Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/23f532-fe86-4198-8c3b-4d43f66ab731/1/YUnLuj5mKb6uv7aWaGeK2lF0SJg.mft
File: YUnLuj5mKb6uv7aWaGeK2lF0SJg.mft (raw, json)
Hash identifier: c3TB/qfzUK54MHz6O2KCOmwIELUI38ptye2f9nqaFEA=
Subject key identifier: 2B:17:AB:71:A2:F5:1D:56:86:69:32:E5:85:DE:03:4B:A1:BD:CA:AE
Authority key identifier: 61:49:CB:BA:3E:66:29:BE:AE:BF:B6:96:68:67:8A:DA:51:74:48:98
Certificate issuer: /CN=6149cbba3e6629beaebfb69668678ada51744898
Certificate serial: 019D38D30A731E1F522411AAC8540BBB94F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YUnLuj5mKb6uv7aWaGeK2lF0SJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/23f532-fe86-4198-8c3b-4d43f66ab731/1/YUnLuj5mKb6uv7aWaGeK2lF0SJg.mft
Manifest number: 15B8
Signing time: Sun 29 Mar 2026 09:00:47 +0000
Manifest this update: Sun 29 Mar 2026 09:00:47 +0000
Manifest next update: Mon 30 Mar 2026 09:00:47 +0000
Files and hashes: 1: YUnLuj5mKb6uv7aWaGeK2lF0SJg.crl (hash: 7qseFJF1iQyrE4UeE5PO9DRWeNBvdVRur08GM4YOU/g=)
2: v872mIxxwSGV2ha6Yd9jq9CMUao.roa (hash: 1G9sBjvfPqj7U0dttH4sUsWBNP9ecKYoKzenyr22mAM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/23f532-fe86-4198-8c3b-4d43f66ab731/1/YUnLuj5mKb6uv7aWaGeK2lF0SJg.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/23f532-fe86-4198-8c3b-4d43f66ab731/1/YUnLuj5mKb6uv7aWaGeK2lF0SJg.mft
rsync://rpki.ripe.net/repository/DEFAULT/YUnLuj5mKb6uv7aWaGeK2lF0SJg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:0a:73:1e:1f:52:24:11:aa:c8:54:0b:bb:94:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6149cbba3e6629beaebfb69668678ada51744898
Validity
Not Before: Mar 29 09:00:47 2026 GMT
Not After : Mar 30 09:00:47 2026 GMT
Subject: CN=2b17ab71a2f51d56866932e585de034ba1bdcaae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b5:0d:94:66:71:a0:26:f0:fc:c0:75:cc:83:
31:0e:59:cf:77:8a:14:17:25:b7:29:05:cf:ec:29:
79:00:35:8e:6b:98:b6:03:c4:50:70:5f:98:5b:3b:
08:3a:80:0d:8a:36:24:50:f7:ad:30:e9:f8:bb:81:
f8:5d:bc:ae:b9:d3:c6:81:a7:5a:7e:d9:2b:98:0a:
04:72:0d:26:aa:ee:06:16:4f:12:9a:06:c7:82:bd:
87:c6:6a:4c:0a:8c:b1:28:9d:f7:18:c1:94:a9:be:
10:86:7c:9b:52:c7:87:ec:3c:b3:d1:b9:fc:e0:24:
65:29:92:93:76:e9:8c:b6:9d:17:c8:a8:4d:53:4d:
26:da:e4:ff:e8:60:c8:18:5c:bc:8d:89:36:e7:42:
58:da:1c:88:2f:55:fa:f0:3c:d0:24:14:30:1b:38:
dd:fb:89:4a:49:04:88:79:ce:5a:1a:81:2b:46:ce:
26:1e:a7:c2:b7:2b:25:16:49:d2:17:d9:a9:e7:51:
58:dd:56:73:78:e0:51:16:42:26:3d:6e:c8:a8:86:
e7:74:2b:a8:aa:39:53:27:65:81:95:aa:3f:08:dd:
85:df:ab:d8:c7:4b:85:17:6d:48:13:b7:e6:c2:fe:
19:d1:6a:8a:02:d2:8c:31:f3:9f:9e:2c:6f:91:68:
b5:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:17:AB:71:A2:F5:1D:56:86:69:32:E5:85:DE:03:4B:A1:BD:CA:AE
X509v3 Authority Key Identifier:
