Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
File: yalITKcIq3cesduQuvyKEUwsPXk.mft (raw, json)
Hash identifier: jmmS8FjkVGHWxGOESmDhw2BGgFazp4YVzPTM/mvz0lw=
Subject key identifier: C5:B4:B3:EC:E4:B0:3B:4D:E6:96:6A:9C:2E:85:96:2E:10:B9:E9:55
Authority key identifier: C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
Certificate issuer: /CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Certificate serial: 019DB16B143D8F8ACC8086B59B78AEA35CF0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
Manifest number: 18CF
Signing time: Tue 21 Apr 2026 19:01:17 +0000
Manifest this update: Tue 21 Apr 2026 19:01:17 +0000
Manifest next update: Wed 22 Apr 2026 19:01:17 +0000
Files and hashes: 1: 3eahbNs7sLSlMwMQAPIK4WlF5S0.roa (hash: iShcDJZ7gmNtw4FSGePEabrCqu38c4kHe0CrQJ2Q7ow=)
2: MuKPEjpSeKLvjqZfVopVa-G44-Y.roa (hash: gXY94gXYWU1Pqibv85vvI+18JY770F42380MRYt28Gc=)
3: yalITKcIq3cesduQuvyKEUwsPXk.crl (hash: ujA7fnF0yqqNebwBvPDokkVfGnYSTMeHpm3sujqTStw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 19:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b1:6b:14:3d:8f:8a:cc:80:86:b5:9b:78:ae:a3:5c:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Validity
Not Before: Apr 21 19:01:17 2026 GMT
Not After : Apr 22 19:01:17 2026 GMT
Subject: CN=c5b4b3ece4b03b4de6966a9c2e85962e10b9e955
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6e:20:87:5a:64:fc:34:3b:c9:e3:e2:25:64:
71:71:04:f5:01:f5:dc:53:71:d3:cd:26:de:f0:91:
1c:ab:b3:5c:48:d3:42:9e:9b:da:a4:a5:45:e8:bd:
64:c4:84:ad:51:45:94:01:f1:0b:36:4e:a1:c5:58:
c4:b4:df:56:98:af:ec:e3:f7:92:02:e5:1d:d4:ea:
f3:6b:4c:1a:86:5a:e5:54:d3:3a:31:30:bf:84:b7:
b9:65:ee:4a:dc:62:c2:5f:b4:7b:60:17:8e:63:fd:
f1:ce:ac:05:eb:59:dc:bb:a7:b5:e4:87:a5:1c:f5:
61:9f:ce:b6:0b:9b:2e:0c:a7:55:4e:6d:f7:15:10:
5b:d4:91:15:d8:a6:a7:36:d8:fb:af:3e:64:dc:1b:
a1:27:df:90:82:ae:48:03:aa:c4:e4:49:8d:31:54:
a6:e2:ca:be:d8:39:65:da:24:c3:78:34:f2:29:09:
45:24:17:9b:55:2e:cc:e5:c8:23:61:1e:f2:8d:5f:
20:ac:48:47:79:41:63:68:da:e9:6d:3f:16:b1:78:
08:a9:17:37:80:e2:71:cd:d2:70:3f:6d:b4:76:3c:
57:51:78:c4:d0:8a:e4:90:6f:bf:89:cc:39:5c:9e:
a9:fb:76:f2:c5:2c:6c:d0:28:41:4a:44:cd:cb:93:
ff:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B4:B3:EC:E4:B0:3B:4D:E6:96:6A:9C:2E:85:96:2E:10:B9:E9:55
X509v3 Authority Key Identifier:
