Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft
File: yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft (raw, json)
Hash identifier: RdNg2NNZUAr7X5q+1EVQV+rTbq5wiiAyV1kW9LcCaa8=
Subject key identifier: 14:19:D1:E4:EE:C2:B4:9C:2D:FB:EB:57:0E:5F:0B:8E:46:A3:B1:BD
Authority key identifier: CA:23:1A:43:62:BC:1E:C0:FD:B4:34:99:01:B6:1C:CF:9D:67:9D:65
Certificate issuer: /CN=ca231a4362bc1ec0fdb4349901b61ccf9d679d65
Certificate serial: 019D38D375281CDAC2449D1E4344FB74FE80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yiMaQ2K8HsD9tDSZAbYcz51nnWU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft
Manifest number: 0615
Signing time: Sun 29 Mar 2026 09:01:15 +0000
Manifest this update: Sun 29 Mar 2026 09:01:15 +0000
Manifest next update: Mon 30 Mar 2026 09:01:15 +0000
Files and hashes: 1: WxNi3FY5cr-Bjj8BRJGuFpl1ulQ.roa (hash: uM3IRzOQy7yokmWWB+yCvHyVpY0d0sa0ZM1vmaCKkO8=)
2: yiMaQ2K8HsD9tDSZAbYcz51nnWU.crl (hash: p2q55q/9/ezmDXtcsFSVBE+X1dlUrnsDmSBHKRV+ZBk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yiMaQ2K8HsD9tDSZAbYcz51nnWU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:75:28:1c:da:c2:44:9d:1e:43:44:fb:74:fe:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca231a4362bc1ec0fdb4349901b61ccf9d679d65
Validity
Not Before: Mar 29 09:01:15 2026 GMT
Not After : Mar 30 09:01:15 2026 GMT
Subject: CN=1419d1e4eec2b49c2dfbeb570e5f0b8e46a3b1bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f9:f1:89:00:39:7e:b6:a6:6c:6e:9f:ae:9b:
7f:5f:b4:01:c6:fc:a8:0d:42:a2:f1:64:9d:d7:8c:
90:52:01:5f:4b:52:19:6b:9c:b0:1f:55:ac:3e:3c:
68:ba:66:e2:af:09:78:f6:69:5c:1e:62:07:4d:21:
49:43:11:ce:43:5f:0f:c5:9f:b5:29:87:f5:3c:2b:
22:d8:f3:5e:8c:ac:de:55:92:3c:71:3f:23:66:58:
b8:da:25:f0:d4:10:1c:77:d7:8a:12:78:f2:14:2c:
ed:1b:16:54:ee:97:b9:04:5b:50:bf:af:fe:3b:3c:
05:d2:47:3a:14:ae:48:97:1f:32:19:1d:d6:c0:fc:
5c:d8:20:c7:b4:89:3e:f4:ec:61:39:b0:91:a7:29:
87:4b:a7:e8:8e:96:62:d8:8a:42:6b:28:c5:73:28:
54:24:db:a9:02:d4:26:09:35:a7:e0:27:33:6c:e2:
7c:ca:74:f7:45:ab:e2:b5:b4:f4:18:a2:b4:ba:bd:
8e:c0:19:da:2c:47:67:27:eb:45:3e:59:06:06:c2:
80:d1:0a:fa:e2:f6:23:02:1c:87:04:24:bc:4d:89:
56:a2:01:59:a8:70:12:c5:08:23:24:20:1c:ab:8b:
9a:98:e9:ca:7c:46:64:30:9e:95:e5:4e:64:db:52:
c0:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:19:D1:E4:EE:C2:B4:9C:2D:FB:EB:57:0E:5F:0B:8E:46:A3:B1:BD
X509v3 Authority Key Identifier:
keyid:CA:23:1A:43:62:BC:1E:C0:FD:B4:34:99:01:B6:1C:CF:9D:67:9D:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yiMaQ2K8HsD9tDSZAbYcz51nnWU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
