Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/YL83NiAUbm8piugtLIqDccrLexs.mft
File: YL83NiAUbm8piugtLIqDccrLexs.mft (raw, json)
Hash identifier: CSStCBaJiqa8cj0uqry17i3W7VsSk4Fon7DJc2T8Di4=
Subject key identifier: 1F:A8:3C:F1:B8:7D:C8:87:D2:95:04:28:A0:3C:60:C6:D4:E3:13:87
Authority key identifier: 60:BF:37:36:20:14:6E:6F:29:8A:E8:2D:2C:8A:83:71:CA:CB:7B:1B
Certificate issuer: /CN=60bf373620146e6f298ae82d2c8a8371cacb7b1b
Certificate serial: 019A247853CED5613E48BD63FCFC1689F4E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YL83NiAUbm8piugtLIqDccrLexs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/YL83NiAUbm8piugtLIqDccrLexs.mft
Manifest number: 16F7
Signing time: Mon 27 Oct 2025 07:00:56 +0000
Manifest this update: Mon 27 Oct 2025 07:00:56 +0000
Manifest next update: Tue 28 Oct 2025 07:00:56 +0000
Files and hashes: 1: FcPpw1IibzSy4BenkulclpDum4U.roa (hash: HSUDUncC0CCpqaUKBhWSJTD0GmSsEAzCocsfF6H1tqA=)
2: YL83NiAUbm8piugtLIqDccrLexs.crl (hash: 9cB9Fa9pPI/Qo0iATJinY5tXWOkp5vvAjavRIqZ+1Ec=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/YL83NiAUbm8piugtLIqDccrLexs.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/YL83NiAUbm8piugtLIqDccrLexs.mft
rsync://rpki.ripe.net/repository/DEFAULT/YL83NiAUbm8piugtLIqDccrLexs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 07:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:78:53:ce:d5:61:3e:48:bd:63:fc:fc:16:89:f4:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60bf373620146e6f298ae82d2c8a8371cacb7b1b
Validity
Not Before: Oct 27 07:00:56 2025 GMT
Not After : Oct 28 07:00:56 2025 GMT
Subject: CN=1fa83cf1b87dc887d2950428a03c60c6d4e31387
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6e:39:4f:61:33:4c:ea:f4:f8:1d:57:5b:d4:
9b:a9:b5:e5:a8:58:8c:1d:0a:f4:ab:30:35:11:14:
65:8a:28:2c:40:16:63:36:53:36:ab:3f:c8:72:06:
8c:ff:1c:1f:6c:80:2e:21:cb:1c:b0:82:0f:a3:86:
17:c5:1e:31:86:34:82:b9:3f:9f:ff:de:40:9c:7d:
f0:ae:01:de:50:78:43:f5:bb:d5:bf:96:df:dc:56:
16:f4:27:46:77:5e:b3:8f:f3:c1:be:35:4c:aa:21:
d4:a1:c4:a6:8a:b9:03:29:72:aa:51:70:53:a0:a5:
d8:95:6e:f2:90:9e:e6:a5:5b:65:c4:b5:0f:19:57:
55:26:51:a1:00:51:27:4f:ba:71:f9:ce:81:ad:bd:
15:45:23:b2:ff:72:ec:6a:0f:07:88:2a:f7:cb:4b:
74:64:02:ff:4a:a8:1b:e4:d3:64:76:66:f4:3b:cf:
6a:8f:31:2b:23:65:fb:92:ac:d7:ff:2d:46:8e:9f:
a8:ad:a0:70:c1:f0:ab:89:45:3a:53:66:e5:d3:af:
cd:b3:8d:33:16:f0:7b:8b:3c:26:20:fb:f7:84:20:
e4:7f:fd:d8:05:b8:ed:6a:41:6d:d6:c0:57:42:2c:
e9:bc:5c:66:87:e6:10:92:ca:e2:23:c9:b8:1a:09:
25:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:A8:3C:F1:B8:7D:C8:87:D2:95:04:28:A0:3C:60:C6:D4:E3:13:87
X509v3 Authority Key Identifier:
keyid:60:BF:37:36:20:14:6E:6F:29:8A:E8:2D:2C:8A:83:71:CA:CB:7B:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YL83NiAUbm8piugtLIqDccrLexs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/YL83NiAUbm8piugtLIqDccrLexs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/YL83NiAUbm8piugtLIqDccrLexs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:f5:67:da:a4:01:37:d7:2f:50:81:73:96:1a:31:47:dd:1b:
78:0a:39:2d:20:11:0e:9b:17:03:11:59:d1:04:4b:69:2b:e1:
98:df:a8:ae:86:fb:e7:26:32:64:0d:2d:50:18:3d:9e:60:83:
61:02:f3:36:87:4f:c8:a3:74:7a:ca:e1:14:a9:fe:b8:ec:b7:
39:17:da:55:70:8e:16:76:34:3c:d2:60:6f:8a:16:97:10:b1:
06:34:52:c4:8e:fb:16:38:b4:2d:bc:fe:db:65:7a:ea:ff:77:
7b:fb:f3:05:b2:68:52:f2:31:3f:da:01:db:d8:15:46:0e:2c:
e2:0d:b1:e0:b5:54:8d:fd:4c:e9:fa:ef:6f:6c:85:2c:37:45:
d0:a3:fe:09:d8:5c:4c:ef:bc:98:b0:b0:17:d0:5d:f6:a9:16:
12:f7:88:f5:a5:9d:f0:37:8c:98:c5:c0:5c:25:41:4a:2d:ca:
d1:d6:eb:c2:63:dd:99:6d:d6:50:73:b2:71:df:46:f9:cd:2f:
ad:e8:ee:4e:33:b5:9b:3d:0d:8f:bb:60:38:8a:45:6d:0b:aa:
3f:51:d7:b2:fa:b7:19:4f:4a:8f:95:1e:2c:85:ae:d0:1b:4c:
8d:67:47:79:55:60:05:c0:97:bc:51:7f:74:89:8c:2b:8f:8f:
39:e5:54:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZokeFPO1WE+SL1j/PwWifThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYmYzNzM2MjAxNDZlNmYyOThhZTgyZDJjOGE4MzcxY2Fj
YjdiMWIwHhcNMjUxMDI3MDcwMDU2WhcNMjUxMDI4MDcwMDU2WjAzMTEwLwYDVQQD
EygxZmE4M2NmMWI4N2RjODg3ZDI5NTA0MjhhMDNjNjBjNmQ0ZTMxMzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwG45T2EzTOr0+B1XW9SbqbXlqFiM
HQr0qzA1ERRliigsQBZjNlM2qz/IcgaM/xwfbIAuIcscsIIPo4YXxR4xhjSCuT+f
/95AnH3wrgHeUHhD9bvVv5bf3FYW9CdGd16zj/PBvjVMqiHUocSmirkDKXKqUXBT
oKXYlW7ykJ7mpVtlxLUPGVdVJlGhAFEnT7px+c6Brb0VRSOy/3Lsag8HiCr3y0t0
ZAL/Sqgb5NNkdmb0O89qjzErI2X7kqzX/y1Gjp+oraBwwfCriUU6U2bl06/Ns40z
FvB7izwmIPv3hCDkf/3YBbjtakFt1sBXQizpvFxmh+YQksriI8m4GgklnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+oPPG4fciH0pUEKKA8YMbU4xOHMB8GA1UdIwQY
MBaAFGC/NzYgFG5vKYroLSyKg3HKy3sbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUw4M05pQVVibThwaXVndExJcURjY3JMZXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kZWNkZTMtMjc3YS00OTU2LWJmOTIt
ZjBhODEyM2U3MGY5LzEvWUw4M05pQVVibThwaXVndExJcURjY3JMZXhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9kZWNkZTMtMjc3YS00OTU2LWJmOTItZjBhODEyM2U3MGY5
LzEvWUw4M05pQVVibThwaXVndExJcURjY3JMZXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUvVn2qQB
N9cvUIFzlhoxR90beAo5LSARDpsXAxFZ0QRLaSvhmN+orob75yYyZA0tUBg9nmCD
YQLzNodPyKN0esrhFKn+uOy3ORfaVXCOFnY0PNJgb4oWlxCxBjRSxI77Fji0Lbz+
22V66v93e/vzBbJoUvIxP9oB29gVRg4s4g2x4LVUjf1M6frvb2yFLDdF0KP+Cdhc
TO+8mLCwF9Bd9qkWEveI9aWd8DeMmMXAXCVBSi3K0dbrwmPdmW3WUHOycd9G+c0v
rejuTjO1mz0Nj7tgOIpFbQuqP1HXsvq3GU9Kj5UeLIWu0BtMjWdHeVVgBcCXvFF/
dImMK4+POeVUcg==
-----END CERTIFICATE-----
Generated at Mon Oct 27 15:06:05 2025 by rpki-client