Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
File: yrk2s1-SzexekN8zvcUIZhwntFU.mft (raw, json)
Hash identifier: JpiJsDYKJT8+X91dlLGpC4em1jGsHcvuYbf++H7nawI=
Subject key identifier: 57:C5:7E:9E:AB:1F:D5:D5:00:5F:82:11:A8:6E:25:FA:BF:9A:30:5F
Authority key identifier: CA:B9:36:B3:5F:92:CD:EC:5E:90:DF:33:BD:C5:08:66:1C:27:B4:55
Certificate issuer: /CN=cab936b35f92cdec5e90df33bdc508661c27b455
Certificate serial: 019A2E2041182160AE0FAF1A552A6D895CDD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
Manifest number: 0E2E
Signing time: Wed 29 Oct 2025 04:00:56 +0000
Manifest this update: Wed 29 Oct 2025 04:00:56 +0000
Manifest next update: Thu 30 Oct 2025 04:00:56 +0000
Files and hashes: 1: jXQtN0_lH1jMkgeFoBItsFqK9sA.roa (hash: CEWMWhf6Wo0twHsiVnqhdkBQ3a5xIOWXXq6UQo1OqpU=)
2: k4w-6jVNy-8iNTxThqtVK8dHfNM.roa (hash: i49dbw3SszheCL/rtxIrLH6ESMYCJl9JAeSfGhPrYzs=)
3: yrk2s1-SzexekN8zvcUIZhwntFU.crl (hash: XOoPq4cKNhIx+Av2ODgAQ/jOnCoOhJAmZX+SfwQ3GNY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 Oct 2025 04:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2e:20:41:18:21:60:ae:0f:af:1a:55:2a:6d:89:5c:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cab936b35f92cdec5e90df33bdc508661c27b455
Validity
Not Before: Oct 29 04:00:56 2025 GMT
Not After : Oct 30 04:00:56 2025 GMT
Subject: CN=57c57e9eab1fd5d5005f8211a86e25fabf9a305f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:03:e0:4d:b6:fa:28:a7:38:50:72:b9:f7:59:
9d:54:4f:be:b2:a5:e2:31:14:c8:8d:6e:bf:4a:65:
2c:74:77:af:d0:aa:55:32:dd:cf:b5:68:e8:04:93:
2e:90:de:87:c7:49:b9:ac:af:9e:4f:4f:c5:6c:a9:
cc:76:78:ba:6f:f6:68:5f:ef:5c:ea:b6:1d:eb:4b:
02:9e:4c:21:a9:88:e3:cf:a5:61:b8:4e:73:49:c7:
d4:55:67:77:d2:84:71:3c:e7:82:9f:98:98:4d:f7:
e4:6e:19:d7:25:5e:2e:c1:83:7a:19:90:ee:09:d4:
b7:15:56:86:ca:88:e5:44:4c:5c:c6:82:1e:c6:ff:
c6:a6:5f:d6:7e:5c:fa:ad:4e:44:98:6d:91:fb:2f:
b6:f1:e3:6c:9c:96:cf:ba:d3:11:5e:89:52:8d:8f:
a5:de:81:2d:76:99:51:18:00:1b:bd:0f:0a:1d:f0:
85:71:f9:9c:05:81:e4:b3:58:32:47:cf:6a:3f:a5:
e0:cb:8e:dc:f1:0b:92:c9:d2:6e:a0:ff:fd:b6:7f:
ec:d3:5f:9a:6a:d8:c5:62:1c:67:5b:3b:07:5c:df:
a7:b5:ac:7d:1d:43:ca:8f:7a:7d:b2:da:15:68:79:
4e:9c:39:8f:05:aa:cf:93:10:55:79:8f:cf:71:b3:
e5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:C5:7E:9E:AB:1F:D5:D5:00:5F:82:11:A8:6E:25:FA:BF:9A:30:5F
X509v3 Authority Key Identifier:
keyid:CA:B9:36:B3:5F:92:CD:EC:5E:90:DF:33:BD:C5:08:66:1C:27:B4:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:c7:84:85:ab:21:28:8d:bc:7e:92:e3:d8:bc:ef:06:d3:f4:
18:74:92:77:3c:e2:5b:8c:43:6b:5c:25:82:83:c3:96:62:04:
38:b4:4b:a2:6d:69:5a:5f:58:c6:d1:64:08:99:dd:99:87:15:
ba:38:8a:b6:32:99:c6:d1:cd:86:ba:e1:b7:ed:5b:ca:ff:3c:
0f:94:41:d6:05:a5:f2:7d:ed:f8:59:41:ea:17:a3:bc:25:04:
25:1a:ac:27:33:23:50:ca:09:03:05:8d:4b:cf:50:53:af:98:
fa:c5:0f:a5:e3:eb:81:e1:92:c0:c1:f2:20:96:77:32:a9:62:
87:46:ef:5a:49:17:cc:49:23:82:9f:42:fb:6f:8e:84:fd:99:
6a:6c:98:5d:32:4b:80:61:45:97:0a:0c:5e:9d:71:bb:97:3c:
5a:f9:aa:7b:3c:5f:d3:a4:24:7f:24:99:92:a3:f2:bc:39:ad:
c3:66:a1:f7:aa:83:7d:ab:14:7e:f1:7a:1d:90:33:03:a4:e3:
60:65:1c:44:c6:34:81:88:7a:31:99:06:af:a0:18:23:90:4b:
ab:25:e5:b2:d9:a4:be:a2:9a:40:e1:79:e6:cd:91:70:8a:ae:
ed:f7:5d:1f:3a:32:a3:97:db:8f:18:62:46:f8:e1:09:ce:9b:
44:cd:d6:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZouIEEYIWCuD68aVSptiVzdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYjkzNmIzNWY5MmNkZWM1ZTkwZGYzM2JkYzUwODY2MWMy
N2I0NTUwHhcNMjUxMDI5MDQwMDU2WhcNMjUxMDMwMDQwMDU2WjAzMTEwLwYDVQQD
Eyg1N2M1N2U5ZWFiMWZkNWQ1MDA1ZjgyMTFhODZlMjVmYWJmOWEzMDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQPgTbb6KKc4UHK591mdVE++sqXi
MRTIjW6/SmUsdHev0KpVMt3PtWjoBJMukN6Hx0m5rK+eT0/FbKnMdni6b/ZoX+9c
6rYd60sCnkwhqYjjz6VhuE5zScfUVWd30oRxPOeCn5iYTffkbhnXJV4uwYN6GZDu
CdS3FVaGyojlRExcxoIexv/Gpl/Wflz6rU5EmG2R+y+28eNsnJbPutMRXolSjY+l
3oEtdplRGAAbvQ8KHfCFcfmcBYHks1gyR89qP6Xgy47c8QuSydJuoP/9tn/s01+a
atjFYhxnWzsHXN+ntax9HUPKj3p9stoVaHlOnDmPBarPkxBVeY/PcbPlIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFfFfp6rH9XVAF+CEahuJfq/mjBfMB8GA1UdIwQY
MBaAFMq5NrNfks3sXpDfM73FCGYcJ7RVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yZjk3N2EtYzBkYi00MzdlLTlmNjAt
NTU5MjM2MGUzZThlLzEveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yZjk3N2EtYzBkYi00MzdlLTlmNjAtNTU5MjM2MGUzZThl
LzEveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT8eEhash
KI28fpLj2LzvBtP0GHSSdzziW4xDa1wlgoPDlmIEOLRLom1pWl9YxtFkCJndmYcV
ujiKtjKZxtHNhrrht+1byv88D5RB1gWl8n3t+FlB6hejvCUEJRqsJzMjUMoJAwWN
S89QU6+Y+sUPpePrgeGSwMHyIJZ3Mqlih0bvWkkXzEkjgp9C+2+OhP2ZamyYXTJL
gGFFlwoMXp1xu5c8Wvmqezxf06QkfySZkqPyvDmtw2ah96qDfasUfvF6HZAzA6Tj
YGUcRMY0gYh6MZkGr6AYI5BLqyXlstmkvqKaQOF55s2RcIqu7fddHzoyo5fbjxhi
RvjhCc6bRM3Wtg==
-----END CERTIFICATE-----
Generated at Wed Oct 29 09:24:59 2025 by rpki-client