Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/yxAkP5hjb6oPtsWua62bCrrSNDg.mft
File: yxAkP5hjb6oPtsWua62bCrrSNDg.mft (raw, json)
Hash identifier: x5myp8HPBiXvBWzemw76e8yw8tkiY8N2e/pGSMDy79U=
Subject key identifier: FF:EF:A4:A0:A2:98:3F:02:1C:15:BE:A2:70:B2:16:61:2B:BB:F8:9A
Authority key identifier: CB:10:24:3F:98:63:6F:AA:0F:B6:C5:AE:6B:AD:9B:0A:BA:D2:34:38
Certificate issuer: /CN=cb10243f98636faa0fb6c5ae6bad9b0abad23438
Certificate serial: 019D389C4EFBBFE5D625CEC19AA4D119FB92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yxAkP5hjb6oPtsWua62bCrrSNDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/yxAkP5hjb6oPtsWua62bCrrSNDg.mft
Manifest number: 11A1
Signing time: Sun 29 Mar 2026 08:01:01 +0000
Manifest this update: Sun 29 Mar 2026 08:01:01 +0000
Manifest next update: Mon 30 Mar 2026 08:01:01 +0000
Files and hashes: 1: EqMzjpZI_PA25pj2HGjF-sxEQuw.roa (hash: Q+Tx0hJ38g+PHWlMRUIi6h6t6P6zwUEAYvtkrEbFArY=)
2: yxAkP5hjb6oPtsWua62bCrrSNDg.crl (hash: Gl7pFWe62RowB3uAvrkAsmd2p0JXPg2zmKcLEHt4WsU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/yxAkP5hjb6oPtsWua62bCrrSNDg.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/yxAkP5hjb6oPtsWua62bCrrSNDg.mft
rsync://rpki.ripe.net/repository/DEFAULT/yxAkP5hjb6oPtsWua62bCrrSNDg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:4e:fb:bf:e5:d6:25:ce:c1:9a:a4:d1:19:fb:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb10243f98636faa0fb6c5ae6bad9b0abad23438
Validity
Not Before: Mar 29 08:01:01 2026 GMT
Not After : Mar 30 08:01:01 2026 GMT
Subject: CN=ffefa4a0a2983f021c15bea270b216612bbbf89a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e5:2e:84:fd:95:98:c9:88:d6:19:6a:06:89:
d8:a1:20:46:24:f3:40:be:79:d3:9c:4d:b9:7b:a9:
c4:4f:2b:b9:a9:8e:58:dd:25:d2:56:b8:f3:33:1a:
ec:bb:23:e6:34:26:b9:91:53:d7:84:72:12:9a:66:
02:86:93:0f:9c:92:e9:70:7a:60:13:bc:ed:26:e9:
6e:99:86:41:33:08:66:b5:dd:b9:ee:f3:9b:52:d2:
1a:fe:35:e9:dc:74:3b:26:2c:d9:eb:dd:83:41:4e:
f4:1d:8e:7f:96:ca:56:a5:a2:fa:da:d5:e2:98:96:
e8:65:67:be:76:f4:f3:ee:c5:41:a9:de:fa:23:fe:
6b:81:9c:7d:b9:c0:ff:88:6f:29:21:bc:03:74:14:
6c:81:71:c7:8c:36:7c:39:08:61:4f:45:e8:b1:32:
86:33:ba:e8:2e:27:ed:83:ab:60:93:6c:a8:5d:cc:
ac:31:a9:4c:f1:cf:c8:0a:7f:0b:0e:cc:57:8e:1f:
f3:3f:0b:2d:f6:fb:ab:a3:e2:90:03:0f:f2:3c:08:
52:92:04:94:d0:2a:ed:c0:bf:48:04:f8:40:e6:55:
88:d7:f5:7e:4b:fd:98:03:32:43:dc:f9:77:98:f6:
82:f6:73:0e:6d:b3:89:6b:57:c8:4c:17:a3:fc:4e:
64:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:EF:A4:A0:A2:98:3F:02:1C:15:BE:A2:70:B2:16:61:2B:BB:F8:9A
X509v3 Authority Key Identifier:
keyid:CB:10:24:3F:98:63:6F:AA:0F:B6:C5:AE:6B:AD:9B:0A:BA:D2:34:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yxAkP5hjb6oPtsWua62bCrrSNDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/yxAkP5hjb6oPtsWua62bCrrSNDg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/yxAkP5hjb6oPtsWua62bCrrSNDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:63:71:ad:c2:d7:76:d2:87:a9:43:35:0e:5e:f2:fe:92:1d:
d5:d6:39:01:4f:6a:98:43:c6:bd:0a:6b:13:f4:8f:cf:78:84:
68:8a:1f:54:bc:87:ab:28:af:1b:35:98:fa:3d:09:e8:1f:5f:
3c:25:2b:e4:58:af:34:4a:dc:45:8d:1e:43:40:39:5f:f2:c3:
84:ae:47:bf:ee:5b:f8:f7:e3:5b:f8:2e:c3:27:6b:25:a3:be:
2d:42:8c:d8:19:85:08:ef:0b:f6:d6:28:f7:48:ed:22:d1:cf:
59:ce:23:ce:9d:d6:36:6d:6f:b6:74:22:1b:10:75:dc:9f:cd:
f9:4d:36:4c:fa:2e:a7:c2:fc:54:76:ad:13:7b:42:e8:77:59:
87:13:26:5a:4c:a8:9c:ca:0f:87:2a:cf:35:ce:41:23:ec:76:
69:9b:de:9c:b2:3b:5e:20:0f:1e:95:b7:5f:6c:95:55:e9:25:
ec:e1:25:ea:f3:4c:f6:03:9c:04:75:00:57:ff:11:fa:c9:0a:
ea:c5:fa:16:b0:d7:b0:3f:97:bb:34:4d:74:ec:47:b9:08:19:
b2:84:bc:6d:18:9d:87:93:65:54:97:e0:dd:48:95:49:85:73:
e4:ac:7d:c0:fb:a6:c5:42:f1:e7:36:9a:e4:8d:4c:81:b0:05:
41:f9:de:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nE77v+XWJc7BmqTRGfuSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMTAyNDNmOTg2MzZmYWEwZmI2YzVhZTZiYWQ5YjBhYmFk
MjM0MzgwHhcNMjYwMzI5MDgwMTAxWhcNMjYwMzMwMDgwMTAxWjAzMTEwLwYDVQQD
EyhmZmVmYTRhMGEyOTgzZjAyMWMxNWJlYTI3MGIyMTY2MTJiYmJmODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuUuhP2VmMmI1hlqBonYoSBGJPNA
vnnTnE25e6nETyu5qY5Y3SXSVrjzMxrsuyPmNCa5kVPXhHISmmYChpMPnJLpcHpg
E7ztJulumYZBMwhmtd257vObUtIa/jXp3HQ7JizZ692DQU70HY5/lspWpaL62tXi
mJboZWe+dvTz7sVBqd76I/5rgZx9ucD/iG8pIbwDdBRsgXHHjDZ8OQhhT0XosTKG
M7roLiftg6tgk2yoXcysMalM8c/ICn8LDsxXjh/zPwst9vuro+KQAw/yPAhSkgSU
0CrtwL9IBPhA5lWI1/V+S/2YAzJD3Pl3mPaC9nMObbOJa1fITBej/E5kXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP/vpKCimD8CHBW+onCyFmEru/iaMB8GA1UdIwQY
MBaAFMsQJD+YY2+qD7bFrmutmwq60jQ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXhBa1A1aGpiNm9QdHNXdWE2MmJDcnJTTkRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9mOGViOWMtNWI5OS00Y2VmLTkzZjAt
NDhmMTUxYjUyMzFmLzEveXhBa1A1aGpiNm9QdHNXdWE2MmJDcnJTTkRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9mOGViOWMtNWI5OS00Y2VmLTkzZjAtNDhmMTUxYjUyMzFm
LzEveXhBa1A1aGpiNm9QdHNXdWE2MmJDcnJTTkRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEWNxrcLX
dtKHqUM1Dl7y/pId1dY5AU9qmEPGvQprE/SPz3iEaIofVLyHqyivGzWY+j0J6B9f
PCUr5FivNErcRY0eQ0A5X/LDhK5Hv+5b+PfjW/guwydrJaO+LUKM2BmFCO8L9tYo
90jtItHPWc4jzp3WNm1vtnQiGxB13J/N+U02TPoup8L8VHatE3tC6HdZhxMmWkyo
nMoPhyrPNc5BI+x2aZvenLI7XiAPHpW3X2yVVekl7OEl6vNM9gOcBHUAV/8R+skK
6sX6FrDXsD+XuzRNdOxHuQgZsoS8bRidh5NlVJfg3UiVSYVz5Kx9wPumxULx5zaa
5I1MgbAFQfnetA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:44:31 2026 by rpki-client