:22:34:f0:77:fa:e5:2d:f1:de:36:ce:85:be:cc:
df:1e:ec:0c:75:41:00:c8:f3:54:0b:3e:08:e9:60:
bd:f1:b0:96:b0:3e:0d:85:ba:ee:0b:46:b1:1c:5a:
92:1c:10:dd:7d:ad:a9:58:e4:ca:ab:34:07:5c:fd:
57:28:a3:d0:32:4f:33:de:18:1c:6f:a2:c8:07:1f:
3b:fb:41:92:9a:dd:21:6e:46:5e:16:00:19:7f:52:
30:05:6e:14:c3:8b:97:2a:cd:17:16:b6:1b:f3:a5:
51:22:15:e8:2d:9f:0d:40:93:e6:8f:d5:95:d3:73:
ad:b4:9c:78:97:7a:43:1c:73:76:5c:71:d2:3e:74:
e9:ec:c4:a2:aa:7a:0e:d9:f7:dd:76:5f:64:17:80:
20:23:e4:81:31:d2:8e:f7:5e:38:37:52:55:be:7a:
9d:73:6d:84:bf:63:78:ba:15:8a:9c:44:87:12:2c:
60:df:f3:00:b9:c7:30:89:01:16:69:02:20:14:d2:
5a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:49:33:02:78:0D:53:94:66:73:C6:42:0D:FF:FF:F7:11:E7:5C:64
X509v3 Authority Key Identifier:
keyid:CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:c5:9b:92:ab:98:a2:b2:2d:89:4e:da:6e:5e:9c:c7:53:55:
2a:40:6e:c0:7a:b8:a9:79:ed:a8:de:c6:d7:79:50:6a:03:0a:
5f:d7:ed:e3:79:a7:f4:d8:43:1c:2d:0e:50:89:59:25:23:e8:
ab:46:8f:d7:eb:e5:7e:1d:01:7a:b9:8a:24:74:98:7b:82:91:
c7:be:bb:bf:fa:98:68:22:21:83:f7:42:a6:eb:48:f4:ca:59:
e7:46:98:25:f7:83:40:02:b7:dd:a3:90:43:3b:19:d5:4e:c6:
9c:b1:54:98:87:bb:c5:c7:a4:38:20:1d:87:30:0c:3d:27:c8:
71:90:41:6e:29:28:24:7e:75:0a:2e:8c:84:44:d5:bf:f2:4b:
fa:f6:91:db:bd:a1:0a:44:1d:b4:ec:72:c0:5d:4b:29:4d:f6:
01:01:b9:ea:61:f1:b3:8a:44:94:c0:19:36:8c:57:85:ec:e0:
94:b3:c9:6c:af:b4:7c:e0:dc:8c:0f:c4:08:48:67:c5:0f:28:
2c:94:21:fe:8b:f7:8b:4f:92:20:73:fe:57:ed:d4:1e:91:f9:
fe:b5:d3:61:81:14:9a:71:5b:83:02:81:f9:c8:96:4b:d5:c7:
b4:ec:69:8a:ec:56:4e:c6:d3:7f:a0:84:20:b9:78:0e:fd:b1:
3d:2b:18:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzN/SKM3OVOoffXOPHN1upMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYmYyM2ZmOTg2NzY4MzYyNTQ5NDYyZmUwOTJjNjMxNWVh
Y2NhNDAwHhcNMjUxMTExMTQwMDM4WhcNMjUxMTEyMTQwMDM4WjAzMTEwLwYDVQQD
Eyg4NDQ5MzMwMjc4MGQ1Mzk0NjY3M2M2NDIwZGZmZmZmNzExZTc1YzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQGtl8SnL1ZTloYW/a2dW7Hg/G8I
wqFM6L2C0boTZbJK1KAhPA+GB0iKl/fsRk6dlHLnUl2GmgKPWsMiIjTwd/rlLfHe
Ns6FvszfHuwMdUEAyPNUCz4I6WC98bCWsD4NhbruC0axHFqSHBDdfa2pWOTKqzQH
XP1XKKPQMk8z3hgcb6LIBx87+0GSmt0hbkZeFgAZf1IwBW4Uw4uXKs0XFrYb86VR
IhXoLZ8NQJPmj9WV03OttJx4l3pDHHN2XHHSPnTp7MSiqnoO2ffddl9kF4AgI+SB
MdKO9144N1JVvnqdc22Ev2N4uhWKnESHEixg3/MAuccwiQEWaQIgFNJamwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRJMwJ4DVOUZnPGQg3///cR51xkMB8GA1UdIwQY
MBaAFMu/I/+YZ2g2JUlGL+CSxjFerMpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjct
ODU0MTgyZjA5ZWY1LzEveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjctODU0MTgyZjA5ZWY1
LzEveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADcWbkquY
orItiU7abl6cx1NVKkBuwHq4qXntqN7G13lQagMKX9ft43mn9NhDHC0OUIlZJSPo
q0aP1+vlfh0BermKJHSYe4KRx767v/qYaCIhg/dCputI9MpZ50aYJfeDQAK33aOQ
QzsZ1U7GnLFUmIe7xcekOCAdhzAMPSfIcZBBbikoJH51Ci6MhETVv/JL+vaR272h
CkQdtOxywF1LKU32AQG56mHxs4pElMAZNoxXhezglLPJbK+0fODcjA/ECEhnxQ8o
LJQh/ov3i0+SIHP+V+3UHpH5/rXTYYEUmnFbgwKB+ciWS9XHtOxpiuxWTsbTf6CE
ILl4Dv2xPSsYaA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:48:56 2025 by rpki-client