16:8f:ae:fa:18:d5:e4:cf:18:9f:f4:ab:a7:0d:06:7c:59:c6:
46:33:98:0c:03:8f:62:ab:da:46:3c:4b:02:83:ac:cf:e8:b6:
f4:51:bc:bc:4c:62:54:6f:82:2f:19:34:46:ef:1f:a7:13:ac:
27:7c:21:11:df:ec:03:5d:f3:0e:d8:1e:74:d5:dd:7c:4e:21:
11:ce:53:54:e7:01:5f:d0:f3:92:a6:06:ee:37:3a:b5:ec:c7:
cf:0c:87:23:89:1a:20:dd:04:f3:84:18:f0:89:50:d6:99:06:
75:df:e1:e8:4d:10:ad:89:cc:ed:fb:ac:e9:c5:dd:7e:3d:e8:
48:0c:fb:89:f3:90:d4:b4:25:5b:cc:f3:79:5d:98:fd:6a:9b:
04:52:53:69:81:99:06:0c:62:1c:a4:b5:c6:f8:1e:c0:ba:5a:
9d:6f:a9:d9:54:28:99:1e:88:0d:e8:1a:32:24:b5:98:3d:9b:
d4:19:87:27:43:21:eb:8f:f9:84:63:65:ed:41:8f:f8:a4:85:
74:80:dd:8d:0d:23:64:d1:7c:1d:d9:3f:35:af:4b:92:36:30:
d2:07:53:02:2a:9a:32:2a:83:cd:2e:4e:a3:b3:77:6a:bd:ac:
45:01:e0:92:46:56:ea:74:4f:b7:42:42:cc:17:e7:61:3b:37:
6e:15:f5:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0403UoHNrCRJ0eQ0T7dP6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjMxYTQzNjJiYzFlYzBmZGI0MzQ5OTAxYjYxY2NmOWQ2
NzlkNjUwHhcNMjYwMzI5MDkwMTE1WhcNMjYwMzMwMDkwMTE1WjAzMTEwLwYDVQQD
EygxNDE5ZDFlNGVlYzJiNDljMmRmYmViNTcwZTVmMGI4ZTQ2YTNiMWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvnxiQA5frambG6frpt/X7QBxvyo
DUKi8WSd14yQUgFfS1IZa5ywH1WsPjxoumbirwl49mlcHmIHTSFJQxHOQ18PxZ+1
KYf1PCsi2PNejKzeVZI8cT8jZli42iXw1BAcd9eKEnjyFCztGxZU7pe5BFtQv6/+
OzwF0kc6FK5Ilx8yGR3WwPxc2CDHtIk+9OxhObCRpymHS6fojpZi2IpCayjFcyhU
JNupAtQmCTWn4CczbOJ8ynT3RavitbT0GKK0ur2OwBnaLEdnJ+tFPlkGBsKA0Qr6
4vYjAhyHBCS8TYlWogFZqHASxQgjJCAcq4uamOnKfEZkMJ6V5U5k21LAewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBQZ0eTuwrScLfvrVw5fC45Go7G9MB8GA1UdIwQY
MBaAFMojGkNivB7A/bQ0mQG2HM+dZ51lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlNYVEySzhIc0Q5dERTWkFiWWN6NTFubldVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84NTZjMDUtZDdiMi00OTlhLWFmMzkt
MzlkZmE0OGVhNmI5LzEveWlNYVEySzhIc0Q5dERTWkFiWWN6NTFubldVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84NTZjMDUtZDdiMi00OTlhLWFmMzktMzlkZmE0OGVhNmI5
LzEveWlNYVEySzhIc0Q5dERTWkFiWWN6NTFubldVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFo+u+hjV
5M8Yn/Srpw0GfFnGRjOYDAOPYqvaRjxLAoOsz+i29FG8vExiVG+CLxk0Ru8fpxOs
J3whEd/sA13zDtgedNXdfE4hEc5TVOcBX9DzkqYG7jc6tezHzwyHI4kaIN0E84QY
8IlQ1pkGdd/h6E0QrYnM7fus6cXdfj3oSAz7ifOQ1LQlW8zzeV2Y/WqbBFJTaYGZ
BgxiHKS1xvgewLpanW+p2VQomR6IDegaMiS1mD2b1BmHJ0Mh64/5hGNl7UGP+KSF
dIDdjQ0jZNF8Hdk/Na9LkjYw0gdTAiqaMiqDzS5Oo7N3ar2sRQHgkkZW6nRPt0JC
zBfnYTs3bhX1Tg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:02 2026 by rpki-client