Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft
File: YsTHQ9XCr88n8QTrbgMWEWyFx94.mft (raw, json)
Hash identifier: Hmf07+OBdN5aQ5DAJg4eEz3SWrsD3FCHup2YCuQoQh8=
Subject key identifier: 22:8B:CF:A1:55:4A:3B:2A:9E:85:60:17:5C:32:8A:59:D5:93:F1:78
Authority key identifier: 62:C4:C7:43:D5:C2:AF:CF:27:F1:04:EB:6E:03:16:11:6C:85:C7:DE
Certificate issuer: /CN=62c4c743d5c2afcf27f104eb6e0316116c85c7de
Certificate serial: 019D397814CF21B6EA79719DD816E1AE0AE0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YsTHQ9XCr88n8QTrbgMWEWyFx94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft
Manifest number: 0E5D
Signing time: Sun 29 Mar 2026 12:01:04 +0000
Manifest this update: Sun 29 Mar 2026 12:01:04 +0000
Manifest next update: Mon 30 Mar 2026 12:01:04 +0000
Files and hashes: 1: DT8ZHpsnu95pA077Bij5e4AaTEY.roa (hash: QTft8cX4BupKj8g0B2lC6ytondXy0rFBo523NlqKQRE=)
2: YsTHQ9XCr88n8QTrbgMWEWyFx94.crl (hash: hta3an3XgKuT/gAMJV4lOIrlajVIsGWDLJEWZ7nwAqo=)
3: qluoOzLyxaccQSwrFa90RFqcqxg.roa (hash: qpMAcoRGSm/EZYI6/sZIFBd3qkp/MdqT0v4KuQ94Pkg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft
rsync://rpki.ripe.net/repository/DEFAULT/YsTHQ9XCr88n8QTrbgMWEWyFx94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:78:14:cf:21:b6:ea:79:71:9d:d8:16:e1:ae:0a:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62c4c743d5c2afcf27f104eb6e0316116c85c7de
Validity
Not Before: Mar 29 12:01:04 2026 GMT
Not After : Mar 30 12:01:04 2026 GMT
Subject: CN=228bcfa1554a3b2a9e8560175c328a59d593f178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:55:07:9e:2e:e3:90:b3:4d:f6:89:85:d1:a9:
bb:33:22:94:02:c2:34:7d:52:7b:72:0a:78:4f:fa:
3f:16:9e:24:fc:1a:2b:b2:05:ef:d6:30:17:48:b0:
5b:05:45:4c:98:65:73:06:bb:9f:7a:8c:e0:87:83:
43:ae:1e:16:8f:92:75:2c:a8:4f:08:d1:f6:78:72:
93:22:76:af:1f:a7:a5:d7:d2:b6:2b:02:2b:d7:2f:
67:17:22:18:95:e6:bc:bc:52:1b:28:dd:2d:40:ca:
d4:d5:a2:42:16:6b:8e:cf:1e:6a:3d:d2:e9:d5:05:
fd:34:6c:10:6e:ae:1e:52:9a:e2:e3:47:6b:c0:79:
d1:d9:f8:86:34:72:9d:82:c4:dc:a9:ce:c9:27:c4:
2b:83:ff:0b:1d:73:10:46:54:67:6a:3b:4e:86:54:
53:d5:28:bd:fa:44:7c:12:52:21:2c:72:25:16:95:
ea:f6:fd:6f:a6:27:5f:c8:88:bd:cd:78:f5:8b:60:
31:ff:5a:c7:28:25:93:e8:3c:c4:91:3b:6e:49:f1:
2a:b5:01:1d:6c:53:ca:75:e6:a4:b3:9c:eb:3b:42:
32:33:03:96:1b:77:10:38:37:9a:bb:31:a5:54:6e:
37:af:ab:52:3d:6f:ef:bf:a1:4b:2c:09:e5:70:12:
13:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:8B:CF:A1:55:4A:3B:2A:9E:85:60:17:5C:32:8A:59:D5:93:F1:78
X509v3 Authority Key Identifier:
