Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.mft
File: ym3NrZkpBFbG18GOscBY2UEIiAE.mft (raw, json)
Hash identifier: kad+5n1I+rJXw0iHvevNeVS3c3IY9aQ1330ryfznGlI=
Subject key identifier: 85:CB:FC:AE:C6:34:5E:CC:88:75:EC:28:7D:9A:70:C4:7E:B6:E5:F3
Authority key identifier: CA:6D:CD:AD:99:29:04:56:C6:D7:C1:8E:B1:C0:58:D9:41:08:88:01
Certificate issuer: /CN=ca6dcdad99290456c6d7c18eb1c058d941088801
Certificate serial: 019A7149C67734638C5B857F458A0FF44011
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ym3NrZkpBFbG18GOscBY2UEIiAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.mft
Manifest number: 16C1
Signing time: Tue 11 Nov 2025 05:00:51 +0000
Manifest this update: Tue 11 Nov 2025 05:00:51 +0000
Manifest next update: Wed 12 Nov 2025 05:00:51 +0000
Files and hashes: 1: Vm2xySa3TZzRcufAzxt4hRBLNss.roa (hash: O5+b4nw4CSapOt9ANvlpqmvnfoL7HE4era1klJG6PPo=)
2: ym3NrZkpBFbG18GOscBY2UEIiAE.crl (hash: g8tRCj8Ys9NouEoQk1CNOs27Zgo+71BdMjbHOX6e7XM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ym3NrZkpBFbG18GOscBY2UEIiAE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:c6:77:34:63:8c:5b:85:7f:45:8a:0f:f4:40:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca6dcdad99290456c6d7c18eb1c058d941088801
Validity
Not Before: Nov 11 05:00:51 2025 GMT
Not After : Nov 12 05:00:51 2025 GMT
Subject: CN=85cbfcaec6345ecc8875ec287d9a70c47eb6e5f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c9:22:5a:2d:b8:21:eb:29:53:b9:12:85:3e:
fc:ea:59:c4:ac:4a:71:a1:bc:84:ca:3a:ae:a1:59:
49:44:4a:7c:ac:1d:c1:c5:a0:84:ae:66:4e:04:a8:
73:a6:6f:d2:b7:f0:37:5a:d3:ac:7c:6a:42:13:3b:
c1:99:e8:c4:c3:eb:bf:33:d0:05:3d:8f:79:6d:fe:
ba:04:68:66:1f:b5:f5:70:e7:05:c5:c2:d4:14:b1:
15:8b:5d:8f:a7:2e:81:2e:a2:6c:0c:ac:07:52:be:
66:a4:bb:f0:73:6d:aa:3a:12:5d:84:39:da:da:8c:
25:51:06:0a:3a:a4:bf:15:d5:e5:58:35:cb:85:d2:
6d:34:78:1f:55:7a:cf:31:00:04:c8:ba:e9:0b:ae:
11:b6:87:a7:08:1c:9d:00:46:74:a6:b6:f9:a9:a3:
33:c1:b6:4e:6b:f4:36:08:cb:c5:1e:08:4e:2d:d2:
e9:dc:c4:26:31:dd:b9:70:70:de:24:bf:ec:2c:bf:
58:8c:21:5b:aa:4f:52:b7:58:20:11:dd:4c:46:8f:
cc:dc:60:a0:f1:b5:b3:fd:cd:52:55:21:54:8c:2f:
d1:3b:d7:18:5c:34:97:0a:af:c9:b6:a2:64:f7:79:
c2:51:c5:dc:f6:54:4e:f5:e4:01:9b:c9:f2:51:6f:
6f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:CB:FC:AE:C6:34:5E:CC:88:75:EC:28:7D:9A:70:C4:7E:B6:E5:F3
X509v3 Authority Key Identifier:
keyid:CA:6D:CD:AD:99:29:04:56:C6:D7:C1:8E:B1:C0:58:D9:41:08:88:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ym3NrZkpBFbG18GOscBY2UEIiAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:c0:46:ef:e8:f1:f6:af:a3:e1:6a:58:df:c3:0f:7c:87:13:
59:9b:d1:e7:90:c9:e8:1c:4a:52:10:a8:43:85:12:5a:24:3a:
bb:1d:26:7a:8f:b6:0c:30:b2:13:ff:9a:4d:19:31:c4:3a:13:
61:71:15:2d:1f:41:34:9c:1b:9e:01:5c:2c:c8:7f:0e:4c:8c:
dd:56:72:04:5d:79:9a:60:ce:03:a4:9a:7a:03:da:1f:3c:a1:
e1:9c:3f:51:ac:51:15:23:ca:08:ea:5e:ef:ce:bd:23:47:61:
23:eb:a0:e7:fd:ab:dd:97:5c:3e:3e:79:21:cb:f7:84:6b:0b:
6d:73:bc:91:8c:c5:cb:c6:de:51:14:71:ff:c3:27:1f:d4:34:
7b:12:2a:ca:41:1c:23:93:f4:9c:1a:4a:c1:ba:f3:86:a2:e1:
b9:24:74:3d:51:77:01:61:9b:26:dc:dc:33:2b:9a:43:29:b6:
af:7b:66:f5:93:84:51:08:ca:36:d7:0e:77:e7:73:7a:47:e0:
5e:2c:0e:1e:08:d1:67:dc:53:82:8e:f7:75:63:d8:87:9d:31:
10:b7:ce:84:c7:e5:15:1a:cb:f2:29:10:c5:64:80:c7:21:47:
f8:83:67:1f:02:ba:ba:90:a3:09:8e:51:b4:8f:41:93:c8:b2:
17:7e:90:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxScZ3NGOMW4V/RYoP9EARMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNmRjZGFkOTkyOTA0NTZjNmQ3YzE4ZWIxYzA1OGQ5NDEw
ODg4MDEwHhcNMjUxMTExMDUwMDUxWhcNMjUxMTEyMDUwMDUxWjAzMTEwLwYDVQQD
Eyg4NWNiZmNhZWM2MzQ1ZWNjODg3NWVjMjg3ZDlhNzBjNDdlYjZlNWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8kiWi24IespU7kShT786lnErEpx
obyEyjquoVlJREp8rB3BxaCErmZOBKhzpm/St/A3WtOsfGpCEzvBmejEw+u/M9AF
PY95bf66BGhmH7X1cOcFxcLUFLEVi12Ppy6BLqJsDKwHUr5mpLvwc22qOhJdhDna
2owlUQYKOqS/FdXlWDXLhdJtNHgfVXrPMQAEyLrpC64RtoenCBydAEZ0prb5qaMz
wbZOa/Q2CMvFHghOLdLp3MQmMd25cHDeJL/sLL9YjCFbqk9St1ggEd1MRo/M3GCg
8bWz/c1SVSFUjC/RO9cYXDSXCq/JtqJk93nCUcXc9lRO9eQBm8nyUW9vQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIXL/K7GNF7MiHXsKH2acMR+tuXzMB8GA1UdIwQY
MBaAFMptza2ZKQRWxtfBjrHAWNlBCIgBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW0zTnJaa3BCRmJHMThHT3NjQlkyVUVJaUFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83Njc1OWUtMzk2NC00YzRmLTg3NmIt
YmM0NzVkMDA4ODY5LzEveW0zTnJaa3BCRmJHMThHT3NjQlkyVUVJaUFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83Njc1OWUtMzk2NC00YzRmLTg3NmItYmM0NzVkMDA4ODY5
LzEveW0zTnJaa3BCRmJHMThHT3NjQlkyVUVJaUFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKcBG7+jx
9q+j4WpY38MPfIcTWZvR55DJ6BxKUhCoQ4USWiQ6ux0meo+2DDCyE/+aTRkxxDoT
YXEVLR9BNJwbngFcLMh/DkyM3VZyBF15mmDOA6SaegPaHzyh4Zw/UaxRFSPKCOpe
7869I0dhI+ug5/2r3ZdcPj55Icv3hGsLbXO8kYzFy8beURRx/8MnH9Q0exIqykEc
I5P0nBpKwbrzhqLhuSR0PVF3AWGbJtzcMyuaQym2r3tm9ZOEUQjKNtcOd+dzekfg
XiwOHgjRZ9xTgo73dWPYh50xELfOhMflFRrL8ikQxWSAxyFH+INnHwK6upCjCY5R
tI9Bk8iyF36Q4w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:55 2025 by rpki-client