Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft
File: Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft (raw, json)
Hash identifier: MUqOdrUeHd0wEMKhuiaje+kbiujuLrC2CtVfORbKvAs=
Subject key identifier: 73:09:B4:C4:B3:C8:22:5A:D8:8B:7C:CC:44:23:A8:D9:44:1A:90:33
Authority key identifier: 63:3B:68:95:FE:49:93:39:7B:66:23:2B:B0:A2:D3:E3:C6:25:CC:1B
Certificate issuer: /CN=633b6895fe4993397b66232bb0a2d3e3c625cc1b
Certificate serial: 019D37C089FFE9BD849CBC173C80F16A60A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft
Manifest number: 12AA
Signing time: Sun 29 Mar 2026 04:00:58 +0000
Manifest this update: Sun 29 Mar 2026 04:00:58 +0000
Manifest next update: Mon 30 Mar 2026 04:00:58 +0000
Files and hashes: 1: YS4KfdF48rW5SEIpeCeYxOP-Du0.roa (hash: FKGkIDKaHogWgazEiZbFbdSEfBT5S7dX/PkphiCX2e8=)
2: Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl (hash: dR0/taxu9nE2VxE7HdGYcdAc+nuyBeAvpguOkpFz4A0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:89:ff:e9:bd:84:9c:bc:17:3c:80:f1:6a:60:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=633b6895fe4993397b66232bb0a2d3e3c625cc1b
Validity
Not Before: Mar 29 04:00:58 2026 GMT
Not After : Mar 30 04:00:58 2026 GMT
Subject: CN=7309b4c4b3c8225ad88b7ccc4423a8d9441a9033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fc:5c:da:14:e2:34:26:09:bb:64:ec:de:53:
24:33:92:8c:c3:b9:dc:08:0e:d6:98:45:96:0e:a6:
b2:13:46:e7:7e:c4:52:de:cb:b7:07:fa:37:89:77:
65:5c:1b:bc:27:b0:f3:19:87:54:cd:3a:7d:5c:0f:
42:75:c9:6f:38:b0:d1:4a:26:df:fc:3c:48:08:f2:
14:8c:e2:b8:27:e5:8d:ed:50:b7:57:c6:8e:90:69:
55:10:07:8a:06:8c:5d:69:d3:75:8e:94:cc:b2:d5:
84:be:ac:db:51:23:da:8e:64:2c:31:ac:13:be:56:
b5:c0:11:b1:cf:7e:cd:f5:a4:76:d9:a5:c2:6d:90:
9b:80:fb:6a:f3:44:3d:2e:f4:d6:57:25:83:33:13:
e3:bc:15:04:be:fa:72:48:3a:4c:9c:0e:7a:f5:51:
c2:4b:0b:f9:3f:19:ee:b6:ac:1a:d6:f2:3e:3f:51:
fa:d3:18:44:8d:a3:b5:c7:91:85:fc:ab:39:de:6c:
46:71:c3:17:25:54:62:f3:21:2d:62:6c:2f:05:2f:
5f:87:c8:26:74:e4:3c:86:6b:93:38:cf:81:85:25:
e2:e4:9e:56:4f:98:7d:bb:ef:6d:bc:a7:5b:2d:76:
ee:3b:a2:d9:5e:50:a9:4f:c6:19:74:c3:92:ae:1c:
0a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:09:B4:C4:B3:C8:22:5A:D8:8B:7C:CC:44:23:A8:D9:44:1A:90:33
X509v3 Authority Key Identifier:
keyid:63:3B:68:95:FE:49:93:39:7B:66:23:2B:B0:A2:D3:E3:C6:25:CC:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:23:22:3d:3a:27:94:0c:60:a5:50:e6:f7:08:f2:be:a0:6d:
b0:4c:a3:da:2c:bd:64:e4:83:49:a5:a7:9b:cd:95:9c:81:d6:
72:3c:d8:e4:e8:d3:17:7b:c6:de:d4:f7:3f:34:38:89:f4:2f:
87:da:18:e2:3d:9d:a7:fa:01:ad:93:a7:96:09:37:57:22:ff:
e2:1f:01:3d:70:3b:76:47:d2:c6:6b:1d:31:d7:76:4f:4e:74:
eb:dd:5e:81:6f:93:6e:97:b9:42:9b:17:a8:88:31:78:7f:6d:
1e:fb:a9:e6:1e:7a:60:32:cf:bb:e9:2e:91:65:3a:ed:e5:6c:
6f:4c:73:9a:95:f4:15:2b:d5:2d:fe:6b:fe:ce:55:ac:f3:9d:
ef:1a:0e:dc:69:85:c5:e7:5e:e0:27:d6:37:5d:b7:af:d8:41:
ed:cc:e9:51:5e:71:c8:b6:a5:21:3d:45:25:96:8e:90:1c:08:
69:fd:c0:6d:54:9b:6a:60:91:2e:8e:28:c7:65:36:ee:e2:57:
0c:68:02:af:f5:b4:75:5d:68:8a:cd:48:85:58:83:5d:a4:d6:
ef:2b:41:2f:64:74:85:ee:95:85:9c:39:6c:a2:92:66:c4:a2:
28:c8:5c:fa:9c:38:a3:d9:8f:e5:9b:4e:bb:18:45:30:c9:89:
cc:e6:08:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wIn/6b2EnLwXPIDxamClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzM2I2ODk1ZmU0OTkzMzk3YjY2MjMyYmIwYTJkM2UzYzYy
NWNjMWIwHhcNMjYwMzI5MDQwMDU4WhcNMjYwMzMwMDQwMDU4WjAzMTEwLwYDVQQD
Eyg3MzA5YjRjNGIzYzgyMjVhZDg4YjdjY2M0NDIzYThkOTQ0MWE5MDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/xc2hTiNCYJu2Ts3lMkM5KMw7nc
CA7WmEWWDqayE0bnfsRS3su3B/o3iXdlXBu8J7DzGYdUzTp9XA9CdclvOLDRSibf
/DxICPIUjOK4J+WN7VC3V8aOkGlVEAeKBoxdadN1jpTMstWEvqzbUSPajmQsMawT
vla1wBGxz37N9aR22aXCbZCbgPtq80Q9LvTWVyWDMxPjvBUEvvpySDpMnA569VHC
Swv5Pxnutqwa1vI+P1H60xhEjaO1x5GF/Ks53mxGccMXJVRi8yEtYmwvBS9fh8gm
dOQ8hmuTOM+BhSXi5J5WT5h9u+9tvKdbLXbuO6LZXlCpT8YZdMOSrhwKkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHMJtMSzyCJa2It8zEQjqNlEGpAzMB8GA1UdIwQY
MBaAFGM7aJX+SZM5e2YjK7Ci0+PGJcwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yZmM0MGEtNTVlMy00YWJhLTkxYjUt
NzBiODg3MWI4ZTIwLzEvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yZmM0MGEtNTVlMy00YWJhLTkxYjUtNzBiODg3MWI4ZTIw
LzEvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAryMiPTon
lAxgpVDm9wjyvqBtsEyj2iy9ZOSDSaWnm82VnIHWcjzY5OjTF3vG3tT3PzQ4ifQv
h9oY4j2dp/oBrZOnlgk3VyL/4h8BPXA7dkfSxmsdMdd2T050691egW+Tbpe5QpsX
qIgxeH9tHvup5h56YDLPu+kukWU67eVsb0xzmpX0FSvVLf5r/s5VrPOd7xoO3GmF
xede4CfWN123r9hB7czpUV5xyLalIT1FJZaOkBwIaf3AbVSbamCRLo4ox2U27uJX
DGgCr/W0dV1ois1IhViDXaTW7ytBL2R0he6VhZw5bKKSZsSiKMhc+pw4o9mP5ZtO
uxhFMMmJzOYImA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:51:00 2026 by rpki-client