Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.mft
File: You5JTbCD0KwW-UywNuquYt1XzU.mft (raw, json)
Hash identifier: di+fcqdg8DQNajJdYgZWfjX9zkXkx13CVc5eiv0xUWw=
Subject key identifier: 29:80:BC:0D:4A:0E:17:A7:3C:23:01:F8:99:22:B0:51:C7:CC:7A:33
Authority key identifier: 62:8B:B9:25:36:C2:0F:42:B0:5B:E5:32:C0:DB:AA:B9:8B:75:5F:35
Certificate issuer: /CN=628bb92536c20f42b05be532c0dbaab98b755f35
Certificate serial: 019923312E573356947E93A7AB8362A5EDEC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/You5JTbCD0KwW-UywNuquYt1XzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.mft
Manifest number: 0127
Signing time: Sun 07 Sep 2025 08:00:49 +0000
Manifest this update: Sun 07 Sep 2025 08:00:49 +0000
Manifest next update: Mon 08 Sep 2025 08:00:49 +0000
Files and hashes: 1: You5JTbCD0KwW-UywNuquYt1XzU.crl (hash: tyYgLGpdeCyg16SjeJCI1CJoX1r0QJRQTipZMP21BAM=)
2: lUZIxGhzOYxZGWoE_bPIsAcvBns.roa (hash: 181xs0vbEO2Q9NjKNLp5nMH7XagJ9a8i0PdC3k4WAwQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.mft
rsync://rpki.ripe.net/repository/DEFAULT/You5JTbCD0KwW-UywNuquYt1XzU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:31:2e:57:33:56:94:7e:93:a7:ab:83:62:a5:ed:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=628bb92536c20f42b05be532c0dbaab98b755f35
Validity
Not Before: Sep 7 08:00:49 2025 GMT
Not After : Sep 8 08:00:49 2025 GMT
Subject: CN=2980bc0d4a0e17a73c2301f89922b051c7cc7a33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e3:25:c0:91:ca:40:f9:67:5c:b0:7c:0a:7d:
18:24:31:91:df:10:ea:b0:78:2e:bd:d2:2d:ae:28:
6b:cd:0a:06:2f:15:2b:96:82:57:36:7d:92:fe:8e:
f6:48:a4:1b:e1:64:a0:8b:3c:1a:a7:f6:36:22:d2:
4d:da:40:58:01:00:6a:6c:1e:45:54:63:f3:35:f0:
a9:d4:e5:b0:26:02:ca:cd:3e:e0:38:67:f6:9e:80:
11:4f:a0:46:99:4a:e3:f4:1c:5c:9f:cc:dc:52:9e:
dc:4a:c1:85:ff:d9:71:be:5f:4a:c1:a7:8d:36:aa:
03:aa:f2:15:5f:c6:8a:a7:13:3c:d9:12:96:0e:c1:
75:f6:9e:82:0c:c6:a4:09:3a:8e:b1:95:8b:a1:ec:
41:8a:16:d6:11:62:7f:43:24:96:ef:e5:65:4f:fa:
44:f2:84:df:1c:22:79:80:cf:1a:f3:55:f5:3b:e2:
81:e1:50:bd:92:c9:a0:f7:53:9d:82:48:e2:bc:23:
b7:3f:e2:3c:a9:c8:c9:78:a5:23:12:45:20:ca:43:
c7:d9:72:e9:97:2a:0f:08:a2:fd:e1:9e:43:2f:b2:
fe:17:ee:fc:c8:e7:81:65:a1:9f:eb:a9:4b:c8:b1:
ab:0e:01:a7:29:3b:ce:54:ee:68:1b:e6:90:4b:42:
47:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:80:BC:0D:4A:0E:17:A7:3C:23:01:F8:99:22:B0:51:C7:CC:7A:33
X509v3 Authority Key Identifier:
keyid:62:8B:B9:25:36:C2:0F:42:B0:5B:E5:32:C0:DB:AA:B9:8B:75:5F:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/You5JTbCD0KwW-UywNuquYt1XzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:c0:df:31:fc:78:eb:32:25:b5:0e:a4:d8:a6:d0:45:ab:dd:
fa:0d:81:47:8f:4c:f3:a9:50:dc:fa:d4:d2:02:a5:f2:93:bc:
9e:3c:87:e0:a8:11:b3:10:4e:97:cc:26:88:e9:cb:ff:d3:db:
2d:e9:3b:34:3b:9e:52:4c:c9:52:17:d5:a3:82:97:cc:ac:16:
4e:79:36:fe:ea:8c:68:82:a1:3b:8c:cd:d3:57:45:5e:bf:5f:
e9:d1:b9:e1:d4:57:88:66:79:86:e8:c2:9a:2e:04:cf:1f:c1:
1d:d9:94:aa:e9:0c:d9:f7:3f:88:3d:0b:9d:b0:96:ed:4a:29:
33:09:bf:e9:91:4a:69:2e:33:aa:a0:5e:5d:70:55:3a:7d:74:
ec:09:ee:ff:31:12:ce:56:6a:4f:94:76:58:6f:47:fa:16:25:
34:c6:4c:da:3f:e0:36:d7:9d:af:0b:35:cf:f8:fa:b0:97:89:
8a:41:6a:57:12:ec:14:44:d8:46:e4:26:c8:d6:ed:42:96:ab:
5a:a0:b0:42:0c:d1:f5:5c:35:7c:19:f2:64:27:1e:fe:8f:33:
5d:76:7b:f8:f8:97:c1:a2:54:8c:31:75:f5:e0:b8:a2:15:77:
8b:29:69:61:f7:6f:7d:6a:39:78:f8:a0:e2:5a:5d:5e:6b:d1:
03:2c:c1:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMS5XM1aUfpOnq4Nipe3sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyOGJiOTI1MzZjMjBmNDJiMDViZTUzMmMwZGJhYWI5OGI3
NTVmMzUwHhcNMjUwOTA3MDgwMDQ5WhcNMjUwOTA4MDgwMDQ5WjAzMTEwLwYDVQQD
EygyOTgwYmMwZDRhMGUxN2E3M2MyMzAxZjg5OTIyYjA1MWM3Y2M3YTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+MlwJHKQPlnXLB8Cn0YJDGR3xDq
sHguvdItrihrzQoGLxUrloJXNn2S/o72SKQb4WSgizwap/Y2ItJN2kBYAQBqbB5F
VGPzNfCp1OWwJgLKzT7gOGf2noART6BGmUrj9Bxcn8zcUp7cSsGF/9lxvl9KwaeN
NqoDqvIVX8aKpxM82RKWDsF19p6CDMakCTqOsZWLoexBihbWEWJ/QySW7+VlT/pE
8oTfHCJ5gM8a81X1O+KB4VC9ksmg91OdgkjivCO3P+I8qcjJeKUjEkUgykPH2XLp
lyoPCKL94Z5DL7L+F+78yOeBZaGf66lLyLGrDgGnKTvOVO5oG+aQS0JHewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCmAvA1KDhenPCMB+JkisFHHzHozMB8GA1UdIwQY
MBaAFGKLuSU2wg9CsFvlMsDbqrmLdV81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW91NUpUYkNEMEt3Vy1VeXdOdXF1WXQxWHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8yMDVkYmUtNzcxNC00ZDBlLTk0NzMt
MmJjZTgxYTQzMWViLzEvWW91NUpUYkNEMEt3Vy1VeXdOdXF1WXQxWHpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8yMDVkYmUtNzcxNC00ZDBlLTk0NzMtMmJjZTgxYTQzMWVi
LzEvWW91NUpUYkNEMEt3Vy1VeXdOdXF1WXQxWHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXMDfMfx4
6zIltQ6k2KbQRavd+g2BR49M86lQ3PrU0gKl8pO8njyH4KgRsxBOl8wmiOnL/9Pb
Lek7NDueUkzJUhfVo4KXzKwWTnk2/uqMaIKhO4zN01dFXr9f6dG54dRXiGZ5hujC
mi4Ezx/BHdmUqukM2fc/iD0LnbCW7UopMwm/6ZFKaS4zqqBeXXBVOn107Anu/zES
zlZqT5R2WG9H+hYlNMZM2j/gNtedrws1z/j6sJeJikFqVxLsFETYRuQmyNbtQpar
WqCwQgzR9Vw1fBnyZCce/o8zXXZ7+PiXwaJUjDF19eC4ohV3iylpYfdvfWo5ePig
4lpdXmvRAyzBUA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:49:42 2025 by rpki-client