Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.mft
File: YcXtDe2GJbMrZTMgcinyxGclmEg.mft (raw, json)
Hash identifier: n+S060OIAD0n6oOV/smSW6hvXiv/ZvZOqR7CHhyw/Uk=
Subject key identifier: FF:35:E1:F7:28:3E:D0:54:B9:2C:40:5A:F5:56:94:9F:6F:4C:6B:3E
Authority key identifier: 61:C5:ED:0D:ED:86:25:B3:2B:65:33:20:72:29:F2:C4:67:25:98:48
Certificate issuer: /CN=61c5ed0ded8625b32b6533207229f2c467259848
Certificate serial: 019D39098C8FF145C2CCA538BDF7B4E09D25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcXtDe2GJbMrZTMgcinyxGclmEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 10:00:20 +0000
Manifest this update: Sun 29 Mar 2026 10:00:20 +0000
Manifest next update: Mon 30 Mar 2026 10:00:20 +0000
Files and hashes: 1: QdSCp7V6SXB6kY3MDm-0dxcIQJY.roa (hash: j90AwqYuVEioYPkOABNDsET8wy4V7UafpGuH2RPQHeg=)
2: YcXtDe2GJbMrZTMgcinyxGclmEg.crl (hash: kCeUTQvJAZU4mV02Cg7ao6qBw0exa5hieEH0vfRcJHI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/YcXtDe2GJbMrZTMgcinyxGclmEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:8c:8f:f1:45:c2:cc:a5:38:bd:f7:b4:e0:9d:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61c5ed0ded8625b32b6533207229f2c467259848
Validity
Not Before: Mar 29 10:00:20 2026 GMT
Not After : Mar 30 10:00:20 2026 GMT
Subject: CN=ff35e1f7283ed054b92c405af556949f6f4c6b3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:83:a5:fd:29:6a:8a:07:96:58:45:4a:84:3b:
da:6a:7a:c2:f0:2d:75:00:3a:aa:74:c4:d2:6f:07:
7f:d4:6e:54:91:eb:0c:f6:77:f2:d6:76:e1:67:25:
d7:07:3c:99:d2:61:a8:6d:17:53:35:d0:7d:9a:32:
7f:50:16:57:d4:6b:4c:1d:57:94:65:e6:eb:3c:cc:
b8:1d:ac:8e:6e:82:6b:aa:b2:bf:79:5c:78:69:e2:
f7:64:a3:05:23:4a:db:6f:ce:a7:5a:4b:cd:8e:db:
53:df:c7:7a:52:21:89:5e:a0:dc:cb:53:df:1f:8c:
e3:88:20:fb:45:cb:c4:eb:b8:dd:d9:91:1b:e3:38:
ca:1c:65:4e:8b:bb:4a:74:97:09:e8:31:03:91:91:
31:ca:b1:b3:05:6c:4c:5d:51:17:bb:9b:10:61:c3:
6f:43:eb:1b:4b:2d:7e:5f:84:a9:ce:e5:bd:ae:0c:
5d:46:f9:a4:19:85:ef:7c:a3:95:08:94:3b:93:b3:
8c:c6:f1:a4:57:67:af:86:f7:02:b3:54:17:ad:83:
d4:db:ed:95:e0:80:da:25:a9:9c:72:6f:46:f5:51:
7b:81:27:ea:42:2b:bb:4c:cb:c2:86:d2:b3:c3:51:
ce:0b:81:9b:69:3c:88:09:59:0e:b7:12:db:c0:c4:
33:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:35:E1:F7:28:3E:D0:54:B9:2C:40:5A:F5:56:94:9F:6F:4C:6B:3E
X509v3 Authority Key Identifier:
keyid:61:C5:ED:0D:ED:86:25:B3:2B:65:33:20:72:29:F2:C4:67:25:98:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcXtDe2GJbMrZTMgcinyxGclmEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:9e:01:c6:0c:0c:58:4a:5e:9b:23:0f:ca:73:04:19:3c:b0:
02:b8:be:df:a3:b0:61:ab:3d:05:b9:3a:5f:db:03:90:36:ea:
69:4e:6d:03:41:99:eb:4c:de:9a:94:27:d1:7c:3b:4b:0a:10:
28:b8:18:46:bb:a7:1d:1d:98:82:ac:92:8b:28:a1:20:c9:1d:
78:9f:7a:b9:21:b5:d0:05:37:8e:f9:06:45:87:d1:6e:eb:da:
b9:08:07:05:e1:9b:20:cb:58:f6:b3:85:fa:bd:5c:b2:8c:fe:
dd:6b:fb:50:e8:2d:f6:66:62:9f:ad:19:2f:81:2d:b8:75:22:
49:3b:48:90:15:4f:bb:72:c4:2f:39:9b:8c:27:3e:da:1f:1d:
a9:01:5f:12:01:39:8a:77:b7:ea:ac:2c:01:52:d0:49:11:4c:
85:d0:a3:df:bc:07:9e:7c:90:3c:4c:7c:d7:11:b5:c8:35:2d:
6a:a8:11:9a:b8:69:1d:5c:9b:c0:fc:c4:f5:4c:71:59:b4:54:
0f:e0:f4:8f:e8:c0:87:dd:c6:c2:e1:3f:40:ee:6a:6a:33:29:
9a:fb:02:92:2d:e0:26:7e:ee:3c:c4:7d:0f:44:67:39:c6:17:
3f:97:c4:58:1f:7a:d4:ef:78:ce:83:4e:5f:e2:1d:d0:7f:4b:
d5:d3:9e:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CYyP8UXCzKU4vfe04J0lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzVlZDBkZWQ4NjI1YjMyYjY1MzMyMDcyMjlmMmM0Njcy
NTk4NDgwHhcNMjYwMzI5MTAwMDIwWhcNMjYwMzMwMTAwMDIwWjAzMTEwLwYDVQQD
EyhmZjM1ZTFmNzI4M2VkMDU0YjkyYzQwNWFmNTU2OTQ5ZjZmNGM2YjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYOl/SlqigeWWEVKhDvaanrC8C11
ADqqdMTSbwd/1G5UkesM9nfy1nbhZyXXBzyZ0mGobRdTNdB9mjJ/UBZX1GtMHVeU
ZebrPMy4HayOboJrqrK/eVx4aeL3ZKMFI0rbb86nWkvNjttT38d6UiGJXqDcy1Pf
H4zjiCD7RcvE67jd2ZEb4zjKHGVOi7tKdJcJ6DEDkZExyrGzBWxMXVEXu5sQYcNv
Q+sbSy1+X4SpzuW9rgxdRvmkGYXvfKOVCJQ7k7OMxvGkV2evhvcCs1QXrYPU2+2V
4IDaJamccm9G9VF7gSfqQiu7TMvChtKzw1HOC4GbaTyICVkOtxLbwMQzEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP814fcoPtBUuSxAWvVWlJ9vTGs+MB8GA1UdIwQY
MBaAFGHF7Q3thiWzK2UzIHIp8sRnJZhIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNYdERlMkdKYk1yWlRNZ2Npbnl4R2NsbUVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82MDYyYWYtNTNiYy00MzVkLWI1ZmIt
YTExODQ5ODMyNWY3LzEvWWNYdERlMkdKYk1yWlRNZ2Npbnl4R2NsbUVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82MDYyYWYtNTNiYy00MzVkLWI1ZmItYTExODQ5ODMyNWY3
LzEvWWNYdERlMkdKYk1yWlRNZ2Npbnl4R2NsbUVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmZ4BxgwM
WEpemyMPynMEGTywAri+36OwYas9Bbk6X9sDkDbqaU5tA0GZ60zempQn0Xw7SwoQ
KLgYRrunHR2YgqySiyihIMkdeJ96uSG10AU3jvkGRYfRbuvauQgHBeGbIMtY9rOF
+r1csoz+3Wv7UOgt9mZin60ZL4EtuHUiSTtIkBVPu3LELzmbjCc+2h8dqQFfEgE5
ine36qwsAVLQSRFMhdCj37wHnnyQPEx81xG1yDUtaqgRmrhpHVybwPzE9UxxWbRU
D+D0j+jAh93GwuE/QO5qajMpmvsCki3gJn7uPMR9D0RnOcYXP5fEWB961O94zoNO
X+Id0H9L1dOepA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:10:35 2026 by rpki-client