Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
File: yrk2s1-SzexekN8zvcUIZhwntFU.mft (raw, json)
Hash identifier: 6Lgtw10OM90ckUiNVLbgZZpAQ1T2LUbsZDtYtAcFgbo=
Subject key identifier: 06:6B:82:F3:8F:FF:5C:F1:FC:CB:C7:B4:0A:44:C5:2B:0C:AF:70:FB
Authority key identifier: CA:B9:36:B3:5F:92:CD:EC:5E:90:DF:33:BD:C5:08:66:1C:27:B4:55
Certificate issuer: /CN=cab936b35f92cdec5e90df33bdc508661c27b455
Certificate serial: 01993123A3AD9C10254A4BD7B273D8826FAC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
Manifest number: 0DAB
Signing time: Wed 10 Sep 2025 01:00:43 +0000
Manifest this update: Wed 10 Sep 2025 01:00:43 +0000
Manifest next update: Thu 11 Sep 2025 01:00:43 +0000
Files and hashes: 1: jXQtN0_lH1jMkgeFoBItsFqK9sA.roa (hash: CEWMWhf6Wo0twHsiVnqhdkBQ3a5xIOWXXq6UQo1OqpU=)
2: k4w-6jVNy-8iNTxThqtVK8dHfNM.roa (hash: i49dbw3SszheCL/rtxIrLH6ESMYCJl9JAeSfGhPrYzs=)
3: yrk2s1-SzexekN8zvcUIZhwntFU.crl (hash: DnjHhc2uLVe7RlnEpX5A6HWbEaHHV2VKfJiz7oVAst0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 21:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:31:23:a3:ad:9c:10:25:4a:4b:d7:b2:73:d8:82:6f:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cab936b35f92cdec5e90df33bdc508661c27b455
Validity
Not Before: Sep 10 01:00:43 2025 GMT
Not After : Sep 11 01:00:43 2025 GMT
Subject: CN=066b82f38fff5cf1fccbc7b40a44c52b0caf70fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:55:b8:0e:31:92:2a:29:30:21:31:84:20:49:
8a:fd:52:02:1f:96:49:dc:b8:fa:71:45:93:22:17:
9c:72:5f:81:64:13:1a:e3:0f:83:6a:d6:ae:db:92:
eb:46:6b:91:26:6a:f0:7a:af:6b:7c:73:d6:fb:0e:
80:c9:0e:4f:3e:8c:18:29:ae:25:5a:ab:5c:39:2b:
93:67:27:09:99:2a:ff:fe:0f:5d:46:05:5c:36:29:
5c:5d:f5:43:1e:46:d3:91:d3:9f:49:76:67:3d:82:
55:30:7d:f0:bd:69:99:9e:b1:0a:fa:d8:56:3d:4b:
5d:62:8f:9f:70:e6:38:f4:b1:04:de:3a:be:88:3f:
2c:c1:c9:bc:44:3f:ed:e5:32:f7:7d:dd:83:e1:d3:
74:b8:0f:15:9a:dd:f4:ae:a9:b9:4b:6f:fb:97:44:
0a:e0:cf:7c:4a:10:2e:33:8c:6f:4a:84:8d:fb:73:
dc:7d:8d:a3:29:b8:ff:e7:d8:e8:c2:9f:9a:ac:a6:
2c:ed:9a:70:61:d2:ce:f1:d7:a5:89:23:07:71:99:
e0:2f:e3:b4:11:ad:f2:fb:b5:2e:6e:f4:65:fa:cb:
c2:69:03:b7:b9:f9:08:7e:7d:bc:44:36:22:e1:ae:
fd:c6:7a:b9:f0:d3:dc:00:2a:9f:92:af:90:eb:52:
7c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:6B:82:F3:8F:FF:5C:F1:FC:CB:C7:B4:0A:44:C5:2B:0C:AF:70:FB
X509v3 Authority Key Identifier:
keyid:CA:B9:36:B3:5F:92:CD:EC:5E:90:DF:33:BD:C5:08:66:1C:27:B4:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:cd:68:6b:3a:3d:0e:f1:67:6a:b6:17:e8:f0:bc:2d:15:1e:
ff:5e:a4:f5:55:1b:e2:4e:84:03:06:a2:09:00:e3:74:21:5e:
79:74:c4:e0:3f:19:82:d8:e3:6b:4d:c0:15:ba:b9:a1:7e:8e:
5c:8a:ad:3c:11:f3:37:1b:4c:2e:61:4a:6c:eb:52:cd:04:80:
7b:28:40:29:b5:68:66:03:f1:88:f9:74:c5:40:ff:b0:ff:82:
13:68:11:eb:4e:82:c3:02:9d:b1:bd:de:e9:25:79:af:64:34:
c3:ce:82:71:c8:58:22:c0:b0:50:a5:c6:e6:5b:ee:6d:d1:c5:
68:f9:d9:7b:35:c3:f0:ba:73:6f:70:68:4b:ec:ce:85:bd:ed:
d7:50:ef:65:77:9d:c3:5a:33:92:51:8b:e1:10:a5:5f:ba:be:
14:67:9b:f5:f0:d2:81:e4:c0:27:6f:ff:b3:70:c7:a6:34:b5:
ef:e9:63:e1:02:a7:2c:af:38:63:7f:9e:dc:a9:5f:ae:fa:42:
b6:07:3a:2e:cd:8e:a5:8d:5d:53:36:1c:af:d7:73:d8:06:0f:
eb:e5:02:5f:cb:7d:26:e7:d0:c7:95:0a:a7:94:fa:ea:de:1b:
89:48:06:22:6e:ed:f9:d8:f4:7d:50:6f:de:22:a6:31:5a:25:
e7:b1:c6:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkxI6OtnBAlSkvXsnPYgm+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYjkzNmIzNWY5MmNkZWM1ZTkwZGYzM2JkYzUwODY2MWMy
N2I0NTUwHhcNMjUwOTEwMDEwMDQzWhcNMjUwOTExMDEwMDQzWjAzMTEwLwYDVQQD
EygwNjZiODJmMzhmZmY1Y2YxZmNjYmM3YjQwYTQ0YzUyYjBjYWY3MGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVW4DjGSKikwITGEIEmK/VICH5ZJ
3Lj6cUWTIheccl+BZBMa4w+Datau25LrRmuRJmrweq9rfHPW+w6AyQ5PPowYKa4l
WqtcOSuTZycJmSr//g9dRgVcNilcXfVDHkbTkdOfSXZnPYJVMH3wvWmZnrEK+thW
PUtdYo+fcOY49LEE3jq+iD8swcm8RD/t5TL3fd2D4dN0uA8Vmt30rqm5S2/7l0QK
4M98ShAuM4xvSoSN+3PcfY2jKbj/59jowp+arKYs7ZpwYdLO8deliSMHcZngL+O0
Ea3y+7UubvRl+svCaQO3ufkIfn28RDYi4a79xnq58NPcACqfkq+Q61J8JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAZrgvOP/1zx/MvHtApExSsMr3D7MB8GA1UdIwQY
MBaAFMq5NrNfks3sXpDfM73FCGYcJ7RVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yZjk3N2EtYzBkYi00MzdlLTlmNjAt
NTU5MjM2MGUzZThlLzEveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yZjk3N2EtYzBkYi00MzdlLTlmNjAtNTU5MjM2MGUzZThl
LzEveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANs1oazo9
DvFnarYX6PC8LRUe/16k9VUb4k6EAwaiCQDjdCFeeXTE4D8Zgtjja03AFbq5oX6O
XIqtPBHzNxtMLmFKbOtSzQSAeyhAKbVoZgPxiPl0xUD/sP+CE2gR606CwwKdsb3e
6SV5r2Q0w86CcchYIsCwUKXG5lvubdHFaPnZezXD8Lpzb3BoS+zOhb3t11DvZXed
w1ozklGL4RClX7q+FGeb9fDSgeTAJ2//s3DHpjS17+lj4QKnLK84Y3+e3KlfrvpC
tgc6Ls2OpY1dUzYcr9dz2AYP6+UCX8t9JufQx5UKp5T66t4biUgGIm7t+dj0fVBv
3iKmMVol57HGUw==
-----END CERTIFICATE-----
Generated at Wed Sep 10 03:06:55 2025 by rpki-client