Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.mft
File: YmqokTLSpoTY0qGj9-QPIjRjbzg.mft (raw, json)
Hash identifier: eybjV0oW+5Gtogcvq5swj4bFscwg5IQ6sHgahwo8gtc=
Subject key identifier: 68:DC:A0:AD:9B:0D:65:32:56:13:F9:3F:3B:4C:53:80:21:AC:87:96
Authority key identifier: 62:6A:A8:91:32:D2:A6:84:D8:D2:A1:A3:F7:E4:0F:22:34:63:6F:38
Certificate issuer: /CN=626aa89132d2a684d8d2a1a3f7e40f2234636f38
Certificate serial: 019D390A4590F29BF836BD98C7B13A5E41C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YmqokTLSpoTY0qGj9-QPIjRjbzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.mft
Manifest number: 166C
Signing time: Sun 29 Mar 2026 10:01:07 +0000
Manifest this update: Sun 29 Mar 2026 10:01:07 +0000
Manifest next update: Mon 30 Mar 2026 10:01:07 +0000
Files and hashes: 1: WCWp0vmGJYt70q-YkfGeiqk74HA.roa (hash: WWuYuPcraJwNveZ8Pjl950Glgpk1p9KqCUVVhSjy+fs=)
2: YmqokTLSpoTY0qGj9-QPIjRjbzg.crl (hash: eZZ9kNgV9wzpaRrQMt36mmDHZXTRbrDONeP7c+Up4CM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.mft
rsync://rpki.ripe.net/repository/DEFAULT/YmqokTLSpoTY0qGj9-QPIjRjbzg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:45:90:f2:9b:f8:36:bd:98:c7:b1:3a:5e:41:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=626aa89132d2a684d8d2a1a3f7e40f2234636f38
Validity
Not Before: Mar 29 10:01:07 2026 GMT
Not After : Mar 30 10:01:07 2026 GMT
Subject: CN=68dca0ad9b0d65325613f93f3b4c538021ac8796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:12:cc:75:eb:3f:bd:1c:dc:39:88:88:cc:9c:
8f:e9:16:ab:13:5c:67:1a:60:46:33:b7:a0:34:d4:
79:14:51:07:eb:16:bc:5d:70:35:c4:bc:35:9d:eb:
4f:2e:70:74:22:6a:be:e9:9e:40:ac:42:2d:84:58:
ba:bb:f2:bb:15:7d:4d:47:59:84:fd:84:88:0b:f8:
21:28:ae:1f:29:60:e2:ea:74:03:b8:62:15:43:ff:
a4:c9:6a:3f:3c:99:0f:dd:f9:4f:70:bc:76:ee:d8:
ff:a9:43:1b:3b:e0:1c:88:8e:f5:72:a2:8a:4b:6e:
b0:72:92:9d:38:15:a1:8e:1f:a7:57:b2:8c:9b:9c:
6b:bd:94:36:c0:f4:e1:76:5c:f2:8b:57:68:b4:9d:
36:c5:dc:53:51:5c:0e:79:1f:79:8e:ca:1a:08:e2:
c3:c7:b1:a9:1c:56:ae:41:70:53:d6:d2:f2:3c:79:
68:c4:1b:93:a7:ef:76:ea:1e:43:6d:ba:6e:70:dd:
d3:6e:46:28:04:3c:0b:ee:e8:d1:41:3d:de:33:19:
13:40:62:aa:92:9c:8c:90:c0:1c:74:02:bf:fe:26:
95:d5:2c:5b:ef:83:3b:77:68:09:8e:df:c2:45:88:
f2:d3:bc:42:dd:ea:9e:50:04:4c:9b:b4:71:b7:b5:
58:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:DC:A0:AD:9B:0D:65:32:56:13:F9:3F:3B:4C:53:80:21:AC:87:96
X509v3 Authority Key Identifier:
keyid:62:6A:A8:91:32:D2:A6:84:D8:D2:A1:A3:F7:E4:0F:22:34:63:6F:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YmqokTLSpoTY0qGj9-QPIjRjbzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
