Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/ee5e47-4e29-4603-b962-0e0046c8a87b/1/yjNIUNrzcSIFIBmSKevekO8osBg.mft
File: yjNIUNrzcSIFIBmSKevekO8osBg.mft (raw, json)
Hash identifier: D8oEdNKDYoEJkB0HvfPsjgvsRqiduTuyagzZhoW/wqE=
Subject key identifier: F0:5C:40:B6:5D:0F:65:AB:9E:1B:DE:BD:73:AF:C0:2A:8D:4B:8A:2B
Authority key identifier: CA:33:48:50:DA:F3:71:22:05:20:19:92:29:EB:DE:90:EF:28:B0:18
Certificate issuer: /CN=ca334850daf371220520199229ebde90ef28b018
Certificate serial: 019A72CA8774A9E3F05E6923455D92CA2A35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjNIUNrzcSIFIBmSKevekO8osBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/ee5e47-4e29-4603-b962-0e0046c8a87b/1/yjNIUNrzcSIFIBmSKevekO8osBg.mft
Manifest number: 079C
Signing time: Tue 11 Nov 2025 12:01:06 +0000
Manifest this update: Tue 11 Nov 2025 12:01:06 +0000
Manifest next update: Wed 12 Nov 2025 12:01:06 +0000
Files and hashes: 1: 6eOqvZGDKFDuA6yXPPPze8WOsrA.roa (hash: ERZvSVqw/o5/S8YL0KRBFbpGBsSfCd4T3Hhjomrg6eY=)
2: yjNIUNrzcSIFIBmSKevekO8osBg.crl (hash: WgFP3YtTmKmO7GFMyC9AlyUnd9tBm8kboSBg4yZ9I4Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/ee5e47-4e29-4603-b962-0e0046c8a87b/1/yjNIUNrzcSIFIBmSKevekO8osBg.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/ee5e47-4e29-4603-b962-0e0046c8a87b/1/yjNIUNrzcSIFIBmSKevekO8osBg.mft
rsync://rpki.ripe.net/repository/DEFAULT/yjNIUNrzcSIFIBmSKevekO8osBg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:87:74:a9:e3:f0:5e:69:23:45:5d:92:ca:2a:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca334850daf371220520199229ebde90ef28b018
Validity
Not Before: Nov 11 12:01:06 2025 GMT
Not After : Nov 12 12:01:06 2025 GMT
Subject: CN=f05c40b65d0f65ab9e1bdebd73afc02a8d4b8a2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:79:9e:3a:42:3a:7f:59:86:c0:65:d8:e8:6f:
1f:21:da:34:21:da:10:f8:a7:af:b7:0c:0a:e4:d1:
ef:06:f8:b7:3e:c0:24:12:fe:43:1c:d5:6f:02:2f:
56:ba:f7:b2:96:e4:4c:d6:61:ac:f6:26:ab:7e:d9:
83:69:2f:d5:c1:3d:02:a3:da:46:71:fd:cc:8a:ac:
9a:b4:a1:21:12:1f:23:08:9e:01:44:0b:30:05:7f:
b2:cc:cf:c3:8b:a3:d2:14:0e:75:24:23:e4:6b:85:
d7:86:90:ca:aa:d8:17:c5:9f:50:a6:fa:ef:30:97:
9a:f5:f7:b2:05:9b:0b:61:eb:82:78:d4:00:69:3f:
4a:bd:ff:29:3f:15:13:a9:94:ba:3c:31:72:e8:21:
06:4c:fe:16:54:3a:cb:be:ec:fa:83:7b:8d:b8:45:
9b:6b:76:49:1c:1d:5b:b2:59:46:74:08:5f:b4:59:
bf:5f:04:1e:f3:60:1c:ce:7f:41:e3:30:c6:37:e2:
ae:cc:60:c2:33:8b:17:d6:59:95:37:38:8d:70:f9:
2c:f2:92:a0:96:d9:38:4d:38:42:e1:e8:13:0b:8b:
a8:12:44:96:f6:29:fd:b7:3d:05:a5:4c:76:37:62:
11:2a:f0:86:af:2a:c9:d5:c4:dc:f3:ca:bb:d7:47:
c9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:5C:40:B6:5D:0F:65:AB:9E:1B:DE:BD:73:AF:C0:2A:8D:4B:8A:2B
X509v3 Authority Key Identifier:
keyid:CA:33:48:50:DA:F3:71:22:05:20:19:92:29:EB:DE:90:EF:28:B0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjNIUNrzcSIFIBmSKevekO8osBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/ee5e47-4e29-4603-b962-0e0046c8a87b/1/yjNIUNrzcSIFIBmSKevekO8osBg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/ee5e47-4e29-4603-b962-0e0046c8a87b/1/yjNIUNrzcSIFIBmSKevekO8osBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:eb:29:23:96:e5:38:e0:34:89:d8:15:0e:0f:c7:f1:56:15:
34:6d:09:9e:76:42:32:7a:d7:83:a1:02:dc:9d:39:27:2c:d0:
77:5e:12:ab:ea:47:1a:ea:59:d9:45:13:d2:08:f4:a2:11:d2:
78:a4:43:70:8a:c1:3a:7d:4a:a9:db:d1:d9:5b:95:88:88:6a:
bb:f7:07:9e:85:f3:1e:bd:3b:04:f4:f6:83:19:85:64:35:fa:
16:58:1c:18:fe:7d:1d:f0:2e:e2:63:64:1c:39:b3:3f:f8:81:
32:17:13:b3:04:c8:17:96:08:d7:4b:96:50:9c:74:5c:b9:41:
af:88:0e:09:74:c5:02:2e:47:ad:fb:ce:b0:d3:cd:13:ba:51:
09:78:41:d5:20:7a:40:7b:c9:56:16:f4:67:09:5b:1e:88:02:
e3:1c:73:35:e5:61:d4:e9:ec:50:30:a0:3b:62:8e:41:4c:ca:
6a:90:a6:c6:50:b8:1d:05:be:61:a5:ab:e7:04:47:fe:da:a2:
40:58:8b:51:8f:3e:8e:0c:1a:e9:0a:69:05:6e:cf:da:8b:10:
22:6b:67:ea:b0:01:72:4d:95:d3:ef:52:be:56:8d:28:78:eb:
a9:a5:25:3f:ae:c0:53:6d:28:80:ac:b9:7a:80:f3:93:93:b1:
f3:e0:ea:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyod0qePwXmkjRV2Syio1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMzM0ODUwZGFmMzcxMjIwNTIwMTk5MjI5ZWJkZTkwZWYy
OGIwMTgwHhcNMjUxMTExMTIwMTA2WhcNMjUxMTEyMTIwMTA2WjAzMTEwLwYDVQQD
EyhmMDVjNDBiNjVkMGY2NWFiOWUxYmRlYmQ3M2FmYzAyYThkNGI4YTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnmeOkI6f1mGwGXY6G8fIdo0IdoQ
+KevtwwK5NHvBvi3PsAkEv5DHNVvAi9WuveyluRM1mGs9iarftmDaS/VwT0Co9pG
cf3MiqyatKEhEh8jCJ4BRAswBX+yzM/Di6PSFA51JCPka4XXhpDKqtgXxZ9Qpvrv
MJea9feyBZsLYeuCeNQAaT9Kvf8pPxUTqZS6PDFy6CEGTP4WVDrLvuz6g3uNuEWb
a3ZJHB1bsllGdAhftFm/XwQe82Aczn9B4zDGN+KuzGDCM4sX1lmVNziNcPks8pKg
ltk4TThC4egTC4uoEkSW9in9tz0FpUx2N2IRKvCGryrJ1cTc88q710fJfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPBcQLZdD2WrnhvevXOvwCqNS4orMB8GA1UdIwQY
MBaAFMozSFDa83EiBSAZkinr3pDvKLAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWpOSVVOcnpjU0lGSUJtU0tldmVrTzhvc0JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lZTVlNDctNGUyOS00NjAzLWI5NjIt
MGUwMDQ2YzhhODdiLzEveWpOSVVOcnpjU0lGSUJtU0tldmVrTzhvc0JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lZTVlNDctNGUyOS00NjAzLWI5NjItMGUwMDQ2YzhhODdi
LzEveWpOSVVOcnpjU0lGSUJtU0tldmVrTzhvc0JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALuspI5bl
OOA0idgVDg/H8VYVNG0JnnZCMnrXg6EC3J05JyzQd14Sq+pHGupZ2UUT0gj0ohHS
eKRDcIrBOn1KqdvR2VuViIhqu/cHnoXzHr07BPT2gxmFZDX6FlgcGP59HfAu4mNk
HDmzP/iBMhcTswTIF5YI10uWUJx0XLlBr4gOCXTFAi5HrfvOsNPNE7pRCXhB1SB6
QHvJVhb0ZwlbHogC4xxzNeVh1OnsUDCgO2KOQUzKapCmxlC4HQW+YaWr5wRH/tqi
QFiLUY8+jgwa6QppBW7P2osQImtn6rABck2V0+9SvlaNKHjrqaUlP67AU20ogKy5
eoDzk5Ox8+Dqxw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:16:14 2025 by rpki-client