Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/1cecb8-97d9-473f-b004-cc912746e47e/1/ylmb3Bz8eujML7oV_NgMoRc3hGc.mft
File: ylmb3Bz8eujML7oV_NgMoRc3hGc.mft (raw, json)
Hash identifier: XWK7tHuC/QC+uL/6tfTPstPrKXTo5o7lhgmy0fDWDbQ=
Subject key identifier: DE:2F:01:99:67:7E:18:F6:03:E7:F9:67:B4:FE:BD:2E:DF:2C:35:04
Authority key identifier: CA:59:9B:DC:1C:FC:7A:E8:CC:2F:BA:15:FC:D8:0C:A1:17:37:84:67
Certificate issuer: /CN=ca599bdc1cfc7ae8cc2fba15fcd80ca117378467
Certificate serial: 019D0B8C5F2C1A8A6AB10E71CBF14CA97D39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ylmb3Bz8eujML7oV_NgMoRc3hGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/1cecb8-97d9-473f-b004-cc912746e47e/1/ylmb3Bz8eujML7oV_NgMoRc3hGc.mft
Manifest number: 0490
Signing time: Fri 20 Mar 2026 14:00:41 +0000
Manifest this update: Fri 20 Mar 2026 14:00:41 +0000
Manifest next update: Sat 21 Mar 2026 14:00:41 +0000
Files and hashes: 1: hLDJZ-V17lQ1uYy4Yb_7EyNt5EY.roa (hash: 0stvy4uT+ZzDa9Ceq2lwui9WwwpxCgyyC5wsX5cUjjE=)
2: ylmb3Bz8eujML7oV_NgMoRc3hGc.crl (hash: 2qKfSl/yK9CkBWCkedZ/gliKOp/cIOXcUTn6p992FMc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/1cecb8-97d9-473f-b004-cc912746e47e/1/ylmb3Bz8eujML7oV_NgMoRc3hGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/1cecb8-97d9-473f-b004-cc912746e47e/1/ylmb3Bz8eujML7oV_NgMoRc3hGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ylmb3Bz8eujML7oV_NgMoRc3hGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Mar 2026 11:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0b:8c:5f:2c:1a:8a:6a:b1:0e:71:cb:f1:4c:a9:7d:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca599bdc1cfc7ae8cc2fba15fcd80ca117378467
Validity
Not Before: Mar 20 14:00:41 2026 GMT
Not After : Mar 21 14:00:41 2026 GMT
Subject: CN=de2f0199677e18f603e7f967b4febd2edf2c3504
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d4:6b:52:56:94:35:d3:db:96:61:2c:41:f0:
96:68:ba:ad:d2:ae:cf:f2:4b:8b:52:0e:b4:13:87:
24:e9:97:c8:8b:4a:d7:28:e6:b8:a4:77:6d:0e:b0:
24:83:fa:2b:85:0d:be:5f:57:64:e0:d1:e5:8b:74:
54:d1:52:2c:75:cd:de:ec:c7:cc:84:94:32:7c:13:
a3:72:f9:47:52:2d:8e:19:ec:e5:d3:cc:36:6d:ea:
64:9c:da:75:f2:22:5b:d5:8d:45:ea:06:53:f7:e3:
e8:8c:8a:6b:3d:d0:23:f2:33:c0:75:c2:f3:8e:49:
67:5d:71:fc:34:f1:53:1b:8e:da:45:5c:27:a2:54:
7d:c7:4b:3f:d7:1c:2c:5f:51:48:50:0e:12:72:24:
41:00:b7:38:84:76:ab:0d:ba:df:4d:cd:8d:cd:32:
6e:bb:de:ac:c3:d4:ab:8c:70:a1:26:87:31:f3:07:
c0:93:d8:7b:7a:b9:9d:8a:e4:61:dc:9a:50:9d:c3:
96:0f:14:56:6e:6a:1d:d9:26:18:b8:aa:2a:96:77:
39:a3:56:ed:70:82:bf:51:52:74:4d:0d:da:55:7b:
f4:d9:71:11:01:ce:62:f2:17:15:ed:ac:bc:db:e7:
08:41:b1:8a:5c:4e:08:0a:26:30:d5:97:78:da:cf:
4f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:2F:01:99:67:7E:18:F6:03:E7:F9:67:B4:FE:BD:2E:DF:2C:35:04
X509v3 Authority Key Identifier:
keyid:CA:59:9B:DC:1C:FC:7A:E8:CC:2F:BA:15:FC:D8:0C:A1:17:37:84:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ylmb3Bz8eujML7oV_NgMoRc3hGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1cecb8-97d9-473f-b004-cc912746e47e/1/ylmb3Bz8eujML7oV_NgMoRc3hGc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1cecb8-97d9-473f-b004-cc912746e47e/1/ylmb3Bz8eujML7oV_NgMoRc3hGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
00:39:04:65:2f:77:0a:03:ac:5e:72:34:0f:1d:22:f7:a5:fe:
d9:64:bf:b2:1e:8e:58:c0:b4:12:4e:c4:e0:62:96:54:35:61:
fb:1e:db:67:36:b2:71:7d:04:57:f4:ac:33:86:5c:24:e3:d9:
c9:89:18:fb:da:47:ec:7b:ad:75:59:85:21:cc:2d:76:53:1f:
2f:3b:5b:d1:e3:c7:c4:cc:c8:31:c8:9d:ae:62:0d:50:9e:bd:
5f:ac:26:85:df:aa:b4:b4:39:21:c3:0f:36:3c:22:9b:f4:6a:
58:4d:6b:27:51:a4:b8:fa:20:73:dc:85:a3:24:8a:23:d8:85:
db:bc:75:04:94:82:a2:53:d4:e6:2d:26:69:c2:43:59:f7:31:
b8:07:39:4f:1a:0a:11:b7:9b:8a:29:1a:3b:fb:f2:36:6d:90:
72:ee:1d:d7:9a:45:47:a7:5b:cf:6d:8c:e3:99:d4:f9:1e:51:
2a:28:22:3a:ad:e9:14:63:6f:4a:e7:ee:d1:be:db:77:a8:48:
77:65:26:6d:6e:9c:31:60:71:f3:2f:f3:47:d5:e5:13:ae:2c:
1b:1d:5d:c3:a5:08:ca:7e:69:fa:b4:43:33:2c:56:fe:2c:4c:
a2:9c:af:f7:40:83:ca:cc:6e:44:ff:08:01:a3:1e:3a:7a:c8:
3c:30:0b:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0LjF8sGopqsQ5xy/FMqX05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNTk5YmRjMWNmYzdhZThjYzJmYmExNWZjZDgwY2ExMTcz
Nzg0NjcwHhcNMjYwMzIwMTQwMDQxWhcNMjYwMzIxMTQwMDQxWjAzMTEwLwYDVQQD
EyhkZTJmMDE5OTY3N2UxOGY2MDNlN2Y5NjdiNGZlYmQyZWRmMmMzNTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNRrUlaUNdPblmEsQfCWaLqt0q7P
8kuLUg60E4ck6ZfIi0rXKOa4pHdtDrAkg/orhQ2+X1dk4NHli3RU0VIsdc3e7MfM
hJQyfBOjcvlHUi2OGezl08w2bepknNp18iJb1Y1F6gZT9+PojIprPdAj8jPAdcLz
jklnXXH8NPFTG47aRVwnolR9x0s/1xwsX1FIUA4SciRBALc4hHarDbrfTc2NzTJu
u96sw9SrjHChJocx8wfAk9h7ermdiuRh3JpQncOWDxRWbmod2SYYuKoqlnc5o1bt
cIK/UVJ0TQ3aVXv02XERAc5i8hcV7ay82+cIQbGKXE4ICiYw1Zd42s9PNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN4vAZlnfhj2A+f5Z7T+vS7fLDUEMB8GA1UdIwQY
MBaAFMpZm9wc/HrozC+6FfzYDKEXN4RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWxtYjNCejhldWpNTDdvVl9OZ01vUmMzaEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8xY2VjYjgtOTdkOS00NzNmLWIwMDQt
Y2M5MTI3NDZlNDdlLzEveWxtYjNCejhldWpNTDdvVl9OZ01vUmMzaEdjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8xY2VjYjgtOTdkOS00NzNmLWIwMDQtY2M5MTI3NDZlNDdl
LzEveWxtYjNCejhldWpNTDdvVl9OZ01vUmMzaEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAADkEZS93
CgOsXnI0Dx0i96X+2WS/sh6OWMC0Ek7E4GKWVDVh+x7bZzaycX0EV/SsM4ZcJOPZ
yYkY+9pH7HutdVmFIcwtdlMfLztb0ePHxMzIMcidrmINUJ69X6wmhd+qtLQ5IcMP
Njwim/RqWE1rJ1GkuPogc9yFoySKI9iF27x1BJSColPU5i0macJDWfcxuAc5TxoK
EbebiikaO/vyNm2Qcu4d15pFR6dbz22M45nU+R5RKigiOq3pFGNvSufu0b7bd6hI
d2UmbW6cMWBx8y/zR9XlE64sGx1dw6UIyn5p+rRDMyxW/ixMopyv90CDysxuRP8I
AaMeOnrIPDALmg==
-----END CERTIFICATE-----
Generated at Fri Mar 20 18:39:06 2026 by rpki-client