Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.mft
File: yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.mft (raw, json)
Hash identifier: yg8J/A/aGGiK0FMq6K62FKx61rw+MtFwvPe/SixUaFc=
Subject key identifier: 84:FB:FB:38:89:30:15:AA:6F:54:1F:F9:36:C0:A7:83:4E:A0:47:48
Authority key identifier: C8:E5:0C:A1:71:34:83:7A:50:D3:06:3D:43:D4:43:38:5A:BE:6F:49
Certificate issuer: /CN=c8e50ca17134837a50d3063d43d443385abe6f49
Certificate serial: 019A71EE83CFD3338307F317173FC6FED458
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.mft
Manifest number: 1694
Signing time: Tue 11 Nov 2025 08:00:48 +0000
Manifest this update: Tue 11 Nov 2025 08:00:48 +0000
Manifest next update: Wed 12 Nov 2025 08:00:48 +0000
Files and hashes: 1: kclBuRKTMfByXqrmrwIbc_lZEnM.roa (hash: MQr5fqlXn7Xd/Z8IgiENjDF+OVj4PMx+/5QB1sHm+8E=)
2: yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.crl (hash: Th8xlUff5v89yZvQpaErup7PNY4TuN1MEh0G1Od5BvQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.mft
rsync://rpki.ripe.net/repository/DEFAULT/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:83:cf:d3:33:83:07:f3:17:17:3f:c6:fe:d4:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8e50ca17134837a50d3063d43d443385abe6f49
Validity
Not Before: Nov 11 08:00:48 2025 GMT
Not After : Nov 12 08:00:48 2025 GMT
Subject: CN=84fbfb38893015aa6f541ff936c0a7834ea04748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:db:60:50:b4:d6:6f:14:c6:b7:48:1e:b4:16:
8f:74:99:aa:c0:46:ed:80:88:51:06:a8:f0:d8:f5:
f5:1c:7e:a3:3a:88:d5:15:5c:25:10:d9:c5:72:27:
fd:17:1c:4d:8f:3a:82:73:be:25:41:4c:0f:fa:08:
c4:6c:5c:9f:af:7a:a2:a3:6a:4b:47:4b:fe:6c:ba:
2d:f0:1c:ad:b2:bb:30:3c:38:ab:d1:5d:a8:38:6f:
a5:21:cf:ac:66:9a:3f:72:4e:fc:d3:6d:14:1e:e1:
6d:09:9d:0e:3b:02:40:b8:91:52:fa:24:e7:5f:c4:
32:31:90:4b:8b:fc:ab:a7:91:d1:3d:03:29:c1:3d:
95:e5:ba:8a:c3:6b:b6:6b:90:61:be:36:7a:78:44:
b4:44:f9:f2:df:55:df:ff:1a:d2:8e:f7:6e:11:de:
67:a5:4e:cd:ac:e2:ad:c2:99:f1:57:43:48:c0:0f:
cd:c1:ca:e3:f8:dc:c9:c8:89:39:cd:6d:06:44:c6:
ac:e8:26:1d:a2:9b:f9:11:e0:c6:44:a9:3f:b9:6d:
48:8f:96:44:46:11:ac:5b:53:b2:b6:43:7c:90:60:
f5:8e:9a:45:11:8e:e7:e6:43:f7:af:67:bf:b1:37:
82:4b:c7:bc:76:74:0c:02:88:51:c5:8b:48:cb:b9:
a2:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:FB:FB:38:89:30:15:AA:6F:54:1F:F9:36:C0:A7:83:4E:A0:47:48
X509v3 Authority Key Identifier:
keyid:C8:E5:0C:A1:71:34:83:7A:50:D3:06:3D:43:D4:43:38:5A:BE:6F:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:74:31:28:db:2e:03:e2:77:aa:07:02:50:ba:1b:d3:b9:ab:
87:f3:19:d0:1f:b9:40:d3:27:64:81:a9:b1:2c:9c:fd:75:eb:
e0:f6:da:a3:1c:d8:79:1e:10:ef:54:b2:12:a0:55:3a:b2:38:
11:85:3e:08:89:fe:d9:c3:4e:32:92:f0:b6:96:cd:9f:06:5d:
6a:1f:60:da:82:5e:ed:03:1e:a8:c6:7e:7a:2d:d6:f5:62:e1:
00:9a:2c:3d:41:7a:7a:2e:d8:6b:ca:36:9d:27:99:f2:ea:33:
86:44:e3:27:ff:b9:2e:71:ee:29:ae:9b:0f:1d:dd:4c:0c:a6:
b0:5a:ec:0f:b1:28:31:6f:ba:63:16:2c:10:9f:ee:d0:22:e6:
88:a9:da:6e:12:17:25:e4:2f:ce:d0:90:f9:7c:00:fc:0b:5c:
50:d3:e4:13:71:e9:98:41:d6:5a:2b:dd:1e:52:b6:b1:67:a9:
34:53:13:44:8b:b4:29:05:3f:09:5c:2e:6b:aa:a3:de:a7:6f:
ee:7b:54:10:92:c1:28:bb:d7:79:37:09:b7:19:b6:54:6c:27:
05:35:92:10:a9:64:cd:80:7c:f6:b0:bc:3d:13:3d:9d:2a:55:
a0:88:3b:69:65:ad:47:45:86:29:98:01:3f:7f:4b:74:a7:83:
fe:40:1a:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7oPP0zODB/MXFz/G/tRYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZTUwY2ExNzEzNDgzN2E1MGQzMDYzZDQzZDQ0MzM4NWFi
ZTZmNDkwHhcNMjUxMTExMDgwMDQ4WhcNMjUxMTEyMDgwMDQ4WjAzMTEwLwYDVQQD
Eyg4NGZiZmIzODg5MzAxNWFhNmY1NDFmZjkzNmMwYTc4MzRlYTA0NzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNtgULTWbxTGt0getBaPdJmqwEbt
gIhRBqjw2PX1HH6jOojVFVwlENnFcif9FxxNjzqCc74lQUwP+gjEbFyfr3qio2pL
R0v+bLot8BytsrswPDir0V2oOG+lIc+sZpo/ck78020UHuFtCZ0OOwJAuJFS+iTn
X8QyMZBLi/yrp5HRPQMpwT2V5bqKw2u2a5BhvjZ6eES0RPny31Xf/xrSjvduEd5n
pU7NrOKtwpnxV0NIwA/Nwcrj+NzJyIk5zW0GRMas6CYdopv5EeDGRKk/uW1Ij5ZE
RhGsW1OytkN8kGD1jppFEY7n5kP3r2e/sTeCS8e8dnQMAohRxYtIy7miXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIT7+ziJMBWqb1Qf+TbAp4NOoEdIMB8GA1UdIwQY
MBaAFMjlDKFxNIN6UNMGPUPUQzhavm9JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU9VTW9YRTBnM3BRMHdZOVE5UkRPRnEtYjBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9iMTMwYjUtNWZjYy00MTk2LTkwNzUt
NWVmZjczZTg5ZmJiLzEveU9VTW9YRTBnM3BRMHdZOVE5UkRPRnEtYjBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9iMTMwYjUtNWZjYy00MTk2LTkwNzUtNWVmZjczZTg5ZmJi
LzEveU9VTW9YRTBnM3BRMHdZOVE5UkRPRnEtYjBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcHQxKNsu
A+J3qgcCULob07mrh/MZ0B+5QNMnZIGpsSyc/XXr4PbaoxzYeR4Q71SyEqBVOrI4
EYU+CIn+2cNOMpLwtpbNnwZdah9g2oJe7QMeqMZ+ei3W9WLhAJosPUF6ei7Ya8o2
nSeZ8uozhkTjJ/+5LnHuKa6bDx3dTAymsFrsD7EoMW+6YxYsEJ/u0CLmiKnabhIX
JeQvztCQ+XwA/AtcUNPkE3HpmEHWWivdHlK2sWepNFMTRIu0KQU/CVwua6qj3qdv
7ntUEJLBKLvXeTcJtxm2VGwnBTWSEKlkzYB89rC8PRM9nSpVoIg7aWWtR0WGKZgB
P39LdKeD/kAacQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:17:04 2025 by rpki-client