Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
File: YcaCaHQ-gj4OHIcAYMChQiPxUes.mft (raw, json)
Hash identifier: RTegbageevs9GMzI1IqEZWKWHk75dEf0N2jyAUBCmA0=
Subject key identifier: BB:F0:B6:0B:C1:8B:4A:32:EB:FC:24:17:B9:9D:D8:0E:FF:BF:10:4E
Authority key identifier: 61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
Certificate issuer: /CN=61c68268743e823e0e1c870060c0a14223f151eb
Certificate serial: 019D38D35A1A99FD7CA51D36B8C09E73AEC7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
Manifest number: 188F
Signing time: Sun 29 Mar 2026 09:01:08 +0000
Manifest this update: Sun 29 Mar 2026 09:01:08 +0000
Manifest next update: Mon 30 Mar 2026 09:01:08 +0000
Files and hashes: 1: YcaCaHQ-gj4OHIcAYMChQiPxUes.crl (hash: b1p77wsLfU0F/A0HQxie5CKqLj66Iu0WPfInx8obNZs=)
2: b8CCvMj6XsXWpjo1kqL4lHdDIeI.roa (hash: ORCFwxYaf4vPg6tOj10K2FmfsSRr15XuWRZrPrnhk3A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:5a:1a:99:fd:7c:a5:1d:36:b8:c0:9e:73:ae:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61c68268743e823e0e1c870060c0a14223f151eb
Validity
Not Before: Mar 29 09:01:08 2026 GMT
Not After : Mar 30 09:01:08 2026 GMT
Subject: CN=bbf0b60bc18b4a32ebfc2417b99dd80effbf104e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:8a:be:29:12:08:b4:df:15:74:0e:62:66:d7:
27:11:e5:24:c3:1e:95:69:76:9d:20:dd:50:66:96:
1b:cf:b0:10:77:34:c1:49:ed:0f:9e:20:6e:85:c0:
8c:b2:37:d8:25:60:61:42:7e:e4:6b:ec:b7:28:c5:
34:f5:36:81:7e:1c:d5:9d:87:b0:5b:69:8b:8f:a6:
1b:da:cb:cc:8d:9d:ea:24:54:05:2d:83:0e:de:e7:
70:40:b1:bf:55:30:0b:e2:15:ec:63:a1:7f:63:9f:
66:3c:19:3a:88:87:27:52:12:51:0c:3b:f6:e5:50:
31:c9:55:25:11:98:56:fa:d8:d2:c9:2e:35:e0:6e:
65:74:17:9c:2d:0c:48:7d:5f:6c:c3:f5:9f:ba:ce:
b1:53:6c:15:7f:95:58:c8:54:cb:d6:03:64:8a:d1:
97:93:6b:32:86:2e:75:3e:24:5a:7a:43:ee:94:9c:
dd:14:a0:39:69:f8:a1:aa:f4:07:ae:47:7b:b4:d7:
7a:36:52:d7:45:96:6c:47:2f:80:d8:2e:70:c5:15:
ef:eb:e8:bb:29:84:1c:c7:f5:2d:ee:fd:6d:f5:88:
8e:b8:09:e2:e4:13:e2:56:72:1a:28:e6:12:44:66:
05:8d:e7:9b:79:61:9a:ba:b2:c9:d8:26:0a:70:27:
c9:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:F0:B6:0B:C1:8B:4A:32:EB:FC:24:17:B9:9D:D8:0E:FF:BF:10:4E
X509v3 Authority Key Identifier:
keyid:61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:f6:94:bb:82:1b:be:91:d7:59:63:5d:6d:63:c2:cf:0c:64:
d2:73:02:e4:8f:fc:e0:7a:2f:d0:d4:6d:38:28:2b:b1:17:c7:
56:6e:71:cb:14:7b:75:3e:07:b5:b6:87:db:ed:60:c3:4b:18:
de:07:e0:01:f6:c4:15:8d:ea:26:94:28:41:89:d9:03:ce:f7:
dd:c2:b6:29:77:ba:79:b7:b2:20:18:34:01:e4:06:b9:04:3e:
d7:8f:24:30:92:a1:f8:71:33:cf:ae:22:d9:9f:2c:dc:94:96:
9e:70:f5:32:e1:16:6b:f4:2a:d4:a8:eb:78:11:37:7e:8c:22:
03:0a:32:26:a7:ca:d9:f4:18:81:06:0d:4a:f6:2c:91:21:20:
b1:25:40:3f:c5:62:80:e2:11:a9:4f:83:b7:9f:4e:49:90:fd:
a1:f5:30:2d:17:f3:16:fd:25:18:ad:a1:23:5f:65:3e:55:62:
ce:75:13:fd:37:44:84:26:1f:e2:95:07:fa:3c:e4:1f:7d:29:
6c:ef:12:ce:78:1d:f8:f9:b1:66:b8:37:03:12:d4:27:30:4f:
95:18:c0:2f:fe:fa:80:03:fb:4c:d1:1c:e0:94:53:67:3e:3e:
f6:75:da:b8:6e:65:0e:3e:15:ed:a1:5f:5e:e3:bd:81:2d:ff:
6b:fb:48:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0401oamf18pR02uMCec67HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzY4MjY4NzQzZTgyM2UwZTFjODcwMDYwYzBhMTQyMjNm
MTUxZWIwHhcNMjYwMzI5MDkwMTA4WhcNMjYwMzMwMDkwMTA4WjAzMTEwLwYDVQQD
EyhiYmYwYjYwYmMxOGI0YTMyZWJmYzI0MTdiOTlkZDgwZWZmYmYxMDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA84q+KRIItN8VdA5iZtcnEeUkwx6V
aXadIN1QZpYbz7AQdzTBSe0PniBuhcCMsjfYJWBhQn7ka+y3KMU09TaBfhzVnYew
W2mLj6Yb2svMjZ3qJFQFLYMO3udwQLG/VTAL4hXsY6F/Y59mPBk6iIcnUhJRDDv2
5VAxyVUlEZhW+tjSyS414G5ldBecLQxIfV9sw/Wfus6xU2wVf5VYyFTL1gNkitGX
k2syhi51PiRaekPulJzdFKA5afihqvQHrkd7tNd6NlLXRZZsRy+A2C5wxRXv6+i7
KYQcx/Ut7v1t9YiOuAni5BPiVnIaKOYSRGYFjeebeWGaurLJ2CYKcCfJQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLvwtgvBi0oy6/wkF7md2A7/vxBOMB8GA1UdIwQY
MBaAFGHGgmh0PoI+DhyHAGDAoUIj8VHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEt
NmQwNWMwZDBkYTZmLzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEtNmQwNWMwZDBkYTZm
LzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc/aUu4Ib
vpHXWWNdbWPCzwxk0nMC5I/84Hov0NRtOCgrsRfHVm5xyxR7dT4HtbaH2+1gw0sY
3gfgAfbEFY3qJpQoQYnZA8733cK2KXe6ebeyIBg0AeQGuQQ+148kMJKh+HEzz64i
2Z8s3JSWnnD1MuEWa/Qq1KjreBE3fowiAwoyJqfK2fQYgQYNSvYskSEgsSVAP8Vi
gOIRqU+Dt59OSZD9ofUwLRfzFv0lGK2hI19lPlViznUT/TdEhCYf4pUH+jzkH30p
bO8Szngd+PmxZrg3AxLUJzBPlRjAL/76gAP7TNEc4JRTZz4+9nXauG5lDj4V7aFf
XuO9gS3/a/tIFg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:28:19 2026 by rpki-client