Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/685c99-cfdf-42a0-8436-d297db230a14/1/yABBYZAh42MorViY6Jl4cEa48Pk.mft
File: yABBYZAh42MorViY6Jl4cEa48Pk.mft (raw, json)
Hash identifier: fZNsmSQm34DmGG4iIY9IKTuJRsPOjMJBiimR0f4QFCQ=
Subject key identifier: 29:1C:D2:3F:B7:25:6F:41:94:33:59:12:A4:E2:35:10:DA:8C:ED:24
Authority key identifier: C8:00:41:61:90:21:E3:63:28:AD:58:98:E8:99:78:70:46:B8:F0:F9
Certificate issuer: /CN=c80041619021e36328ad5898e899787046b8f0f9
Certificate serial: 019D3AF862E44C9E1E0E6978F6DFECBC2A3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yABBYZAh42MorViY6Jl4cEa48Pk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/685c99-cfdf-42a0-8436-d297db230a14/1/yABBYZAh42MorViY6Jl4cEa48Pk.mft
Manifest number: 0920
Signing time: Sun 29 Mar 2026 19:00:49 +0000
Manifest this update: Sun 29 Mar 2026 19:00:49 +0000
Manifest next update: Mon 30 Mar 2026 19:00:49 +0000
Files and hashes: 1: BwXbiOo4RjFVj5Dj5ubs0OzhTEg.roa (hash: D/nZqGZDiargJ1WjN4WGCYH05fUuLBJs9tc1eSlRvy8=)
2: yABBYZAh42MorViY6Jl4cEa48Pk.crl (hash: a7JxRYLCpn2N2SFJmlg6iuoT6/6RX+9+QkmA7JRgkHE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/685c99-cfdf-42a0-8436-d297db230a14/1/yABBYZAh42MorViY6Jl4cEa48Pk.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/685c99-cfdf-42a0-8436-d297db230a14/1/yABBYZAh42MorViY6Jl4cEa48Pk.mft
rsync://rpki.ripe.net/repository/DEFAULT/yABBYZAh42MorViY6Jl4cEa48Pk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:f8:62:e4:4c:9e:1e:0e:69:78:f6:df:ec:bc:2a:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c80041619021e36328ad5898e899787046b8f0f9
Validity
Not Before: Mar 29 19:00:49 2026 GMT
Not After : Mar 30 19:00:49 2026 GMT
Subject: CN=291cd23fb7256f4194335912a4e23510da8ced24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:73:28:df:46:0e:b0:ea:1b:7b:7e:fd:a1:be:
7c:f7:3a:22:50:ca:0a:eb:0f:44:ab:50:ff:0e:4f:
05:db:69:5b:4a:52:9d:36:77:3b:0f:04:6e:55:fa:
ad:07:1e:ee:c0:49:98:12:67:4f:37:c7:e9:31:90:
c4:1d:d3:ce:03:66:50:95:71:f8:2d:93:9a:1e:dd:
13:4e:b7:56:49:86:26:dc:10:82:79:74:a6:c2:68:
76:83:cc:c8:75:77:90:fe:b7:08:e2:90:e2:15:58:
d0:c2:1a:b7:c2:3a:fb:1d:91:44:d1:b5:d8:b6:db:
00:e8:4b:94:b4:49:d9:0f:75:d8:79:3f:16:c1:b5:
7b:58:dd:98:bd:9a:02:17:0d:8a:6f:eb:e7:b9:41:
2a:79:97:29:f2:99:41:f5:23:90:d4:4a:fb:48:86:
c9:2e:49:63:06:f8:da:60:d8:21:21:84:d7:a1:ca:
43:55:fb:f2:21:af:85:32:8a:8c:18:ed:0d:cf:fa:
de:eb:e7:67:2f:a2:20:6e:42:8e:6c:b7:94:43:24:
91:a4:78:82:cf:a3:d8:8a:c6:b6:c5:80:03:5e:bf:
2d:d6:94:d1:6a:b5:ec:25:67:f3:28:10:ec:51:2b:
07:61:2a:07:9e:e8:a5:a0:c5:2e:e3:f1:80:78:0a:
48:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:1C:D2:3F:B7:25:6F:41:94:33:59:12:A4:E2:35:10:DA:8C:ED:24
X509v3 Authority Key Identifier:
keyid:C8:00:41:61:90:21:E3:63:28:AD:58:98:E8:99:78:70:46:B8:F0:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yABBYZAh42MorViY6Jl4cEa48Pk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/685c99-cfdf-42a0-8436-d297db230a14/1/yABBYZAh42MorViY6Jl4cEa48Pk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/685c99-cfdf-42a0-8436-d297db230a14/1/yABBYZAh42MorViY6Jl4cEa48Pk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:c0:a3:91:ea:35:7f:a0:81:4e:5a:d4:04:3c:ee:66:e5:db:
66:a5:07:06:19:b9:6c:28:e4:37:5b:ea:2c:05:7b:e7:05:63:
fc:2c:ce:11:04:71:3a:89:5c:cb:b3:5a:df:14:7f:89:70:d5:
48:d3:3f:2b:f9:56:67:36:02:ec:7d:50:dd:9a:cb:14:69:5e:
d6:91:94:8d:08:1f:ac:d7:19:c5:ca:88:e9:a7:bd:ff:3e:35:
76:7d:cc:e0:57:4d:9d:a3:73:af:89:de:b3:b5:87:fd:4f:da:
72:cb:8e:93:bb:e3:ac:33:d1:68:9a:b3:cf:59:db:80:5a:f0:
c4:e2:c0:07:d5:1c:cb:30:5d:02:fc:7e:9b:49:14:3e:4f:99:
1f:71:a5:7a:cd:de:96:71:4c:4d:7f:fe:86:c4:70:42:0d:56:
81:6a:0e:9e:e7:99:31:53:ab:2b:6f:7f:5e:ac:9f:e8:fc:9a:
a4:4c:9c:6b:47:e0:82:f4:8f:ac:1c:99:bd:93:b6:5e:f7:23:
28:ea:18:73:64:f9:f8:ba:16:01:27:b2:5f:02:fb:2c:41:6c:
5f:38:25:da:72:5a:4f:05:0c:25:60:c6:d8:0e:9e:a2:33:53:
4e:19:b1:66:bb:75:c3:ba:44:86:e0:58:a2:26:73:d0:f4:f0:
fc:bc:c2:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06+GLkTJ4eDml49t/svCo/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MDA0MTYxOTAyMWUzNjMyOGFkNTg5OGU4OTk3ODcwNDZi
OGYwZjkwHhcNMjYwMzI5MTkwMDQ5WhcNMjYwMzMwMTkwMDQ5WjAzMTEwLwYDVQQD
EygyOTFjZDIzZmI3MjU2ZjQxOTQzMzU5MTJhNGUyMzUxMGRhOGNlZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHMo30YOsOobe379ob589zoiUMoK
6w9Eq1D/Dk8F22lbSlKdNnc7DwRuVfqtBx7uwEmYEmdPN8fpMZDEHdPOA2ZQlXH4
LZOaHt0TTrdWSYYm3BCCeXSmwmh2g8zIdXeQ/rcI4pDiFVjQwhq3wjr7HZFE0bXY
ttsA6EuUtEnZD3XYeT8WwbV7WN2YvZoCFw2Kb+vnuUEqeZcp8plB9SOQ1Er7SIbJ
LkljBvjaYNghIYTXocpDVfvyIa+FMoqMGO0Nz/re6+dnL6IgbkKObLeUQySRpHiC
z6PYisa2xYADXr8t1pTRarXsJWfzKBDsUSsHYSoHnuiloMUu4/GAeApI1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCkc0j+3JW9BlDNZEqTiNRDajO0kMB8GA1UdIwQY
MBaAFMgAQWGQIeNjKK1YmOiZeHBGuPD5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUFCQllaQWg0Mk1vclZpWTZKbDRjRWE0OFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82ODVjOTktY2ZkZi00MmEwLTg0MzYt
ZDI5N2RiMjMwYTE0LzEveUFCQllaQWg0Mk1vclZpWTZKbDRjRWE0OFBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82ODVjOTktY2ZkZi00MmEwLTg0MzYtZDI5N2RiMjMwYTE0
LzEveUFCQllaQWg0Mk1vclZpWTZKbDRjRWE0OFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjMCjkeo1
f6CBTlrUBDzuZuXbZqUHBhm5bCjkN1vqLAV75wVj/CzOEQRxOolcy7Na3xR/iXDV
SNM/K/lWZzYC7H1Q3ZrLFGle1pGUjQgfrNcZxcqI6ae9/z41dn3M4FdNnaNzr4ne
s7WH/U/acsuOk7vjrDPRaJqzz1nbgFrwxOLAB9UcyzBdAvx+m0kUPk+ZH3Gles3e
lnFMTX/+hsRwQg1WgWoOnueZMVOrK29/Xqyf6PyapEyca0fggvSPrByZvZO2Xvcj
KOoYc2T5+LoWASeyXwL7LEFsXzgl2nJaTwUMJWDG2A6eojNTThmxZrt1w7pEhuBY
oiZz0PTw/LzCRg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 20:48:27 2026 by rpki-client