Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/b8ea83-4765-43a6-a54f-20d24900130a/1/yaOl5BHeryKE_9AVML-0H4Fsu6M.mft
File: yaOl5BHeryKE_9AVML-0H4Fsu6M.mft (raw, json)
Hash identifier: epWmGbcKlK0ui9vESfZdoHiDGHwXNeaEvHZC1po0toA=
Subject key identifier: 43:B1:B0:41:DF:48:C1:1D:DE:F8:B7:28:59:4C:DB:A7:95:35:AD:CB
Authority key identifier: C9:A3:A5:E4:11:DE:AF:22:84:FF:D0:15:30:BF:B4:1F:81:6C:BB:A3
Certificate issuer: /CN=c9a3a5e411deaf2284ffd01530bfb41f816cbba3
Certificate serial: 019D389C5C1B0A3CA9F85E60D5349AE70B29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yaOl5BHeryKE_9AVML-0H4Fsu6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/b8ea83-4765-43a6-a54f-20d24900130a/1/yaOl5BHeryKE_9AVML-0H4Fsu6M.mft
Manifest number: 066A
Signing time: Sun 29 Mar 2026 08:01:04 +0000
Manifest this update: Sun 29 Mar 2026 08:01:04 +0000
Manifest next update: Mon 30 Mar 2026 08:01:04 +0000
Files and hashes: 1: 05sJvKsPpEQygCgsV_MGQHN9_TM.roa (hash: nFTOD6KUcpEnrht3gN5bskiFEmc9rtUM9QNFKCOE0Vc=)
2: 1-xtDrU7wKNsIkkfW8E-ZbC6rELU.roa (hash: rgHDDCujsocFhMaTOl2AntkEyFdfyoyY4MLtmaNj0qw=)
3: s5h_FbOSJtTwNWZ7nw-DoslTY04.roa (hash: 3rYcvADDI43HpDRf99rDIKGF7HoSWoEsrigLvsY6+nw=)
4: yaOl5BHeryKE_9AVML-0H4Fsu6M.crl (hash: YY084fs7TCCqelPjPTMmFn1KUBiD12iFFpeYnzkxyFQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/b8ea83-4765-43a6-a54f-20d24900130a/1/yaOl5BHeryKE_9AVML-0H4Fsu6M.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/b8ea83-4765-43a6-a54f-20d24900130a/1/yaOl5BHeryKE_9AVML-0H4Fsu6M.mft
rsync://rpki.ripe.net/repository/DEFAULT/yaOl5BHeryKE_9AVML-0H4Fsu6M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:5c:1b:0a:3c:a9:f8:5e:60:d5:34:9a:e7:0b:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9a3a5e411deaf2284ffd01530bfb41f816cbba3
Validity
Not Before: Mar 29 08:01:04 2026 GMT
Not After : Mar 30 08:01:04 2026 GMT
Subject: CN=43b1b041df48c11ddef8b728594cdba79535adcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:64:43:20:32:0f:1a:75:ab:bb:78:1a:86:20:
50:3c:73:42:a7:07:53:79:64:bf:56:73:64:14:41:
da:ff:65:28:95:0a:a4:2b:37:98:9f:a9:2e:fb:e3:
4b:ae:0f:3c:81:f1:80:7b:a9:c4:82:e9:98:ac:34:
f6:58:67:d9:c4:bc:2b:1b:cd:58:cb:c3:c5:04:6c:
14:ea:eb:8c:c2:d5:39:98:2a:09:ee:9f:42:44:1b:
47:a0:3f:f5:c0:d7:88:2e:d3:79:a0:ea:a1:89:02:
89:07:f1:57:83:7e:bf:e0:71:d1:b8:93:85:e4:3a:
1b:41:15:f8:9b:bc:87:6f:8b:df:b1:60:7b:a7:75:
5f:02:ee:d5:0e:bf:ad:e0:72:6c:77:5d:61:40:b9:
5b:27:05:af:e7:1c:3a:c3:5c:53:14:5f:9a:14:35:
27:28:40:36:07:31:e3:13:d8:24:70:01:d8:b4:7b:
ac:8d:99:6a:43:2c:bf:55:98:2c:f7:0e:f6:af:43:
71:f0:10:b3:00:8b:07:09:f0:21:0d:bf:3f:c3:92:
6b:0c:35:37:7e:19:a4:fb:1d:99:10:e7:a7:82:51:
9c:93:14:6d:b2:e5:0a:e8:23:b8:ff:e5:80:c4:ba:
f1:e2:25:1d:17:d4:4f:5c:eb:90:20:88:65:11:33:
dc:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B1:B0:41:DF:48:C1:1D:DE:F8:B7:28:59:4C:DB:A7:95:35:AD:CB
X509v3 Authority Key Identifier:
