Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
File: yalITKcIq3cesduQuvyKEUwsPXk.mft (raw, json)
Hash identifier: CfL5H4H2QrpSIUv842e3Xrq+Vv+0VrrGyNrlu4ULfFA=
Subject key identifier: 0E:55:A6:8C:FF:03:C0:20:87:EF:74:17:F1:35:A7:4D:2E:23:5E:AB
Authority key identifier: C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
Certificate issuer: /CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Certificate serial: 019E9D063CBA45A6A0CB96F9661808BDD9CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
Manifest number: 1949
Signing time: Sat 06 Jun 2026 13:01:32 +0000
Manifest this update: Sat 06 Jun 2026 13:01:32 +0000
Manifest next update: Sun 07 Jun 2026 13:01:32 +0000
Files and hashes: 1: 3eahbNs7sLSlMwMQAPIK4WlF5S0.roa (hash: iShcDJZ7gmNtw4FSGePEabrCqu38c4kHe0CrQJ2Q7ow=)
2: MuKPEjpSeKLvjqZfVopVa-G44-Y.roa (hash: gXY94gXYWU1Pqibv85vvI+18JY770F42380MRYt28Gc=)
3: yalITKcIq3cesduQuvyKEUwsPXk.crl (hash: czDB10qXqpQnCxAd/Lf+N2an3qsHB9bPnQDKBBUfn/g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:9d:06:3c:ba:45:a6:a0:cb:96:f9:66:18:08:bd:d9:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Validity
Not Before: Jun 6 13:01:32 2026 GMT
Not After : Jun 7 13:01:32 2026 GMT
Subject: CN=0e55a68cff03c02087ef7417f135a74d2e235eab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:61:8a:e3:39:df:e6:f7:76:5b:c4:f1:4f:49:
dd:f1:48:62:47:de:b0:98:a9:e8:a7:66:cb:41:39:
34:8e:47:7b:70:c3:78:f6:e8:ba:83:00:92:e7:05:
d0:6f:05:80:d5:c7:19:a6:bc:6b:30:ee:d8:52:0a:
e3:69:9b:32:96:fd:50:dc:e6:00:ce:18:8e:47:7c:
a5:dd:91:b9:e9:73:e7:41:c3:d7:d3:fe:d9:68:59:
b6:3e:a9:6a:fa:df:b0:d1:b1:8e:6d:0e:51:a2:06:
81:68:d1:c0:15:5e:63:50:b1:6d:86:c2:a0:16:63:
84:2d:62:92:9d:3e:4a:d3:a5:af:7a:40:73:b4:29:
11:fd:58:c7:46:85:00:da:59:11:60:72:17:6d:fc:
74:3f:f4:d9:b0:42:f9:68:8c:4b:c6:a8:95:b3:30:
af:10:37:47:93:b0:2d:7a:38:ca:4a:cd:c6:52:65:
a4:80:44:bc:f5:b8:41:6c:8a:1c:82:c0:39:84:1b:
57:8f:9b:c8:d8:d6:02:22:62:9b:a2:1f:bd:25:b0:
9f:3b:58:4c:b2:ff:64:d1:67:6c:a1:0e:1d:0d:6a:
02:df:d3:f3:ae:c0:6d:ce:76:b7:df:74:02:fa:3a:
d8:9f:b2:9d:41:b6:68:a5:bb:62:9f:2c:03:4c:69:
f3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:55:A6:8C:FF:03:C0:20:87:EF:74:17:F1:35:A7:4D:2E:23:5E:AB
X509v3 Authority Key Identifier:
keyid:C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:74:e2:ca:cb:8d:92:15:08:4c:5f:fe:3c:64:90:0d:74:d9:
85:ef:28:0b:b5:cc:73:9f:21:cd:38:87:db:61:78:96:9c:f1:
72:0c:97:5b:be:4d:76:11:71:35:0e:3a:f2:40:c0:f1:9e:08:
30:01:da:c2:db:64:9f:3f:de:23:d4:0c:0c:9f:d0:fd:4e:85:
0e:14:15:8a:41:14:61:01:1e:09:db:05:33:7b:0e:80:b5:12:
c2:04:a6:40:11:e5:fe:5d:a1:44:f6:6e:72:da:9d:56:9f:85:
15:e6:eb:18:7e:17:ff:aa:7b:e8:fe:81:4e:08:a0:eb:51:0b:
cd:48:1d:58:7c:83:e4:d1:0b:76:f1:8e:4e:ce:de:b0:97:11:
45:3e:f2:cd:8d:9a:48:89:49:fc:4d:bc:f5:03:9b:69:69:bb:
3a:81:43:38:0b:cc:d4:b6:c9:16:2a:6f:ab:81:87:bc:c5:03:
b5:62:04:dd:f7:72:31:0c:21:d3:a6:50:80:34:4a:2b:69:bb:
6f:50:c6:89:dc:1a:63:b5:2b:b5:30:b8:f3:13:80:9c:91:3d:
33:3a:78:d6:b2:17:e6:8a:43:b4:be:6b:42:a0:36:a6:8b:ec:
5a:ba:e1:e3:75:1b:b2:46:a2:e1:ca:5a:46:bb:cb:53:c7:b0:
51:be:88:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6dBjy6Raagy5b5ZhgIvdnOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YTk0ODRjYTcwOGFiNzcxZWIxZGI5MGJhZmM4YTExNGMy
YzNkNzkwHhcNMjYwNjA2MTMwMTMyWhcNMjYwNjA3MTMwMTMyWjAzMTEwLwYDVQQD
EygwZTU1YTY4Y2ZmMDNjMDIwODdlZjc0MTdmMTM1YTc0ZDJlMjM1ZWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GGK4znf5vd2W8TxT0nd8UhiR96w
mKnop2bLQTk0jkd7cMN49ui6gwCS5wXQbwWA1ccZprxrMO7YUgrjaZsylv1Q3OYA
zhiOR3yl3ZG56XPnQcPX0/7ZaFm2Pqlq+t+w0bGObQ5RogaBaNHAFV5jULFthsKg
FmOELWKSnT5K06WvekBztCkR/VjHRoUA2lkRYHIXbfx0P/TZsEL5aIxLxqiVszCv
EDdHk7AtejjKSs3GUmWkgES89bhBbIocgsA5hBtXj5vI2NYCImKboh+9JbCfO1hM
sv9k0WdsoQ4dDWoC39PzrsBtzna333QC+jrYn7KdQbZopbtinywDTGnzOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA5Vpoz/A8Agh+90F/E1p00uI16rMB8GA1UdIwQY
MBaAFMmpSEynCKt3HrHbkLr8ihFMLD15MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAt
ZDA1MTdkYjI2ZGFkLzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAtZDA1MTdkYjI2ZGFk
LzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG3TiysuN
khUITF/+PGSQDXTZhe8oC7XMc58hzTiH22F4lpzxcgyXW75NdhFxNQ468kDA8Z4I
MAHawttknz/eI9QMDJ/Q/U6FDhQVikEUYQEeCdsFM3sOgLUSwgSmQBHl/l2hRPZu
ctqdVp+FFebrGH4X/6p76P6BTgig61ELzUgdWHyD5NELdvGOTs7esJcRRT7yzY2a
SIlJ/E289QObaWm7OoFDOAvM1LbJFipvq4GHvMUDtWIE3fdyMQwh06ZQgDRKK2m7
b1DGidwaY7UrtTC48xOAnJE9Mzp41rIX5opDtL5rQqA2povsWrrh43Ubskai4cpa
RrvLU8ewUb6Iqw==
-----END CERTIFICATE-----
Generated at Sat Jun 6 18:05:46 2026 by rpki-client