keyid:C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:0a:ec:25:2b:e0:e3:e6:bb:e8:be:cf:77:e6:7a:84:b7:56:
0f:7f:ed:f4:53:bd:2f:90:8d:81:72:e3:f4:5b:b8:ac:79:df:
19:2d:42:d7:64:cd:8b:9d:65:e4:ad:c8:42:7d:41:1f:e9:5b:
0a:f4:a2:84:5e:45:91:a3:1f:ba:02:51:a0:22:bd:36:37:20:
8e:78:ac:04:22:6f:2b:40:a5:9a:b2:5b:41:11:bc:51:8e:48:
fa:82:fb:24:4a:03:d2:76:cc:ed:20:16:77:86:72:b3:39:93:
c9:95:01:c6:1e:d4:86:af:07:ff:c9:94:c2:46:14:0d:b2:5a:
0c:d4:eb:f3:32:4b:b1:22:c7:8b:9f:00:df:63:13:d8:0e:48:
5f:91:6d:0c:d5:0b:3b:73:19:d0:21:fb:f9:5e:c7:37:a9:e5:
3d:3f:81:fa:93:ce:7f:a6:41:f3:49:5d:05:2c:f1:a2:6c:7b:
df:7a:67:dd:3b:ac:c9:8a:06:fd:6b:fd:5e:06:ad:a8:04:10:
ee:75:59:a2:92:54:7b:59:63:15:05:77:41:b0:af:ed:83:9f:
06:f6:3d:58:5f:c5:e3:ad:d8:aa:ab:28:c9:02:47:e8:4e:62:
15:41:4f:0e:45:83:71:38:76:2b:ab:6f:07:f5:5b:5e:13:a0:
75:f3:57:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2xaxQ9j4rMgIa1m3iuo1zwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YTk0ODRjYTcwOGFiNzcxZWIxZGI5MGJhZmM4YTExNGMy
YzNkNzkwHhcNMjYwNDIxMTkwMTE3WhcNMjYwNDIyMTkwMTE3WjAzMTEwLwYDVQQD
EyhjNWI0YjNlY2U0YjAzYjRkZTY5NjZhOWMyZTg1OTYyZTEwYjllOTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsm4gh1pk/DQ7yePiJWRxcQT1AfXc
U3HTzSbe8JEcq7NcSNNCnpvapKVF6L1kxIStUUWUAfELNk6hxVjEtN9WmK/s4/eS
AuUd1Orza0wahlrlVNM6MTC/hLe5Ze5K3GLCX7R7YBeOY/3xzqwF61ncu6e15Iel
HPVhn862C5suDKdVTm33FRBb1JEV2KanNtj7rz5k3BuhJ9+Qgq5IA6rE5EmNMVSm
4sq+2Dll2iTDeDTyKQlFJBebVS7M5cgjYR7yjV8grEhHeUFjaNrpbT8WsXgIqRc3
gOJxzdJwP220djxXUXjE0IrkkG+/icw5XJ6p+3byxSxs0ChBSkTNy5P/hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMW0s+zksDtN5pZqnC6Fli4QuelVMB8GA1UdIwQY
MBaAFMmpSEynCKt3HrHbkLr8ihFMLD15MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAt
ZDA1MTdkYjI2ZGFkLzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAtZDA1MTdkYjI2ZGFk
LzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOArsJSvg
4+a76L7Pd+Z6hLdWD3/t9FO9L5CNgXLj9Fu4rHnfGS1C12TNi51l5K3IQn1BH+lb
CvSihF5FkaMfugJRoCK9NjcgjnisBCJvK0ClmrJbQRG8UY5I+oL7JEoD0nbM7SAW
d4ZyszmTyZUBxh7Uhq8H/8mUwkYUDbJaDNTr8zJLsSLHi58A32MT2A5IX5FtDNUL
O3MZ0CH7+V7HN6nlPT+B+pPOf6ZB80ldBSzxomx733pn3TusyYoG/Wv9XgatqAQQ
7nVZopJUe1ljFQV3QbCv7YOfBvY9WF/F463YqqsoyQJH6E5iFUFPDkWDcTh2K6tv
B/VbXhOgdfNXZw==
-----END CERTIFICATE-----
Generated at Wed Apr 22 04:08:21 2026 by rpki-client