Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/9e36b2-3f2d-444f-9d3a-40bcb74e4c28/1/Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.mft
File: Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.mft (raw, json)
Hash identifier: jkNEqqQWPr0mg1CcVMnQy8LykVV1NCw7W3R5Iu8VxiE=
Subject key identifier: 2C:D7:F4:45:76:EE:E0:9E:8A:81:05:53:07:39:E0:7D:CF:4B:8E:05
Authority key identifier: 62:3D:8F:99:DF:A3:09:2D:1F:67:57:EF:AC:B4:9F:9E:00:E6:D4:B9
Certificate issuer: /CN=623d8f99dfa3092d1f6757efacb49f9e00e6d4b9
Certificate serial: 019D3A1CF2D96BF76E1D3B93A431563975D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/9e36b2-3f2d-444f-9d3a-40bcb74e4c28/1/Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.mft
Manifest number: 0979
Signing time: Sun 29 Mar 2026 15:01:08 +0000
Manifest this update: Sun 29 Mar 2026 15:01:08 +0000
Manifest next update: Mon 30 Mar 2026 15:01:08 +0000
Files and hashes: 1: Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.crl (hash: QDWQSsXsO6KnwjnucqFQSkCKZQ+hmQ5IYL6sCoPArHs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/9e36b2-3f2d-444f-9d3a-40bcb74e4c28/1/Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/9e36b2-3f2d-444f-9d3a-40bcb74e4c28/1/Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:1c:f2:d9:6b:f7:6e:1d:3b:93:a4:31:56:39:75:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=623d8f99dfa3092d1f6757efacb49f9e00e6d4b9
Validity
Not Before: Mar 29 15:01:08 2026 GMT
Not After : Mar 30 15:01:08 2026 GMT
Subject: CN=2cd7f44576eee09e8a8105530739e07dcf4b8e05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:0d:a8:c4:84:4c:cd:4e:a8:13:81:9f:a5:1b:
35:1a:35:83:ff:77:f4:43:f1:3f:96:96:38:64:85:
05:b1:f3:7c:83:97:aa:6e:c5:24:92:e6:6f:69:f3:
b3:43:5c:e9:fe:0d:1d:4b:71:f1:ad:b1:8c:f3:66:
b2:9b:e9:43:77:16:d9:02:ea:be:e0:40:89:11:aa:
ca:b7:75:b6:e5:a1:d4:0d:fd:80:52:42:4c:56:fd:
c3:c1:9a:c3:ca:c1:52:c0:ef:eb:24:f9:95:7f:b8:
42:ba:4d:da:ca:e3:c6:57:92:5b:18:2b:ba:e5:9a:
26:7b:57:7c:ae:04:78:97:df:67:08:d7:8d:0b:17:
ea:ea:69:5c:08:9f:d0:89:99:fb:00:ef:44:e1:7c:
00:61:dc:a1:86:b0:7d:63:52:b0:22:c1:47:6c:4b:
fe:e6:68:a6:8d:4d:2c:7b:13:82:cb:23:e2:40:ba:
05:9e:fd:49:ad:5a:b7:2f:f9:e8:db:e4:c8:00:f1:
2d:ce:6e:eb:51:92:08:91:80:40:63:72:86:2b:7b:
17:4d:b1:76:ed:fc:3c:9f:2f:88:9d:ad:a5:62:a7:
7c:23:1d:34:aa:68:24:31:10:01:6e:7d:fe:c6:25:
44:f3:48:59:c0:b2:3a:5f:0c:ca:8b:80:95:56:49:
ae:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:D7:F4:45:76:EE:E0:9E:8A:81:05:53:07:39:E0:7D:CF:4B:8E:05
X509v3 Authority Key Identifier:
