Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
File: YcaCaHQ-gj4OHIcAYMChQiPxUes.mft (raw, json)
Hash identifier: RKHktQUWU87syYAyAMZiLLh5CcaFPS+aMl3Jd9YLecU=
Subject key identifier: B1:45:18:4D:83:63:CC:72:EB:73:C9:0F:64:C1:2B:A1:A8:B9:58:43
Authority key identifier: 61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
Certificate issuer: /CN=61c68268743e823e0e1c870060c0a14223f151eb
Certificate serial: 019A71B7C38256B3672715CCC988F9AACAE7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 07:00:59 +0000
Manifest this update: Tue 11 Nov 2025 07:00:59 +0000
Manifest next update: Wed 12 Nov 2025 07:00:59 +0000
Files and hashes: 1: KXik7lH7rXobKNDojQJvsYz5RkY.roa (hash: OmHOyyMTUBadMMSlHfFTN/cjiEKBhDbZve1q3aoF8Wg=)
2: YcaCaHQ-gj4OHIcAYMChQiPxUes.crl (hash: XUBunHl6tPSKgNyoSI+inPvN+pHHxuzJYBm+YwQ4CBI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:c3:82:56:b3:67:27:15:cc:c9:88:f9:aa:ca:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61c68268743e823e0e1c870060c0a14223f151eb
Validity
Not Before: Nov 11 07:00:59 2025 GMT
Not After : Nov 12 07:00:59 2025 GMT
Subject: CN=b145184d8363cc72eb73c90f64c12ba1a8b95843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ae:eb:de:84:d2:1f:20:72:7d:fb:ed:3c:a3:
e3:28:ad:c8:a7:51:b5:05:c5:34:c5:b7:fe:aa:5c:
45:e2:35:19:92:cd:9b:f1:94:4b:09:59:ed:3a:b7:
ca:a3:0d:dd:2d:df:fe:b5:51:f0:3f:a4:a5:f2:6d:
eb:ec:28:77:6a:a9:3b:36:4e:6f:1c:e8:0c:76:a7:
79:d1:c4:e1:91:d1:b1:1c:db:b4:ab:39:eb:09:2f:
52:6a:a8:a1:26:02:bb:79:64:f9:d3:b3:36:25:91:
a4:8d:51:82:f1:b8:84:53:b5:fd:20:3e:53:3a:95:
00:7e:d7:5a:4e:63:19:a4:1b:11:6d:2a:fa:b1:a4:
df:3f:7c:59:32:9e:2d:62:44:82:c8:a0:53:f4:10:
bf:18:f0:3a:a2:e4:aa:b7:a8:42:08:c7:0e:29:76:
c0:84:33:3a:04:0e:0e:22:ca:6c:21:87:4e:55:e3:
39:fe:81:4c:11:b5:7b:1b:a9:28:b3:af:bf:8c:ed:
42:2c:e9:88:f3:46:4d:bb:82:7b:8d:bf:1d:1c:72:
aa:12:5a:13:6b:25:21:fc:54:3e:cf:18:5a:7c:ac:
ea:86:4c:b7:d4:51:87:ba:b3:7e:26:3d:43:1e:1c:
21:64:14:e6:1f:28:04:ff:ee:04:77:26:15:56:8a:
6d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:45:18:4D:83:63:CC:72:EB:73:C9:0F:64:C1:2B:A1:A8:B9:58:43
X509v3 Authority Key Identifier:
keyid:61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:8d:d5:5c:cb:5b:42:c6:da:8b:69:12:c4:eb:de:06:d1:19:
c1:ad:78:59:61:41:7e:e9:c7:a5:80:8a:c6:11:d6:db:58:2c:
84:79:09:30:4a:ca:80:ad:c1:f0:18:98:a2:b1:f5:cc:0e:c1:
71:5c:b9:e7:2c:da:67:b3:a5:e4:3c:89:dc:a5:5f:2a:e6:4e:
43:d6:ea:7e:76:da:ac:35:cb:f8:95:76:89:89:00:4c:5d:92:
2d:d2:5f:3c:21:2e:87:1c:be:c0:e8:65:07:30:bf:6b:86:cd:
2b:b6:f5:36:cf:58:54:57:4a:75:c2:15:39:de:2c:8b:cb:16:
86:10:ec:a0:ce:f0:f3:69:9e:04:bc:36:a2:9b:66:ad:58:41:
b2:06:15:60:e4:bf:1d:48:0c:29:49:0a:64:3a:3d:d2:6a:76:
54:cd:33:18:88:99:3b:05:38:40:c3:91:5d:21:05:61:a0:54:
42:c7:59:82:db:c5:f1:b9:5a:a8:a6:3c:89:c5:83:4d:cd:85:
fd:5c:75:bc:e0:a5:fa:08:06:e7:71:0c:64:78:b4:de:ab:a5:
04:fd:6e:5f:d1:e7:95:73:66:63:70:ad:c0:89:53:49:d7:c4:
d4:88:c3:11:41:bc:9c:65:12:fe:93:3f:f0:b3:cb:99:58:fd:
7d:58:04:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt8OCVrNnJxXMyYj5qsrnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzY4MjY4NzQzZTgyM2UwZTFjODcwMDYwYzBhMTQyMjNm
MTUxZWIwHhcNMjUxMTExMDcwMDU5WhcNMjUxMTEyMDcwMDU5WjAzMTEwLwYDVQQD
EyhiMTQ1MTg0ZDgzNjNjYzcyZWI3M2M5MGY2NGMxMmJhMWE4Yjk1ODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtK7r3oTSHyByffvtPKPjKK3Ip1G1
BcU0xbf+qlxF4jUZks2b8ZRLCVntOrfKow3dLd/+tVHwP6Sl8m3r7Ch3aqk7Nk5v
HOgMdqd50cThkdGxHNu0qznrCS9SaqihJgK7eWT507M2JZGkjVGC8biEU7X9ID5T
OpUAftdaTmMZpBsRbSr6saTfP3xZMp4tYkSCyKBT9BC/GPA6ouSqt6hCCMcOKXbA
hDM6BA4OIspsIYdOVeM5/oFMEbV7G6kos6+/jO1CLOmI80ZNu4J7jb8dHHKqEloT
ayUh/FQ+zxhafKzqhky31FGHurN+Jj1DHhwhZBTmHygE/+4EdyYVVoptRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLFFGE2DY8xy63PJD2TBK6GouVhDMB8GA1UdIwQY
MBaAFGHGgmh0PoI+DhyHAGDAoUIj8VHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEt
NmQwNWMwZDBkYTZmLzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEtNmQwNWMwZDBkYTZm
LzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbI3VXMtb
Qsbai2kSxOveBtEZwa14WWFBfunHpYCKxhHW21gshHkJMErKgK3B8BiYorH1zA7B
cVy55yzaZ7Ol5DyJ3KVfKuZOQ9bqfnbarDXL+JV2iYkATF2SLdJfPCEuhxy+wOhl
BzC/a4bNK7b1Ns9YVFdKdcIVOd4si8sWhhDsoM7w82meBLw2optmrVhBsgYVYOS/
HUgMKUkKZDo90mp2VM0zGIiZOwU4QMORXSEFYaBUQsdZgtvF8blaqKY8icWDTc2F
/Vx1vOCl+ggG53EMZHi03qulBP1uX9HnlXNmY3CtwIlTSdfE1IjDEUG8nGUS/pM/
8LPLmVj9fVgEaQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:48:54 2025 by rpki-client