Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.mft
File: Y4yD-aOj0hYKAXjKGcy0Og0vGJA.mft (raw, json)
Hash identifier: k/y3wgVe2MnaE4VBcKPqjiTKv1BAzwMxolT514dHEVM=
Subject key identifier: CB:34:5C:4B:ED:6B:58:AB:64:59:1F:5C:39:C7:73:E4:91:63:90:72
Authority key identifier: 63:8C:83:F9:A3:A3:D2:16:0A:01:78:CA:19:CC:B4:3A:0D:2F:18:90
Certificate issuer: /CN=638c83f9a3a3d2160a0178ca19ccb43a0d2f1890
Certificate serial: 019A2B5572C1FFB24149E0CD396B43C0EA02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.mft
Manifest number: 0CDD
Signing time: Tue 28 Oct 2025 15:00:11 +0000
Manifest this update: Tue 28 Oct 2025 15:00:11 +0000
Manifest next update: Wed 29 Oct 2025 15:00:11 +0000
Files and hashes: 1: 2ATvNbnGawNlZZ5eknfDSbXFIzQ.roa (hash: tXSd9lU5fCgD64Z/fTQv/A1ZJJrB3ZcLdqsIZET5sKI=)
2: Y4yD-aOj0hYKAXjKGcy0Og0vGJA.crl (hash: pNLPIBqb7VKUGqvBA3l44/PZuUdBu4QqgnMP4kbJ8UA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 14:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2b:55:72:c1:ff:b2:41:49:e0:cd:39:6b:43:c0:ea:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=638c83f9a3a3d2160a0178ca19ccb43a0d2f1890
Validity
Not Before: Oct 28 15:00:11 2025 GMT
Not After : Oct 29 15:00:11 2025 GMT
Subject: CN=cb345c4bed6b58ab64591f5c39c773e491639072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:38:8e:fa:05:99:b5:77:a1:fb:e4:e1:9d:df:
12:23:ce:0f:4a:df:e4:db:48:78:90:d8:f5:46:2e:
b4:21:c5:1a:06:e1:a9:e9:b5:80:88:cb:9e:31:1b:
89:ea:c1:cf:5d:09:16:cc:70:9e:97:92:af:f1:ba:
70:95:fc:86:70:1c:c5:6c:eb:e5:da:87:9a:3b:5a:
8c:d5:ad:d5:b4:a1:49:83:7f:55:24:b3:e1:47:8b:
29:d9:1f:6b:79:85:02:16:8c:35:5d:64:29:f5:55:
b7:c8:c1:ad:be:4a:6c:51:29:d1:99:93:b4:7e:27:
3c:35:06:41:be:40:1e:41:e8:6e:5d:b9:8a:6f:cd:
c6:62:bc:d5:25:c6:67:82:d4:e6:25:0f:f1:34:ff:
63:fe:d8:b3:49:ce:fe:ef:67:2c:5f:af:ff:53:80:
df:9b:46:d1:bc:a8:20:c1:8f:d5:36:81:d2:2c:82:
1d:59:e7:f1:a6:af:68:d7:ca:b2:8c:cd:20:72:4a:
d1:61:d2:07:21:0f:76:07:ba:af:a4:06:b6:8b:c8:
27:7d:75:e3:b7:74:e3:c9:6e:6a:0c:16:02:aa:db:
37:5a:ba:ab:3e:2d:07:de:db:f4:b3:64:51:f3:24:
2b:bb:7d:ae:f7:58:70:0a:0b:fc:de:a4:3a:f3:9e:
c5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:34:5C:4B:ED:6B:58:AB:64:59:1F:5C:39:C7:73:E4:91:63:90:72
X509v3 Authority Key Identifier:
keyid:63:8C:83:F9:A3:A3:D2:16:0A:01:78:CA:19:CC:B4:3A:0D:2F:18:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c9:0f:cc:57:cc:a5:90:a7:37:83:e0:8b:37:2e:c1:af:ab:7e:
ea:65:3c:e3:80:eb:38:c6:f6:2f:59:e9:c2:27:a0:22:0f:bb:
c9:e4:16:4e:8e:7c:db:1c:5e:93:93:84:a5:23:1d:b3:4b:5e:
8d:2e:b1:d0:2f:7c:0c:4f:78:ca:fc:f2:9e:8a:a5:93:27:1e:
75:73:a0:bb:90:97:76:8f:8b:46:d2:3f:9f:8a:82:ae:3d:09:
c5:61:af:65:9d:5a:99:e6:60:8b:37:ef:c6:23:fa:aa:da:f0:
f4:57:24:e9:05:72:b8:2d:68:2b:7d:35:74:ed:99:cc:2e:65:
ba:b2:00:2e:67:f0:be:3d:81:6f:2c:fc:a5:ab:3d:13:6b:88:
e2:fb:59:01:91:60:c5:ba:cd:cf:c8:88:f0:04:57:81:1a:6f:
46:2d:ef:ae:7b:6d:e4:fe:de:f6:3d:b9:28:a8:60:da:6f:e2:
0a:55:0c:4f:e9:71:dc:b7:c5:b7:10:7c:ba:d8:5e:14:97:a3:
1f:35:65:c7:79:26:91:49:0b:2a:05:16:4a:a1:e0:02:2f:b5:
8e:85:d4:2d:68:00:88:de:8c:db:58:1b:49:46:ce:2d:e0:c0:
cf:3a:bf:65:6d:86:6c:34:2a:5b:97:6b:01:5c:0c:4f:08:ff:
ca:1d:1e:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZorVXLB/7JBSeDNOWtDwOoCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzOGM4M2Y5YTNhM2QyMTYwYTAxNzhjYTE5Y2NiNDNhMGQy
ZjE4OTAwHhcNMjUxMDI4MTUwMDExWhcNMjUxMDI5MTUwMDExWjAzMTEwLwYDVQQD
EyhjYjM0NWM0YmVkNmI1OGFiNjQ1OTFmNWMzOWM3NzNlNDkxNjM5MDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDiO+gWZtXeh++Thnd8SI84PSt/k
20h4kNj1Ri60IcUaBuGp6bWAiMueMRuJ6sHPXQkWzHCel5Kv8bpwlfyGcBzFbOvl
2oeaO1qM1a3VtKFJg39VJLPhR4sp2R9reYUCFow1XWQp9VW3yMGtvkpsUSnRmZO0
fic8NQZBvkAeQehuXbmKb83GYrzVJcZngtTmJQ/xNP9j/tizSc7+72csX6//U4Df
m0bRvKggwY/VNoHSLIIdWefxpq9o18qyjM0gckrRYdIHIQ92B7qvpAa2i8gnfXXj
t3TjyW5qDBYCqts3WrqrPi0H3tv0s2RR8yQru32u91hwCgv83qQ6857FXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMs0XEvta1irZFkfXDnHc+SRY5ByMB8GA1UdIwQY
MBaAFGOMg/mjo9IWCgF4yhnMtDoNLxiQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTR5RC1hT2owaFlLQVhqS0djeTBPZzB2R0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jYzNjMjgtN2IxMy00MzQzLWFmMzct
MjU1NTBiYTI5MTI3LzEvWTR5RC1hT2owaFlLQVhqS0djeTBPZzB2R0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jYzNjMjgtN2IxMy00MzQzLWFmMzctMjU1NTBiYTI5MTI3
LzEvWTR5RC1hT2owaFlLQVhqS0djeTBPZzB2R0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyQ/MV8yl
kKc3g+CLNy7Br6t+6mU844DrOMb2L1npwiegIg+7yeQWTo582xxek5OEpSMds0te
jS6x0C98DE94yvzynoqlkycedXOgu5CXdo+LRtI/n4qCrj0JxWGvZZ1ameZgizfv
xiP6qtrw9Fck6QVyuC1oK301dO2ZzC5lurIALmfwvj2Bbyz8pas9E2uI4vtZAZFg
xbrNz8iI8ARXgRpvRi3vrntt5P7e9j25KKhg2m/iClUMT+lx3LfFtxB8utheFJej
HzVlx3kmkUkLKgUWSqHgAi+1joXULWgAiN6M21gbSUbOLeDAzzq/ZW2GbDQqW5dr
AVwMTwj/yh0eVw==
-----END CERTIFICATE-----
Generated at Tue Oct 28 22:11:25 2025 by rpki-client