Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft
File: ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft (raw, json)
Hash identifier: JWhnQoBZDXgKrieFqKY0LLsKOhP50NK0yRFGxXv3AKE=
Subject key identifier: 19:27:F4:EC:3C:76:6C:80:D0:55:DD:C8:E5:92:92:46:6A:26:6F:D3
Authority key identifier: CA:43:4D:39:9D:93:A1:9D:8A:81:08:45:6C:55:75:09:6C:2A:E5:88
Certificate issuer: /CN=ca434d399d93a19d8a8108456c5575096c2ae588
Certificate serial: 019A725C7D0E2C22AF5A4CE73DA895DF7CB3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft
Manifest number: 0740
Signing time: Tue 11 Nov 2025 10:00:55 +0000
Manifest this update: Tue 11 Nov 2025 10:00:55 +0000
Manifest next update: Wed 12 Nov 2025 10:00:55 +0000
Files and hashes: 1: 6KeHOxxWviP0lluNL5sOXVdQY7c.roa (hash: kUeVBsIsjzs7OuA1c4/VFEC1ddAvMO/ONIYaR+/BuFA=)
2: ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.crl (hash: E4slhkOfg84EWDT4wkm04TvSdqLyqq3fM/J6hYcPLSM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:7d:0e:2c:22:af:5a:4c:e7:3d:a8:95:df:7c:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca434d399d93a19d8a8108456c5575096c2ae588
Validity
Not Before: Nov 11 10:00:55 2025 GMT
Not After : Nov 12 10:00:55 2025 GMT
Subject: CN=1927f4ec3c766c80d055ddc8e59292466a266fd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:55:b6:25:2a:5d:9b:9c:3e:50:76:90:b0:9e:
7c:e8:fe:83:1f:f9:1e:90:cd:7a:4a:39:5d:f4:fa:
b0:77:bb:91:07:21:f6:11:fa:fc:ab:c0:4d:ad:bb:
19:06:6d:60:21:96:26:82:e6:4c:57:90:a3:cd:a7:
23:a4:49:40:90:18:42:0f:6d:df:f0:a5:69:86:96:
6d:8e:f3:cf:28:91:42:aa:b1:d9:e5:bc:77:14:91:
42:bf:1d:68:5f:83:41:6d:de:04:04:99:34:3d:76:
b2:18:91:68:3c:ed:68:e6:ba:72:63:41:3c:bb:97:
5a:4c:68:d6:4f:87:59:cd:06:56:55:ae:bf:0d:e3:
5d:3a:4f:c5:80:41:79:19:fe:e3:cf:5f:1e:26:ed:
92:b4:c7:7a:33:d6:0c:be:ba:03:93:b2:35:32:b3:
04:83:68:fb:1b:ae:62:41:80:cf:8c:cb:68:58:d1:
1f:ab:15:4c:31:8e:ac:fb:9e:9f:3b:f6:f4:3f:0c:
b7:e8:8c:09:1c:69:84:e0:d7:06:18:fc:18:42:b7:
16:b4:59:53:06:47:d3:ad:40:ac:3a:46:b5:e4:3c:
60:50:7d:76:98:e1:b1:e1:c8:d4:90:6b:71:7c:89:
19:cd:40:86:39:a9:7b:aa:e6:b7:1e:44:cd:b2:de:
ca:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:27:F4:EC:3C:76:6C:80:D0:55:DD:C8:E5:92:92:46:6A:26:6F:D3
X509v3 Authority Key Identifier:
keyid:CA:43:4D:39:9D:93:A1:9D:8A:81:08:45:6C:55:75:09:6C:2A:E5:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ee:83:fe:49:00:31:47:13:07:22:50:18:05:5d:cc:ba:0b:01:
b2:7a:06:c0:bf:18:b5:28:9f:f1:ae:f8:1c:0a:51:cb:09:8f:
8a:99:3c:6e:cb:4a:e9:6f:52:96:0d:31:fa:8c:ad:7d:35:2b:
63:a3:b8:83:fd:a7:76:fe:0f:c1:05:ba:e4:4c:37:2b:ec:0a:
18:79:51:c9:0c:86:01:bd:4e:65:75:7a:8c:c5:eb:01:6b:ae:
f5:1a:c1:13:2f:74:a4:18:4e:96:42:23:1c:e8:41:ec:e9:38:
4d:4e:f8:40:c5:bc:ab:b2:c0:d1:66:11:ed:19:d4:ad:27:6b:
7c:42:5a:5e:58:8d:ec:4c:b0:d6:ed:16:28:aa:5b:1f:72:cd:
46:3f:10:4c:2f:2b:17:e9:85:80:fb:a1:0a:54:22:f6:f2:24:
99:a7:45:b3:6f:26:64:f3:be:a8:be:59:b2:3f:ca:d6:3f:f5:
1a:e3:6d:71:4a:77:28:4e:1c:73:57:3f:e7:d2:16:bc:db:80:
78:ed:a8:26:30:46:a5:3c:15:99:b3:db:b5:1e:66:57:89:35:
37:a5:8e:9e:e0:44:f9:60:1f:4a:0f:7d:e3:45:ae:57:cf:60:
da:4c:55:c0:4e:b2:10:1b:ff:c6:d3:5c:b9:c2:53:9a:1b:37:
fd:88:61:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXH0OLCKvWkznPaiV33yzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNDM0ZDM5OWQ5M2ExOWQ4YTgxMDg0NTZjNTU3NTA5NmMy
YWU1ODgwHhcNMjUxMTExMTAwMDU1WhcNMjUxMTEyMTAwMDU1WjAzMTEwLwYDVQQD
EygxOTI3ZjRlYzNjNzY2YzgwZDA1NWRkYzhlNTkyOTI0NjZhMjY2ZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1W2JSpdm5w+UHaQsJ586P6DH/ke
kM16Sjld9Pqwd7uRByH2Efr8q8BNrbsZBm1gIZYmguZMV5CjzacjpElAkBhCD23f
8KVphpZtjvPPKJFCqrHZ5bx3FJFCvx1oX4NBbd4EBJk0PXayGJFoPO1o5rpyY0E8
u5daTGjWT4dZzQZWVa6/DeNdOk/FgEF5Gf7jz18eJu2StMd6M9YMvroDk7I1MrME
g2j7G65iQYDPjMtoWNEfqxVMMY6s+56fO/b0Pwy36IwJHGmE4NcGGPwYQrcWtFlT
BkfTrUCsOka15DxgUH12mOGx4cjUkGtxfIkZzUCGOal7qua3HkTNst7KbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBkn9Ow8dmyA0FXdyOWSkkZqJm/TMB8GA1UdIwQY
MBaAFMpDTTmdk6GdioEIRWxVdQlsKuWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWtOTk9aMlRvWjJLZ1FoRmJGVjFDV3dxNVlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC82YWVjNmEtMzY4My00MDVhLTllNjEt
ZGIyMzY4MjcxOTEzLzEveWtOTk9aMlRvWjJLZ1FoRmJGVjFDV3dxNVlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC82YWVjNmEtMzY4My00MDVhLTllNjEtZGIyMzY4MjcxOTEz
LzEveWtOTk9aMlRvWjJLZ1FoRmJGVjFDV3dxNVlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA7oP+SQAx
RxMHIlAYBV3MugsBsnoGwL8YtSif8a74HApRywmPipk8bstK6W9Slg0x+oytfTUr
Y6O4g/2ndv4PwQW65Ew3K+wKGHlRyQyGAb1OZXV6jMXrAWuu9RrBEy90pBhOlkIj
HOhB7Ok4TU74QMW8q7LA0WYR7RnUrSdrfEJaXliN7Eyw1u0WKKpbH3LNRj8QTC8r
F+mFgPuhClQi9vIkmadFs28mZPO+qL5Zsj/K1j/1GuNtcUp3KE4cc1c/59IWvNuA
eO2oJjBGpTwVmbPbtR5mV4k1N6WOnuBE+WAfSg9940WuV89g2kxVwE6yEBv/xtNc
ucJTmhs3/Yhh4Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:19:42 2025 by rpki-client