Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/031047-8c74-4aee-b065-482862de730e/1/ykH9t-AW2WDv4pwLSJS4c6pNIeI.mft
File: ykH9t-AW2WDv4pwLSJS4c6pNIeI.mft (raw, json)
Hash identifier: 7N79tOUmYuE4I/VN2hk71bTFba7E4mW8hsIFWM5cst4=
Subject key identifier: F0:8D:10:13:70:3F:99:24:E5:E0:A9:CC:EC:B9:00:F9:00:02:D9:85
Authority key identifier: CA:41:FD:B7:E0:16:D9:60:EF:E2:9C:0B:48:94:B8:73:AA:4D:21:E2
Certificate issuer: /CN=ca41fdb7e016d960efe29c0b4894b873aa4d21e2
Certificate serial: 019A7225CD481276CB12778F25BEFEAEB440
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ykH9t-AW2WDv4pwLSJS4c6pNIeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/031047-8c74-4aee-b065-482862de730e/1/ykH9t-AW2WDv4pwLSJS4c6pNIeI.mft
Manifest number: 02D7
Signing time: Tue 11 Nov 2025 09:01:11 +0000
Manifest this update: Tue 11 Nov 2025 09:01:11 +0000
Manifest next update: Wed 12 Nov 2025 09:01:11 +0000
Files and hashes: 1: knggMszGXslbbJ2_Oh2Jaifz1gc.roa (hash: 1NY+pqUYlKwDvhTu3JTqY8SDs7jlakZ17fJjnTdwI9Y=)
2: ykH9t-AW2WDv4pwLSJS4c6pNIeI.crl (hash: FVmPp0TiEVXayE+yrRIMucr5gIbJ0mwSSFLSn8oncwo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/031047-8c74-4aee-b065-482862de730e/1/ykH9t-AW2WDv4pwLSJS4c6pNIeI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/031047-8c74-4aee-b065-482862de730e/1/ykH9t-AW2WDv4pwLSJS4c6pNIeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ykH9t-AW2WDv4pwLSJS4c6pNIeI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:cd:48:12:76:cb:12:77:8f:25:be:fe:ae:b4:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca41fdb7e016d960efe29c0b4894b873aa4d21e2
Validity
Not Before: Nov 11 09:01:11 2025 GMT
Not After : Nov 12 09:01:11 2025 GMT
Subject: CN=f08d1013703f9924e5e0a9ccecb900f90002d985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b8:5f:4a:55:20:8f:11:70:01:d0:17:8c:ac:
87:db:51:bc:fa:1d:31:46:17:af:75:9f:08:5f:3f:
48:18:bd:b1:ce:e6:58:af:3c:03:56:f7:44:f4:b7:
18:a8:58:77:36:5a:60:26:d5:b6:45:b6:c5:ed:f7:
f4:d2:db:f2:35:5c:40:4d:53:7e:be:d7:26:34:b6:
6e:1c:96:02:02:69:bc:1e:e7:7e:f6:04:fc:79:8c:
4c:b2:ba:49:09:92:a1:2e:c6:ab:ef:ac:5a:ec:a2:
ce:08:c4:41:e2:3a:34:cd:1a:ac:50:ed:7f:28:ea:
ac:ff:90:7c:17:15:63:51:0f:ec:b9:35:1d:1d:98:
dd:22:1e:a9:99:5b:a3:f1:65:ea:50:05:2c:82:b4:
72:57:c2:e6:44:1e:a1:ed:9f:f4:40:67:fa:55:e3:
f3:aa:42:09:8c:5f:53:db:a6:ac:a3:40:d5:1f:02:
55:8b:72:b1:7f:f6:11:c6:89:c6:10:26:23:94:58:
76:d8:b0:da:d0:cb:54:43:d2:3a:98:e8:9f:f3:08:
82:34:67:41:b2:d3:0f:c0:b3:26:67:cd:7b:96:2f:
76:7c:c6:9c:0f:a6:b9:bc:21:b8:26:d0:09:d5:ea:
98:ec:5a:6d:a5:69:53:8d:b9:94:0a:1a:0f:d1:24:
65:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:8D:10:13:70:3F:99:24:E5:E0:A9:CC:EC:B9:00:F9:00:02:D9:85
X509v3 Authority Key Identifier:
keyid:CA:41:FD:B7:E0:16:D9:60:EF:E2:9C:0B:48:94:B8:73:AA:4D:21:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykH9t-AW2WDv4pwLSJS4c6pNIeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/031047-8c74-4aee-b065-482862de730e/1/ykH9t-AW2WDv4pwLSJS4c6pNIeI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/031047-8c74-4aee-b065-482862de730e/1/ykH9t-AW2WDv4pwLSJS4c6pNIeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:54:e4:c8:bf:f5:9f:d8:48:a9:a8:ca:d6:67:2a:f8:c8:ca:
25:b9:2c:eb:e0:fa:1c:8c:25:d8:90:4f:9e:37:55:aa:04:20:
68:bc:dd:e3:f5:59:aa:9f:32:b7:c5:66:b5:2b:b8:d3:66:d0:
b5:5c:08:a7:f3:fb:b7:3d:ae:75:e5:a4:7e:8e:c8:f9:71:92:
7b:91:1e:bf:3b:fe:11:a5:d5:7b:7f:48:eb:61:2b:47:7f:af:
fe:dd:1c:06:64:1e:ee:0c:8e:ce:02:52:2f:39:64:9b:8f:94:
dd:07:44:8d:10:5e:98:e6:9d:c6:ab:d7:c1:94:ef:59:d9:63:
a2:4b:de:e7:32:75:a2:38:ce:05:a7:e4:7b:00:52:6a:9f:2d:
51:55:e3:8b:d2:69:9e:70:5d:e7:7a:e2:5a:f0:6b:c0:22:28:
01:56:6a:32:f0:b8:c7:e5:1e:45:54:1b:16:60:44:d8:ed:f4:
16:23:8c:b6:b0:05:ce:8a:85:3f:4c:e1:2a:06:02:03:4f:85:
e0:47:39:cf:16:0d:4f:fe:8e:33:41:92:8e:86:4d:26:09:36:
48:9e:e5:27:bc:1a:d1:da:eb:6b:e6:46:d9:ee:2a:e7:e1:f9:
1e:63:27:41:db:29:76:88:76:f7:a3:b9:b0:57:9e:90:2e:db:
8b:19:a2:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJc1IEnbLEnePJb7+rrRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNDFmZGI3ZTAxNmQ5NjBlZmUyOWMwYjQ4OTRiODczYWE0
ZDIxZTIwHhcNMjUxMTExMDkwMTExWhcNMjUxMTEyMDkwMTExWjAzMTEwLwYDVQQD
EyhmMDhkMTAxMzcwM2Y5OTI0ZTVlMGE5Y2NlY2I5MDBmOTAwMDJkOTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprhfSlUgjxFwAdAXjKyH21G8+h0x
RhevdZ8IXz9IGL2xzuZYrzwDVvdE9LcYqFh3NlpgJtW2RbbF7ff00tvyNVxATVN+
vtcmNLZuHJYCAmm8Hud+9gT8eYxMsrpJCZKhLsar76xa7KLOCMRB4jo0zRqsUO1/
KOqs/5B8FxVjUQ/suTUdHZjdIh6pmVuj8WXqUAUsgrRyV8LmRB6h7Z/0QGf6VePz
qkIJjF9T26aso0DVHwJVi3Kxf/YRxonGECYjlFh22LDa0MtUQ9I6mOif8wiCNGdB
stMPwLMmZ817li92fMacD6a5vCG4JtAJ1eqY7FptpWlTjbmUChoP0SRl+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPCNEBNwP5kk5eCpzOy5APkAAtmFMB8GA1UdIwQY
MBaAFMpB/bfgFtlg7+KcC0iUuHOqTSHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWtIOXQtQVcyV0R2NHB3TFNKUzRjNnBOSWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wMzEwNDctOGM3NC00YWVlLWIwNjUt
NDgyODYyZGU3MzBlLzEveWtIOXQtQVcyV0R2NHB3TFNKUzRjNnBOSWVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wMzEwNDctOGM3NC00YWVlLWIwNjUtNDgyODYyZGU3MzBl
LzEveWtIOXQtQVcyV0R2NHB3TFNKUzRjNnBOSWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASFTkyL/1
n9hIqajK1mcq+MjKJbks6+D6HIwl2JBPnjdVqgQgaLzd4/VZqp8yt8VmtSu402bQ
tVwIp/P7tz2udeWkfo7I+XGSe5Eevzv+EaXVe39I62ErR3+v/t0cBmQe7gyOzgJS
Lzlkm4+U3QdEjRBemOadxqvXwZTvWdljokve5zJ1ojjOBafkewBSap8tUVXji9Jp
nnBd53riWvBrwCIoAVZqMvC4x+UeRVQbFmBE2O30FiOMtrAFzoqFP0zhKgYCA0+F
4Ec5zxYNT/6OM0GSjoZNJgk2SJ7lJ7wa0drra+ZG2e4q5+H5HmMnQdspdoh296O5
sFeekC7bixmigg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:00:53 2025 by rpki-client