Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/78aad1-d61f-416e-af4c-93637d4168bd/1/y34FPHGZWsyb8TM_55w9W_1ulk4.mft
File: y34FPHGZWsyb8TM_55w9W_1ulk4.mft (raw, json)
Hash identifier: pPKRmXyWcKRzxIqZvXdMruHCriQR2hvNGArLoNMzjJM=
Subject key identifier: 8B:AF:71:3E:B1:A9:C4:D8:A5:D7:7F:C2:BF:41:4D:D4:C8:E2:D2:F0
Authority key identifier: CB:7E:05:3C:71:99:5A:CC:9B:F1:33:3F:E7:9C:3D:5B:FD:6E:96:4E
Certificate issuer: /CN=cb7e053c71995acc9bf1333fe79c3d5bfd6e964e
Certificate serial: 019A711323254D6BDD81667D14A1F3BD430B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y34FPHGZWsyb8TM_55w9W_1ulk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/78aad1-d61f-416e-af4c-93637d4168bd/1/y34FPHGZWsyb8TM_55w9W_1ulk4.mft
Manifest number: 0D8D
Signing time: Tue 11 Nov 2025 04:01:10 +0000
Manifest this update: Tue 11 Nov 2025 04:01:10 +0000
Manifest next update: Wed 12 Nov 2025 04:01:10 +0000
Files and hashes: 1: OY3T_xG0jFJ_6yc5NmhmVJsNZOM.roa (hash: af8mlEBnTxkbr73XYFoiiYy6suBahBU1dHobCDHfy/U=)
2: y34FPHGZWsyb8TM_55w9W_1ulk4.crl (hash: SuE27yuivT4iUFctIrqdLQrjmf3zq7NAuEqoe0K9vK8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/78aad1-d61f-416e-af4c-93637d4168bd/1/y34FPHGZWsyb8TM_55w9W_1ulk4.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/78aad1-d61f-416e-af4c-93637d4168bd/1/y34FPHGZWsyb8TM_55w9W_1ulk4.mft
rsync://rpki.ripe.net/repository/DEFAULT/y34FPHGZWsyb8TM_55w9W_1ulk4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:23:25:4d:6b:dd:81:66:7d:14:a1:f3:bd:43:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb7e053c71995acc9bf1333fe79c3d5bfd6e964e
Validity
Not Before: Nov 11 04:01:10 2025 GMT
Not After : Nov 12 04:01:10 2025 GMT
Subject: CN=8baf713eb1a9c4d8a5d77fc2bf414dd4c8e2d2f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ef:55:ff:33:f1:68:e3:ba:16:4e:32:0b:26:
8b:19:eb:ae:90:3e:f3:eb:eb:45:ee:41:67:7e:23:
6e:0f:a5:56:bc:a9:c5:07:db:93:e0:6e:ba:c6:67:
2e:01:57:88:f8:43:31:28:3d:fb:eb:e1:5f:dc:6a:
1b:a6:e4:25:fd:85:63:fd:03:09:5c:6b:36:3f:e6:
30:4f:b8:e3:65:e8:03:df:6e:ea:57:a1:da:1e:cd:
d8:3a:bd:1f:c2:4a:22:1b:54:41:1d:a5:aa:67:55:
b3:f7:b9:58:a1:a5:6b:0c:a3:1e:e8:20:16:0c:7f:
cf:9d:35:e9:6d:e5:3f:a8:b5:43:4f:10:53:18:8a:
33:55:32:be:b6:8b:fe:6a:54:68:21:45:15:46:64:
c2:42:a2:6a:99:90:f0:e7:c2:e3:6b:42:e3:11:9f:
ed:4a:2b:66:49:7b:c1:11:00:8c:a2:c2:a4:3b:9e:
f4:b4:93:f6:c2:54:39:a5:ea:4e:54:a6:34:09:59:
f3:66:8b:06:15:34:85:07:ca:5b:0c:ec:ee:af:33:
e3:d3:f2:55:67:4e:ba:1f:b8:6d:47:cf:dc:cb:50:
cd:4e:ef:2a:e5:4b:18:7a:18:5a:0a:fa:42:f7:ee:
ad:4f:32:0b:f3:8d:2a:16:7c:7b:d7:3e:5c:4e:68:
a8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:AF:71:3E:B1:A9:C4:D8:A5:D7:7F:C2:BF:41:4D:D4:C8:E2:D2:F0
X509v3 Authority Key Identifier:
