Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
File: yrk2s1-SzexekN8zvcUIZhwntFU.mft (raw, json)
Hash identifier: ejvPCFPD5vk9SslMsS11bZTh1hAmnOHBbu0ne6OPJ2E=
Subject key identifier: 45:8A:DE:5C:2E:70:99:7D:9A:2A:D6:6A:E8:9B:9E:80:44:86:7A:5E
Authority key identifier: CA:B9:36:B3:5F:92:CD:EC:5E:90:DF:33:BD:C5:08:66:1C:27:B4:55
Certificate issuer: /CN=cab936b35f92cdec5e90df33bdc508661c27b455
Certificate serial: 019E333CD2C8A194F12B8B8B0296107B6E87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
Manifest number: 1047
Signing time: Sun 17 May 2026 00:01:24 +0000
Manifest this update: Sun 17 May 2026 00:01:24 +0000
Manifest next update: Mon 18 May 2026 00:01:24 +0000
Files and hashes: 1: 3me9x6h3lSEZqUVidDsZ7ac0L_U.roa (hash: JBCZWk53MUOqTUtRTfVY6AmHie1EcXDJvYsQQVSkdlA=)
2: npk6WkIHJCvL3_l_cXYjMzft0kI.roa (hash: t+MEBsgDts42eIKY0nTbdaPBG3x9AZb+9dTa2sHYe1g=)
3: yrk2s1-SzexekN8zvcUIZhwntFU.crl (hash: 25dlPBjlBXTGDfQ+xsLwcvMvwP9OBkSI+7YpZgrRIuw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 21:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:33:3c:d2:c8:a1:94:f1:2b:8b:8b:02:96:10:7b:6e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cab936b35f92cdec5e90df33bdc508661c27b455
Validity
Not Before: May 17 00:01:24 2026 GMT
Not After : May 18 00:01:24 2026 GMT
Subject: CN=458ade5c2e70997d9a2ad66ae89b9e8044867a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:b2:f5:c7:b1:ed:96:04:1d:d7:bc:f1:6b:62:
3c:c1:20:8c:39:e8:37:8c:98:14:0a:d2:f1:fb:02:
94:c0:a9:ba:f4:81:66:ee:a6:8d:98:52:90:c6:de:
7d:b7:32:21:ba:93:9f:6a:4e:63:07:03:57:99:02:
fe:a4:de:c4:c9:48:9f:79:ab:8b:b4:fd:73:04:43:
c8:50:fe:99:f9:fe:1e:ad:92:58:e7:89:4b:a5:50:
49:01:8d:7f:90:04:50:e2:a9:8d:91:13:dc:06:06:
54:7c:09:4d:c1:10:e2:0f:e9:51:53:25:bc:92:d9:
2b:dc:fc:3a:da:e8:9a:93:b1:82:60:81:09:7c:d7:
24:25:b3:ad:c5:e6:2f:3c:ec:fe:1e:6d:d6:80:39:
a7:f7:d3:24:30:dc:e3:eb:8a:2f:10:e3:c7:70:4f:
84:c7:43:9a:22:82:9b:88:a0:68:86:d8:4b:97:25:
f2:16:bb:b2:03:a6:5d:27:63:3b:24:4f:aa:d4:ca:
49:47:8e:ed:42:30:a5:f2:01:7a:b1:4d:9e:a4:06:
f1:dd:af:b3:fb:0a:58:05:26:54:81:01:c4:e1:77:
4a:5c:fc:ee:76:ef:f3:d8:3b:90:c3:00:a8:0d:3e:
50:96:a9:f1:39:58:54:c2:50:46:c4:09:a0:f2:61:
5f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:8A:DE:5C:2E:70:99:7D:9A:2A:D6:6A:E8:9B:9E:80:44:86:7A:5E
X509v3 Authority Key Identifier:
keyid:CA:B9:36:B3:5F:92:CD:EC:5E:90:DF:33:BD:C5:08:66:1C:27:B4:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:73:25:be:f3:f9:2a:8f:d5:06:81:c1:2e:00:29:95:56:18:
c3:fc:fd:05:06:b4:91:f5:f2:d6:bd:22:84:87:48:7b:b9:b2:
8a:51:da:f8:b1:8c:6a:08:03:1d:98:5a:df:0b:80:a2:15:34:
a8:4a:fa:c3:6f:77:7b:80:ae:57:07:95:a0:19:c5:5f:1d:60:
16:e4:61:ed:0c:eb:1f:22:1c:b5:94:70:cc:2a:55:71:95:c8:
46:e5:35:b8:6e:65:21:2b:90:ad:f7:9c:51:a4:c4:e6:85:03:
3d:38:97:27:11:13:12:ce:81:e9:24:5d:78:aa:eb:bc:2d:34:
f8:d9:fe:7b:5d:c0:40:9a:92:16:55:ad:32:39:e2:01:7b:5a:
c8:41:e4:33:c6:68:6a:58:73:93:74:fe:39:d4:db:e9:e4:e4:
32:ac:05:98:9c:4a:92:36:b8:bb:01:45:7b:bf:6b:09:23:53:
47:e7:ba:bc:eb:62:87:3f:42:e0:69:d8:6e:62:ab:7b:46:75:
07:9e:7c:5e:46:da:a3:55:d3:d7:f9:23:bf:56:fb:52:e3:7d:
19:75:9c:9f:5b:b6:ae:9d:c1:19:d1:dd:74:9d:dc:b2:98:cc:
07:d1:da:79:33:1d:c5:6f:db:fa:b6:e0:8a:52:a8:49:f2:c3:
2f:ab:de:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4zPNLIoZTxK4uLApYQe26HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYjkzNmIzNWY5MmNkZWM1ZTkwZGYzM2JkYzUwODY2MWMy
N2I0NTUwHhcNMjYwNTE3MDAwMTI0WhcNMjYwNTE4MDAwMTI0WjAzMTEwLwYDVQQD
Eyg0NThhZGU1YzJlNzA5OTdkOWEyYWQ2NmFlODliOWU4MDQ0ODY3YTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4bL1x7HtlgQd17zxa2I8wSCMOeg3
jJgUCtLx+wKUwKm69IFm7qaNmFKQxt59tzIhupOfak5jBwNXmQL+pN7EyUifeauL
tP1zBEPIUP6Z+f4erZJY54lLpVBJAY1/kARQ4qmNkRPcBgZUfAlNwRDiD+lRUyW8
ktkr3Pw62uiak7GCYIEJfNckJbOtxeYvPOz+Hm3WgDmn99MkMNzj64ovEOPHcE+E
x0OaIoKbiKBohthLlyXyFruyA6ZdJ2M7JE+q1MpJR47tQjCl8gF6sU2epAbx3a+z
+wpYBSZUgQHE4XdKXPzudu/z2DuQwwCoDT5QlqnxOVhUwlBGxAmg8mFfTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWK3lwucJl9mirWauibnoBEhnpeMB8GA1UdIwQY
MBaAFMq5NrNfks3sXpDfM73FCGYcJ7RVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yZjk3N2EtYzBkYi00MzdlLTlmNjAt
NTU5MjM2MGUzZThlLzEveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yZjk3N2EtYzBkYi00MzdlLTlmNjAtNTU5MjM2MGUzZThl
LzEveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdnMlvvP5
Ko/VBoHBLgAplVYYw/z9BQa0kfXy1r0ihIdIe7myilHa+LGMaggDHZha3wuAohU0
qEr6w293e4CuVweVoBnFXx1gFuRh7QzrHyIctZRwzCpVcZXIRuU1uG5lISuQrfec
UaTE5oUDPTiXJxETEs6B6SRdeKrrvC00+Nn+e13AQJqSFlWtMjniAXtayEHkM8Zo
alhzk3T+OdTb6eTkMqwFmJxKkja4uwFFe79rCSNTR+e6vOtihz9C4GnYbmKre0Z1
B558Xkbao1XT1/kjv1b7UuN9GXWcn1u2rp3BGdHddJ3cspjMB9HaeTMdxW/b+rbg
ilKoSfLDL6ve9w==
-----END CERTIFICATE-----
Generated at Sun May 17 02:55:11 2026 by rpki-client