Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft
File: YsTHQ9XCr88n8QTrbgMWEWyFx94.mft (raw, json)
Hash identifier: wdSxL8zTwBGvzNPt8Jn06we97VCXAkQpnTJVkFyOZ+4=
Subject key identifier: 45:BF:90:83:67:BE:B6:14:C0:ED:FD:4A:D6:B8:CF:33:B4:F7:07:FE
Authority key identifier: 62:C4:C7:43:D5:C2:AF:CF:27:F1:04:EB:6E:03:16:11:6C:85:C7:DE
Certificate issuer: /CN=62c4c743d5c2afcf27f104eb6e0316116c85c7de
Certificate serial: 019A330EDCF96FC6F4999DEA8DFAB71076C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YsTHQ9XCr88n8QTrbgMWEWyFx94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft
Manifest number: 0CCA
Signing time: Thu 30 Oct 2025 03:00:03 +0000
Manifest this update: Thu 30 Oct 2025 03:00:03 +0000
Manifest next update: Fri 31 Oct 2025 03:00:03 +0000
Files and hashes: 1: O5Qp4JElVe0um1Rnuz-9xQyVCpc.roa (hash: 73YKFKe5WyNrwSKLy76+GejDIV4ldqnve1bMw3FlzZM=)
2: YsTHQ9XCr88n8QTrbgMWEWyFx94.crl (hash: eR8NPvyYRz05V4Z5zanaCRAqGyu73iYqwHzIH1ctnAg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft
rsync://rpki.ripe.net/repository/DEFAULT/YsTHQ9XCr88n8QTrbgMWEWyFx94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 Oct 2025 01:21:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:33:0e:dc:f9:6f:c6:f4:99:9d:ea:8d:fa:b7:10:76:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62c4c743d5c2afcf27f104eb6e0316116c85c7de
Validity
Not Before: Oct 30 03:00:03 2025 GMT
Not After : Oct 31 03:00:03 2025 GMT
Subject: CN=45bf908367beb614c0edfd4ad6b8cf33b4f707fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:65:a4:05:9d:2f:e9:92:14:58:cc:6c:ae:ec:
aa:14:d1:b9:0d:57:ff:11:88:91:1a:78:a6:9d:f0:
71:4c:7c:48:05:7f:eb:55:f2:4a:b1:05:b9:8f:97:
72:ec:9a:e2:7b:e4:89:df:6f:91:9c:1f:45:d8:a7:
3e:88:37:86:22:4b:b7:b1:7a:f6:33:bf:69:dd:97:
c1:b6:f4:9b:28:f3:07:55:ba:cc:b0:a9:df:5b:d3:
9f:85:1b:f9:fe:ec:a7:fd:e3:ec:dc:06:44:11:b4:
a8:88:59:e0:b4:c1:2f:98:24:d3:18:11:e5:d3:6e:
e7:a5:af:9e:b4:96:9a:94:98:cf:d6:ec:54:c9:c9:
e5:85:7b:53:3a:57:0e:f4:9b:99:77:9e:66:7e:5f:
28:56:c2:ae:3b:2b:1b:86:f5:b1:44:57:26:57:97:
3f:0f:91:0b:6b:d3:24:53:d3:56:fa:4c:30:37:9b:
a9:bd:23:cf:95:f7:6b:94:a9:04:7a:1f:0f:4a:d5:
a6:8b:02:bb:4b:a6:79:6d:33:07:ae:f0:c0:b7:c1:
1c:32:95:55:43:2b:84:65:5a:b7:84:5f:c4:60:a8:
3b:ca:63:3f:d8:86:36:75:6a:35:e8:45:15:fb:7a:
13:1e:d5:95:30:b5:63:e0:1e:20:fe:2c:6a:f6:00:
2c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:BF:90:83:67:BE:B6:14:C0:ED:FD:4A:D6:B8:CF:33:B4:F7:07:FE
X509v3 Authority Key Identifier:
keyid:62:C4:C7:43:D5:C2:AF:CF:27:F1:04:EB:6E:03:16:11:6C:85:C7:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YsTHQ9XCr88n8QTrbgMWEWyFx94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b4:3e:fb:f8:76:19:b9:39:e5:bf:38:7a:89:85:42:8d:83:0d:
4b:ed:d9:83:58:49:14:3f:ff:59:ce:d5:eb:f6:6a:52:d7:1c:
5e:ff:b3:74:0b:dd:39:34:c7:b4:06:e1:c9:2b:a1:09:24:62:
24:f9:5b:85:bf:b8:de:f9:c1:3d:d7:33:d3:51:6f:cc:5e:21:
9f:08:a8:dc:92:47:b3:4b:3f:21:57:c2:2f:ff:0a:71:d3:5a:
2c:a2:f1:22:e3:17:1a:ef:72:50:56:72:4c:4e:e6:fc:3e:1a:
e6:e3:7a:fb:df:76:a8:ca:73:a5:15:a8:51:de:29:f8:42:75:
39:c8:61:12:26:6f:ad:e1:a1:70:6a:cf:44:0f:db:f1:bc:68:
a2:c7:af:92:68:46:b2:c4:c3:4c:a5:c0:b9:da:62:5a:cf:00:
0e:0a:49:23:c3:d1:ca:0a:33:35:38:b9:63:6a:77:43:95:4b:
a8:e9:66:19:ff:94:44:ca:d1:ae:43:d4:6c:04:c7:66:8f:4f:
95:b7:0f:8e:61:b6:e9:0c:8f:be:aa:55:21:e0:bf:83:61:b0:
0b:e2:4e:7e:c0:5e:28:ed:90:86:d0:84:dd:aa:54:1c:ad:24:
fe:da:bf:f8:bb:e1:d2:22:f0:e2:5a:49:98:f8:75:d8:dd:9d:
e6:cf:0c:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZozDtz5b8b0mZ3qjfq3EHbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYzRjNzQzZDVjMmFmY2YyN2YxMDRlYjZlMDMxNjExNmM4
NWM3ZGUwHhcNMjUxMDMwMDMwMDAzWhcNMjUxMDMxMDMwMDAzWjAzMTEwLwYDVQQD
Eyg0NWJmOTA4MzY3YmViNjE0YzBlZGZkNGFkNmI4Y2YzM2I0ZjcwN2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmWkBZ0v6ZIUWMxsruyqFNG5DVf/
EYiRGnimnfBxTHxIBX/rVfJKsQW5j5dy7Jrie+SJ32+RnB9F2Kc+iDeGIku3sXr2
M79p3ZfBtvSbKPMHVbrMsKnfW9OfhRv5/uyn/ePs3AZEEbSoiFngtMEvmCTTGBHl
027npa+etJaalJjP1uxUycnlhXtTOlcO9JuZd55mfl8oVsKuOysbhvWxRFcmV5c/
D5ELa9MkU9NW+kwwN5upvSPPlfdrlKkEeh8PStWmiwK7S6Z5bTMHrvDAt8EcMpVV
QyuEZVq3hF/EYKg7ymM/2IY2dWo16EUV+3oTHtWVMLVj4B4g/ixq9gAsawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEW/kINnvrYUwO39Sta4zzO09wf+MB8GA1UdIwQY
MBaAFGLEx0PVwq/PJ/EE624DFhFshcfeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXNUSFE5WENyODhuOFFUcmJnTVdFV3lGeDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My83MjhjNDAtZjcxMi00ZmVmLTg5NDUt
ZGUzNTJhOTJmNmJhLzEvWXNUSFE5WENyODhuOFFUcmJnTVdFV3lGeDk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My83MjhjNDAtZjcxMi00ZmVmLTg5NDUtZGUzNTJhOTJmNmJh
LzEvWXNUSFE5WENyODhuOFFUcmJnTVdFV3lGeDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtD77+HYZ
uTnlvzh6iYVCjYMNS+3Zg1hJFD//Wc7V6/ZqUtccXv+zdAvdOTTHtAbhySuhCSRi
JPlbhb+43vnBPdcz01FvzF4hnwio3JJHs0s/IVfCL/8KcdNaLKLxIuMXGu9yUFZy
TE7m/D4a5uN6+992qMpzpRWoUd4p+EJ1OchhEiZvreGhcGrPRA/b8bxoosevkmhG
ssTDTKXAudpiWs8ADgpJI8PRygozNTi5Y2p3Q5VLqOlmGf+URMrRrkPUbATHZo9P
lbcPjmG26QyPvqpVIeC/g2GwC+JOfsBeKO2QhtCE3apUHK0k/tq/+Lvh0iLw4lpJ
mPh12N2d5s8M+g==
-----END CERTIFICATE-----
Generated at Thu Oct 30 05:32:08 2025 by rpki-client