Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/031047-8c74-4aee-b065-482862de730e/1/ykH9t-AW2WDv4pwLSJS4c6pNIeI.mft
File: ykH9t-AW2WDv4pwLSJS4c6pNIeI.mft (raw, json)
Hash identifier: 9OTmcuhU8scEI0xziH1zPLXsOpo67ATITGsV6pGasTk=
Subject key identifier: DA:18:C7:35:FD:FF:1B:E4:E2:47:1C:52:59:03:14:51:33:6B:40:12
Authority key identifier: CA:41:FD:B7:E0:16:D9:60:EF:E2:9C:0B:48:94:B8:73:AA:4D:21:E2
Certificate issuer: /CN=ca41fdb7e016d960efe29c0b4894b873aa4d21e2
Certificate serial: 019D3977F9A39648B403C5A675E651C4BDDB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ykH9t-AW2WDv4pwLSJS4c6pNIeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/031047-8c74-4aee-b065-482862de730e/1/ykH9t-AW2WDv4pwLSJS4c6pNIeI.mft
Manifest number: 0448
Signing time: Sun 29 Mar 2026 12:00:57 +0000
Manifest this update: Sun 29 Mar 2026 12:00:57 +0000
Manifest next update: Mon 30 Mar 2026 12:00:57 +0000
Files and hashes: 1: oige68hRBiXUkOK8iHHDWo8nk74.roa (hash: j1qWPqgO+nK+2rkNLUIphbABAHPc6uAzHBH1FOhC3L4=)
2: ykH9t-AW2WDv4pwLSJS4c6pNIeI.crl (hash: HTfDp+jeJzzWAEfx3F8z/lI9lHetwg4tBIqbTIunkGk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/031047-8c74-4aee-b065-482862de730e/1/ykH9t-AW2WDv4pwLSJS4c6pNIeI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/031047-8c74-4aee-b065-482862de730e/1/ykH9t-AW2WDv4pwLSJS4c6pNIeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ykH9t-AW2WDv4pwLSJS4c6pNIeI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:f9:a3:96:48:b4:03:c5:a6:75:e6:51:c4:bd:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca41fdb7e016d960efe29c0b4894b873aa4d21e2
Validity
Not Before: Mar 29 12:00:57 2026 GMT
Not After : Mar 30 12:00:57 2026 GMT
Subject: CN=da18c735fdff1be4e2471c5259031451336b4012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:12:46:69:f9:74:e2:73:49:11:e5:33:76:a8:
82:9c:98:e3:67:b0:70:e3:91:51:61:cb:7a:5f:2e:
32:47:91:ba:93:61:ee:cf:91:cd:cc:d9:49:77:a9:
a7:cd:a1:62:6c:5b:2a:f3:78:6b:7b:53:c9:f0:83:
6d:38:53:45:7c:51:a3:9a:39:22:de:6f:3e:a9:f9:
7a:e4:d8:e5:9d:63:aa:0f:16:4f:8d:89:90:a2:52:
57:72:12:98:5b:ba:13:8b:7d:ee:82:0a:15:a0:b7:
be:a9:46:4a:94:85:bb:0e:f8:2a:70:6c:2f:bd:6a:
82:82:90:d5:73:22:d6:c6:22:4b:dc:77:66:d7:ad:
b9:4a:33:99:a1:23:59:1c:5f:88:5a:e6:ad:b7:86:
e5:d6:d6:3f:a0:77:5e:30:8e:c5:a5:a7:2a:dc:e4:
2c:cb:76:f7:dc:a7:ee:49:28:d1:64:de:69:cf:89:
06:b8:9a:12:02:e4:50:c6:f2:0a:3c:b5:d6:bc:0c:
49:6d:2e:93:c5:bf:2d:44:39:65:c6:f2:21:0d:42:
cf:13:14:fd:0c:1b:d6:05:37:d6:98:d6:68:1e:10:
17:6c:5c:b6:57:44:aa:83:e9:5f:f8:4a:6e:fb:3f:
19:49:b4:19:cd:4a:38:cb:af:e0:c5:dd:36:c3:9a:
6c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:18:C7:35:FD:FF:1B:E4:E2:47:1C:52:59:03:14:51:33:6B:40:12
X509v3 Authority Key Identifier:
keyid:CA:41:FD:B7:E0:16:D9:60:EF:E2:9C:0B:48:94:B8:73:AA:4D:21:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykH9t-AW2WDv4pwLSJS4c6pNIeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/031047-8c74-4aee-b065-482862de730e/1/ykH9t-AW2WDv4pwLSJS4c6pNIeI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/031047-8c74-4aee-b065-482862de730e/1/ykH9t-AW2WDv4pwLSJS4c6pNIeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ca:0c:f0:06:2b:71:91:54:24:61:80:cb:7a:7d:12:dd:9d:cc:
94:ac:69:00:d7:71:48:c8:20:72:1f:01:cc:b1:72:d5:45:dd:
c1:6e:59:68:d5:e3:13:0a:86:16:b3:cb:b3:f2:c3:36:02:bb:
68:78:43:fd:37:50:6f:a6:3d:21:fa:ed:4c:aa:e8:f5:b9:ca:
c6:24:19:85:5e:53:3a:af:e0:e1:cf:0c:50:30:2a:66:6d:e4:
1d:77:70:5f:23:54:b6:a5:a8:2a:50:af:52:fd:1a:bf:e7:31:
88:83:9e:fa:61:8a:41:16:87:27:0a:4c:38:15:d8:de:39:ae:
49:57:fe:9c:a3:e5:9a:b2:83:69:1b:be:ce:21:56:fc:a9:a3:
cd:f2:4e:ef:2b:cb:90:06:dd:4e:c1:e2:23:cf:eb:9b:d8:9d:
79:d9:f2:97:3f:a5:cb:eb:61:d8:96:1c:2b:e2:43:a4:b2:83:
fe:52:01:97:9e:0c:33:38:e9:be:fb:25:27:0c:2e:31:d2:3e:
27:42:53:36:32:da:bb:11:4a:4f:b5:4d:d4:db:ee:63:91:65:
58:78:f8:ca:7a:2a:d3:36:c8:bc:13:c2:ba:16:74:df:eb:bd:
d9:d1:ee:d3:e1:8c:1c:aa:b0:f0:9d:81:d0:15:7f:5b:d1:13:
2e:59:04:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d/mjlki0A8WmdeZRxL3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNDFmZGI3ZTAxNmQ5NjBlZmUyOWMwYjQ4OTRiODczYWE0
ZDIxZTIwHhcNMjYwMzI5MTIwMDU3WhcNMjYwMzMwMTIwMDU3WjAzMTEwLwYDVQQD
EyhkYTE4YzczNWZkZmYxYmU0ZTI0NzFjNTI1OTAzMTQ1MTMzNmI0MDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRJGafl04nNJEeUzdqiCnJjjZ7Bw
45FRYct6Xy4yR5G6k2Huz5HNzNlJd6mnzaFibFsq83hre1PJ8INtOFNFfFGjmjki
3m8+qfl65NjlnWOqDxZPjYmQolJXchKYW7oTi33uggoVoLe+qUZKlIW7DvgqcGwv
vWqCgpDVcyLWxiJL3Hdm1625SjOZoSNZHF+IWuatt4bl1tY/oHdeMI7Fpacq3OQs
y3b33KfuSSjRZN5pz4kGuJoSAuRQxvIKPLXWvAxJbS6Txb8tRDllxvIhDULPExT9
DBvWBTfWmNZoHhAXbFy2V0Sqg+lf+Epu+z8ZSbQZzUo4y6/gxd02w5psHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNoYxzX9/xvk4kccUlkDFFEza0ASMB8GA1UdIwQY
MBaAFMpB/bfgFtlg7+KcC0iUuHOqTSHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWtIOXQtQVcyV0R2NHB3TFNKUzRjNnBOSWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wMzEwNDctOGM3NC00YWVlLWIwNjUt
NDgyODYyZGU3MzBlLzEveWtIOXQtQVcyV0R2NHB3TFNKUzRjNnBOSWVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wMzEwNDctOGM3NC00YWVlLWIwNjUtNDgyODYyZGU3MzBl
LzEveWtIOXQtQVcyV0R2NHB3TFNKUzRjNnBOSWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAygzwBitx
kVQkYYDLen0S3Z3MlKxpANdxSMggch8BzLFy1UXdwW5ZaNXjEwqGFrPLs/LDNgK7
aHhD/TdQb6Y9IfrtTKro9bnKxiQZhV5TOq/g4c8MUDAqZm3kHXdwXyNUtqWoKlCv
Uv0av+cxiIOe+mGKQRaHJwpMOBXY3jmuSVf+nKPlmrKDaRu+ziFW/KmjzfJO7yvL
kAbdTsHiI8/rm9idednylz+ly+th2JYcK+JDpLKD/lIBl54MMzjpvvslJwwuMdI+
J0JTNjLauxFKT7VN1NvuY5FlWHj4ynoq0zbIvBPCuhZ03+u92dHu0+GMHKqw8J2B
0BV/W9ETLlkE6g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:57:26 2026 by rpki-client