keyid:C9:A3:A5:E4:11:DE:AF:22:84:FF:D0:15:30:BF:B4:1F:81:6C:BB:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yaOl5BHeryKE_9AVML-0H4Fsu6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/b8ea83-4765-43a6-a54f-20d24900130a/1/yaOl5BHeryKE_9AVML-0H4Fsu6M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/b8ea83-4765-43a6-a54f-20d24900130a/1/yaOl5BHeryKE_9AVML-0H4Fsu6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:55:ea:23:61:f2:dc:1e:15:6b:58:d7:76:93:c9:d7:ea:22:
66:29:35:52:73:68:0b:ea:3f:2c:18:2d:c2:96:29:82:ee:47:
df:b4:71:b8:a0:3c:db:b7:f6:09:23:d5:aa:18:17:e4:29:dc:
b3:21:e9:88:89:b9:1a:95:f6:23:a1:8e:4b:c5:fe:50:7f:ab:
51:e0:85:9f:20:23:bb:f6:0c:81:19:63:a7:be:c8:a2:4f:3a:
37:28:a0:91:71:ab:82:92:0d:57:3f:ad:30:21:7a:38:43:ad:
e6:e8:71:88:9d:73:e9:4e:f7:7f:c2:1f:87:e3:e9:7f:51:ac:
46:95:66:a8:10:7d:88:7a:78:c5:05:3f:4d:d3:f5:5c:d1:e3:
80:3f:9e:8c:54:f1:d5:5d:e3:b8:82:98:92:60:70:13:98:3b:
a5:57:95:51:52:6f:ef:04:c5:30:f0:b6:68:28:34:54:b0:72:
cb:63:29:50:e2:07:ca:d8:e3:0c:92:e3:c1:59:b0:38:59:ed:
c6:26:45:71:1b:9b:93:95:2c:d5:0c:06:b5:79:44:87:7a:66:
6c:f8:cb:e8:c0:54:16:bb:7b:f1:be:0b:e2:c2:dc:d5:20:b3:
69:1a:b0:98:91:da:ca:63:f3:79:53:ea:23:f6:47:83:68:7a:
41:cc:a6:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nFwbCjyp+F5g1TSa5wspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YTNhNWU0MTFkZWFmMjI4NGZmZDAxNTMwYmZiNDFmODE2
Y2JiYTMwHhcNMjYwMzI5MDgwMTA0WhcNMjYwMzMwMDgwMTA0WjAzMTEwLwYDVQQD
Eyg0M2IxYjA0MWRmNDhjMTFkZGVmOGI3Mjg1OTRjZGJhNzk1MzVhZGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGRDIDIPGnWru3gahiBQPHNCpwdT
eWS/VnNkFEHa/2UolQqkKzeYn6ku++NLrg88gfGAe6nEgumYrDT2WGfZxLwrG81Y
y8PFBGwU6uuMwtU5mCoJ7p9CRBtHoD/1wNeILtN5oOqhiQKJB/FXg36/4HHRuJOF
5DobQRX4m7yHb4vfsWB7p3VfAu7VDr+t4HJsd11hQLlbJwWv5xw6w1xTFF+aFDUn
KEA2BzHjE9gkcAHYtHusjZlqQyy/VZgs9w72r0Nx8BCzAIsHCfAhDb8/w5JrDDU3
fhmk+x2ZEOenglGckxRtsuUK6CO4/+WAxLrx4iUdF9RPXOuQIIhlETPcfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEOxsEHfSMEd3vi3KFlM26eVNa3LMB8GA1UdIwQY
MBaAFMmjpeQR3q8ihP/QFTC/tB+BbLujMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWFPbDVCSGVyeUtFXzlBVk1MLTBINEZzdTZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iOGVhODMtNDc2NS00M2E2LWE1NGYt
MjBkMjQ5MDAxMzBhLzEveWFPbDVCSGVyeUtFXzlBVk1MLTBINEZzdTZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iOGVhODMtNDc2NS00M2E2LWE1NGYtMjBkMjQ5MDAxMzBh
LzEveWFPbDVCSGVyeUtFXzlBVk1MLTBINEZzdTZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU1XqI2Hy
3B4Va1jXdpPJ1+oiZik1UnNoC+o/LBgtwpYpgu5H37RxuKA827f2CSPVqhgX5Cnc
syHpiIm5GpX2I6GOS8X+UH+rUeCFnyAju/YMgRljp77Iok86NyigkXGrgpINVz+t
MCF6OEOt5uhxiJ1z6U73f8Ifh+Ppf1GsRpVmqBB9iHp4xQU/TdP1XNHjgD+ejFTx
1V3juIKYkmBwE5g7pVeVUVJv7wTFMPC2aCg0VLByy2MpUOIHytjjDJLjwVmwOFnt
xiZFcRubk5Us1QwGtXlEh3pmbPjL6MBUFrt78b4L4sLc1SCzaRqwmJHaymPzeVPq
I/ZHg2h6Qcymvg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:14:10 2026 by rpki-client