94:09:ef:41:b0:c3:b3:3f:fb:6d:89:36:0b:85:44:19:ce:bb:
2f:37:87:3b:ba:88:4b:9b:bb:29:fd:8c:1e:b0:8e:8e:11:70:
ed:f2:0c:0c:c6:57:ad:b5:e8:14:6f:42:bd:95:c2:8a:a6:47:
11:84:20:c4:c0:02:26:83:c1:db:92:11:b7:74:ce:8e:3c:32:
ee:28:70:49:5d:15:e4:90:86:47:96:4a:62:6b:d7:ca:95:10:
e7:ca:3c:09:9a:d2:06:72:1c:c2:cb:42:4a:a6:5d:20:ef:70:
d0:a5:d2:27:e9:bf:2e:0b:39:7e:41:13:4f:8b:a2:39:14:3e:
21:a9:c6:e7:ad:19:44:1d:d4:a1:ea:d7:df:ab:47:59:05:d1:
5a:7a:d6:59:81:d9:61:ed:e5:2e:e4:71:4c:37:6e:1f:94:51:
44:b6:26:5e:7c:58:2b:7d:51:d3:d4:80:66:03:64:00:72:3d:
b7:b6:71:ae:7c:80:5f:ad:2c:60:b1:4d:39:60:08:f2:8e:b9:
60:ab:ca:09:78:c6:83:4e:be:7b:9f:91:e8:b3:7f:7b:8a:1c:
b6:b5:60:5d:e5:b3:20:51:69:12:de:c1:18:fb:e9:51:62:01:
e6:28:db:48:c2:7c:c3:35:84:40:24:d1:21:d4:45:8a:27:bd:
8a:47:b9:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CkWQ8pv4Nr2Yx7E6XkHGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNmFhODkxMzJkMmE2ODRkOGQyYTFhM2Y3ZTQwZjIyMzQ2
MzZmMzgwHhcNMjYwMzI5MTAwMTA3WhcNMjYwMzMwMTAwMTA3WjAzMTEwLwYDVQQD
Eyg2OGRjYTBhZDliMGQ2NTMyNTYxM2Y5M2YzYjRjNTM4MDIxYWM4Nzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7xLMdes/vRzcOYiIzJyP6RarE1xn
GmBGM7egNNR5FFEH6xa8XXA1xLw1netPLnB0Imq+6Z5ArEIthFi6u/K7FX1NR1mE
/YSIC/ghKK4fKWDi6nQDuGIVQ/+kyWo/PJkP3flPcLx27tj/qUMbO+AciI71cqKK
S26wcpKdOBWhjh+nV7KMm5xrvZQ2wPThdlzyi1dotJ02xdxTUVwOeR95jsoaCOLD
x7GpHFauQXBT1tLyPHloxBuTp+926h5DbbpucN3TbkYoBDwL7ujRQT3eMxkTQGKq
kpyMkMAcdAK//iaV1Sxb74M7d2gJjt/CRYjy07xC3eqeUARMm7Rxt7VYrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGjcoK2bDWUyVhP5PztMU4AhrIeWMB8GA1UdIwQY
MBaAFGJqqJEy0qaE2NKho/fkDyI0Y284MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW1xb2tUTFNwb1RZMHFHajktUVBJalJqYnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC80Y2MwYTgtZWM0NC00OWRkLWEzZTIt
MjkyNmZjNWY2MWI3LzEvWW1xb2tUTFNwb1RZMHFHajktUVBJalJqYnpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC80Y2MwYTgtZWM0NC00OWRkLWEzZTItMjkyNmZjNWY2MWI3
LzEvWW1xb2tUTFNwb1RZMHFHajktUVBJalJqYnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlAnvQbDD
sz/7bYk2C4VEGc67LzeHO7qIS5u7Kf2MHrCOjhFw7fIMDMZXrbXoFG9CvZXCiqZH
EYQgxMACJoPB25IRt3TOjjwy7ihwSV0V5JCGR5ZKYmvXypUQ58o8CZrSBnIcwstC
SqZdIO9w0KXSJ+m/Lgs5fkETT4uiORQ+IanG560ZRB3UoerX36tHWQXRWnrWWYHZ
Ye3lLuRxTDduH5RRRLYmXnxYK31R09SAZgNkAHI9t7ZxrnyAX60sYLFNOWAI8o65
YKvKCXjGg06+e5+R6LN/e4octrVgXeWzIFFpEt7BGPvpUWIB5ijbSMJ8wzWEQCTR
IdRFiie9ike5IQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:55:50 2026 by rpki-client