Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/8cf962-074f-41ac-ae2a-816203d21d12/1/Y1OCnAYaivJt6Ub8noGIXHTBdMc.mft
File: Y1OCnAYaivJt6Ub8noGIXHTBdMc.mft (raw, json)
Hash identifier: lBORXQf/p9oLB5FaoDvJywwCc1uCoUMyL9FkBHdTpNU=
Subject key identifier: 0B:DC:FC:D7:42:81:B2:03:AC:0E:29:92:BD:67:BC:6F:2B:C8:95:FB
Authority key identifier: 63:53:82:9C:06:1A:8A:F2:6D:E9:46:FC:9E:81:88:5C:74:C1:74:C7
Certificate issuer: /CN=6353829c061a8af26de946fc9e81885c74c174c7
Certificate serial: 019A71EEA1B23A20BDACDE8D7A0C481D1E36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y1OCnAYaivJt6Ub8noGIXHTBdMc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/8cf962-074f-41ac-ae2a-816203d21d12/1/Y1OCnAYaivJt6Ub8noGIXHTBdMc.mft
Manifest number: 0921
Signing time: Tue 11 Nov 2025 08:00:55 +0000
Manifest this update: Tue 11 Nov 2025 08:00:55 +0000
Manifest next update: Wed 12 Nov 2025 08:00:55 +0000
Files and hashes: 1: La2c1GzhO3LCYjtEuOjFcoNgj6s.roa (hash: hdTkzvggjd5erT4guotzR+j9YHEwpmHcJ+YP7gw1WZs=)
2: Y1OCnAYaivJt6Ub8noGIXHTBdMc.crl (hash: CFvKO7a9rJOMLTJ4H2mEh7Fs+/PzbF67FiidwuUXf4k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/8cf962-074f-41ac-ae2a-816203d21d12/1/Y1OCnAYaivJt6Ub8noGIXHTBdMc.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/8cf962-074f-41ac-ae2a-816203d21d12/1/Y1OCnAYaivJt6Ub8noGIXHTBdMc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y1OCnAYaivJt6Ub8noGIXHTBdMc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:a1:b2:3a:20:bd:ac:de:8d:7a:0c:48:1d:1e:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6353829c061a8af26de946fc9e81885c74c174c7
Validity
Not Before: Nov 11 08:00:55 2025 GMT
Not After : Nov 12 08:00:55 2025 GMT
Subject: CN=0bdcfcd74281b203ac0e2992bd67bc6f2bc895fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:67:49:b7:18:fd:ce:d3:5f:0d:c4:66:de:cf:
e4:93:41:6c:3b:c8:fa:4a:f3:63:2b:f7:9c:16:6b:
10:22:06:ce:4d:8d:3e:c2:8b:c7:e6:ec:c5:15:12:
c2:88:3a:f4:b5:64:4a:77:cb:04:9b:6b:14:a2:ca:
02:62:30:98:fe:33:13:0d:7c:87:37:32:59:6c:8c:
13:9a:e3:b0:9f:d6:00:30:a9:5b:8e:ee:4d:55:c5:
0c:48:d3:ed:90:8c:08:0c:ce:31:c9:de:4a:5c:c9:
ec:f0:07:ab:63:7f:de:f8:b5:63:9a:04:3e:39:d7:
39:a2:8a:44:f6:02:1e:ac:89:c5:d1:14:fd:98:46:
19:46:ee:37:94:c7:1e:0f:00:d8:fa:db:07:4d:4c:
36:98:19:4b:b8:e4:40:66:5f:ac:de:4a:83:7d:87:
90:f6:48:68:55:09:17:bb:d8:05:e5:2f:d1:d7:ce:
81:be:42:d3:60:4a:9d:0e:5f:7f:73:1e:83:50:a7:
7c:d9:31:a4:f9:3d:c2:d0:d4:0f:7f:f8:36:89:4e:
8c:1b:13:ac:78:02:63:4c:26:53:fc:8b:10:6d:6a:
28:e7:a9:24:eb:02:ed:44:9d:25:86:5e:a7:b7:b6:
c9:0d:8b:41:c6:cc:75:ef:61:59:d8:ec:61:ef:3c:
45:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:DC:FC:D7:42:81:B2:03:AC:0E:29:92:BD:67:BC:6F:2B:C8:95:FB
X509v3 Authority Key Identifier:
