Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
File: ygHfSTk2pi4uyamAWo-ja4M1vVA.mft (raw, json)
Hash identifier: wwkrYGnIfdvw7fevSeb7j+/9Zzq7LOgVz5G+O7ejiy0=
Subject key identifier: F3:F5:BB:4C:31:3A:92:86:8F:95:2E:C1:F6:8F:AC:18:B0:7A:F5:16
Authority key identifier: CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
Certificate issuer: /CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Certificate serial: 019922C387A87F56278739E61DB166BF453A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
Manifest number: 07FF
Signing time: Sun 07 Sep 2025 06:01:03 +0000
Manifest this update: Sun 07 Sep 2025 06:01:03 +0000
Manifest next update: Mon 08 Sep 2025 06:01:03 +0000
Files and hashes: 1: VJejrkbQcGz8ZtoJmN8x1bw4bkc.roa (hash: fTHkpU+4ZrTAo/sH1aFITBDz8Ocuvc9wBymMbgUJLms=)
2: ygHfSTk2pi4uyamAWo-ja4M1vVA.crl (hash: ElRGUg+3jAKOrUDk7dS/c6bmKdxy/hlQNV7bBELaKVs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 06:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c3:87:a8:7f:56:27:87:39:e6:1d:b1:66:bf:45:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Validity
Not Before: Sep 7 06:01:03 2025 GMT
Not After : Sep 8 06:01:03 2025 GMT
Subject: CN=f3f5bb4c313a92868f952ec1f68fac18b07af516
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:79:75:2c:de:cd:a2:52:0e:69:04:40:03:41:
24:ff:94:03:ff:45:eb:44:ca:5c:48:bd:05:99:77:
99:0c:3a:e7:a5:bf:d1:7f:a9:c0:82:c8:73:c2:ab:
5e:db:9f:8b:a7:c5:e8:e3:3e:6c:c6:41:24:e2:cb:
07:4e:08:d4:e7:5b:ca:92:49:f6:30:ba:ce:20:7a:
1a:fb:7c:30:d3:43:37:17:d0:71:18:0e:be:31:f4:
e4:4a:85:ed:ff:be:5e:9f:67:3d:d1:56:9d:7e:55:
16:61:ce:7d:b9:51:8f:cd:8c:f6:11:b0:e8:21:7d:
b8:63:cd:cf:68:f6:3c:92:2b:86:22:73:97:83:83:
07:0f:3d:63:fb:d4:2e:31:90:08:94:6f:0c:a3:ce:
70:2a:4e:89:0d:2d:62:92:fc:b8:85:aa:f3:ad:8d:
a8:5c:1d:bc:9c:a8:89:0f:f0:c4:0b:6f:1c:a0:bf:
69:c3:58:c0:32:94:c7:65:74:b2:86:05:39:86:88:
42:ea:69:e9:06:df:37:2e:d4:1d:be:f2:1c:08:a7:
2e:cb:d3:54:49:a1:69:47:a0:bb:4a:eb:de:17:55:
8e:01:bc:23:59:d3:d3:bf:88:e9:b5:22:c2:64:c0:
b6:94:71:d6:d2:4c:23:80:36:04:a4:e6:0d:75:b0:
89:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:F5:BB:4C:31:3A:92:86:8F:95:2E:C1:F6:8F:AC:18:B0:7A:F5:16
X509v3 Authority Key Identifier:
keyid:CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:ad:a5:f4:c7:eb:1b:c5:0a:6a:08:8a:de:08:93:bd:d2:15:
be:d7:43:1c:78:09:36:24:13:f9:6d:14:f6:c4:c9:a2:6d:1d:
7f:9d:e2:53:81:7c:3d:82:31:bc:21:19:0a:a3:f5:ee:c8:3e:
ee:71:1a:dc:f7:3e:35:4c:da:d8:0a:d2:3f:a6:0f:4a:12:20:
94:ee:5d:8d:df:d9:7a:89:b5:d0:3c:e6:2a:06:ff:82:a4:a2:
ec:32:c6:76:29:b2:77:6d:ee:e7:f5:c8:0f:3d:fa:02:fb:38:
e9:68:27:dd:53:4d:0b:d1:cb:36:91:57:e5:1f:ae:9e:f1:4b:
3e:4b:a2:28:52:ce:6e:38:80:55:aa:ce:5e:db:76:15:8e:52:
ab:d9:f8:d9:4b:fa:39:56:74:36:8f:e2:1a:61:3a:f8:08:b8:
22:d5:94:2b:cf:d6:7e:1a:5b:d9:d3:1e:1f:7c:60:0b:53:9d:
36:99:53:fc:90:98:5f:42:7a:d8:e0:71:55:f1:b2:f9:97:b8:
7b:81:c3:c6:ae:46:da:17:e3:c6:c1:d2:30:2d:44:1c:fa:96:
69:3b:f5:81:8e:77:77:e6:11:bb:b0:89:57:73:e2:94:30:f2:
64:44:f9:d3:a2:ea:ce:b3:2b:d7:b8:54:d7:60:ff:a8:74:ef:
0f:1f:84:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw4eof1YnhznmHbFmv0U6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMDFkZjQ5MzkzNmE2MmUyZWM5YTk4MDVhOGZhMzZiODMz
NWJkNTAwHhcNMjUwOTA3MDYwMTAzWhcNMjUwOTA4MDYwMTAzWjAzMTEwLwYDVQQD
EyhmM2Y1YmI0YzMxM2E5Mjg2OGY5NTJlYzFmNjhmYWMxOGIwN2FmNTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Hl1LN7NolIOaQRAA0Ek/5QD/0Xr
RMpcSL0FmXeZDDrnpb/Rf6nAgshzwqte25+Lp8Xo4z5sxkEk4ssHTgjU51vKkkn2
MLrOIHoa+3ww00M3F9BxGA6+MfTkSoXt/75en2c90VadflUWYc59uVGPzYz2EbDo
IX24Y83PaPY8kiuGInOXg4MHDz1j+9QuMZAIlG8Mo85wKk6JDS1ikvy4harzrY2o
XB28nKiJD/DEC28coL9pw1jAMpTHZXSyhgU5hohC6mnpBt83LtQdvvIcCKcuy9NU
SaFpR6C7SuveF1WOAbwjWdPTv4jptSLCZMC2lHHW0kwjgDYEpOYNdbCJLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPP1u0wxOpKGj5UuwfaPrBiwevUWMB8GA1UdIwQY
MBaAFMoB30k5NqYuLsmpgFqPo2uDNb1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUt
OTYyNzU4YTNkNWVhLzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUtOTYyNzU4YTNkNWVh
LzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV62l9Mfr
G8UKagiK3giTvdIVvtdDHHgJNiQT+W0U9sTJom0df53iU4F8PYIxvCEZCqP17sg+
7nEa3Pc+NUza2ArSP6YPShIglO5djd/Zeom10DzmKgb/gqSi7DLGdimyd23u5/XI
Dz36Avs46Wgn3VNNC9HLNpFX5R+unvFLPkuiKFLObjiAVarOXtt2FY5Sq9n42Uv6
OVZ0No/iGmE6+Ai4ItWUK8/Wfhpb2dMeH3xgC1OdNplT/JCYX0J62OBxVfGy+Ze4
e4HDxq5G2hfjxsHSMC1EHPqWaTv1gY53d+YRu7CJV3PilDDyZET506LqzrMr17hU
12D/qHTvDx+E9g==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:32:28 2025 by rpki-client