Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/yxAkP5hjb6oPtsWua62bCrrSNDg.mft
File: yxAkP5hjb6oPtsWua62bCrrSNDg.mft (raw, json)
Hash identifier: Q3lx5j4XYXPwmQMwI5uzBdZYDgvqVCmxUaWFLhkRQFA=
Subject key identifier: 09:2A:3D:18:FE:1C:A8:6C:68:FE:75:FB:B8:02:89:96:10:ED:B7:A0
Authority key identifier: CB:10:24:3F:98:63:6F:AA:0F:B6:C5:AE:6B:AD:9B:0A:BA:D2:34:38
Certificate issuer: /CN=cb10243f98636faa0fb6c5ae6bad9b0abad23438
Certificate serial: 019A73381C7FA27E4BA3CE178062AB42841E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yxAkP5hjb6oPtsWua62bCrrSNDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/yxAkP5hjb6oPtsWua62bCrrSNDg.mft
Manifest number: 1031
Signing time: Tue 11 Nov 2025 14:00:48 +0000
Manifest this update: Tue 11 Nov 2025 14:00:48 +0000
Manifest next update: Wed 12 Nov 2025 14:00:48 +0000
Files and hashes: 1: mFdOLgpY75BCI6HwFdhbm64m2HU.roa (hash: dTVNpH8dt8wvAbtnwcqlrtySsedQZdW+bUyu+40b16A=)
2: yxAkP5hjb6oPtsWua62bCrrSNDg.crl (hash: FhqOGu5OyparjaZ0043gxuTqS23ZVOvvmHpf4L4eSaA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/yxAkP5hjb6oPtsWua62bCrrSNDg.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/yxAkP5hjb6oPtsWua62bCrrSNDg.mft
rsync://rpki.ripe.net/repository/DEFAULT/yxAkP5hjb6oPtsWua62bCrrSNDg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:38:1c:7f:a2:7e:4b:a3:ce:17:80:62:ab:42:84:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb10243f98636faa0fb6c5ae6bad9b0abad23438
Validity
Not Before: Nov 11 14:00:48 2025 GMT
Not After : Nov 12 14:00:48 2025 GMT
Subject: CN=092a3d18fe1ca86c68fe75fbb802899610edb7a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ca:dd:87:4d:90:c2:36:ea:5b:89:25:6e:20:
16:73:aa:41:7d:84:5b:a3:72:d4:d6:cd:09:ef:06:
99:ef:d3:6f:7b:0c:d0:27:d3:a6:cc:76:f5:ad:eb:
0b:6d:1e:55:25:79:4f:9c:32:e2:66:70:c7:fb:e3:
82:4b:7f:dd:0f:5c:e1:19:1b:8b:04:f4:8d:a2:c8:
6b:98:f7:b1:a2:96:68:85:40:16:51:0c:f1:3b:11:
91:24:b2:d2:0b:0f:75:35:cf:1c:c2:28:a7:62:1b:
ff:e8:90:56:c7:56:e7:e7:9c:65:05:b8:25:5e:da:
5c:c4:5c:38:e0:89:c7:1d:17:eb:bb:d2:9c:32:9e:
0a:62:ac:48:af:63:58:8d:7f:7b:97:98:14:58:3a:
59:af:79:3b:ed:12:18:c9:17:e3:f9:ab:22:0d:b9:
04:44:58:f8:77:13:64:8b:65:a3:ab:32:46:2e:af:
85:4d:f3:b6:4d:2d:df:6e:9d:f2:15:b7:9a:f7:f4:
65:0c:48:81:dc:0c:94:8c:57:13:de:de:88:b8:8f:
58:7f:9f:9b:12:51:77:e7:fc:eb:63:c7:55:60:6b:
10:03:fa:0e:56:65:80:07:8d:09:d5:a7:1d:95:2e:
d0:9c:98:2a:89:14:f8:df:56:e7:ba:f4:68:29:89:
14:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:2A:3D:18:FE:1C:A8:6C:68:FE:75:FB:B8:02:89:96:10:ED:B7:A0
X509v3 Authority Key Identifier:
keyid:CB:10:24:3F:98:63:6F:AA:0F:B6:C5:AE:6B:AD:9B:0A:BA:D2:34:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yxAkP5hjb6oPtsWua62bCrrSNDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/yxAkP5hjb6oPtsWua62bCrrSNDg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/yxAkP5hjb6oPtsWua62bCrrSNDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:76:c1:41:76:b7:02:f1:93:30:4b:9a:42:d6:87:c3:60:68:
33:e6:4f:49:97:27:ee:23:e9:50:6e:01:94:36:cb:94:ce:36:
a9:c7:f9:8f:97:c3:d6:d4:55:10:d8:13:0f:66:1c:cd:50:40:
4b:a2:cb:e3:99:b6:a2:43:f2:39:13:90:94:a7:34:8f:57:08:
80:9d:b4:3d:67:79:47:df:fb:b5:61:d5:63:66:35:d2:5a:b1:
4f:46:5c:7d:e3:12:c3:dd:c9:fc:32:26:14:b6:70:67:1c:51:
a4:a4:5e:a9:c7:a2:ba:b0:b9:0d:e5:5c:13:eb:f9:98:69:18:
50:cc:1b:1c:01:07:cd:09:0d:ed:29:bd:22:87:ce:d7:27:4c:
62:ee:fe:20:83:47:9f:4c:71:10:16:a4:0c:c3:95:97:de:83:
99:c3:53:ef:e1:3f:0f:e4:6e:de:a7:71:31:b8:23:3e:ad:7b:
c7:3e:87:dc:5e:4b:85:26:ed:e5:da:c4:a9:b2:c9:8f:ef:e6:
eb:b8:ca:0c:91:28:2d:5c:ff:0c:87:8f:ae:50:f2:a6:5e:76:
6e:b6:8d:6d:b4:55:1c:e0:74:8e:a2:3f:a1:dd:cf:da:ef:58:
3f:e4:a0:b3:7a:20:78:8f:b9:de:66:5c:33:71:2a:24:69:a5:
19:b9:2b:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzOBx/on5Lo84XgGKrQoQeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMTAyNDNmOTg2MzZmYWEwZmI2YzVhZTZiYWQ5YjBhYmFk
MjM0MzgwHhcNMjUxMTExMTQwMDQ4WhcNMjUxMTEyMTQwMDQ4WjAzMTEwLwYDVQQD
EygwOTJhM2QxOGZlMWNhODZjNjhmZTc1ZmJiODAyODk5NjEwZWRiN2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Mrdh02QwjbqW4klbiAWc6pBfYRb
o3LU1s0J7waZ79NvewzQJ9OmzHb1resLbR5VJXlPnDLiZnDH++OCS3/dD1zhGRuL
BPSNoshrmPexopZohUAWUQzxOxGRJLLSCw91Nc8cwiinYhv/6JBWx1bn55xlBbgl
XtpcxFw44InHHRfru9KcMp4KYqxIr2NYjX97l5gUWDpZr3k77RIYyRfj+asiDbkE
RFj4dxNki2WjqzJGLq+FTfO2TS3fbp3yFbea9/RlDEiB3AyUjFcT3t6IuI9Yf5+b
ElF35/zrY8dVYGsQA/oOVmWAB40J1acdlS7QnJgqiRT431bnuvRoKYkUOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAkqPRj+HKhsaP51+7gCiZYQ7begMB8GA1UdIwQY
MBaAFMsQJD+YY2+qD7bFrmutmwq60jQ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXhBa1A1aGpiNm9QdHNXdWE2MmJDcnJTTkRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9mOGViOWMtNWI5OS00Y2VmLTkzZjAt
NDhmMTUxYjUyMzFmLzEveXhBa1A1aGpiNm9QdHNXdWE2MmJDcnJTTkRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9mOGViOWMtNWI5OS00Y2VmLTkzZjAtNDhmMTUxYjUyMzFm
LzEveXhBa1A1aGpiNm9QdHNXdWE2MmJDcnJTTkRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX3bBQXa3
AvGTMEuaQtaHw2BoM+ZPSZcn7iPpUG4BlDbLlM42qcf5j5fD1tRVENgTD2YczVBA
S6LL45m2okPyOROQlKc0j1cIgJ20PWd5R9/7tWHVY2Y10lqxT0ZcfeMSw93J/DIm
FLZwZxxRpKReqceiurC5DeVcE+v5mGkYUMwbHAEHzQkN7Sm9IofO1ydMYu7+IINH
n0xxEBakDMOVl96DmcNT7+E/D+Ru3qdxMbgjPq17xz6H3F5LhSbt5drEqbLJj+/m
67jKDJEoLVz/DIePrlDypl52braNbbRVHOB0jqI/od3P2u9YP+Sgs3ogeI+53mZc
M3EqJGmlGbkr6w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:56:34 2025 by rpki-client