Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
File: yrk2s1-SzexekN8zvcUIZhwntFU.mft (raw, json)
Hash identifier: D8eNTy2mOr1NRGh8aqWAD2H5qIjxC6XQso0kyDN8X08=
Subject key identifier: FE:10:E0:D9:C4:C8:51:F5:3E:FF:B9:AC:D8:18:80:B7:EF:09:62:EE
Authority key identifier: CA:B9:36:B3:5F:92:CD:EC:5E:90:DF:33:BD:C5:08:66:1C:27:B4:55
Certificate issuer: /CN=cab936b35f92cdec5e90df33bdc508661c27b455
Certificate serial: 019D389BCECEAFB474A76DE23E9508C357C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
Manifest number: 0FC2
Signing time: Sun 29 Mar 2026 08:00:28 +0000
Manifest this update: Sun 29 Mar 2026 08:00:28 +0000
Manifest next update: Mon 30 Mar 2026 08:00:28 +0000
Files and hashes: 1: L8uu4ebfrDkqdQimnWmdpvR7zrQ.roa (hash: Pgl4nKmggpktguryDKN7jPFRY/SQE3vFvuMFMU7msdI=)
2: t72vzDed8xwwFdYwzkhMty8CSXI.roa (hash: YW4OPr8TGjFQl6muhUEM/uVQLLBIy3RVHE6bb2pg68w=)
3: yrk2s1-SzexekN8zvcUIZhwntFU.crl (hash: CEeVVTQMwQEkTh5FnUNlpQ872svwBeCPeN1DIWZZFQA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:ce:ce:af:b4:74:a7:6d:e2:3e:95:08:c3:57:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cab936b35f92cdec5e90df33bdc508661c27b455
Validity
Not Before: Mar 29 08:00:28 2026 GMT
Not After : Mar 30 08:00:28 2026 GMT
Subject: CN=fe10e0d9c4c851f53effb9acd81880b7ef0962ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d8:7b:6b:d8:5e:3b:9c:e8:2f:4f:49:9b:fb:
03:86:37:47:e4:32:1c:32:47:f4:e2:6e:cb:a1:55:
de:c9:34:81:00:41:5d:3b:65:45:fe:01:db:96:04:
8f:78:6b:20:33:36:27:33:e7:98:08:06:84:47:5e:
8b:8a:97:37:6a:62:5f:27:fc:0c:05:8f:27:7e:c8:
fd:93:c4:fb:1c:ef:6a:3f:66:02:00:21:ff:a7:46:
6c:dc:c2:6c:af:99:66:93:cb:8c:2f:a8:84:4c:e8:
8e:7d:39:23:45:71:18:11:b5:38:06:f6:c7:1e:76:
0a:b2:12:da:11:f9:b9:ea:83:d2:9d:18:3a:ca:fe:
f7:b0:63:1b:2f:b4:d6:24:72:75:ef:be:20:a9:06:
07:bb:11:83:6c:6f:55:b0:e4:a8:4a:84:3f:0a:1d:
40:5c:36:87:e4:53:a6:33:8e:aa:ec:14:81:fa:a6:
47:b5:07:d3:30:e0:8e:e5:77:cc:da:2c:d1:b3:00:
9d:ca:bd:f7:ec:b0:49:ff:cf:ee:c8:bc:30:2a:c7:
e4:9b:64:7d:4e:7a:f7:a2:ae:3a:1e:10:5b:14:b1:
48:64:23:23:0b:6e:98:f3:8c:8a:89:e3:64:81:ef:
a1:e9:6f:ce:41:26:58:73:b5:65:23:4c:c1:e5:b6:
72:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:10:E0:D9:C4:C8:51:F5:3E:FF:B9:AC:D8:18:80:B7:EF:09:62:EE
X509v3 Authority Key Identifier:
keyid:CA:B9:36:B3:5F:92:CD:EC:5E:90:DF:33:BD:C5:08:66:1C:27:B4:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:6f:04:da:d3:9f:b0:1e:32:54:79:e2:f6:a2:97:b4:6d:f8:
79:e3:c5:b3:1b:2d:63:ee:df:d9:11:fa:cb:34:65:a8:50:55:
6b:80:3a:c2:f2:a6:95:7e:91:b4:5a:2f:e8:4d:42:0d:88:d7:
f7:a5:97:c0:54:92:e9:32:9a:bf:c4:f7:e7:4d:42:36:ce:bd:
33:28:4e:44:b1:64:55:b0:01:b1:d6:50:3e:fa:d0:e4:fe:4e:
72:68:6d:ab:7a:1c:e5:73:46:ea:5d:40:38:b5:0e:ec:65:f3:
6a:0f:40:9d:e0:67:34:21:9b:83:54:c5:27:04:08:9c:b8:9b:
e5:01:42:bf:76:3c:00:a5:76:e9:1e:b3:6e:67:23:1d:5a:26:
32:3f:ea:13:7c:ed:99:a8:36:72:34:dd:27:44:5c:ea:2f:51:
51:ed:93:20:44:57:dd:ce:bb:3a:8d:8e:e5:2b:39:ba:80:68:
e6:b6:1f:ee:11:71:10:ee:90:35:53:ab:e3:6f:52:0e:c2:76:
90:24:43:5e:0e:e3:e1:c8:05:ef:0b:26:07:ed:84:82:7f:51:
bf:92:dc:23:b1:fe:07:12:80:07:11:7e:1a:f9:03:88:7f:3b:
82:3b:f8:71:9b:0d:57:34:d3:53:cd:9c:4d:48:37:48:a9:87:
b8:36:ee:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m87Or7R0p23iPpUIw1fDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYjkzNmIzNWY5MmNkZWM1ZTkwZGYzM2JkYzUwODY2MWMy
N2I0NTUwHhcNMjYwMzI5MDgwMDI4WhcNMjYwMzMwMDgwMDI4WjAzMTEwLwYDVQQD
EyhmZTEwZTBkOWM0Yzg1MWY1M2VmZmI5YWNkODE4ODBiN2VmMDk2MmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNh7a9heO5zoL09Jm/sDhjdH5DIc
Mkf04m7LoVXeyTSBAEFdO2VF/gHblgSPeGsgMzYnM+eYCAaER16Lipc3amJfJ/wM
BY8nfsj9k8T7HO9qP2YCACH/p0Zs3MJsr5lmk8uML6iETOiOfTkjRXEYEbU4BvbH
HnYKshLaEfm56oPSnRg6yv73sGMbL7TWJHJ1774gqQYHuxGDbG9VsOSoSoQ/Ch1A
XDaH5FOmM46q7BSB+qZHtQfTMOCO5XfM2izRswCdyr337LBJ/8/uyLwwKsfkm2R9
Tnr3oq46HhBbFLFIZCMjC26Y84yKieNkge+h6W/OQSZYc7VlI0zB5bZy+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP4Q4NnEyFH1Pv+5rNgYgLfvCWLuMB8GA1UdIwQY
MBaAFMq5NrNfks3sXpDfM73FCGYcJ7RVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yZjk3N2EtYzBkYi00MzdlLTlmNjAt
NTU5MjM2MGUzZThlLzEveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yZjk3N2EtYzBkYi00MzdlLTlmNjAtNTU5MjM2MGUzZThl
LzEveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXG8E2tOf
sB4yVHni9qKXtG34eePFsxstY+7f2RH6yzRlqFBVa4A6wvKmlX6RtFov6E1CDYjX
96WXwFSS6TKav8T3501CNs69MyhORLFkVbABsdZQPvrQ5P5Ocmhtq3oc5XNG6l1A
OLUO7GXzag9AneBnNCGbg1TFJwQInLib5QFCv3Y8AKV26R6zbmcjHVomMj/qE3zt
mag2cjTdJ0Rc6i9RUe2TIERX3c67Oo2O5Ss5uoBo5rYf7hFxEO6QNVOr429SDsJ2
kCRDXg7j4cgF7wsmB+2Egn9Rv5LcI7H+BxKABxF+GvkDiH87gjv4cZsNVzTTU82c
TUg3SKmHuDbuZw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:07:39 2026 by rpki-client