Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft
File: Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft (raw, json)
Hash identifier: 5lMjoCzExz0nvcqugVLwW9x8kKtHouSa9tlCSabtYzs=
Subject key identifier: 54:2A:56:B3:4F:D9:2B:54:09:F1:1A:14:1D:99:EA:61:22:7E:E0:A7
Authority key identifier: 63:3B:68:95:FE:49:93:39:7B:66:23:2B:B0:A2:D3:E3:C6:25:CC:1B
Certificate issuer: /CN=633b6895fe4993397b66232bb0a2d3e3c625cc1b
Certificate serial: 019A71B7E263F8B2BE0A74DC2158830BE6F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft
Manifest number: 113A
Signing time: Tue 11 Nov 2025 07:01:07 +0000
Manifest this update: Tue 11 Nov 2025 07:01:07 +0000
Manifest next update: Wed 12 Nov 2025 07:01:07 +0000
Files and hashes: 1: YFIa0scc_xVUT5FKi7LKvASoEWc.roa (hash: V1CwEQLm9iXZGzptcaHc4LFmcOryBT2Kfmx1HSv4RTc=)
2: Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl (hash: 90G3eZiL1lsMb9TfVLJNe7fVBxiqKtWLXXYQdewllvQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:e2:63:f8:b2:be:0a:74:dc:21:58:83:0b:e6:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=633b6895fe4993397b66232bb0a2d3e3c625cc1b
Validity
Not Before: Nov 11 07:01:07 2025 GMT
Not After : Nov 12 07:01:07 2025 GMT
Subject: CN=542a56b34fd92b5409f11a141d99ea61227ee0a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cf:92:71:33:dd:3f:bd:47:a7:54:28:de:97:
8d:45:6b:01:77:39:e3:77:16:d8:ca:a5:fe:c0:3b:
f9:30:a3:8a:73:0b:10:f6:97:34:d7:fb:dd:f7:cd:
06:e9:5c:a8:e4:f7:c5:66:5e:90:e1:af:94:61:87:
ed:ce:07:e7:6a:b9:30:e5:76:89:d3:98:6b:61:ab:
91:d4:ee:5c:7d:3a:e7:7e:ce:bd:5d:c9:e5:e6:e8:
f5:d4:35:12:ce:fb:2e:b2:6c:ae:c9:30:6c:9e:ed:
62:37:68:f2:a7:9f:01:8c:33:71:29:78:a5:f4:a7:
87:72:de:41:d7:3d:0e:85:d8:26:e9:d0:1d:39:69:
67:11:44:ba:a5:dd:1e:7a:ef:19:70:ec:13:a5:5d:
50:5f:da:17:43:c6:25:a6:71:b6:5f:b0:c5:31:62:
a2:5a:82:fc:c9:36:f9:7b:19:d9:9f:3d:80:e0:09:
0d:9a:b6:35:2e:f7:0e:22:bc:b9:05:22:48:65:d6:
a8:f7:e0:f3:4c:44:50:bf:57:75:ef:ce:ed:fb:59:
bc:e7:34:b4:f5:6a:76:29:05:13:a4:8e:06:c0:23:
39:58:c9:0f:c5:13:8d:c4:2a:a9:2a:e2:22:38:3e:
e2:09:09:cf:44:35:6a:39:fc:67:b0:f9:f1:78:f9:
8f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:2A:56:B3:4F:D9:2B:54:09:F1:1A:14:1D:99:EA:61:22:7E:E0:A7
X509v3 Authority Key Identifier:
keyid:63:3B:68:95:FE:49:93:39:7B:66:23:2B:B0:A2:D3:E3:C6:25:CC:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:ef:6f:84:77:fc:0b:b6:75:bc:9a:5e:4c:ad:12:09:9a:3f:
d7:ed:3a:f1:32:35:ca:ab:f8:ef:4f:54:81:ec:be:cc:91:6a:
c4:2c:4c:96:ef:41:d5:d8:a2:a0:c3:17:da:c4:00:7a:af:cb:
b5:12:62:c0:90:75:30:aa:3d:07:fb:71:c1:f5:d4:ae:af:0e:
30:0e:dc:65:38:ec:40:1f:85:6e:99:69:1f:4f:ca:55:0c:3e:
72:a0:2b:e6:85:77:16:62:f1:c3:62:8e:ce:a2:b7:f2:fa:d4:
6d:5b:f1:51:ca:23:18:2f:09:3d:39:67:73:6f:51:97:02:78:
e8:cf:b5:af:45:92:16:47:56:b8:f5:43:9b:55:6c:8d:ff:5f:
31:7d:83:64:64:21:99:ed:0f:70:7b:39:8f:40:63:89:65:38:
4f:85:ad:f2:cd:eb:66:29:be:9a:c5:c8:fe:de:1d:4a:9b:f3:
13:d1:7f:09:44:f4:cd:96:96:ae:e0:18:10:5c:83:9c:74:e9:
61:76:ca:df:c4:b6:36:d7:4f:ab:04:9b:bb:c0:e8:b3:f3:4e:
31:a7:14:1c:76:8e:b4:95:20:0d:1f:b2:4c:94:ed:68:82:6d:
72:0c:b2:a3:60:41:f2:e1:49:57:3a:a5:ef:62:1e:65:67:73:
40:50:5b:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+Jj+LK+CnTcIViDC+b1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzM2I2ODk1ZmU0OTkzMzk3YjY2MjMyYmIwYTJkM2UzYzYy
NWNjMWIwHhcNMjUxMTExMDcwMTA3WhcNMjUxMTEyMDcwMTA3WjAzMTEwLwYDVQQD
Eyg1NDJhNTZiMzRmZDkyYjU0MDlmMTFhMTQxZDk5ZWE2MTIyN2VlMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxc+ScTPdP71Hp1Qo3peNRWsBdznj
dxbYyqX+wDv5MKOKcwsQ9pc01/vd980G6Vyo5PfFZl6Q4a+UYYftzgfnarkw5XaJ
05hrYauR1O5cfTrnfs69Xcnl5uj11DUSzvsusmyuyTBsnu1iN2jyp58BjDNxKXil
9KeHct5B1z0Ohdgm6dAdOWlnEUS6pd0eeu8ZcOwTpV1QX9oXQ8YlpnG2X7DFMWKi
WoL8yTb5exnZnz2A4AkNmrY1LvcOIry5BSJIZdao9+DzTERQv1d1787t+1m85zS0
9Wp2KQUTpI4GwCM5WMkPxRONxCqpKuIiOD7iCQnPRDVqOfxnsPnxePmP/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFQqVrNP2StUCfEaFB2Z6mEifuCnMB8GA1UdIwQY
MBaAFGM7aJX+SZM5e2YjK7Ci0+PGJcwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yZmM0MGEtNTVlMy00YWJhLTkxYjUt
NzBiODg3MWI4ZTIwLzEvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yZmM0MGEtNTVlMy00YWJhLTkxYjUtNzBiODg3MWI4ZTIw
LzEvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhu9vhHf8
C7Z1vJpeTK0SCZo/1+068TI1yqv4709Ugey+zJFqxCxMlu9B1diioMMX2sQAeq/L
tRJiwJB1MKo9B/txwfXUrq8OMA7cZTjsQB+FbplpH0/KVQw+cqAr5oV3FmLxw2KO
zqK38vrUbVvxUcojGC8JPTlnc29RlwJ46M+1r0WSFkdWuPVDm1Vsjf9fMX2DZGQh
me0PcHs5j0BjiWU4T4Wt8s3rZim+msXI/t4dSpvzE9F/CUT0zZaWruAYEFyDnHTp
YXbK38S2NtdPqwSbu8Dos/NOMacUHHaOtJUgDR+yTJTtaIJtcgyyo2BB8uFJVzql
72IeZWdzQFBbdQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:35:09 2025 by rpki-client