Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/b8ea83-4765-43a6-a54f-20d24900130a/1/yaOl5BHeryKE_9AVML-0H4Fsu6M.mft
File: yaOl5BHeryKE_9AVML-0H4Fsu6M.mft (raw, json)
Hash identifier: PqLEHVcb5omaGELpKXIpLTZN9eTc2mbdCMJfbrKzrPg=
Subject key identifier: 8B:66:0F:FE:5C:DD:D5:05:86:4A:F7:89:0B:A5:02:FC:07:27:59:E1
Authority key identifier: C9:A3:A5:E4:11:DE:AF:22:84:FF:D0:15:30:BF:B4:1F:81:6C:BB:A3
Certificate issuer: /CN=c9a3a5e411deaf2284ffd01530bfb41f816cbba3
Certificate serial: 019A71808FB1B4D87BFFB5022453671900F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yaOl5BHeryKE_9AVML-0H4Fsu6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/b8ea83-4765-43a6-a54f-20d24900130a/1/yaOl5BHeryKE_9AVML-0H4Fsu6M.mft
Manifest number: 04F5
Signing time: Tue 11 Nov 2025 06:00:42 +0000
Manifest this update: Tue 11 Nov 2025 06:00:42 +0000
Manifest next update: Wed 12 Nov 2025 06:00:42 +0000
Files and hashes: 1: UVQQxsyFxE5G_GAZUd3A6ZXjkCE.roa (hash: zpm9oScjJUHtNk/CwO+EVZyjIHRYFCB8FAgH34Qnsvo=)
2: yaOl5BHeryKE_9AVML-0H4Fsu6M.crl (hash: ONq7cfmCBdPgZuJ05lvOJVVzy66pH8MTcaKrQa7tHE8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/b8ea83-4765-43a6-a54f-20d24900130a/1/yaOl5BHeryKE_9AVML-0H4Fsu6M.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/b8ea83-4765-43a6-a54f-20d24900130a/1/yaOl5BHeryKE_9AVML-0H4Fsu6M.mft
rsync://rpki.ripe.net/repository/DEFAULT/yaOl5BHeryKE_9AVML-0H4Fsu6M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:80:8f:b1:b4:d8:7b:ff:b5:02:24:53:67:19:00:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9a3a5e411deaf2284ffd01530bfb41f816cbba3
Validity
Not Before: Nov 11 06:00:42 2025 GMT
Not After : Nov 12 06:00:42 2025 GMT
Subject: CN=8b660ffe5cddd505864af7890ba502fc072759e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3c:5c:55:2b:80:b2:c9:a1:09:44:6a:6b:9f:
e1:50:fa:0f:0d:a1:42:2b:4f:4f:fc:cf:9b:61:b7:
63:20:5e:90:1a:f1:32:c3:22:f1:52:b6:54:57:50:
62:b2:96:d4:e7:dd:e7:ce:ff:c1:2b:ad:ac:5d:22:
13:b4:61:c6:cc:d3:d4:97:96:27:5d:72:54:19:15:
fb:8d:ff:a5:c1:da:e5:fe:41:d2:e9:0c:2b:ef:90:
a2:01:3f:da:c5:34:53:71:86:89:e9:45:de:a3:84:
61:eb:ef:c9:49:5e:fa:00:6b:94:10:9a:6e:00:f2:
20:8e:71:2b:55:bb:79:9c:07:7c:eb:c1:43:34:3a:
db:d1:5f:12:c4:b0:a3:e7:9d:90:72:07:52:e1:fb:
f2:e3:c1:fa:d3:d8:e0:08:85:85:aa:57:5a:11:ca:
23:10:6d:c5:7c:3a:3a:f1:2c:00:6b:9e:0f:eb:94:
da:e1:ad:df:31:e3:ca:cc:aa:08:b2:e7:a1:17:3e:
48:d9:1c:0e:98:99:77:43:7d:46:84:4f:e3:bf:eb:
69:3e:fa:92:25:e8:ec:50:bb:b4:5c:bb:e2:7e:ec:
79:92:6d:f8:e0:3a:52:0c:7b:19:e7:ba:65:cd:06:
e9:6c:e7:cf:09:15:c4:44:d2:73:6d:ce:0e:86:45:
42:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:66:0F:FE:5C:DD:D5:05:86:4A:F7:89:0B:A5:02:FC:07:27:59:E1
X509v3 Authority Key Identifier:
keyid:C9:A3:A5:E4:11:DE:AF:22:84:FF:D0:15:30:BF:B4:1F:81:6C:BB:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yaOl5BHeryKE_9AVML-0H4Fsu6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/b8ea83-4765-43a6-a54f-20d24900130a/1/yaOl5BHeryKE_9AVML-0H4Fsu6M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/b8ea83-4765-43a6-a54f-20d24900130a/1/yaOl5BHeryKE_9AVML-0H4Fsu6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
05:ce:27:60:51:3a:42:2f:8b:f1:4e:89:f6:57:25:7c:1c:22:
f6:a0:ab:a1:fa:91:7c:0d:e4:50:56:72:74:13:8a:f6:9a:93:
4e:60:59:2e:3f:46:69:26:5d:07:9f:c2:a1:84:e8:5e:a6:ec:
9d:2b:0a:f9:b9:61:9b:fe:80:38:e7:cf:ae:ea:d5:52:ef:54:
5a:2b:38:18:05:19:49:9b:a8:2c:a1:8b:fd:f0:26:61:43:d4:
0a:18:d8:bd:e6:d4:54:95:83:82:b5:ce:2a:2f:00:42:a1:71:
48:7f:98:2b:dd:cd:ee:62:a8:48:c4:d9:27:7f:f6:96:e1:29:
ba:9c:84:a8:6e:6d:d9:01:55:41:6a:10:3d:4d:a4:89:ba:71:
91:fa:9b:03:34:18:1f:32:e2:8c:95:95:40:5d:62:e8:1d:95:
99:51:a4:0f:1f:00:bf:fc:81:09:32:50:92:10:f4:1d:78:37:
8f:3a:71:22:86:b9:bc:34:04:21:1d:8f:29:e6:51:9a:42:67:
b0:8c:5a:c9:e0:51:34:03:c5:36:e1:0f:5b:83:4c:14:03:1a:
69:21:97:9d:c8:8f:ba:e1:14:0b:3b:43:30:ba:0a:c5:ee:b7:
9a:1e:0e:50:1c:60:c5:52:6a:e5:1f:83:e9:d3:74:52:69:ed:
20:34:ba:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxgI+xtNh7/7UCJFNnGQDzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YTNhNWU0MTFkZWFmMjI4NGZmZDAxNTMwYmZiNDFmODE2
Y2JiYTMwHhcNMjUxMTExMDYwMDQyWhcNMjUxMTEyMDYwMDQyWjAzMTEwLwYDVQQD
Eyg4YjY2MGZmZTVjZGRkNTA1ODY0YWY3ODkwYmE1MDJmYzA3Mjc1OWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjxcVSuAssmhCURqa5/hUPoPDaFC
K09P/M+bYbdjIF6QGvEywyLxUrZUV1BispbU593nzv/BK62sXSITtGHGzNPUl5Yn
XXJUGRX7jf+lwdrl/kHS6Qwr75CiAT/axTRTcYaJ6UXeo4Rh6+/JSV76AGuUEJpu
APIgjnErVbt5nAd868FDNDrb0V8SxLCj552QcgdS4fvy48H609jgCIWFqldaEcoj
EG3FfDo68SwAa54P65Ta4a3fMePKzKoIsuehFz5I2RwOmJl3Q31GhE/jv+tpPvqS
JejsULu0XLvifux5km344DpSDHsZ57plzQbpbOfPCRXERNJzbc4OhkVCpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItmD/5c3dUFhkr3iQulAvwHJ1nhMB8GA1UdIwQY
MBaAFMmjpeQR3q8ihP/QFTC/tB+BbLujMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWFPbDVCSGVyeUtFXzlBVk1MLTBINEZzdTZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iOGVhODMtNDc2NS00M2E2LWE1NGYt
MjBkMjQ5MDAxMzBhLzEveWFPbDVCSGVyeUtFXzlBVk1MLTBINEZzdTZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iOGVhODMtNDc2NS00M2E2LWE1NGYtMjBkMjQ5MDAxMzBh
LzEveWFPbDVCSGVyeUtFXzlBVk1MLTBINEZzdTZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABc4nYFE6
Qi+L8U6J9lclfBwi9qCrofqRfA3kUFZydBOK9pqTTmBZLj9GaSZdB5/CoYToXqbs
nSsK+blhm/6AOOfPrurVUu9UWis4GAUZSZuoLKGL/fAmYUPUChjYvebUVJWDgrXO
Ki8AQqFxSH+YK93N7mKoSMTZJ3/2luEpupyEqG5t2QFVQWoQPU2kibpxkfqbAzQY
HzLijJWVQF1i6B2VmVGkDx8Av/yBCTJQkhD0HXg3jzpxIoa5vDQEIR2PKeZRmkJn
sIxayeBRNAPFNuEPW4NMFAMaaSGXnciPuuEUCztDMLoKxe63mh4OUBxgxVJq5R+D
6dN0UmntIDS6qA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:44:43 2025 by rpki-client