keyid:CB:7E:05:3C:71:99:5A:CC:9B:F1:33:3F:E7:9C:3D:5B:FD:6E:96:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y34FPHGZWsyb8TM_55w9W_1ulk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/78aad1-d61f-416e-af4c-93637d4168bd/1/y34FPHGZWsyb8TM_55w9W_1ulk4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/78aad1-d61f-416e-af4c-93637d4168bd/1/y34FPHGZWsyb8TM_55w9W_1ulk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:db:ca:41:71:af:48:28:aa:50:cf:37:68:94:d2:b1:aa:de:
ad:97:80:05:2f:04:02:d0:b4:43:95:a7:90:e5:c2:f0:19:82:
f5:77:cd:ab:38:29:bb:fc:21:0c:be:3a:92:6c:b8:50:49:08:
f0:24:55:f5:91:d5:35:16:d9:12:2f:bf:43:73:d2:3e:06:79:
cb:c7:04:82:68:6b:5f:fe:18:d6:26:c4:4d:bf:e5:58:09:51:
b7:c0:c0:33:e5:11:97:01:66:e5:a9:47:8f:c9:92:df:9c:34:
ff:57:15:e8:b0:23:26:be:72:95:6c:af:9f:d5:88:2a:cc:14:
a2:63:0d:93:66:1d:a0:cd:63:a5:02:b5:41:35:bb:bf:59:00:
e3:4b:70:e2:b4:56:9b:31:15:86:62:1d:28:c1:81:97:c8:1a:
61:35:2c:6e:bc:3b:72:36:f6:16:4a:cd:ac:07:be:f0:72:60:
50:56:d8:42:80:c4:d8:c3:97:ff:5e:0e:6f:15:a9:70:c5:59:
72:be:2c:ea:11:9c:dd:85:e7:25:d7:ca:ea:b6:80:b6:5d:cd:
ff:dc:7a:b8:84:d9:12:b6:b2:ea:0c:fc:c8:9e:d0:2c:27:06:
2b:b3:1c:82:fd:59:a9:41:19:52:af:78:a8:33:67:1e:44:98:
ea:86:a9:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEyMlTWvdgWZ9FKHzvUMLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiN2UwNTNjNzE5OTVhY2M5YmYxMzMzZmU3OWMzZDViZmQ2
ZTk2NGUwHhcNMjUxMTExMDQwMTEwWhcNMjUxMTEyMDQwMTEwWjAzMTEwLwYDVQQD
Eyg4YmFmNzEzZWIxYTljNGQ4YTVkNzdmYzJiZjQxNGRkNGM4ZTJkMmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuO9V/zPxaOO6Fk4yCyaLGeuukD7z
6+tF7kFnfiNuD6VWvKnFB9uT4G66xmcuAVeI+EMxKD376+Ff3GobpuQl/YVj/QMJ
XGs2P+YwT7jjZegD327qV6HaHs3YOr0fwkoiG1RBHaWqZ1Wz97lYoaVrDKMe6CAW
DH/PnTXpbeU/qLVDTxBTGIozVTK+tov+alRoIUUVRmTCQqJqmZDw58Lja0LjEZ/t
SitmSXvBEQCMosKkO570tJP2wlQ5pepOVKY0CVnzZosGFTSFB8pbDOzurzPj0/JV
Z066H7htR8/cy1DNTu8q5UsYehhaCvpC9+6tTzIL840qFnx71z5cTmiokwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIuvcT6xqcTYpdd/wr9BTdTI4tLwMB8GA1UdIwQY
MBaAFMt+BTxxmVrMm/EzP+ecPVv9bpZOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTM0RlBIR1pXc3liOFRNXzU1dzlXXzF1bGs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83OGFhZDEtZDYxZi00MTZlLWFmNGMt
OTM2MzdkNDE2OGJkLzEveTM0RlBIR1pXc3liOFRNXzU1dzlXXzF1bGs0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS83OGFhZDEtZDYxZi00MTZlLWFmNGMtOTM2MzdkNDE2OGJk
LzEveTM0RlBIR1pXc3liOFRNXzU1dzlXXzF1bGs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMNvKQXGv
SCiqUM83aJTSsarerZeABS8EAtC0Q5WnkOXC8BmC9XfNqzgpu/whDL46kmy4UEkI
8CRV9ZHVNRbZEi+/Q3PSPgZ5y8cEgmhrX/4Y1ibETb/lWAlRt8DAM+URlwFm5alH
j8mS35w0/1cV6LAjJr5ylWyvn9WIKswUomMNk2YdoM1jpQK1QTW7v1kA40tw4rRW
mzEVhmIdKMGBl8gaYTUsbrw7cjb2FkrNrAe+8HJgUFbYQoDE2MOX/14ObxWpcMVZ
cr4s6hGc3YXnJdfK6raAtl3N/9x6uITZEray6gz8yJ7QLCcGK7Mcgv1ZqUEZUq94
qDNnHkSY6oapNw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:45 2025 by rpki-client