Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
File: yoaOeySqNaTdEKyVmfBkqpadAx0.mft (raw, json)
Hash identifier: fT7odgMWnAJoaFVpIfWVgtGGtxSkx2wB8AFWGaIA9/8=
Subject key identifier: BD:EC:9C:A0:FF:ED:27:FB:75:31:0C:17:6D:EE:B1:63:EA:66:72:9C
Authority key identifier: CA:86:8E:7B:24:AA:35:A4:DD:10:AC:95:99:F0:64:AA:96:9D:03:1D
Certificate issuer: /CN=ca868e7b24aa35a4dd10ac9599f064aa969d031d
Certificate serial: 019A70DC5AA4AB651751BA0DF1CB745B6A81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
Manifest number: 0390
Signing time: Tue 11 Nov 2025 03:01:20 +0000
Manifest this update: Tue 11 Nov 2025 03:01:20 +0000
Manifest next update: Wed 12 Nov 2025 03:01:20 +0000
Files and hashes: 1: yoaOeySqNaTdEKyVmfBkqpadAx0.crl (hash: NX/h6fFcPMXcBOYRVUh3e/godRAg5xIFpc4nHaiEDfU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:5a:a4:ab:65:17:51:ba:0d:f1:cb:74:5b:6a:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca868e7b24aa35a4dd10ac9599f064aa969d031d
Validity
Not Before: Nov 11 03:01:20 2025 GMT
Not After : Nov 12 03:01:20 2025 GMT
Subject: CN=bdec9ca0ffed27fb75310c176deeb163ea66729c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0c:7d:ad:dd:2d:6e:46:71:b5:a4:4a:1d:29:
36:9e:ee:ff:56:aa:3a:9b:1a:b7:17:94:d0:71:92:
df:a8:ff:4f:53:a0:28:88:e8:c5:f9:d2:f4:56:f9:
ca:f7:3d:ae:93:65:2e:d9:05:0a:e9:3c:6a:8d:c8:
91:ca:c8:4b:68:64:69:b7:bb:16:36:0e:7e:f3:19:
8d:d7:c9:f8:35:f9:c6:f3:e5:6b:ea:4a:46:c5:e5:
af:44:ad:49:6e:20:3a:8a:d7:a6:0d:bb:0d:d9:c7:
58:dc:13:26:18:ed:cb:11:0e:0b:af:f1:e0:e8:dc:
94:87:8a:3a:a5:ef:85:dc:07:14:62:bb:5c:be:23:
0b:4e:de:a1:72:7e:06:25:59:8d:d7:24:10:d7:07:
7c:04:4c:fa:6c:6a:a0:84:c1:d0:40:be:d9:bb:bc:
9f:3e:16:cb:83:e6:39:67:e8:94:53:80:91:f0:c6:
39:44:ca:2c:0e:3d:08:7e:61:92:54:eb:35:c7:15:
5c:ed:1f:81:84:e7:e0:9f:0a:9d:eb:40:4b:89:49:
8f:ac:62:12:c7:39:81:5e:d1:40:51:5d:24:ab:71:
3c:5a:8d:78:70:9b:d4:7e:63:88:d4:ec:90:43:e6:
c4:e9:9a:90:52:6b:dc:18:8a:ab:c4:c4:ef:bf:4e:
99:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:EC:9C:A0:FF:ED:27:FB:75:31:0C:17:6D:EE:B1:63:EA:66:72:9C
X509v3 Authority Key Identifier:
keyid:CA:86:8E:7B:24:AA:35:A4:DD:10:AC:95:99:F0:64:AA:96:9D:03:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:3f:45:49:15:59:73:77:69:b6:67:aa:3c:42:a0:02:cc:dc:
