Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/YB3AD5pIG0FQhrFDp91M2h_7JHA.mft
File: YB3AD5pIG0FQhrFDp91M2h_7JHA.mft (raw, json)
Hash identifier: alZnayZwkK31TU5S2A2gDwXfhMyIEvkvKsgboEiZukE=
Subject key identifier: EB:4F:40:2A:57:CF:0D:F7:96:C8:B9:69:A7:6A:68:16:34:B3:32:EC
Authority key identifier: 60:1D:C0:0F:9A:48:1B:41:50:86:B1:43:A7:DD:4C:DA:1F:FB:24:70
Certificate issuer: /CN=601dc00f9a481b415086b143a7dd4cda1ffb2470
Certificate serial: 019A725CCCDCC7C1392FD6A141DA5A73D58B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YB3AD5pIG0FQhrFDp91M2h_7JHA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/YB3AD5pIG0FQhrFDp91M2h_7JHA.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 10:01:15 +0000
Manifest this update: Tue 11 Nov 2025 10:01:15 +0000
Manifest next update: Wed 12 Nov 2025 10:01:15 +0000
Files and hashes: 1: 4mIaRiVfusRCW_nZ919kue73VcU.roa (hash: KAlnZdYdnEt6W3Qh7SxuikxG/eJq1ZmaN4m/5vXa+us=)
2: YB3AD5pIG0FQhrFDp91M2h_7JHA.crl (hash: P59A8WIw5XuRA/VAcatX+M1fQUmyJprDJUnjSb8HUu0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/YB3AD5pIG0FQhrFDp91M2h_7JHA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/YB3AD5pIG0FQhrFDp91M2h_7JHA.mft
rsync://rpki.ripe.net/repository/DEFAULT/YB3AD5pIG0FQhrFDp91M2h_7JHA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:cc:dc:c7:c1:39:2f:d6:a1:41:da:5a:73:d5:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=601dc00f9a481b415086b143a7dd4cda1ffb2470
Validity
Not Before: Nov 11 10:01:15 2025 GMT
Not After : Nov 12 10:01:15 2025 GMT
Subject: CN=eb4f402a57cf0df796c8b969a76a681634b332ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ad:91:b9:3d:b5:4c:0a:f0:89:c6:a3:de:30:
a9:e4:56:96:b5:cc:29:03:c1:df:51:ff:03:31:72:
fe:25:dc:6f:3a:37:48:22:86:a5:7a:be:27:71:04:
35:95:b6:7e:ad:0f:9d:fe:e2:57:bb:16:21:80:ee:
ff:2e:8a:3d:e2:e0:a2:d2:b6:fd:ac:d0:63:5d:e1:
86:fa:4f:e9:83:bc:55:06:a6:7c:e6:fc:cc:5f:54:
b4:28:4c:97:70:a3:f4:0b:20:db:f1:d3:83:dc:60:
cf:1a:c4:04:68:b5:70:73:d7:c7:f3:a0:ec:8d:a7:
4b:46:d0:a4:e0:f6:32:86:32:f6:3c:b8:ab:39:ca:
1f:46:08:cd:43:0b:65:16:76:84:f7:df:33:45:d0:
ad:15:9b:d3:12:ef:d5:32:f4:60:90:ef:bf:2b:6c:
2a:82:98:ca:c6:96:ed:40:98:7c:94:b1:05:29:c5:
31:72:b8:da:6f:21:a3:18:bc:7e:0c:85:10:8a:3d:
c0:83:cb:b3:e1:47:6b:ec:1c:7d:10:74:b5:82:37:
55:f0:f8:2a:0f:8e:5e:f5:3c:ce:97:04:11:72:f4:
23:3f:98:62:db:fa:bc:6a:af:a8:b4:53:35:c7:a5:
c5:2e:45:2f:aa:21:b2:83:cf:17:d9:4a:c3:b7:c1:
40:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:4F:40:2A:57:CF:0D:F7:96:C8:B9:69:A7:6A:68:16:34:B3:32:EC
X509v3 Authority Key Identifier:
