Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.mft
File: You5JTbCD0KwW-UywNuquYt1XzU.mft (raw, json)
Hash identifier: 5tYATYc8q0ueC7gGyebrfaMYoiGs6Mm+aLRNUFZ3RPg=
Subject key identifier: FF:6C:2B:44:E3:63:2F:C2:E9:4F:7B:CD:21:16:A3:75:4A:27:39:F4
Authority key identifier: 62:8B:B9:25:36:C2:0F:42:B0:5B:E5:32:C0:DB:AA:B9:8B:75:5F:35
Certificate issuer: /CN=628bb92536c20f42b05be532c0dbaab98b755f35
Certificate serial: 019A714991692F26C036AD882E7088622B5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/You5JTbCD0KwW-UywNuquYt1XzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.mft
Manifest number: 01D4
Signing time: Tue 11 Nov 2025 05:00:37 +0000
Manifest this update: Tue 11 Nov 2025 05:00:37 +0000
Manifest next update: Wed 12 Nov 2025 05:00:37 +0000
Files and hashes: 1: You5JTbCD0KwW-UywNuquYt1XzU.crl (hash: Msng5qbJxlH4+ddapTmxahBMdpFaMiUwA99LpbGVslQ=)
2: lUZIxGhzOYxZGWoE_bPIsAcvBns.roa (hash: 181xs0vbEO2Q9NjKNLp5nMH7XagJ9a8i0PdC3k4WAwQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.mft
rsync://rpki.ripe.net/repository/DEFAULT/You5JTbCD0KwW-UywNuquYt1XzU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:91:69:2f:26:c0:36:ad:88:2e:70:88:62:2b:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=628bb92536c20f42b05be532c0dbaab98b755f35
Validity
Not Before: Nov 11 05:00:37 2025 GMT
Not After : Nov 12 05:00:37 2025 GMT
Subject: CN=ff6c2b44e3632fc2e94f7bcd2116a3754a2739f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d7:85:9a:28:9c:a2:6d:9c:52:7e:37:23:06:
53:a0:06:3f:a8:09:9f:9b:2e:ff:40:4d:2c:69:14:
08:8f:bd:32:9a:4d:81:75:77:0c:3e:c0:e2:fa:0b:
ed:c8:40:29:d3:d0:d8:02:f3:37:6a:ee:1a:9a:69:
83:ec:5f:0a:50:66:78:34:0d:5e:4b:b8:44:08:da:
93:31:35:e2:49:ec:03:f5:49:08:49:4e:04:70:80:
d9:a1:2b:a6:2f:49:10:a9:76:b0:de:b9:7d:c1:59:
ac:d6:ee:de:f2:67:06:9a:9d:5d:ed:3b:3c:47:71:
cf:ff:94:8d:7d:94:5e:7e:5c:89:d1:8d:b8:dc:ed:
03:9b:38:10:19:dd:72:c7:a7:b8:72:20:51:38:5b:
d8:49:da:2a:9a:58:33:be:61:ef:01:45:e2:74:b5:
97:22:30:75:32:73:8d:8c:a3:0b:03:39:27:41:38:
3e:b2:d7:30:f3:68:f3:c6:41:40:27:50:db:ba:9f:
7b:12:75:6f:3b:7e:6f:fa:cd:39:2d:77:c7:83:bc:
f4:bd:48:d8:18:9f:6b:bd:30:cc:2b:56:66:08:ba:
a8:1a:c3:e3:a6:a8:38:9d:3d:8d:ec:e1:21:21:c3:
a0:11:19:25:88:64:66:eb:f8:dc:ed:e3:b6:cc:22:
e0:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:6C:2B:44:E3:63:2F:C2:E9:4F:7B:CD:21:16:A3:75:4A:27:39:F4
X509v3 Authority Key Identifier:
keyid:62:8B:B9:25:36:C2:0F:42:B0:5B:E5:32:C0:DB:AA:B9:8B:75:5F:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/You5JTbCD0KwW-UywNuquYt1XzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:46:38:88:ca:dd:af:44:35:d9:a4:e8:33:0c:8a:af:c5:ba:
9e:eb:f2:05:36:59:af:71:fd:b3:ff:fe:ff:86:0c:13:f2:57:
65:ba:ff:19:c9:6a:45:11:63:db:67:3a:7c:1b:e4:e5:3b:13:
f4:48:b0:59:c0:36:71:b5:96:87:c8:96:c4:96:c0:39:bb:cc:
64:8f:cd:09:25:78:4a:29:4f:4c:95:a1:1a:2b:08:45:7b:f8:
21:6f:4d:85:8d:7e:13:26:34:18:f8:21:9e:48:4f:ab:54:ff:
aa:97:db:d5:df:22:c9:de:48:5a:1d:01:7b:35:16:82:b1:35:
d9:73:2a:fc:d2:cb:3d:64:96:b4:c9:f6:b0:45:94:3d:88:8e:
2e:7e:57:6e:c4:10:07:e5:60:f3:86:af:ae:02:7c:1f:e8:b4:
35:76:c2:60:54:84:48:f2:00:af:aa:01:ed:3a:e7:9e:96:35:
af:fe:ab:40:17:88:15:18:2f:f5:90:e2:d5:a8:bb:26:8a:8b:
83:b2:fd:4c:39:ca:32:ea:2a:45:66:ea:5e:aa:ba:de:51:02:
54:70:e3:af:9e:69:41:57:8d:a6:ec:01:98:d3:3a:d1:d0:12:
ea:d1:ef:54:15:20:6b:95:da:54:2c:aa:2e:07:62:e6:31:d5:
0b:e9:67:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSZFpLybANq2ILnCIYitdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyOGJiOTI1MzZjMjBmNDJiMDViZTUzMmMwZGJhYWI5OGI3
NTVmMzUwHhcNMjUxMTExMDUwMDM3WhcNMjUxMTEyMDUwMDM3WjAzMTEwLwYDVQQD
EyhmZjZjMmI0NGUzNjMyZmMyZTk0ZjdiY2QyMTE2YTM3NTRhMjczOWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNeFmiicom2cUn43IwZToAY/qAmf
my7/QE0saRQIj70ymk2BdXcMPsDi+gvtyEAp09DYAvM3au4ammmD7F8KUGZ4NA1e
S7hECNqTMTXiSewD9UkISU4EcIDZoSumL0kQqXaw3rl9wVms1u7e8mcGmp1d7Ts8
R3HP/5SNfZReflyJ0Y243O0DmzgQGd1yx6e4ciBROFvYSdoqmlgzvmHvAUXidLWX
IjB1MnONjKMLAzknQTg+stcw82jzxkFAJ1Dbup97EnVvO35v+s05LXfHg7z0vUjY
GJ9rvTDMK1ZmCLqoGsPjpqg4nT2N7OEhIcOgERkliGRm6/jc7eO2zCLghQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP9sK0TjYy/C6U97zSEWo3VKJzn0MB8GA1UdIwQY
MBaAFGKLuSU2wg9CsFvlMsDbqrmLdV81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW91NUpUYkNEMEt3Vy1VeXdOdXF1WXQxWHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8yMDVkYmUtNzcxNC00ZDBlLTk0NzMt
MmJjZTgxYTQzMWViLzEvWW91NUpUYkNEMEt3Vy1VeXdOdXF1WXQxWHpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8yMDVkYmUtNzcxNC00ZDBlLTk0NzMtMmJjZTgxYTQzMWVi
LzEvWW91NUpUYkNEMEt3Vy1VeXdOdXF1WXQxWHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP0Y4iMrd
r0Q12aToMwyKr8W6nuvyBTZZr3H9s//+/4YME/JXZbr/GclqRRFj22c6fBvk5TsT
9EiwWcA2cbWWh8iWxJbAObvMZI/NCSV4SilPTJWhGisIRXv4IW9NhY1+EyY0GPgh
nkhPq1T/qpfb1d8iyd5IWh0BezUWgrE12XMq/NLLPWSWtMn2sEWUPYiOLn5XbsQQ
B+Vg84avrgJ8H+i0NXbCYFSESPIAr6oB7TrnnpY1r/6rQBeIFRgv9ZDi1ai7JoqL
g7L9TDnKMuoqRWbqXqq63lECVHDjr55pQVeNpuwBmNM60dAS6tHvVBUga5XaVCyq
Lgdi5jHVC+lnmg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:19:32 2025 by rpki-client