63:e2:90:b3:e7:f9:f1:ce:ee:24:9c:e8:fa:0e:f9:54:73:3e:
65:0e:55:3f:c5:d5:30:e9:7c:f8:bc:ca:95:88:c7:09:ee:76:
3b:99:16:7e:1d:f1:88:9b:16:34:97:43:6c:7d:2a:22:56:1f:
20:66:de:ad:e5:f7:2f:22:7b:1a:d6:ed:30:b4:46:c4:c6:dc:
ed:d5:a1:fe:76:2b:b2:10:67:88:90:7d:13:18:e5:b1:fe:50:
bd:14:41:1c:d4:b2:0a:d9:3d:f6:d6:d1:60:99:45:fb:b1:8b:
f2:8d:bf:ad:dd:d0:b0:1b:7c:17:ed:31:8e:3d:2e:40:55:4c:
ad:33:4b:b3:95:75:d2:e5:3c:39:5e:d0:92:fa:bc:69:15:4a:
0a:2e:b4:8d:bb:d8:e3:16:d6:3b:30:a8:df:9e:6e:8f:3f:42:
da:8d:2a:73:99:fc:79:03:e4:72:ee:c2:92:48:33:ac:5c:2b:
f7:90:3f:e4:da:f0:8e:f5:ca:70:8f:9e:67:63:6f:7f:f2:a8:
02:86:63:34:87:33:ae:0a:cf:02:83:8c:da:91:d0:6a:d1:e5:
7b:09:a3:93:2a:6b:e2:a1:9c:e4:74:35:dd:87:0f:69:92:3d:
ce:ea:91:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3Fqkq2UXUboN8ct0W2qBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhODY4ZTdiMjRhYTM1YTRkZDEwYWM5NTk5ZjA2NGFhOTY5
ZDAzMWQwHhcNMjUxMTExMDMwMTIwWhcNMjUxMTEyMDMwMTIwWjAzMTEwLwYDVQQD
EyhiZGVjOWNhMGZmZWQyN2ZiNzUzMTBjMTc2ZGVlYjE2M2VhNjY3MjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwx9rd0tbkZxtaRKHSk2nu7/Vqo6
mxq3F5TQcZLfqP9PU6AoiOjF+dL0VvnK9z2uk2Uu2QUK6TxqjciRyshLaGRpt7sW
Ng5+8xmN18n4NfnG8+Vr6kpGxeWvRK1JbiA6itemDbsN2cdY3BMmGO3LEQ4Lr/Hg
6NyUh4o6pe+F3AcUYrtcviMLTt6hcn4GJVmN1yQQ1wd8BEz6bGqghMHQQL7Zu7yf
PhbLg+Y5Z+iUU4CR8MY5RMosDj0IfmGSVOs1xxVc7R+BhOfgnwqd60BLiUmPrGIS
xzmBXtFAUV0kq3E8Wo14cJvUfmOI1OyQQ+bE6ZqQUmvcGIqrxMTvv06ZKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL3snKD/7Sf7dTEMF23usWPqZnKcMB8GA1UdIwQY
MBaAFMqGjnskqjWk3RCslZnwZKqWnQMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMzI3ZWItZDcxYS00Mjc5LWFmMjIt
YjhkMDZmNDZhZWMzLzEveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMzI3ZWItZDcxYS00Mjc5LWFmMjItYjhkMDZmNDZhZWMz
LzEveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjD9FSRVZ
c3dptmeqPEKgAszcY+KQs+f58c7uJJzo+g75VHM+ZQ5VP8XVMOl8+LzKlYjHCe52
O5kWfh3xiJsWNJdDbH0qIlYfIGbereX3LyJ7GtbtMLRGxMbc7dWh/nYrshBniJB9
Exjlsf5QvRRBHNSyCtk99tbRYJlF+7GL8o2/rd3QsBt8F+0xjj0uQFVMrTNLs5V1
0uU8OV7Qkvq8aRVKCi60jbvY4xbWOzCo355ujz9C2o0qc5n8eQPkcu7CkkgzrFwr
95A/5NrwjvXKcI+eZ2Nvf/KoAoZjNIczrgrPAoOM2pHQatHlewmjkypr4qGc5HQ1
3YcPaZI9zuqROw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:41:40 2025 by rpki-client