Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b4bf60-d593-40d2-9783-1e19168f5d73/1/ylF4miMTWsImjCKihWAKX5sFN3A.mft
File: ylF4miMTWsImjCKihWAKX5sFN3A.mft (raw, json)
Hash identifier: dy9UjUGngJbP0MP4pE1oVYWJnC9wCMTXyYsQK7tqZpk=
Subject key identifier: 85:A2:FD:27:93:E6:C7:69:EA:D8:F9:90:9A:58:1E:5E:28:96:1D:0A
Authority key identifier: CA:51:78:9A:23:13:5A:C2:26:8C:22:A2:85:60:0A:5F:9B:05:37:70
Certificate issuer: /CN=ca51789a23135ac2268c22a285600a5f9b053770
Certificate serial: 019CC8636DDF9E2A2EAFB680DBFF6C409FAA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ylF4miMTWsImjCKihWAKX5sFN3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b4bf60-d593-40d2-9783-1e19168f5d73/1/ylF4miMTWsImjCKihWAKX5sFN3A.mft
Manifest number: 13BD
Signing time: Sat 07 Mar 2026 13:01:24 +0000
Manifest this update: Sat 07 Mar 2026 13:01:24 +0000
Manifest next update: Sun 08 Mar 2026 13:01:24 +0000
Files and hashes: 1: sr2F0zsExdSQr-zgnrk17i9FhUg.roa (hash: hKUfnAYzGISD3itupUfCkChJsvs636FejLl9Oqr8aQA=)
2: ylF4miMTWsImjCKihWAKX5sFN3A.crl (hash: EoRRRkPj2+ZzWFk+Yv9x9HbtlYqo+7EtHWckyVQF1qM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/b4bf60-d593-40d2-9783-1e19168f5d73/1/ylF4miMTWsImjCKihWAKX5sFN3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/b4bf60-d593-40d2-9783-1e19168f5d73/1/ylF4miMTWsImjCKihWAKX5sFN3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/ylF4miMTWsImjCKihWAKX5sFN3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Mar 2026 10:49:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c8:63:6d:df:9e:2a:2e:af:b6:80:db:ff:6c:40:9f:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca51789a23135ac2268c22a285600a5f9b053770
Validity
Not Before: Mar 7 13:01:24 2026 GMT
Not After : Mar 8 13:01:24 2026 GMT
Subject: CN=85a2fd2793e6c769ead8f9909a581e5e28961d0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:67:cf:15:bf:61:37:ba:17:a5:e8:ec:8c:46:
87:42:c5:10:d6:3d:aa:dc:c2:0b:a9:77:7d:cb:22:
0a:10:3f:e7:a1:5e:78:2c:b4:b6:70:3f:46:10:f2:
94:0b:e4:4b:6c:be:42:9a:7c:8d:a0:e0:12:60:1b:
f9:bf:3c:6d:76:a3:e2:fe:91:2a:8a:f1:68:a8:83:
5f:09:b7:96:fc:dc:69:76:27:0d:fc:58:c3:c5:a8:
50:1a:6d:c1:11:2f:2f:a4:03:e7:9b:66:91:04:9b:
c2:68:59:c6:62:76:4b:55:19:84:6f:a9:38:c0:fc:
c7:f4:ce:d0:b0:73:b0:75:43:e2:5d:34:b8:1b:00:
a5:ff:a2:1e:f8:0f:72:da:28:65:40:1f:0e:d7:8e:
e4:78:28:57:88:c7:9a:d7:81:5c:c1:53:86:29:e0:
12:42:ca:92:32:db:3a:07:df:bb:3f:82:95:71:cf:
e2:fd:b7:15:38:b8:4a:ef:ab:f6:0c:f4:bd:fa:2b:
ee:e0:d8:1c:9a:8c:ea:91:3e:1b:49:15:76:a8:42:
83:8b:dd:b3:5e:95:47:44:3e:fc:d8:c3:34:b4:f9:
1e:56:50:0e:f2:6f:41:e7:77:47:c6:14:cf:a7:da:
ab:50:49:27:04:67:42:0e:b9:15:ac:a8:eb:c9:8b:
fa:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A2:FD:27:93:E6:C7:69:EA:D8:F9:90:9A:58:1E:5E:28:96:1D:0A
X509v3 Authority Key Identifier:
