Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
File: YcaCaHQ-gj4OHIcAYMChQiPxUes.mft (raw, json)
Hash identifier: PXUFJ4heJunJ4StXPVtD8PCk5yoQnOmdY8YTrykmJeU=
Subject key identifier: B6:5A:46:7E:22:52:A5:BF:15:44:A5:B5:90:AB:A0:9E:5B:31:19:0E
Authority key identifier: 61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
Certificate issuer: /CN=61c68268743e823e0e1c870060c0a14223f151eb
Certificate serial: 0199239F202E247DDC84F0FC8B77EA4AF323
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
Manifest number: 1671
Signing time: Sun 07 Sep 2025 10:00:54 +0000
Manifest this update: Sun 07 Sep 2025 10:00:54 +0000
Manifest next update: Mon 08 Sep 2025 10:00:54 +0000
Files and hashes: 1: KXik7lH7rXobKNDojQJvsYz5RkY.roa (hash: OmHOyyMTUBadMMSlHfFTN/cjiEKBhDbZve1q3aoF8Wg=)
2: YcaCaHQ-gj4OHIcAYMChQiPxUes.crl (hash: +0tUSSZ3dy46HnIKHvrjAWIwgitVIWj0NXti7uqUaXg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:9f:20:2e:24:7d:dc:84:f0:fc:8b:77:ea:4a:f3:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61c68268743e823e0e1c870060c0a14223f151eb
Validity
Not Before: Sep 7 10:00:54 2025 GMT
Not After : Sep 8 10:00:54 2025 GMT
Subject: CN=b65a467e2252a5bf1544a5b590aba09e5b31190e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:22:c9:b2:d8:af:23:ea:4b:a5:69:cc:8d:6a:
10:b0:f1:e0:60:c9:23:5b:94:f8:16:88:34:c4:c1:
44:4d:ad:6e:0e:23:2a:91:12:08:21:f1:3a:5c:b3:
e4:26:d9:74:3f:f1:cf:bc:d9:fe:c3:8f:f0:f2:ec:
31:59:37:4e:b1:40:11:95:cc:87:24:d1:35:b2:f9:
49:bc:63:66:ed:85:9c:5c:5d:49:73:27:d8:fe:9b:
7c:5c:8a:86:8f:ec:38:91:13:ef:48:11:f7:a9:ee:
42:d2:57:1a:5c:3f:ad:fe:65:8c:7d:db:ea:11:3d:
e9:c8:a0:22:c0:a1:33:e0:b3:88:6e:9d:cc:d3:d4:
6e:42:67:c5:ce:31:cb:7c:8e:09:4a:15:5f:4b:1b:
9a:29:47:c2:51:70:c7:b8:58:b8:6d:18:ca:a7:e9:
58:15:ee:85:94:c1:f7:e3:17:8f:4a:8e:30:b7:44:
89:44:79:06:80:66:80:d4:5a:63:21:ac:88:36:60:
59:3f:cd:77:f7:e9:e1:fe:69:a5:91:df:28:4d:78:
43:c4:51:a1:73:a2:7e:b9:7a:5d:fb:46:56:1e:38:
b9:c7:e7:b7:50:1b:1f:d3:31:98:cb:7c:8e:e0:62:
09:c3:34:a0:6a:83:a9:7a:92:1f:79:69:98:f8:0d:
74:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:5A:46:7E:22:52:A5:BF:15:44:A5:B5:90:AB:A0:9E:5B:31:19:0E
X509v3 Authority Key Identifier:
keyid:61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:96:65:5f:98:c6:f4:e0:0f:2e:98:53:da:15:a2:f1:51:a4:
c2:c2:cc:ee:7c:fc:fe:9a:29:b5:3b:21:41:5a:c8:31:d4:86:
33:9b:7c:55:8e:7f:f3:be:a4:89:ce:09:0e:65:ca:78:b9:9c:
0c:40:03:26:76:d3:b0:5e:6c:b4:e1:a7:c8:81:ff:57:73:41:
42:24:00:36:39:b9:26:4f:3f:53:c2:cc:35:c2:b5:8e:01:ff:
c7:b8:60:1f:7c:d0:39:e3:c8:21:b3:a2:02:44:7c:66:a3:a0:
f8:db:c6:56:fd:35:2c:4b:63:86:7b:8e:71:44:03:5d:7f:ec:
59:d4:09:9b:d7:43:4e:c9:c1:ed:6a:a4:4d:b1:0a:15:c1:87:
4f:00:22:c0:7a:f7:aa:7c:02:59:80:7d:49:2c:8b:9b:47:ad:
94:a4:67:63:15:3e:5e:7d:38:1e:bc:27:4a:ac:27:af:ce:31:
62:ba:fe:ef:85:d9:3c:13:31:a8:03:55:05:01:07:a8:41:ab:
53:f6:9c:fe:9e:5c:3f:cd:02:da:39:ec:10:49:e2:69:1f:17:
b9:1f:84:9e:fd:48:76:79:9a:cc:f1:63:71:dc:26:8f:c9:df:
d7:06:b9:2a:85:d4:c1:be:9c:03:72:e0:fd:c6:23:07:1d:ea:
27:52:2d:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnyAuJH3chPD8i3fqSvMjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzY4MjY4NzQzZTgyM2UwZTFjODcwMDYwYzBhMTQyMjNm
MTUxZWIwHhcNMjUwOTA3MTAwMDU0WhcNMjUwOTA4MTAwMDU0WjAzMTEwLwYDVQQD
EyhiNjVhNDY3ZTIyNTJhNWJmMTU0NGE1YjU5MGFiYTA5ZTViMzExOTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSLJstivI+pLpWnMjWoQsPHgYMkj
W5T4Fog0xMFETa1uDiMqkRIIIfE6XLPkJtl0P/HPvNn+w4/w8uwxWTdOsUARlcyH
JNE1svlJvGNm7YWcXF1JcyfY/pt8XIqGj+w4kRPvSBH3qe5C0lcaXD+t/mWMfdvq
ET3pyKAiwKEz4LOIbp3M09RuQmfFzjHLfI4JShVfSxuaKUfCUXDHuFi4bRjKp+lY
Fe6FlMH34xePSo4wt0SJRHkGgGaA1FpjIayINmBZP8139+nh/mmlkd8oTXhDxFGh
c6J+uXpd+0ZWHji5x+e3UBsf0zGYy3yO4GIJwzSgaoOpepIfeWmY+A10UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLZaRn4iUqW/FUSltZCroJ5bMRkOMB8GA1UdIwQY
MBaAFGHGgmh0PoI+DhyHAGDAoUIj8VHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEt
NmQwNWMwZDBkYTZmLzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEtNmQwNWMwZDBkYTZm
LzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMZZlX5jG
9OAPLphT2hWi8VGkwsLM7nz8/poptTshQVrIMdSGM5t8VY5/876kic4JDmXKeLmc
DEADJnbTsF5stOGnyIH/V3NBQiQANjm5Jk8/U8LMNcK1jgH/x7hgH3zQOePIIbOi
AkR8ZqOg+NvGVv01LEtjhnuOcUQDXX/sWdQJm9dDTsnB7WqkTbEKFcGHTwAiwHr3
qnwCWYB9SSyLm0etlKRnYxU+Xn04HrwnSqwnr84xYrr+74XZPBMxqANVBQEHqEGr
U/ac/p5cP80C2jnsEEniaR8XuR+Env1IdnmazPFjcdwmj8nf1wa5KoXUwb6cA3Lg
/cYjBx3qJ1ItbQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:50:23 2025 by rpki-client