Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
File: ygHfSTk2pi4uyamAWo-ja4M1vVA.mft (raw, json)
Hash identifier: uQUXr2T2z1kmb/QoUmV9rHiVErGMVgm8GXUjQhs6Sho=
Subject key identifier: C3:A7:06:6B:AB:57:45:44:B9:85:14:67:CE:31:C4:17:0B:24:47:56
Authority key identifier: CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
Certificate issuer: /CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Certificate serial: 019A72CA4377BFBE2E5C3B8AB036709A0590
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
Manifest number: 08AD
Signing time: Tue 11 Nov 2025 12:00:49 +0000
Manifest this update: Tue 11 Nov 2025 12:00:49 +0000
Manifest next update: Wed 12 Nov 2025 12:00:49 +0000
Files and hashes: 1: VJejrkbQcGz8ZtoJmN8x1bw4bkc.roa (hash: fTHkpU+4ZrTAo/sH1aFITBDz8Ocuvc9wBymMbgUJLms=)
2: ygHfSTk2pi4uyamAWo-ja4M1vVA.crl (hash: pH7JrcNluJqsY4mJRoZkpApL/3AHjpOS8D0Qn0UZCs4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:43:77:bf:be:2e:5c:3b:8a:b0:36:70:9a:05:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Validity
Not Before: Nov 11 12:00:49 2025 GMT
Not After : Nov 12 12:00:49 2025 GMT
Subject: CN=c3a7066bab574544b9851467ce31c4170b244756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:bc:75:ce:41:1b:29:80:21:d7:69:de:f5:dc:
97:37:02:5e:5a:b6:75:fc:58:4f:29:01:f7:a9:03:
df:4c:20:51:a7:e5:8a:30:10:3b:65:4d:a2:be:fe:
15:20:28:d7:28:e7:c4:af:ed:f8:17:b0:e4:d2:00:
e6:26:b0:86:e8:4c:d5:a7:4a:6d:2b:68:fb:f1:02:
04:5f:07:c8:ed:a9:93:25:47:16:c7:09:2b:4a:a4:
cb:4b:4a:bc:3e:08:77:4b:e0:38:97:96:43:ad:12:
aa:c0:9c:6c:6b:c2:5a:6c:d4:1f:29:da:72:fd:6d:
1c:d3:b6:94:6c:16:23:fc:0a:a6:68:c8:d1:f9:ca:
97:e8:4f:7e:11:57:9d:01:fa:64:a1:6c:a1:6b:64:
bd:ed:0a:d2:fc:6a:c5:60:68:50:a6:bf:21:85:1d:
f5:5c:c9:17:37:7f:1e:a6:b0:c7:90:b0:20:4b:47:
3c:50:c8:50:bb:fa:06:3e:fe:b6:33:4e:89:6c:50:
38:fa:25:91:04:b9:ed:18:56:23:51:8b:4d:0a:71:
19:17:6b:fa:70:7f:07:3b:f8:ad:a5:68:fd:f2:01:
8b:86:04:68:99:75:1b:cf:f1:24:0e:60:73:91:0f:
a9:4f:bd:0e:a6:c7:07:54:bf:7b:46:98:dc:bc:0f:
ad:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:A7:06:6B:AB:57:45:44:B9:85:14:67:CE:31:C4:17:0B:24:47:56
X509v3 Authority Key Identifier:
keyid:CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:e5:cf:c4:98:cc:b8:b6:8c:c8:38:b8:72:55:90:46:ea:dc:
8b:f1:cb:72:ba:9d:aa:b2:c1:b0:b3:c5:06:e4:87:dd:0c:c2:
d5:47:c9:30:30:3b:1f:7c:7b:ca:e8:04:02:04:e9:0c:a6:86:
1f:49:6d:d8:2f:97:c8:1b:1b:f3:6b:f9:ce:7e:c4:3f:18:4e:
14:f4:24:9f:37:09:b1:3d:27:f6:d9:8b:c6:a0:73:d0:44:b3:
a5:ab:bf:a4:af:90:86:98:ce:fc:73:77:10:17:cc:a0:06:0f:
a8:91:50:e4:03:11:87:cc:6d:9a:02:49:9f:61:f9:9d:49:bf:
34:9a:22:d5:8e:d7:8f:08:d3:5c:5f:ae:2d:ff:db:45:27:af:
b7:22:88:9c:d4:d6:c9:de:82:c2:15:f1:de:16:58:94:22:06:
5d:48:b1:a4:27:bc:f6:fb:bc:bd:eb:76:92:1b:c2:a9:15:df:
83:8e:cc:82:a2:25:2b:f1:96:a2:60:89:24:2a:12:97:0b:7b:
35:e5:b1:63:1e:cc:f1:19:b7:71:75:10:24:bf:ec:af:ea:1d:
61:d8:2a:ee:3d:69:ce:5d:fe:1c:12:65:06:ff:3d:3a:cb:da:
be:8d:7a:18:f4:e9:58:41:41:99:73:2e:a5:ae:2d:c4:f3:ac:
16:f3:c5:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyykN3v74uXDuKsDZwmgWQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMDFkZjQ5MzkzNmE2MmUyZWM5YTk4MDVhOGZhMzZiODMz
NWJkNTAwHhcNMjUxMTExMTIwMDQ5WhcNMjUxMTEyMTIwMDQ5WjAzMTEwLwYDVQQD
EyhjM2E3MDY2YmFiNTc0NTQ0Yjk4NTE0NjdjZTMxYzQxNzBiMjQ0NzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rx1zkEbKYAh12ne9dyXNwJeWrZ1
/FhPKQH3qQPfTCBRp+WKMBA7ZU2ivv4VICjXKOfEr+34F7Dk0gDmJrCG6EzVp0pt
K2j78QIEXwfI7amTJUcWxwkrSqTLS0q8Pgh3S+A4l5ZDrRKqwJxsa8JabNQfKdpy
/W0c07aUbBYj/AqmaMjR+cqX6E9+EVedAfpkoWyha2S97QrS/GrFYGhQpr8hhR31
XMkXN38eprDHkLAgS0c8UMhQu/oGPv62M06JbFA4+iWRBLntGFYjUYtNCnEZF2v6
cH8HO/itpWj98gGLhgRomXUbz/EkDmBzkQ+pT70OpscHVL97RpjcvA+tkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMOnBmurV0VEuYUUZ84xxBcLJEdWMB8GA1UdIwQY
MBaAFMoB30k5NqYuLsmpgFqPo2uDNb1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUt
OTYyNzU4YTNkNWVhLzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUtOTYyNzU4YTNkNWVh
LzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgeXPxJjM
uLaMyDi4clWQRurci/HLcrqdqrLBsLPFBuSH3QzC1UfJMDA7H3x7yugEAgTpDKaG
H0lt2C+XyBsb82v5zn7EPxhOFPQknzcJsT0n9tmLxqBz0ESzpau/pK+QhpjO/HN3
EBfMoAYPqJFQ5AMRh8xtmgJJn2H5nUm/NJoi1Y7XjwjTXF+uLf/bRSevtyKInNTW
yd6CwhXx3hZYlCIGXUixpCe89vu8vet2khvCqRXfg47MgqIlK/GWomCJJCoSlwt7
NeWxYx7M8Rm3cXUQJL/sr+odYdgq7j1pzl3+HBJlBv89Osvavo16GPTpWEFBmXMu
pa4txPOsFvPFYQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:16:59 2025 by rpki-client