Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/297d54-bd82-42e0-9c42-6fdbca600e00/1/yN8zfOpWoIP0a3mQcucNo0XMI2Q.mft
File: yN8zfOpWoIP0a3mQcucNo0XMI2Q.mft (raw, json)
Hash identifier: bbkItIFh3qcJCJ1YD8F4w4oVFSfUWYKZPiHpQkIE/Do=
Subject key identifier: C6:A1:E2:66:16:FE:31:BE:CC:11:D1:1F:01:9E:FB:66:41:DF:39:D0
Authority key identifier: C8:DF:33:7C:EA:56:A0:83:F4:6B:79:90:72:E7:0D:A3:45:CC:23:64
Certificate issuer: /CN=c8df337cea56a083f46b799072e70da345cc2364
Certificate serial: 019A706E293685B20DD9FA3F034D4F9A7B5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yN8zfOpWoIP0a3mQcucNo0XMI2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/297d54-bd82-42e0-9c42-6fdbca600e00/1/yN8zfOpWoIP0a3mQcucNo0XMI2Q.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 01:00:58 +0000
Manifest this update: Tue 11 Nov 2025 01:00:58 +0000
Manifest next update: Wed 12 Nov 2025 01:00:58 +0000
Files and hashes: 1: yEMlFNYIo_7PBG15hC66LWSw4E0.roa (hash: 0NF8QaEpF30c3qMJTec6Bga4N+I8Ns4AqntJ51k9D0k=)
2: yN8zfOpWoIP0a3mQcucNo0XMI2Q.crl (hash: Yhs9sqJpA2mRuNcMZt0rtQSSXs9r64RSMvKF4t8DRhA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/297d54-bd82-42e0-9c42-6fdbca600e00/1/yN8zfOpWoIP0a3mQcucNo0XMI2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/297d54-bd82-42e0-9c42-6fdbca600e00/1/yN8zfOpWoIP0a3mQcucNo0XMI2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/yN8zfOpWoIP0a3mQcucNo0XMI2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 01:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:6e:29:36:85:b2:0d:d9:fa:3f:03:4d:4f:9a:7b:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8df337cea56a083f46b799072e70da345cc2364
Validity
Not Before: Nov 11 01:00:58 2025 GMT
Not After : Nov 12 01:00:58 2025 GMT
Subject: CN=c6a1e26616fe31becc11d11f019efb6641df39d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d7:7e:3e:73:0d:8c:4c:72:65:ad:80:68:cc:
cc:c0:03:30:4f:b9:0a:16:5e:7e:ee:56:c3:d8:88:
b8:df:57:43:d0:37:4a:0b:98:29:42:18:d4:2f:e5:
ef:6e:d5:40:02:2c:b5:01:83:fa:6f:ce:6b:8b:a4:
90:10:a0:46:05:e0:2a:55:24:c9:24:90:d0:aa:5c:
76:b6:41:ee:04:4d:8c:2a:b4:a9:42:b5:26:bc:94:
62:62:d8:45:3d:89:60:3d:d2:c6:a3:6a:e7:1f:32:
0c:bb:1f:c7:a1:78:1a:ca:7b:83:f1:d1:00:1c:76:
5f:f4:4d:2a:b9:16:bf:93:c8:7f:73:aa:8e:ee:6f:
b4:89:57:09:d7:5c:c8:f1:95:38:1e:64:5a:08:5b:
ad:59:07:d2:d4:3d:57:df:08:9f:43:b4:13:1c:32:
3e:84:7b:72:08:17:95:82:d6:5c:a7:37:3b:7c:aa:
bf:4a:44:2f:07:25:86:ed:c1:64:72:b0:ad:97:fc:
a6:60:f0:3d:ec:b2:d5:a7:f0:e6:b2:5d:e5:39:64:
02:76:51:6f:bb:dc:ba:34:9c:5f:3d:46:23:9e:b8:
8b:54:ec:47:58:72:f8:92:5d:2e:db:f9:6b:30:ae:
16:ba:35:70:45:ba:5c:75:3f:f6:41:5a:ef:c1:ad:
82:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:A1:E2:66:16:FE:31:BE:CC:11:D1:1F:01:9E:FB:66:41:DF:39:D0
X509v3 Authority Key Identifier:
keyid:C8:DF:33:7C:EA:56:A0:83:F4:6B:79:90:72:E7:0D:A3:45:CC:23:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yN8zfOpWoIP0a3mQcucNo0XMI2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/297d54-bd82-42e0-9c42-6fdbca600e00/1/yN8zfOpWoIP0a3mQcucNo0XMI2Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/297d54-bd82-42e0-9c42-6fdbca600e00/1/yN8zfOpWoIP0a3mQcucNo0XMI2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:8f:53:44:b8:b9:a8:bf:91:02:99:a5:6d:50:ad:2c:62:16:
43:c6:2d:04:f5:67:92:a2:1a:e1:db:e2:a6:aa:b3:05:8c:00:
64:b6:db:88:d8:b2:2d:89:98:ba:fc:77:c0:24:30:7c:d1:67:
05:d9:a9:2e:db:df:01:de:96:f7:0f:d6:eb:81:b6:f9:27:61:
66:94:65:04:18:3c:5f:0b:61:a7:62:21:eb:a2:35:70:d1:d7:
9c:71:2a:d3:d9:cf:bf:74:ca:d2:74:65:4f:b7:93:80:4b:9a:
e6:a4:6d:02:52:f7:a4:65:fb:4a:eb:81:b0:bc:34:11:65:ed:
d4:1a:85:43:8e:76:9a:3e:f9:81:cd:aa:52:68:82:de:5a:5b:
00:c2:b7:48:9e:de:d9:8d:f4:a1:07:4a:8f:a1:c3:4f:0d:3a:
81:4c:a9:29:2d:aa:61:11:04:22:c6:3c:b9:f3:a5:8e:9d:49:
07:40:aa:af:01:e2:ff:4a:ac:d4:a1:8a:46:d8:60:74:12:d0:
d2:91:2e:e8:19:6a:c5:ae:46:6d:20:c6:34:9c:8d:61:42:5b:
5c:5d:34:ad:01:21:f1:ca:85:b9:db:b4:89:d5:df:41:bc:31:
9a:c4:19:54:57:d1:cd:bc:81:83:51:ce:98:86:14:af:31:ba:
fb:14:12:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbik2hbIN2fo/A01PmntaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZGYzMzdjZWE1NmEwODNmNDZiNzk5MDcyZTcwZGEzNDVj
YzIzNjQwHhcNMjUxMTExMDEwMDU4WhcNMjUxMTEyMDEwMDU4WjAzMTEwLwYDVQQD
EyhjNmExZTI2NjE2ZmUzMWJlY2MxMWQxMWYwMTllZmI2NjQxZGYzOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNd+PnMNjExyZa2AaMzMwAMwT7kK
Fl5+7lbD2Ii431dD0DdKC5gpQhjUL+XvbtVAAiy1AYP6b85ri6SQEKBGBeAqVSTJ
JJDQqlx2tkHuBE2MKrSpQrUmvJRiYthFPYlgPdLGo2rnHzIMux/HoXgaynuD8dEA
HHZf9E0quRa/k8h/c6qO7m+0iVcJ11zI8ZU4HmRaCFutWQfS1D1X3wifQ7QTHDI+
hHtyCBeVgtZcpzc7fKq/SkQvByWG7cFkcrCtl/ymYPA97LLVp/Dmsl3lOWQCdlFv
u9y6NJxfPUYjnriLVOxHWHL4kl0u2/lrMK4WujVwRbpcdT/2QVrvwa2CUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMah4mYW/jG+zBHRHwGe+2ZB3znQMB8GA1UdIwQY
MBaAFMjfM3zqVqCD9Gt5kHLnDaNFzCNkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU44emZPcFdvSVAwYTNtUWN1Y05vMFhNSTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8yOTdkNTQtYmQ4Mi00MmUwLTljNDIt
NmZkYmNhNjAwZTAwLzEveU44emZPcFdvSVAwYTNtUWN1Y05vMFhNSTJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8yOTdkNTQtYmQ4Mi00MmUwLTljNDItNmZkYmNhNjAwZTAw
LzEveU44emZPcFdvSVAwYTNtUWN1Y05vMFhNSTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANI9TRLi5
qL+RApmlbVCtLGIWQ8YtBPVnkqIa4dvipqqzBYwAZLbbiNiyLYmYuvx3wCQwfNFn
BdmpLtvfAd6W9w/W64G2+SdhZpRlBBg8Xwthp2Ih66I1cNHXnHEq09nPv3TK0nRl
T7eTgEua5qRtAlL3pGX7SuuBsLw0EWXt1BqFQ452mj75gc2qUmiC3lpbAMK3SJ7e
2Y30oQdKj6HDTw06gUypKS2qYREEIsY8ufOljp1JB0CqrwHi/0qs1KGKRthgdBLQ
0pEu6Blqxa5GbSDGNJyNYUJbXF00rQEh8cqFudu0idXfQbwxmsQZVFfRzbyBg1HO
mIYUrzG6+xQSbg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:35:14 2025 by rpki-client