Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.mft
File: YmqokTLSpoTY0qGj9-QPIjRjbzg.mft (raw, json)
Hash identifier: p50dq2RVd5Oh9fwPmkT1U9YcFOGKQwst4l+7+en4feM=
Subject key identifier: E3:88:7A:81:8D:5A:22:63:96:3C:74:FD:27:D1:0C:9F:03:A5:F2:D4
Authority key identifier: 62:6A:A8:91:32:D2:A6:84:D8:D2:A1:A3:F7:E4:0F:22:34:63:6F:38
Certificate issuer: /CN=626aa89132d2a684d8d2a1a3f7e40f2234636f38
Certificate serial: 0199375CD6EF4C3882B314CFD0A13D844ADC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YmqokTLSpoTY0qGj9-QPIjRjbzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.mft
Manifest number: 1458
Signing time: Thu 11 Sep 2025 06:00:55 +0000
Manifest this update: Thu 11 Sep 2025 06:00:55 +0000
Manifest next update: Fri 12 Sep 2025 06:00:55 +0000
Files and hashes: 1: YmqokTLSpoTY0qGj9-QPIjRjbzg.crl (hash: M4ga4sVrly3e+4QYW4E8zmnwFtqDrZulWaRQ7tHL6jY=)
2: xj0Zl5jyKNtmExsm8HUfZTBh1W4.roa (hash: qJ7mmoo0SJOyk9TkckQkyKsoiQJfN7oKl35vQICMSm0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.mft
rsync://rpki.ripe.net/repository/DEFAULT/YmqokTLSpoTY0qGj9-QPIjRjbzg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Sep 2025 05:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:37:5c:d6:ef:4c:38:82:b3:14:cf:d0:a1:3d:84:4a:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=626aa89132d2a684d8d2a1a3f7e40f2234636f38
Validity
Not Before: Sep 11 06:00:55 2025 GMT
Not After : Sep 12 06:00:55 2025 GMT
Subject: CN=e3887a818d5a2263963c74fd27d10c9f03a5f2d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:aa:d7:68:c1:b9:fa:81:68:4e:53:bc:65:2f:
df:fd:05:43:15:8e:6c:02:1e:5f:f3:ac:85:3c:44:
3f:59:c2:cd:6f:b4:47:4e:38:19:0d:e7:aa:a3:79:
fb:40:a2:c5:2b:18:69:55:49:b0:35:d2:f3:49:1f:
95:7f:c7:c4:1e:54:41:32:74:3e:52:71:e4:d7:5a:
f5:bb:14:1e:b5:19:c9:5c:e8:4b:ec:bc:20:b9:31:
d0:41:26:87:5d:fc:51:fc:17:85:7e:12:38:6e:82:
b8:1e:ff:99:37:ab:58:11:25:57:8f:c8:3a:26:8f:
75:35:9f:41:26:f7:7f:4a:84:59:9f:97:cd:1f:06:
44:ff:13:37:98:3d:ad:c0:54:d3:62:31:5b:7d:66:
6b:b1:9d:c8:b4:ad:70:5c:bd:ac:26:50:a9:a9:7b:
f4:55:ad:98:de:47:61:fb:68:e4:ee:d5:be:18:46:
49:4b:fa:cb:b4:18:5e:f6:92:bf:b2:48:3f:7f:1a:
6a:8e:6b:1d:f9:6d:06:58:62:4c:29:e4:46:97:0d:
b8:91:45:f8:06:ff:fb:65:6b:94:52:11:99:33:7c:
71:56:15:36:ad:13:0d:c4:90:97:96:77:40:4c:f4:
29:cf:5c:a5:6a:4b:cf:15:72:22:14:a7:29:de:6c:
08:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:88:7A:81:8D:5A:22:63:96:3C:74:FD:27:D1:0C:9F:03:A5:F2:D4
X509v3 Authority Key Identifier:
keyid:62:6A:A8:91:32:D2:A6:84:D8:D2:A1:A3:F7:E4:0F:22:34:63:6F:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YmqokTLSpoTY0qGj9-QPIjRjbzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:bf:0f:aa:49:8a:96:9b:87:a2:2a:ec:d0:9d:f2:81:b9:56:
9a:c8:b1:26:ba:20:53:0f:4f:f4:36:93:52:bd:1b:cb:bd:11:
d7:d8:cf:18:15:fc:5e:ab:b6:1d:1b:10:58:6d:77:47:e4:1a:
3d:9c:a8:46:b1:a2:72:81:ff:03:d4:55:e2:13:80:6e:28:b9:
ad:e9:61:94:3c:8d:17:94:51:21:07:ec:05:74:61:cc:9b:7a:
b7:2f:9c:1f:94:6f:5b:9f:80:5a:e4:a8:4d:c1:11:6c:89:57:
20:f3:0e:fb:60:fa:ce:fc:fb:38:34:ed:68:a4:51:ec:f9:9e:
87:f5:d0:ad:84:22:58:79:4b:61:69:34:56:4f:08:65:83:64:
00:f1:1d:49:bb:d0:37:13:85:04:9e:dc:c6:4e:9a:4e:b9:8d:
30:02:e7:f3:8a:db:d1:e2:3e:ab:5d:e1:de:05:f4:a5:2a:d8:
fe:75:89:4b:95:c0:56:80:c2:35:43:04:ba:12:ee:42:bb:c1:
4c:c0:11:e4:a1:e4:8a:14:c7:06:b9:7c:d7:31:d3:51:11:ce:
80:95:11:e4:7a:c3:57:ff:82:e9:1a:80:32:ac:be:5e:66:59:
93:f1:e7:ad:e7:98:88:d2:2f:ca:78:e6:6a:6f:fb:49:48:e3:
b4:3b:e8:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk3XNbvTDiCsxTP0KE9hErcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNmFhODkxMzJkMmE2ODRkOGQyYTFhM2Y3ZTQwZjIyMzQ2
MzZmMzgwHhcNMjUwOTExMDYwMDU1WhcNMjUwOTEyMDYwMDU1WjAzMTEwLwYDVQQD
EyhlMzg4N2E4MThkNWEyMjYzOTYzYzc0ZmQyN2QxMGM5ZjAzYTVmMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlarXaMG5+oFoTlO8ZS/f/QVDFY5s
Ah5f86yFPEQ/WcLNb7RHTjgZDeeqo3n7QKLFKxhpVUmwNdLzSR+Vf8fEHlRBMnQ+
UnHk11r1uxQetRnJXOhL7LwguTHQQSaHXfxR/BeFfhI4boK4Hv+ZN6tYESVXj8g6
Jo91NZ9BJvd/SoRZn5fNHwZE/xM3mD2twFTTYjFbfWZrsZ3ItK1wXL2sJlCpqXv0
Va2Y3kdh+2jk7tW+GEZJS/rLtBhe9pK/skg/fxpqjmsd+W0GWGJMKeRGlw24kUX4
Bv/7ZWuUUhGZM3xxVhU2rRMNxJCXlndATPQpz1ylakvPFXIiFKcp3mwIgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOOIeoGNWiJjljx0/SfRDJ8DpfLUMB8GA1UdIwQY
MBaAFGJqqJEy0qaE2NKho/fkDyI0Y284MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW1xb2tUTFNwb1RZMHFHajktUVBJalJqYnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC80Y2MwYTgtZWM0NC00OWRkLWEzZTIt
MjkyNmZjNWY2MWI3LzEvWW1xb2tUTFNwb1RZMHFHajktUVBJalJqYnpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC80Y2MwYTgtZWM0NC00OWRkLWEzZTItMjkyNmZjNWY2MWI3
LzEvWW1xb2tUTFNwb1RZMHFHajktUVBJalJqYnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlr8PqkmK
lpuHoirs0J3ygblWmsixJrogUw9P9DaTUr0by70R19jPGBX8Xqu2HRsQWG13R+Qa
PZyoRrGicoH/A9RV4hOAbii5relhlDyNF5RRIQfsBXRhzJt6ty+cH5RvW5+AWuSo
TcERbIlXIPMO+2D6zvz7ODTtaKRR7Pmeh/XQrYQiWHlLYWk0Vk8IZYNkAPEdSbvQ
NxOFBJ7cxk6aTrmNMALn84rb0eI+q13h3gX0pSrY/nWJS5XAVoDCNUMEuhLuQrvB
TMAR5KHkihTHBrl81zHTURHOgJUR5HrDV/+C6RqAMqy+XmZZk/HnreeYiNIvynjm
am/7SUjjtDvoSA==
-----END CERTIFICATE-----
Generated at Thu Sep 11 11:20:15 2025 by rpki-client