keyid:63:53:82:9C:06:1A:8A:F2:6D:E9:46:FC:9E:81:88:5C:74:C1:74:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y1OCnAYaivJt6Ub8noGIXHTBdMc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/8cf962-074f-41ac-ae2a-816203d21d12/1/Y1OCnAYaivJt6Ub8noGIXHTBdMc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/8cf962-074f-41ac-ae2a-816203d21d12/1/Y1OCnAYaivJt6Ub8noGIXHTBdMc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:49:57:0d:b8:3f:7f:1b:4a:7f:d2:cf:5e:60:bc:12:31:a3:
1d:2d:cc:21:ab:82:f2:eb:8f:45:59:7a:30:80:d3:01:fb:47:
b2:f0:1b:a4:37:b9:be:8b:89:38:25:53:ca:6e:d0:59:46:c1:
b4:01:51:2c:eb:f3:b7:33:0b:80:9d:06:89:c7:8e:dd:a2:6f:
8e:e1:76:15:16:a3:9c:34:14:c4:21:8e:44:62:37:ae:a9:9c:
51:33:ad:c3:e1:44:cf:f9:3e:44:7c:07:27:33:b6:2f:76:5f:
6d:6e:fa:97:99:17:6d:bb:4b:07:97:a3:20:f5:a0:1f:05:e2:
5d:90:54:44:72:65:43:b7:92:09:4f:85:fa:73:aa:39:a5:18:
77:d6:5c:c0:33:b1:e0:70:c2:e2:00:29:bb:12:01:f3:22:fc:
72:2a:ca:ee:27:cf:af:a4:c9:2d:bb:2d:19:2e:38:4b:35:0e:
11:c1:47:08:0c:e8:bc:03:f9:41:e2:c7:e9:78:9d:64:4e:ac:
00:38:45:b4:14:5b:87:1b:83:f8:6a:13:c2:da:09:59:dc:ec:
9f:16:b3:f9:b3:92:53:6c:fb:6d:ab:51:6e:29:1b:b8:27:9d:
06:51:ee:f7:08:27:03:e3:3f:3e:6a:29:c7:f2:86:64:2d:1b:
b6:35:4e:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7qGyOiC9rN6NegxIHR42MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNTM4MjljMDYxYThhZjI2ZGU5NDZmYzllODE4ODVjNzRj
MTc0YzcwHhcNMjUxMTExMDgwMDU1WhcNMjUxMTEyMDgwMDU1WjAzMTEwLwYDVQQD
EygwYmRjZmNkNzQyODFiMjAzYWMwZTI5OTJiZDY3YmM2ZjJiYzg5NWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGdJtxj9ztNfDcRm3s/kk0FsO8j6
SvNjK/ecFmsQIgbOTY0+wovH5uzFFRLCiDr0tWRKd8sEm2sUosoCYjCY/jMTDXyH
NzJZbIwTmuOwn9YAMKlbju5NVcUMSNPtkIwIDM4xyd5KXMns8AerY3/e+LVjmgQ+
Odc5oopE9gIerInF0RT9mEYZRu43lMceDwDY+tsHTUw2mBlLuORAZl+s3kqDfYeQ
9khoVQkXu9gF5S/R186BvkLTYEqdDl9/cx6DUKd82TGk+T3C0NQPf/g2iU6MGxOs
eAJjTCZT/IsQbWoo56kk6wLtRJ0lhl6nt7bJDYtBxsx172FZ2Oxh7zxFIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAvc/NdCgbIDrA4pkr1nvG8ryJX7MB8GA1UdIwQY
MBaAFGNTgpwGGorybelG/J6BiFx0wXTHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTFPQ25BWWFpdkp0NlViOG5vR0lYSFRCZE1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS84Y2Y5NjItMDc0Zi00MWFjLWFlMmEt
ODE2MjAzZDIxZDEyLzEvWTFPQ25BWWFpdkp0NlViOG5vR0lYSFRCZE1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS84Y2Y5NjItMDc0Zi00MWFjLWFlMmEtODE2MjAzZDIxZDEy
LzEvWTFPQ25BWWFpdkp0NlViOG5vR0lYSFRCZE1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANklXDbg/
fxtKf9LPXmC8EjGjHS3MIauC8uuPRVl6MIDTAftHsvAbpDe5vouJOCVTym7QWUbB
tAFRLOvztzMLgJ0GiceO3aJvjuF2FRajnDQUxCGORGI3rqmcUTOtw+FEz/k+RHwH
JzO2L3ZfbW76l5kXbbtLB5ejIPWgHwXiXZBURHJlQ7eSCU+F+nOqOaUYd9ZcwDOx
4HDC4gApuxIB8yL8cirK7ifPr6TJLbstGS44SzUOEcFHCAzovAP5QeLH6XidZE6s
ADhFtBRbhxuD+GoTwtoJWdzsnxaz+bOSU2z7batRbikbuCedBlHu9wgnA+M/Pmop
x/KGZC0btjVOgg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:26:50 2025 by rpki-client