keyid:61:49:CB:BA:3E:66:29:BE:AE:BF:B6:96:68:67:8A:DA:51:74:48:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YUnLuj5mKb6uv7aWaGeK2lF0SJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/23f532-fe86-4198-8c3b-4d43f66ab731/1/YUnLuj5mKb6uv7aWaGeK2lF0SJg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/23f532-fe86-4198-8c3b-4d43f66ab731/1/YUnLuj5mKb6uv7aWaGeK2lF0SJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:7e:55:5c:b2:c0:a7:fc:ca:0f:bf:b7:94:a7:c5:d2:cf:ed:
45:c2:4f:f3:de:5b:99:02:b1:db:19:8b:f4:2c:3f:28:15:bc:
fe:c1:8b:c6:20:61:b7:7e:8c:c9:1f:f1:42:96:78:36:a4:7c:
4d:48:27:2e:84:bd:0f:94:df:72:3a:1a:b7:61:1c:37:5a:e1:
b0:2c:f7:46:b9:cd:4c:0d:eb:8e:dd:6c:70:3c:65:9e:4c:f2:
55:1e:b3:4b:51:fa:ae:19:36:de:df:94:ce:05:61:05:15:d8:
be:55:57:a4:85:1d:d7:b7:87:5c:3c:73:27:09:6f:4d:de:5b:
00:ce:1d:32:53:50:96:56:61:d8:39:3d:e2:c2:2f:c0:82:58:
dd:3f:ce:48:f7:20:11:30:09:77:e4:0f:1d:35:80:c7:56:01:
8c:10:06:e4:98:37:46:b3:17:95:f7:58:5f:f7:0b:db:cc:18:
9b:ee:a1:88:72:b8:2e:0c:8c:df:92:c2:83:27:fb:3e:84:fb:
e1:a4:6c:d7:ec:96:da:db:a8:1e:ae:0a:20:bc:31:4f:c5:a5:
d5:17:c5:69:fc:74:38:e4:fd:97:ce:c4:93:61:37:a2:f9:56:
28:16:b7:52:3b:3d:c5:0d:7d:57:a2:cb:57:13:71:89:af:ed:
36:b3:9d:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040wpzHh9SJBGqyFQLu5TzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNDljYmJhM2U2NjI5YmVhZWJmYjY5NjY4Njc4YWRhNTE3
NDQ4OTgwHhcNMjYwMzI5MDkwMDQ3WhcNMjYwMzMwMDkwMDQ3WjAzMTEwLwYDVQQD
EygyYjE3YWI3MWEyZjUxZDU2ODY2OTMyZTU4NWRlMDM0YmExYmRjYWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLUNlGZxoCbw/MB1zIMxDlnPd4oU
FyW3KQXP7Cl5ADWOa5i2A8RQcF+YWzsIOoANijYkUPetMOn4u4H4XbyuudPGgada
ftkrmAoEcg0mqu4GFk8SmgbHgr2HxmpMCoyxKJ33GMGUqb4QhnybUseH7Dyz0bn8
4CRlKZKTdumMtp0XyKhNU00m2uT/6GDIGFy8jYk250JY2hyIL1X68DzQJBQwGzjd
+4lKSQSIec5aGoErRs4mHqfCtyslFknSF9mp51FY3VZzeOBRFkImPW7IqIbndCuo
qjlTJ2WBlao/CN2F36vYx0uFF21IE7fmwv4Z0WqKAtKMMfOfnixvkWi1FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCsXq3Gi9R1Whmky5YXeA0uhvcquMB8GA1UdIwQY
MBaAFGFJy7o+Zim+rr+2lmhnitpRdEiYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVVuTHVqNW1LYjZ1djdhV2FHZUsybEYwU0pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yM2Y1MzItZmU4Ni00MTk4LThjM2It
NGQ0M2Y2NmFiNzMxLzEvWVVuTHVqNW1LYjZ1djdhV2FHZUsybEYwU0pnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yM2Y1MzItZmU4Ni00MTk4LThjM2ItNGQ0M2Y2NmFiNzMx
LzEvWVVuTHVqNW1LYjZ1djdhV2FHZUsybEYwU0pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWX5VXLLA
p/zKD7+3lKfF0s/tRcJP895bmQKx2xmL9Cw/KBW8/sGLxiBht36MyR/xQpZ4NqR8
TUgnLoS9D5Tfcjoat2EcN1rhsCz3RrnNTA3rjt1scDxlnkzyVR6zS1H6rhk23t+U
zgVhBRXYvlVXpIUd17eHXDxzJwlvTd5bAM4dMlNQllZh2Dk94sIvwIJY3T/OSPcg
ETAJd+QPHTWAx1YBjBAG5Jg3RrMXlfdYX/cL28wYm+6hiHK4LgyM35LCgyf7PoT7
4aRs1+yW2tuoHq4KILwxT8Wl1RfFafx0OOT9l87Ek2E3ovlWKBa3Ujs9xQ19V6LL
VxNxia/tNrOd2Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:31:50 2026 by rpki-client