keyid:62:3D:8F:99:DF:A3:09:2D:1F:67:57:EF:AC:B4:9F:9E:00:E6:D4:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/9e36b2-3f2d-444f-9d3a-40bcb74e4c28/1/Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/9e36b2-3f2d-444f-9d3a-40bcb74e4c28/1/Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:17:5b:ba:c4:11:f9:e5:7d:f9:f0:84:63:5f:85:ab:c0:84:
ea:33:5d:1e:8b:ac:91:78:91:62:39:09:9f:51:a2:aa:64:11:
00:2c:54:f6:12:50:1a:0a:f9:70:9d:ae:a5:83:a6:9a:e6:16:
0b:a5:ce:b2:88:5c:88:3b:a1:61:c3:20:91:19:ab:e5:fc:72:
c7:76:38:ef:88:fc:16:e4:59:5f:dc:92:2a:cb:d4:a8:e3:eb:
3e:44:70:a3:1f:e9:f7:7b:c6:0b:b8:28:75:fa:d5:4f:dc:8d:
02:93:a4:d3:a8:e0:0c:75:d1:df:c8:22:19:fe:4b:15:87:2b:
09:a7:35:20:b5:4b:b7:a5:a5:85:7f:ac:f1:7e:3b:12:55:1c:
c7:2a:e7:dc:b2:8a:cc:6c:7f:20:4a:c9:47:71:23:1f:c5:6b:
fd:1b:e1:46:41:89:4a:2a:40:7e:f2:ae:ee:9b:4a:bc:59:1b:
e6:ae:00:12:84:68:09:50:c3:7e:5c:ba:46:d9:84:1e:37:7e:
52:e5:1e:6c:f7:dd:ff:fc:d8:63:82:dc:8d:d4:06:e9:16:9e:
1b:80:37:b2:08:0a:be:9f:2e:e7:e0:c4:61:b2:54:f1:6b:eb:
fb:a7:bb:86:e6:91:78:56:7b:c5:97:41:1b:77:2a:61:bd:d7:
77:c4:22:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HPLZa/duHTuTpDFWOXXZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyM2Q4Zjk5ZGZhMzA5MmQxZjY3NTdlZmFjYjQ5ZjllMDBl
NmQ0YjkwHhcNMjYwMzI5MTUwMTA4WhcNMjYwMzMwMTUwMTA4WjAzMTEwLwYDVQQD
EygyY2Q3ZjQ0NTc2ZWVlMDllOGE4MTA1NTMwNzM5ZTA3ZGNmNGI4ZTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4A2oxIRMzU6oE4GfpRs1GjWD/3f0
Q/E/lpY4ZIUFsfN8g5eqbsUkkuZvafOzQ1zp/g0dS3HxrbGM82aym+lDdxbZAuq+
4ECJEarKt3W25aHUDf2AUkJMVv3DwZrDysFSwO/rJPmVf7hCuk3ayuPGV5JbGCu6
5Zome1d8rgR4l99nCNeNCxfq6mlcCJ/QiZn7AO9E4XwAYdyhhrB9Y1KwIsFHbEv+
5mimjU0sexOCyyPiQLoFnv1JrVq3L/no2+TIAPEtzm7rUZIIkYBAY3KGK3sXTbF2
7fw8ny+Ina2lYqd8Ix00qmgkMRABbn3+xiVE80hZwLI6XwzKi4CVVkmu+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCzX9EV27uCeioEFUwc54H3PS44FMB8GA1UdIwQY
MBaAFGI9j5nfowktH2dX76y0n54A5tS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWoyUG1kLWpDUzBmWjFmdnJMU2ZuZ0RtMUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC85ZTM2YjItM2YyZC00NDRmLTlkM2Et
NDBiY2I3NGU0YzI4LzEvWWoyUG1kLWpDUzBmWjFmdnJMU2ZuZ0RtMUxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC85ZTM2YjItM2YyZC00NDRmLTlkM2EtNDBiY2I3NGU0YzI4
LzEvWWoyUG1kLWpDUzBmWjFmdnJMU2ZuZ0RtMUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASRdbusQR
+eV9+fCEY1+Fq8CE6jNdHouskXiRYjkJn1GiqmQRACxU9hJQGgr5cJ2upYOmmuYW
C6XOsohciDuhYcMgkRmr5fxyx3Y474j8FuRZX9ySKsvUqOPrPkRwox/p93vGC7go
dfrVT9yNApOk06jgDHXR38giGf5LFYcrCac1ILVLt6WlhX+s8X47ElUcxyrn3LKK
zGx/IErJR3EjH8Vr/RvhRkGJSipAfvKu7ptKvFkb5q4AEoRoCVDDfly6RtmEHjd+
UuUebPfd//zYY4LcjdQG6RaeG4A3sggKvp8u5+DEYbJU8Wvr+6e7huaReFZ7xZdB
G3cqYb3Xd8QiYA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:07:56 2026 by rpki-client