keyid:CA:51:78:9A:23:13:5A:C2:26:8C:22:A2:85:60:0A:5F:9B:05:37:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ylF4miMTWsImjCKihWAKX5sFN3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b4bf60-d593-40d2-9783-1e19168f5d73/1/ylF4miMTWsImjCKihWAKX5sFN3A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b4bf60-d593-40d2-9783-1e19168f5d73/1/ylF4miMTWsImjCKihWAKX5sFN3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:94:4e:9a:d2:1a:02:4e:73:6c:60:25:1f:ed:a0:33:14:ed:
b0:d6:ea:d6:0e:e8:4d:49:97:cb:86:57:63:15:40:14:3e:1f:
ee:b2:07:1e:26:9a:4d:50:2b:9f:62:42:f9:3e:a7:a1:b3:21:
1b:ed:7e:43:7f:75:23:35:e6:3f:cf:e3:fc:05:ca:3b:10:31:
36:0d:1a:05:f7:71:14:b5:8d:70:05:04:4e:ee:32:16:16:05:
a0:32:b8:21:da:d5:33:f9:43:0c:0a:c1:46:8d:46:7b:9a:ba:
31:80:1a:f2:c3:aa:9b:97:78:f1:62:50:f9:ba:bc:4d:47:ed:
c7:4b:2e:7d:e8:18:a7:74:b1:10:a0:31:20:d4:79:29:46:14:
ba:a5:bb:e0:4d:59:ca:af:7d:77:96:03:81:95:7d:e4:02:f0:
0d:85:94:a8:a8:83:02:80:83:09:9c:47:30:0c:ab:93:af:94:
05:a8:eb:30:7c:c2:58:1c:ef:94:17:3c:cc:a2:49:93:9f:9e:
16:28:bb:0c:e9:26:f9:21:34:03:ea:8e:2c:d1:6f:2e:61:45:
c5:1f:12:ee:dd:d9:83:08:c3:9f:fd:1e:0f:ac:ea:ea:1f:a1:
fc:18:03:17:32:df:8d:fe:68:4d:f3:c3:aa:03:44:3f:41:c5:
97:af:94:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzIY23fniour7aA2/9sQJ+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNTE3ODlhMjMxMzVhYzIyNjhjMjJhMjg1NjAwYTVmOWIw
NTM3NzAwHhcNMjYwMzA3MTMwMTI0WhcNMjYwMzA4MTMwMTI0WjAzMTEwLwYDVQQD
Eyg4NWEyZmQyNzkzZTZjNzY5ZWFkOGY5OTA5YTU4MWU1ZTI4OTYxZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2fPFb9hN7oXpejsjEaHQsUQ1j2q
3MILqXd9yyIKED/noV54LLS2cD9GEPKUC+RLbL5CmnyNoOASYBv5vzxtdqPi/pEq
ivFoqINfCbeW/NxpdicN/FjDxahQGm3BES8vpAPnm2aRBJvCaFnGYnZLVRmEb6k4
wPzH9M7QsHOwdUPiXTS4GwCl/6Ie+A9y2ihlQB8O147keChXiMea14FcwVOGKeAS
QsqSMts6B9+7P4KVcc/i/bcVOLhK76v2DPS9+ivu4NgcmozqkT4bSRV2qEKDi92z
XpVHRD782MM0tPkeVlAO8m9B53dHxhTPp9qrUEknBGdCDrkVrKjryYv6ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIWi/SeT5sdp6tj5kJpYHl4olh0KMB8GA1UdIwQY
MBaAFMpReJojE1rCJowiooVgCl+bBTdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWxGNG1pTVRXc0ltakNLaWhXQUtYNXNGTjNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iNGJmNjAtZDU5My00MGQyLTk3ODMt
MWUxOTE2OGY1ZDczLzEveWxGNG1pTVRXc0ltakNLaWhXQUtYNXNGTjNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iNGJmNjAtZDU5My00MGQyLTk3ODMtMWUxOTE2OGY1ZDcz
LzEveWxGNG1pTVRXc0ltakNLaWhXQUtYNXNGTjNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEZROmtIa
Ak5zbGAlH+2gMxTtsNbq1g7oTUmXy4ZXYxVAFD4f7rIHHiaaTVArn2JC+T6nobMh
G+1+Q391IzXmP8/j/AXKOxAxNg0aBfdxFLWNcAUETu4yFhYFoDK4IdrVM/lDDArB
Ro1Ge5q6MYAa8sOqm5d48WJQ+bq8TUftx0sufegYp3SxEKAxINR5KUYUuqW74E1Z
yq99d5YDgZV95ALwDYWUqKiDAoCDCZxHMAyrk6+UBajrMHzCWBzvlBc8zKJJk5+e
Fii7DOkm+SE0A+qOLNFvLmFFxR8S7t3ZgwjDn/0eD6zq6h+h/BgDFzLfjf5oTfPD
qgNEP0HFl6+Ueg==
-----END CERTIFICATE-----
Generated at Sat Mar 7 20:48:28 2026 by rpki-client