keyid:62:C4:C7:43:D5:C2:AF:CF:27:F1:04:EB:6E:03:16:11:6C:85:C7:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YsTHQ9XCr88n8QTrbgMWEWyFx94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:10:36:c8:cf:e7:54:75:33:a8:d7:59:3a:41:da:5c:53:e2:
e2:86:5a:1c:5a:3e:d0:24:f3:2d:47:9a:11:71:d0:40:47:1f:
4d:db:0d:94:3c:57:74:92:f3:6d:fb:ef:46:56:09:33:10:27:
84:a0:8f:61:b7:b5:60:13:39:52:68:76:0b:a5:0e:0a:dc:a4:
bd:b8:ea:3d:ac:03:9c:b6:14:c8:ce:e1:51:2a:d3:54:37:90:
b2:0e:d4:6f:49:90:f7:b3:a1:18:f8:87:5f:a1:56:7d:f8:e4:
9d:02:4f:82:8f:33:e0:4b:ce:98:77:ab:25:38:94:16:2b:d8:
cf:a5:b1:bc:a5:b6:be:af:32:27:b6:ae:20:4a:a4:27:69:c5:
c9:f8:7f:d1:7e:f8:af:f5:08:84:9c:83:32:a6:0c:82:0c:b5:
f1:14:06:4f:3c:ea:95:06:23:09:12:d0:6a:e6:fa:38:7e:b6:
0e:29:1c:95:5d:dd:36:74:d4:7f:ee:bb:db:89:13:a5:f8:4a:
87:5b:ad:a2:91:f3:72:47:14:28:42:67:e0:1c:46:03:d1:f6:
1a:24:9c:9e:f7:60:9e:19:da:e0:19:b5:4e:46:cb:b6:bf:14:
f3:59:97:58:3c:7d:b7:e4:c3:fe:a5:39:5e:3d:24:c5:7a:54:
68:6b:c6:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05eBTPIbbqeXGd2BbhrgrgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYzRjNzQzZDVjMmFmY2YyN2YxMDRlYjZlMDMxNjExNmM4
NWM3ZGUwHhcNMjYwMzI5MTIwMTA0WhcNMjYwMzMwMTIwMTA0WjAzMTEwLwYDVQQD
EygyMjhiY2ZhMTU1NGEzYjJhOWU4NTYwMTc1YzMyOGE1OWQ1OTNmMTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVUHni7jkLNN9omF0am7MyKUAsI0
fVJ7cgp4T/o/Fp4k/BorsgXv1jAXSLBbBUVMmGVzBrufeozgh4NDrh4Wj5J1LKhP
CNH2eHKTInavH6el19K2KwIr1y9nFyIYlea8vFIbKN0tQMrU1aJCFmuOzx5qPdLp
1QX9NGwQbq4eUpri40drwHnR2fiGNHKdgsTcqc7JJ8Qrg/8LHXMQRlRnajtOhlRT
1Si9+kR8ElIhLHIlFpXq9v1vpidfyIi9zXj1i2Ax/1rHKCWT6DzEkTtuSfEqtQEd
bFPKdeaks5zrO0IyMwOWG3cQODeauzGlVG43r6tSPW/vv6FLLAnlcBITwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCKLz6FVSjsqnoVgF1wyilnVk/F4MB8GA1UdIwQY
MBaAFGLEx0PVwq/PJ/EE624DFhFshcfeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXNUSFE5WENyODhuOFFUcmJnTVdFV3lGeDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My83MjhjNDAtZjcxMi00ZmVmLTg5NDUt
ZGUzNTJhOTJmNmJhLzEvWXNUSFE5WENyODhuOFFUcmJnTVdFV3lGeDk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My83MjhjNDAtZjcxMi00ZmVmLTg5NDUtZGUzNTJhOTJmNmJh
LzEvWXNUSFE5WENyODhuOFFUcmJnTVdFV3lGeDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAERA2yM/n
VHUzqNdZOkHaXFPi4oZaHFo+0CTzLUeaEXHQQEcfTdsNlDxXdJLzbfvvRlYJMxAn
hKCPYbe1YBM5Umh2C6UOCtykvbjqPawDnLYUyM7hUSrTVDeQsg7Ub0mQ97OhGPiH
X6FWffjknQJPgo8z4EvOmHerJTiUFivYz6WxvKW2vq8yJ7auIEqkJ2nFyfh/0X74
r/UIhJyDMqYMggy18RQGTzzqlQYjCRLQaub6OH62DikclV3dNnTUf+6724kTpfhK
h1utopHzckcUKEJn4BxGA9H2GiScnvdgnhna4Bm1TkbLtr8U81mXWDx9t+TD/qU5
Xj0kxXpUaGvGkA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:27:42 2026 by rpki-client