Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/b0dcda-a37e-4703-8d5a-9aad903a7276/1/ygkUnzR4T1sgLFZ2GwHTXdAlac0.mft
File: ygkUnzR4T1sgLFZ2GwHTXdAlac0.mft (raw, json)
Hash identifier: KMzeFmnTwoGiLHyKfkI4Re3lAApSGdJjURjMPdCkAKQ=
Subject key identifier: 2A:2F:4B:65:64:B8:81:6E:22:70:4F:9F:D3:64:35:79:8E:65:AD:B3
Authority key identifier: CA:09:14:9F:34:78:4F:5B:20:2C:56:76:1B:01:D3:5D:D0:25:69:CD
Certificate issuer: /CN=ca09149f34784f5b202c56761b01d35dd02569cd
Certificate serial: 019A72934F945290B4CD86DAE4DB08553141
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygkUnzR4T1sgLFZ2GwHTXdAlac0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/b0dcda-a37e-4703-8d5a-9aad903a7276/1/ygkUnzR4T1sgLFZ2GwHTXdAlac0.mft
Manifest number: 04C2
Signing time: Tue 11 Nov 2025 11:00:48 +0000
Manifest this update: Tue 11 Nov 2025 11:00:48 +0000
Manifest next update: Wed 12 Nov 2025 11:00:48 +0000
Files and hashes: 1: 9hSS_TvQhCvC8fhsSyJYV-rq3kg.roa (hash: IKnNzHp7XVRMYKLUBlGGbOEdrSNJK7VVnYm2JR8nfXc=)
2: ygkUnzR4T1sgLFZ2GwHTXdAlac0.crl (hash: CMg6ffLiXfWzKoVTkfal2AWrEHApZoC1yq2P/rEC0aw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/b0dcda-a37e-4703-8d5a-9aad903a7276/1/ygkUnzR4T1sgLFZ2GwHTXdAlac0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/b0dcda-a37e-4703-8d5a-9aad903a7276/1/ygkUnzR4T1sgLFZ2GwHTXdAlac0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ygkUnzR4T1sgLFZ2GwHTXdAlac0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:4f:94:52:90:b4:cd:86:da:e4:db:08:55:31:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca09149f34784f5b202c56761b01d35dd02569cd
Validity
Not Before: Nov 11 11:00:48 2025 GMT
Not After : Nov 12 11:00:48 2025 GMT
Subject: CN=2a2f4b6564b8816e22704f9fd36435798e65adb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6f:5f:3b:36:e4:1d:36:55:7d:08:24:2e:df:
dc:7c:5c:ab:13:cc:6e:3b:1d:73:a3:1b:0c:42:8d:
cf:a2:7c:9e:66:d3:e0:c5:04:18:a4:3d:92:16:62:
95:7e:6e:12:02:37:96:44:ac:7b:d9:92:ed:25:82:
35:cc:2c:5a:af:8d:0c:3f:b2:95:54:89:dc:16:00:
90:67:e8:6e:8f:a9:28:71:6b:b7:09:0c:67:b7:cb:
ca:8e:74:65:e2:1f:9a:c1:f3:66:56:b0:c8:6b:06:
71:72:7a:2b:f3:b3:da:ea:4d:a8:2f:99:ad:c9:92:
f2:08:84:7e:45:4f:55:a0:81:2a:58:e2:dd:eb:58:
f3:41:aa:49:63:d2:f1:15:67:93:24:3a:60:a6:91:
38:47:96:cd:59:14:f2:06:f3:79:3b:62:a7:f5:b0:
37:85:f9:3b:6e:e5:ab:14:d5:34:36:79:7f:94:48:
6f:a1:3a:d9:f1:83:39:f4:19:d8:94:6e:13:44:52:
9f:f3:74:91:bf:b5:ee:a9:f5:84:cd:ab:6c:c1:d4:
e2:12:e9:93:04:8f:fc:4e:c8:14:e1:07:b4:32:55:
7f:57:78:14:d5:3a:61:10:44:43:fe:bc:48:03:f4:
5c:8b:07:52:14:a1:63:50:46:49:10:ae:56:0e:1e:
a9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:2F:4B:65:64:B8:81:6E:22:70:4F:9F:D3:64:35:79:8E:65:AD:B3
X509v3 Authority Key Identifier:
keyid:CA:09:14:9F:34:78:4F:5B:20:2C:56:76:1B:01:D3:5D:D0:25:69:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygkUnzR4T1sgLFZ2GwHTXdAlac0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b0dcda-a37e-4703-8d5a-9aad903a7276/1/ygkUnzR4T1sgLFZ2GwHTXdAlac0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b0dcda-a37e-4703-8d5a-9aad903a7276/1/ygkUnzR4T1sgLFZ2GwHTXdAlac0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:5f:af:07:5d:11:21:e3:32:06:4b:7e:3b:e2:8d:64:51:7c:
83:de:b0:70:1d:aa:46:77:cb:11:ed:17:9c:38:66:26:22:5e:
dc:ba:18:9e:11:89:21:25:24:47:dd:5a:38:57:b9:95:6f:ea:
de:e3:3a:f3:79:84:ce:b9:55:b0:dd:af:fb:16:0b:8d:39:2b:
b3:4b:37:01:59:00:01:fe:0a:a3:64:9c:49:d2:9e:cc:32:57:
cd:33:42:3e:d1:b3:f7:4d:7d:02:5d:be:d4:08:5d:c1:84:c2:
ba:d9:4f:b4:0f:c7:9a:da:4e:55:f0:9b:25:09:02:fe:61:b8:
58:6b:95:da:f4:3d:57:f6:c6:79:f5:f8:83:69:90:5a:0d:83:
7e:59:a9:2a:55:42:b7:e6:c9:08:02:aa:10:d3:1a:ba:22:e9:
a6:aa:2c:e5:0d:e5:e4:0e:57:84:23:0a:01:c0:f8:fb:7a:d8:
7b:b2:53:db:0d:6d:60:cc:54:02:fa:80:9a:ca:7b:48:a5:30:
91:5f:f2:3c:a6:81:e1:0c:d0:54:01:89:b3:fd:0a:f4:75:23:
db:53:3b:95:4f:6f:e3:b6:ee:e9:d7:c2:4b:3f:41:da:86:69:
14:af:8a:4b:af:36:39:fd:38:2d:26:d0:79:96:89:54:f0:ee:
9c:17:16:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk0+UUpC0zYba5NsIVTFBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMDkxNDlmMzQ3ODRmNWIyMDJjNTY3NjFiMDFkMzVkZDAy
NTY5Y2QwHhcNMjUxMTExMTEwMDQ4WhcNMjUxMTEyMTEwMDQ4WjAzMTEwLwYDVQQD
EygyYTJmNGI2NTY0Yjg4MTZlMjI3MDRmOWZkMzY0MzU3OThlNjVhZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtG9fOzbkHTZVfQgkLt/cfFyrE8xu
Ox1zoxsMQo3PonyeZtPgxQQYpD2SFmKVfm4SAjeWRKx72ZLtJYI1zCxar40MP7KV
VIncFgCQZ+huj6kocWu3CQxnt8vKjnRl4h+awfNmVrDIawZxcnor87Pa6k2oL5mt
yZLyCIR+RU9VoIEqWOLd61jzQapJY9LxFWeTJDpgppE4R5bNWRTyBvN5O2Kn9bA3
hfk7buWrFNU0Nnl/lEhvoTrZ8YM59BnYlG4TRFKf83SRv7XuqfWEzatswdTiEumT
BI/8TsgU4Qe0MlV/V3gU1TphEERD/rxIA/RciwdSFKFjUEZJEK5WDh6pTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCovS2VkuIFuInBPn9NkNXmOZa2zMB8GA1UdIwQY
MBaAFMoJFJ80eE9bICxWdhsB013QJWnNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWdrVW56UjRUMXNnTEZaMkd3SFRYZEFsYWMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9iMGRjZGEtYTM3ZS00NzAzLThkNWEt
OWFhZDkwM2E3Mjc2LzEveWdrVW56UjRUMXNnTEZaMkd3SFRYZEFsYWMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9iMGRjZGEtYTM3ZS00NzAzLThkNWEtOWFhZDkwM2E3Mjc2
LzEveWdrVW56UjRUMXNnTEZaMkd3SFRYZEFsYWMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfF+vB10R
IeMyBkt+O+KNZFF8g96wcB2qRnfLEe0XnDhmJiJe3LoYnhGJISUkR91aOFe5lW/q
3uM683mEzrlVsN2v+xYLjTkrs0s3AVkAAf4Ko2ScSdKezDJXzTNCPtGz9019Al2+
1AhdwYTCutlPtA/HmtpOVfCbJQkC/mG4WGuV2vQ9V/bGefX4g2mQWg2DflmpKlVC
t+bJCAKqENMauiLppqos5Q3l5A5XhCMKAcD4+3rYe7JT2w1tYMxUAvqAmsp7SKUw
kV/yPKaB4QzQVAGJs/0K9HUj21M7lU9v47bu6dfCSz9B2oZpFK+KS682Of04LSbQ
eZaJVPDunBcWxg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:02:32 2025 by rpki-client