Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.mft
File: YcXtDe2GJbMrZTMgcinyxGclmEg.mft (raw, json)
Hash identifier: yY1AIFTI5n89qPLfjjvmWu9Un7Lqv0+puDZBhwIoBSY=
Subject key identifier: 3F:57:A2:E6:BF:82:CA:21:D5:C9:73:B8:9C:54:36:13:CE:B7:9E:81
Authority key identifier: 61:C5:ED:0D:ED:86:25:B3:2B:65:33:20:72:29:F2:C4:67:25:98:48
Certificate issuer: /CN=61c5ed0ded8625b32b6533207229f2c467259848
Certificate serial: 019A7293DFE071334BF47AB6EDF920AAE04C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcXtDe2GJbMrZTMgcinyxGclmEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 11:01:24 +0000
Manifest this update: Tue 11 Nov 2025 11:01:24 +0000
Manifest next update: Wed 12 Nov 2025 11:01:24 +0000
Files and hashes: 1: CYWLmYxcCQgki-Xk5YRvuSHALzs.roa (hash: 61Fic0FYH+kK7MaPnl8UV3ohGlvf2gRHDh8nlfVoQGY=)
2: YcXtDe2GJbMrZTMgcinyxGclmEg.crl (hash: K2/2qrqd/v7kWPuuMZHaCg+clYjbTC1VKwtnwIhHiJ4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/YcXtDe2GJbMrZTMgcinyxGclmEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:df:e0:71:33:4b:f4:7a:b6:ed:f9:20:aa:e0:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61c5ed0ded8625b32b6533207229f2c467259848
Validity
Not Before: Nov 11 11:01:24 2025 GMT
Not After : Nov 12 11:01:24 2025 GMT
Subject: CN=3f57a2e6bf82ca21d5c973b89c543613ceb79e81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:42:dc:9f:08:05:d4:a6:68:68:22:76:7f:e4:
82:b0:f7:52:96:88:93:86:16:98:81:fb:eb:a9:21:
ef:c5:94:ab:61:f7:29:6d:66:f5:0d:d5:9b:2e:11:
cd:13:24:7a:5c:cb:79:90:c2:07:33:38:a9:a9:80:
21:2c:9d:0c:54:f4:ad:08:d9:76:9e:50:a4:90:96:
38:ec:67:97:a3:d2:83:c9:3d:6c:c9:0f:ee:94:ed:
df:e5:0f:25:01:04:8f:43:11:a7:b9:7c:f6:a7:84:
d8:68:f2:bb:2c:9a:f9:eb:2e:eb:b6:3a:31:44:39:
48:0a:ad:43:56:d2:b8:2d:84:52:17:6b:8a:bb:0c:
dd:b3:33:1c:73:46:82:1c:20:64:0d:62:e7:bc:6f:
45:6a:c3:23:76:9c:9f:13:2e:d7:b9:ff:be:01:3a:
00:8d:ce:d3:1c:c5:88:05:d3:8a:e6:9a:68:e5:84:
71:ad:1f:22:8e:5a:bb:53:59:23:94:54:c0:a3:fc:
96:39:8b:5b:2c:a3:7d:4e:a6:d9:0d:fa:0a:68:03:
cc:8b:7e:ee:5c:bc:c7:e7:44:a6:5d:a0:f8:8f:d7:
52:a3:5c:cf:5f:16:e5:7f:43:47:49:f3:fd:2c:14:
9a:03:bc:76:6e:2b:48:d8:66:de:4a:81:49:ce:6c:
77:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:57:A2:E6:BF:82:CA:21:D5:C9:73:B8:9C:54:36:13:CE:B7:9E:81
X509v3 Authority Key Identifier:
keyid:61:C5:ED:0D:ED:86:25:B3:2B:65:33:20:72:29:F2:C4:67:25:98:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcXtDe2GJbMrZTMgcinyxGclmEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:47:ee:18:45:d9:91:4e:b6:1f:40:cf:3c:8e:44:b3:92:65:
73:8a:e0:ba:b0:2d:44:6b:d6:5f:54:50:34:e2:f0:84:38:9c:
e4:4f:82:cc:ee:20:48:5d:3a:a6:53:d3:06:4c:a9:80:fe:a1:
f2:c5:67:96:de:b2:42:cd:6f:f9:a7:8e:a3:bb:51:96:e7:70:
c1:22:da:83:ac:6c:cd:c4:93:1b:48:2a:96:91:f5:72:b5:07:
d0:29:d5:14:3c:dd:bf:fc:5e:0b:6d:4a:29:c9:07:e1:2a:0b:
79:56:71:14:c0:e3:dd:d2:98:9f:52:b5:4b:6b:15:75:fe:25:
17:74:9f:88:56:0a:51:6d:b6:33:0f:0d:df:01:a8:32:a9:35:
0b:12:f5:eb:36:75:9d:b7:b7:81:36:50:c0:05:7a:01:41:52:
93:e7:30:21:06:ad:04:6e:22:25:e4:c8:48:04:e2:f9:dd:8b:
4a:77:89:75:20:97:84:dd:b5:70:ee:2f:ca:04:db:15:de:67:
3f:c7:24:2a:2a:04:bf:f7:4b:81:86:47:fe:37:3c:b3:89:8f:
58:a8:09:07:f1:a0:f4:6c:ba:a7:a8:87:88:7c:ec:33:3d:d6:
85:b1:19:ab:65:1d:b1:1c:37:b2:49:77:ff:75:0c:1a:28:29:
29:38:f8:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk9/gcTNL9Hq27fkgquBMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzVlZDBkZWQ4NjI1YjMyYjY1MzMyMDcyMjlmMmM0Njcy
NTk4NDgwHhcNMjUxMTExMTEwMTI0WhcNMjUxMTEyMTEwMTI0WjAzMTEwLwYDVQQD
EygzZjU3YTJlNmJmODJjYTIxZDVjOTczYjg5YzU0MzYxM2NlYjc5ZTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00LcnwgF1KZoaCJ2f+SCsPdSloiT
hhaYgfvrqSHvxZSrYfcpbWb1DdWbLhHNEyR6XMt5kMIHMzipqYAhLJ0MVPStCNl2
nlCkkJY47GeXo9KDyT1syQ/ulO3f5Q8lAQSPQxGnuXz2p4TYaPK7LJr56y7rtjox
RDlICq1DVtK4LYRSF2uKuwzdszMcc0aCHCBkDWLnvG9FasMjdpyfEy7Xuf++AToA
jc7THMWIBdOK5ppo5YRxrR8ijlq7U1kjlFTAo/yWOYtbLKN9TqbZDfoKaAPMi37u
XLzH50SmXaD4j9dSo1zPXxblf0NHSfP9LBSaA7x2bitI2GbeSoFJzmx3JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD9Xoua/gsoh1clzuJxUNhPOt56BMB8GA1UdIwQY
MBaAFGHF7Q3thiWzK2UzIHIp8sRnJZhIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNYdERlMkdKYk1yWlRNZ2Npbnl4R2NsbUVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82MDYyYWYtNTNiYy00MzVkLWI1ZmIt
YTExODQ5ODMyNWY3LzEvWWNYdERlMkdKYk1yWlRNZ2Npbnl4R2NsbUVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82MDYyYWYtNTNiYy00MzVkLWI1ZmItYTExODQ5ODMyNWY3
LzEvWWNYdERlMkdKYk1yWlRNZ2Npbnl4R2NsbUVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIUfuGEXZ
kU62H0DPPI5Es5Jlc4rgurAtRGvWX1RQNOLwhDic5E+CzO4gSF06plPTBkypgP6h
8sVnlt6yQs1v+aeOo7tRludwwSLag6xszcSTG0gqlpH1crUH0CnVFDzdv/xeC21K
KckH4SoLeVZxFMDj3dKYn1K1S2sVdf4lF3SfiFYKUW22Mw8N3wGoMqk1CxL16zZ1
nbe3gTZQwAV6AUFSk+cwIQatBG4iJeTISATi+d2LSneJdSCXhN21cO4vygTbFd5n
P8ckKioEv/dLgYZH/jc8s4mPWKgJB/Gg9Gy6p6iHiHzsMz3WhbEZq2UdsRw3skl3
/3UMGigpKTj4fQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:16:10 2025 by rpki-client