Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
File: yalITKcIq3cesduQuvyKEUwsPXk.mft (raw, json)
Hash identifier: mVk/5xj3rJnqTsWXSge+fWtvnznhG+0YWUGJTTH6yMM=
Subject key identifier: AA:DD:DD:A0:E6:C9:AD:84:1A:F1:4D:B7:A5:69:14:9C:FF:3B:6C:3B
Authority key identifier: C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
Certificate issuer: /CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Certificate serial: 019A0BCB3606E9CE3F985FE0567908D4849A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
Manifest number: 16EB
Signing time: Wed 22 Oct 2025 12:00:58 +0000
Manifest this update: Wed 22 Oct 2025 12:00:58 +0000
Manifest next update: Thu 23 Oct 2025 12:00:58 +0000
Files and hashes: 1: __KLjvjgMO1LuKrx6zZXZJBcRtk.roa (hash: kZSjdOtgx956Q9WcOxsnl5QBMbkPJAPdg2gED1ZbQy4=)
2: xmOvbRNpbfTNvGRi0NGmoChwF8k.roa (hash: 7oU4y3FJaTZ6zlZMUwxbLqzJR9lqEVzJSwfHVW5xI4s=)
3: yalITKcIq3cesduQuvyKEUwsPXk.crl (hash: FmlMLiRh6rve1Ob9R+yGkcw14UbnDYjOM5WQukZprV8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 12:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0b:cb:36:06:e9:ce:3f:98:5f:e0:56:79:08:d4:84:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Validity
Not Before: Oct 22 12:00:58 2025 GMT
Not After : Oct 23 12:00:58 2025 GMT
Subject: CN=aadddda0e6c9ad841af14db7a569149cff3b6c3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7a:f4:b8:25:b2:8e:c8:76:fd:3c:c1:f4:e5:
64:e8:f7:cf:14:4f:6d:fd:5a:c9:a5:ab:76:1c:d2:
0c:64:8e:83:c9:90:d1:47:05:f8:c3:d3:88:b8:9e:
54:ce:5f:1e:04:de:94:5d:cc:c0:15:d1:dc:f3:6e:
b8:b5:db:c5:a4:7f:63:60:53:bc:89:3e:98:d1:88:
7d:d1:86:7e:66:99:44:2c:54:01:aa:1b:67:c1:4e:
00:9f:f3:24:96:4f:f3:61:38:b6:b0:6c:d4:66:cc:
15:30:5b:88:c7:0c:44:e6:8e:b2:64:48:bd:ad:5c:
ae:31:25:9f:63:c2:0b:c4:74:6d:76:22:b7:b4:fc:
39:ef:d4:98:7b:c5:90:bb:1d:db:a7:87:0b:e1:d5:
81:18:21:7b:06:0f:ad:8e:e5:0c:ac:42:eb:99:68:
a6:55:55:27:09:2a:ec:14:a4:c5:55:2b:0f:0d:ad:
98:c8:99:5b:19:be:aa:d4:5b:b6:78:c8:15:ac:a6:
11:67:1a:d1:89:36:65:a0:04:21:9e:dc:a6:95:10:
2a:19:73:b1:61:d4:34:cc:df:2e:e0:6f:de:2e:4c:
d8:fc:4d:c5:3a:76:44:4e:37:5b:5a:84:92:3d:12:
f7:0d:30:92:0a:1f:4f:6b:f2:aa:62:67:05:58:0c:
31:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:DD:DD:A0:E6:C9:AD:84:1A:F1:4D:B7:A5:69:14:9C:FF:3B:6C:3B
X509v3 Authority Key Identifier:
keyid:C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:5d:a4:b8:2c:50:2a:53:1c:7e:07:cd:e0:a8:96:b2:15:a1:
20:0f:0d:32:1b:4b:b1:f1:54:89:6a:b6:b7:07:d9:e1:ad:20:
ec:c8:54:fc:70:69:1d:9e:37:ea:e3:7b:84:5c:44:09:52:b5:
01:f3:3e:7b:86:6b:78:8b:28:c5:d0:b5:d8:f5:37:38:64:d5:
c0:6c:4d:96:14:fb:d7:51:ae:11:a1:fb:66:ef:a1:74:c3:77:
cd:cc:c3:14:94:ba:6c:63:3e:c5:0f:f9:dd:28:f8:09:b0:34:
e5:60:91:6f:0a:8f:1c:81:48:95:9e:4b:33:be:b2:84:b7:39:
32:8e:4c:fe:6a:ac:43:0e:84:ab:dc:3d:ea:c0:dd:6a:44:ba:
8e:de:c7:97:ef:2a:5c:45:48:86:86:c4:a5:4f:7a:32:ee:17:
0b:b9:e6:e6:5f:95:72:b8:b6:e7:a0:a2:c5:a1:c6:a7:68:2f:
18:b9:16:30:aa:91:a3:f9:56:6d:2e:57:f8:78:ec:9e:91:e7:
8e:02:0a:20:2b:4e:a5:a7:ca:88:90:a3:dd:10:ba:1e:60:0e:
9e:c5:e8:11:a1:8d:c8:6d:47:33:a3:21:03:fb:44:9e:de:79:
c5:22:25:53:0c:35:7c:b3:40:1c:26:33:00:7e:42:af:7c:7a:
e7:7f:5b:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoLyzYG6c4/mF/gVnkI1ISaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YTk0ODRjYTcwOGFiNzcxZWIxZGI5MGJhZmM4YTExNGMy
YzNkNzkwHhcNMjUxMDIyMTIwMDU4WhcNMjUxMDIzMTIwMDU4WjAzMTEwLwYDVQQD
EyhhYWRkZGRhMGU2YzlhZDg0MWFmMTRkYjdhNTY5MTQ5Y2ZmM2I2YzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Xr0uCWyjsh2/TzB9OVk6PfPFE9t
/VrJpat2HNIMZI6DyZDRRwX4w9OIuJ5Uzl8eBN6UXczAFdHc8264tdvFpH9jYFO8
iT6Y0Yh90YZ+ZplELFQBqhtnwU4An/Mklk/zYTi2sGzUZswVMFuIxwxE5o6yZEi9
rVyuMSWfY8ILxHRtdiK3tPw579SYe8WQux3bp4cL4dWBGCF7Bg+tjuUMrELrmWim
VVUnCSrsFKTFVSsPDa2YyJlbGb6q1Fu2eMgVrKYRZxrRiTZloAQhntymlRAqGXOx
YdQ0zN8u4G/eLkzY/E3FOnZETjdbWoSSPRL3DTCSCh9Pa/KqYmcFWAwxCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKrd3aDmya2EGvFNt6VpFJz/O2w7MB8GA1UdIwQY
MBaAFMmpSEynCKt3HrHbkLr8ihFMLD15MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAt
ZDA1MTdkYjI2ZGFkLzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAtZDA1MTdkYjI2ZGFk
LzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE12kuCxQ
KlMcfgfN4KiWshWhIA8NMhtLsfFUiWq2twfZ4a0g7MhU/HBpHZ436uN7hFxECVK1
AfM+e4ZreIsoxdC12PU3OGTVwGxNlhT711GuEaH7Zu+hdMN3zczDFJS6bGM+xQ/5
3Sj4CbA05WCRbwqPHIFIlZ5LM76yhLc5Mo5M/mqsQw6Eq9w96sDdakS6jt7Hl+8q
XEVIhobEpU96Mu4XC7nm5l+Vcri256CixaHGp2gvGLkWMKqRo/lWbS5X+HjsnpHn
jgIKICtOpafKiJCj3RC6HmAOnsXoEaGNyG1HM6MhA/tEnt55xSIlUww1fLNAHCYz
AH5Cr3x6539bug==
-----END CERTIFICATE-----
Generated at Wed Oct 22 22:33:13 2025 by rpki-client