Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.mft
File: YmqokTLSpoTY0qGj9-QPIjRjbzg.mft (raw, json)
Hash identifier: UQFxjcn5ZKr+G49196O9wPO/QQAoBB0a0rk557tQ4Qg=
Subject key identifier: EE:4A:7C:20:E9:41:C4:F9:9F:C7:BC:EF:CA:B3:82:74:21:D5:C1:14
Authority key identifier: 62:6A:A8:91:32:D2:A6:84:D8:D2:A1:A3:F7:E4:0F:22:34:63:6F:38
Certificate issuer: /CN=626aa89132d2a684d8d2a1a3f7e40f2234636f38
Certificate serial: 019A22F74F2C4A04ABE262158A015431E7B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YmqokTLSpoTY0qGj9-QPIjRjbzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.mft
Manifest number: 14D2
Signing time: Mon 27 Oct 2025 00:00:24 +0000
Manifest this update: Mon 27 Oct 2025 00:00:24 +0000
Manifest next update: Tue 28 Oct 2025 00:00:24 +0000
Files and hashes: 1: YmqokTLSpoTY0qGj9-QPIjRjbzg.crl (hash: lROO3IfHVKe1HgSh18jHSCZEwDgv0CWrx3ZKMz4mL5Y=)
2: xj0Zl5jyKNtmExsm8HUfZTBh1W4.roa (hash: qJ7mmoo0SJOyk9TkckQkyKsoiQJfN7oKl35vQICMSm0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.mft
rsync://rpki.ripe.net/repository/DEFAULT/YmqokTLSpoTY0qGj9-QPIjRjbzg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 19:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:22:f7:4f:2c:4a:04:ab:e2:62:15:8a:01:54:31:e7:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=626aa89132d2a684d8d2a1a3f7e40f2234636f38
Validity
Not Before: Oct 27 00:00:24 2025 GMT
Not After : Oct 28 00:00:24 2025 GMT
Subject: CN=ee4a7c20e941c4f99fc7bcefcab3827421d5c114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:0e:e0:12:65:32:97:09:0e:2d:9a:a2:48:62:
e0:f2:60:93:b2:6a:24:df:99:28:72:49:6e:d2:db:
6c:23:1e:70:57:f4:12:73:0b:1a:04:1c:eb:30:91:
a6:ba:dc:32:5f:57:de:b0:3f:3b:d5:6d:e1:cd:ca:
7f:48:8c:9d:ed:ef:b5:37:5b:87:3b:a3:9e:da:a4:
ef:3c:e7:3b:ba:f3:1d:65:9a:4c:5d:6f:f8:14:88:
76:6e:50:8c:2d:dc:40:3c:2a:48:56:ea:7e:d0:14:
b2:16:5b:42:f4:52:e0:af:3e:39:da:0b:29:99:73:
71:54:b9:4d:75:29:0b:79:66:15:c8:b8:a8:31:da:
f2:b1:4a:3a:7b:fe:24:8b:eb:d7:4e:12:d2:3f:bc:
6b:24:9f:82:98:e4:9c:46:77:d4:bc:6d:ef:4d:70:
ea:00:b6:a1:72:14:88:c8:d6:af:6a:4c:5f:5e:3c:
d6:d4:a7:83:79:20:31:95:ae:b5:58:fa:53:f3:dc:
be:51:da:95:ec:8e:54:e3:4d:e9:df:c5:52:a4:b2:
35:ce:e9:2a:ea:d2:07:f0:e5:ec:6b:c4:a2:5d:46:
5b:b4:77:8a:08:b7:db:a0:a2:cf:73:0b:af:53:35:
16:7c:22:48:0b:39:24:9a:65:37:dd:58:7c:f3:43:
36:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:4A:7C:20:E9:41:C4:F9:9F:C7:BC:EF:CA:B3:82:74:21:D5:C1:14
X509v3 Authority Key Identifier:
keyid:62:6A:A8:91:32:D2:A6:84:D8:D2:A1:A3:F7:E4:0F:22:34:63:6F:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YmqokTLSpoTY0qGj9-QPIjRjbzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:9f:75:8c:f8:e4:a2:82:fc:20:97:4f:4e:86:d7:20:de:c8:
ab:cf:c0:84:15:87:17:6a:d2:b5:3d:5d:22:96:71:e2:d7:8a:
71:f3:c3:14:7b:c5:d7:07:40:b8:92:b5:bb:49:c8:68:a9:ab:
0d:de:a9:6d:76:cc:fe:66:46:9b:ae:77:75:97:bb:b3:16:77:
50:8e:c5:8e:4a:df:8d:f6:87:18:f6:b7:3d:bc:be:fb:84:fe:
e4:52:6e:a4:3a:9d:20:f9:bf:24:16:41:00:4d:c1:ac:1d:48:
a6:f1:5c:f6:72:f5:53:eb:a1:e0:41:ca:6e:07:b3:ad:ff:df:
19:76:be:a6:71:14:21:bc:ab:49:ee:d3:30:64:3c:62:85:9b:
75:aa:72:09:9b:0f:5f:7b:2c:eb:92:0e:58:bc:31:37:6e:7e:
78:e8:a9:b0:62:b5:97:37:01:09:fa:a4:71:da:6e:4e:dc:c0:
8b:d7:b9:ab:fa:3e:60:57:8d:32:23:c6:07:ba:db:49:1f:23:
2c:cb:db:a3:21:ef:a4:e4:b5:73:16:00:38:fd:8d:20:5e:01:
cf:f8:ad:c8:19:31:d0:df:46:0d:2b:e9:5c:e2:d3:c1:89:6c:
fd:85:7c:1f:45:0b:10:bf:2f:9b:f6:e0:ab:eb:22:7b:81:95:
44:1f:2a:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoi908sSgSr4mIVigFUMee1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNmFhODkxMzJkMmE2ODRkOGQyYTFhM2Y3ZTQwZjIyMzQ2
MzZmMzgwHhcNMjUxMDI3MDAwMDI0WhcNMjUxMDI4MDAwMDI0WjAzMTEwLwYDVQQD
EyhlZTRhN2MyMGU5NDFjNGY5OWZjN2JjZWZjYWIzODI3NDIxZDVjMTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlA7gEmUylwkOLZqiSGLg8mCTsmok
35kocklu0ttsIx5wV/QScwsaBBzrMJGmutwyX1fesD871W3hzcp/SIyd7e+1N1uH
O6Oe2qTvPOc7uvMdZZpMXW/4FIh2blCMLdxAPCpIVup+0BSyFltC9FLgrz452gsp
mXNxVLlNdSkLeWYVyLioMdrysUo6e/4ki+vXThLSP7xrJJ+CmOScRnfUvG3vTXDq
ALahchSIyNavakxfXjzW1KeDeSAxla61WPpT89y+UdqV7I5U403p38VSpLI1zukq
6tIH8OXsa8SiXUZbtHeKCLfboKLPcwuvUzUWfCJICzkkmmU33Vh880M25QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO5KfCDpQcT5n8e878qzgnQh1cEUMB8GA1UdIwQY
MBaAFGJqqJEy0qaE2NKho/fkDyI0Y284MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW1xb2tUTFNwb1RZMHFHajktUVBJalJqYnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC80Y2MwYTgtZWM0NC00OWRkLWEzZTIt
MjkyNmZjNWY2MWI3LzEvWW1xb2tUTFNwb1RZMHFHajktUVBJalJqYnpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC80Y2MwYTgtZWM0NC00OWRkLWEzZTItMjkyNmZjNWY2MWI3
LzEvWW1xb2tUTFNwb1RZMHFHajktUVBJalJqYnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgZ91jPjk
ooL8IJdPTobXIN7Iq8/AhBWHF2rStT1dIpZx4teKcfPDFHvF1wdAuJK1u0nIaKmr
Dd6pbXbM/mZGm653dZe7sxZ3UI7FjkrfjfaHGPa3Pby++4T+5FJupDqdIPm/JBZB
AE3BrB1IpvFc9nL1U+uh4EHKbgezrf/fGXa+pnEUIbyrSe7TMGQ8YoWbdapyCZsP
X3ss65IOWLwxN25+eOipsGK1lzcBCfqkcdpuTtzAi9e5q/o+YFeNMiPGB7rbSR8j
LMvboyHvpOS1cxYAOP2NIF4Bz/ityBkx0N9GDSvpXOLTwYls/YV8H0ULEL8vm/bg
q+sie4GVRB8qFQ==
-----END CERTIFICATE-----
Generated at Mon Oct 27 04:21:35 2025 by rpki-client