Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
File: ygHfSTk2pi4uyamAWo-ja4M1vVA.mft (raw, json)
Hash identifier: NmgQH0dotR+jRIkBzbAz7WBcUla5aIYpvnduALwCz2s=
Subject key identifier: 44:FC:99:3C:D5:D8:9B:AF:91:1B:C5:6E:7E:23:D9:37:6C:34:48:B0
Authority key identifier: CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
Certificate issuer: /CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Certificate serial: 019D3909C90F616CF2E983D77047CE6C7E71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
Manifest number: 0A1D
Signing time: Sun 29 Mar 2026 10:00:35 +0000
Manifest this update: Sun 29 Mar 2026 10:00:35 +0000
Manifest next update: Mon 30 Mar 2026 10:00:35 +0000
Files and hashes: 1: 3GkC4alpDAvrmyyfcuXDAMj59Ng.roa (hash: m2jng52J8d+SYelIcZHf8/G6o3/K/EOSsyHZ2TT8VOM=)
2: ygHfSTk2pi4uyamAWo-ja4M1vVA.crl (hash: tHAUVe/17oNP077vldmkZwu7pYc9alCtU4z6k4rySZ0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:c9:0f:61:6c:f2:e9:83:d7:70:47:ce:6c:7e:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Validity
Not Before: Mar 29 10:00:35 2026 GMT
Not After : Mar 30 10:00:35 2026 GMT
Subject: CN=44fc993cd5d89baf911bc56e7e23d9376c3448b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:07:01:f1:ca:8b:b0:44:a1:64:67:e4:06:06:
c9:4b:27:05:2c:73:7c:8d:b6:8f:74:40:a9:2b:16:
7e:e9:c4:66:03:bf:73:5b:94:22:b5:db:67:e9:7a:
03:48:6a:08:26:ff:80:45:fb:d1:bd:b5:0c:33:da:
5a:b4:6e:bf:ff:00:47:a9:92:1e:5f:57:8a:fc:c7:
f7:68:40:c9:24:5d:fd:36:c0:6f:93:7b:f4:d5:48:
1c:11:e7:4d:4a:74:56:0a:a2:92:84:dc:94:7f:7b:
bd:3f:9f:e5:a5:15:db:fc:08:ad:ff:e1:d8:cc:04:
3b:07:8e:a1:23:1a:30:c9:42:8a:22:0a:52:00:ae:
fc:6f:5d:22:46:45:92:c4:46:b5:3d:2f:2d:9f:0f:
b4:f2:f4:cb:d3:ae:e6:03:04:44:11:c8:15:b4:4b:
77:39:c3:71:af:0c:3a:38:2d:7a:69:a2:89:98:a5:
54:90:0a:7e:0d:af:9e:8e:d7:ad:67:44:13:5c:f0:
21:fa:bf:1e:5f:7f:79:ff:b6:ab:3f:da:e0:4f:a2:
21:9e:58:64:60:1e:b3:55:ba:a9:69:a7:31:b9:26:
4c:b1:a2:4b:47:52:6f:31:1c:85:84:4c:af:ef:e8:
ee:e1:34:b7:5c:7f:24:5b:99:75:3b:ad:19:bd:7f:
90:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:FC:99:3C:D5:D8:9B:AF:91:1B:C5:6E:7E:23:D9:37:6C:34:48:B0
X509v3 Authority Key Identifier:
keyid:CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:3c:29:31:79:20:11:25:b0:fe:48:ff:c9:cc:45:b0:c2:22:
9a:35:e9:a7:da:f6:7c:73:d3:fd:59:8a:77:42:c0:cd:19:08:
a1:5e:ac:f3:8e:ad:1c:eb:c6:a7:c1:1e:4d:b0:89:63:4c:5d:
8d:46:6c:45:a3:4c:e2:b1:b3:d1:0c:53:38:86:18:49:de:19:
e8:df:9f:72:df:a4:8d:3d:dd:7f:81:1a:40:fc:66:e9:30:79:
9a:2c:2f:79:93:4e:fa:41:a0:1d:2b:81:bf:80:50:14:63:0f:
f5:7f:c3:67:22:c2:33:82:7a:ce:27:07:3f:ea:c3:a2:56:83:
8e:77:c1:d1:54:c6:5e:b1:81:a5:ec:90:26:64:6b:1a:31:99:
2e:8a:cf:d4:23:c8:32:f4:b5:e6:d5:16:24:a0:d7:e2:82:51:
e1:a3:01:ef:38:a7:c0:9d:d4:08:99:ac:ff:a4:16:7a:e7:a1:
34:cc:1b:99:d7:04:56:b6:1d:34:e1:7a:d3:c6:7c:08:90:34:
90:d8:c7:ce:b3:b3:cb:30:a0:26:04:30:77:3d:d9:32:dd:27:
30:70:47:c7:08:ea:42:f1:05:74:0e:7a:8b:91:df:d7:c5:92:
b1:db:d1:61:3d:f9:09:17:95:b2:08:f7:8e:b9:3a:96:58:b2:
a8:34:d4:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CckPYWzy6YPXcEfObH5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMDFkZjQ5MzkzNmE2MmUyZWM5YTk4MDVhOGZhMzZiODMz
NWJkNTAwHhcNMjYwMzI5MTAwMDM1WhcNMjYwMzMwMTAwMDM1WjAzMTEwLwYDVQQD
Eyg0NGZjOTkzY2Q1ZDg5YmFmOTExYmM1NmU3ZTIzZDkzNzZjMzQ0OGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQcB8cqLsEShZGfkBgbJSycFLHN8
jbaPdECpKxZ+6cRmA79zW5Qitdtn6XoDSGoIJv+ARfvRvbUMM9patG6//wBHqZIe
X1eK/Mf3aEDJJF39NsBvk3v01UgcEedNSnRWCqKShNyUf3u9P5/lpRXb/Ait/+HY
zAQ7B46hIxowyUKKIgpSAK78b10iRkWSxEa1PS8tnw+08vTL067mAwREEcgVtEt3
OcNxrww6OC16aaKJmKVUkAp+Da+ejtetZ0QTXPAh+r8eX395/7arP9rgT6Ihnlhk
YB6zVbqpaacxuSZMsaJLR1JvMRyFhEyv7+ju4TS3XH8kW5l1O60ZvX+QXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFET8mTzV2JuvkRvFbn4j2TdsNEiwMB8GA1UdIwQY
MBaAFMoB30k5NqYuLsmpgFqPo2uDNb1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUt
OTYyNzU4YTNkNWVhLzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUtOTYyNzU4YTNkNWVh
LzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbzwpMXkg
ESWw/kj/ycxFsMIimjXpp9r2fHPT/VmKd0LAzRkIoV6s846tHOvGp8EeTbCJY0xd
jUZsRaNM4rGz0QxTOIYYSd4Z6N+fct+kjT3df4EaQPxm6TB5miwveZNO+kGgHSuB
v4BQFGMP9X/DZyLCM4J6zicHP+rDolaDjnfB0VTGXrGBpeyQJmRrGjGZLorP1CPI
MvS15tUWJKDX4oJR4aMB7zinwJ3UCJms/6QWeuehNMwbmdcEVrYdNOF608Z8CJA0
kNjHzrOzyzCgJgQwdz3ZMt0nMHBHxwjqQvEFdA56i5Hf18WSsdvRYT35CReVsgj3
jrk6lliyqDTUAQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:49:01 2026 by rpki-client