keyid:60:1D:C0:0F:9A:48:1B:41:50:86:B1:43:A7:DD:4C:DA:1F:FB:24:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YB3AD5pIG0FQhrFDp91M2h_7JHA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/YB3AD5pIG0FQhrFDp91M2h_7JHA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/YB3AD5pIG0FQhrFDp91M2h_7JHA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:b9:5d:bb:27:07:31:91:5a:cd:fb:ee:d7:fd:d3:9d:36:7d:
8e:05:5e:42:f9:16:f7:29:cc:c4:ac:18:9d:6f:ac:6e:17:28:
dc:3d:fb:d2:e3:06:6c:cc:cf:78:33:47:b5:3d:cc:a8:8c:9e:
1e:ef:52:c6:d3:66:c4:49:da:c6:62:a6:d4:53:a0:cb:68:e2:
97:29:0e:30:80:03:d6:86:5b:b4:dc:e6:76:21:0f:0b:8b:97:
74:1d:fe:cd:2f:bb:38:c4:f0:6c:1e:ca:17:74:56:56:94:0b:
2f:15:d7:60:f4:3d:ee:73:2e:d4:71:f8:eb:06:bf:b8:95:a3:
a6:cb:ce:6d:ab:25:af:52:9d:ff:d5:2d:3a:5f:d6:53:6f:94:
7c:cc:25:c2:51:31:6b:fc:8a:2d:b4:aa:7e:ea:fd:44:69:03:
7a:fa:66:74:73:c5:b2:d6:66:89:db:26:30:a4:88:da:a5:b9:
3e:80:d9:f7:99:a3:d1:6d:1b:26:74:e7:e3:0e:9a:bc:58:aa:
1d:1e:07:5e:0f:ea:60:24:24:03:50:98:d9:8c:c0:83:88:65:
d1:24:60:0b:3d:24:f4:e3:6c:1b:e8:1d:85:f8:cd:df:f1:f9:
29:75:a3:0b:e6:3b:d8:bb:37:98:d8:2e:b9:28:94:9c:b2:09:
7c:90:6d:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXMzcx8E5L9ahQdpac9WLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMWRjMDBmOWE0ODFiNDE1MDg2YjE0M2E3ZGQ0Y2RhMWZm
YjI0NzAwHhcNMjUxMTExMTAwMTE1WhcNMjUxMTEyMTAwMTE1WjAzMTEwLwYDVQQD
EyhlYjRmNDAyYTU3Y2YwZGY3OTZjOGI5NjlhNzZhNjgxNjM0YjMzMmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzq2RuT21TArwicaj3jCp5FaWtcwp
A8HfUf8DMXL+JdxvOjdIIoaler4ncQQ1lbZ+rQ+d/uJXuxYhgO7/Loo94uCi0rb9
rNBjXeGG+k/pg7xVBqZ85vzMX1S0KEyXcKP0CyDb8dOD3GDPGsQEaLVwc9fH86Ds
jadLRtCk4PYyhjL2PLirOcofRgjNQwtlFnaE998zRdCtFZvTEu/VMvRgkO+/K2wq
gpjKxpbtQJh8lLEFKcUxcrjabyGjGLx+DIUQij3Ag8uz4Udr7Bx9EHS1gjdV8Pgq
D45e9TzOlwQRcvQjP5hi2/q8aq+otFM1x6XFLkUvqiGyg88X2UrDt8FAXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOtPQCpXzw33lsi5aadqaBY0szLsMB8GA1UdIwQY
MBaAFGAdwA+aSBtBUIaxQ6fdTNof+yRwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUIzQUQ1cElHMEZRaHJGRHA5MU0yaF83SkhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9hYjJiMjUtMmExMy00MWYwLWI5YzUt
ZmJhNDliMGNkZGVkLzEvWUIzQUQ1cElHMEZRaHJGRHA5MU0yaF83SkhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9hYjJiMjUtMmExMy00MWYwLWI5YzUtZmJhNDliMGNkZGVk
LzEvWUIzQUQ1cElHMEZRaHJGRHA5MU0yaF83SkhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWrlduycH
MZFazfvu1/3TnTZ9jgVeQvkW9ynMxKwYnW+sbhco3D370uMGbMzPeDNHtT3MqIye
Hu9SxtNmxEnaxmKm1FOgy2jilykOMIAD1oZbtNzmdiEPC4uXdB3+zS+7OMTwbB7K
F3RWVpQLLxXXYPQ97nMu1HH46wa/uJWjpsvObaslr1Kd/9UtOl/WU2+UfMwlwlEx
a/yKLbSqfur9RGkDevpmdHPFstZmidsmMKSI2qW5PoDZ95mj0W0bJnTn4w6avFiq
HR4HXg/qYCQkA1CY2YzAg4hl0SRgCz0k9ONsG+gdhfjN3/H5KXWjC+Y72Ls3mNgu
uSiUnLIJfJBtog==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:04:40 2025 by rpki-client