Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/yohtVYfshfcSQs1XztQJVEUoFo0.mft
File: yohtVYfshfcSQs1XztQJVEUoFo0.mft (raw, json)
Hash identifier: o20fSgeoHmdRKjJrnWUE8zdStre5yxV2wNq/caYnz+o=
Subject key identifier: 9F:46:FE:ED:DB:D9:13:AA:6E:B7:48:AD:DF:70:B2:73:4C:80:4D:DC
Authority key identifier: CA:88:6D:55:87:EC:85:F7:12:42:CD:57:CE:D4:09:54:45:28:16:8D
Certificate issuer: /CN=ca886d5587ec85f71242cd57ced409544528168d
Certificate serial: 019A71B83A7414FDF61F1EC0F1A74E626C29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yohtVYfshfcSQs1XztQJVEUoFo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/yohtVYfshfcSQs1XztQJVEUoFo0.mft
Manifest number: 04D2
Signing time: Tue 11 Nov 2025 07:01:30 +0000
Manifest this update: Tue 11 Nov 2025 07:01:30 +0000
Manifest next update: Wed 12 Nov 2025 07:01:30 +0000
Files and hashes: 1: pedXVkU_3_VDst7sTxTSsbn2Em4.roa (hash: 3VM8cHkV3+LaUs7pbcy8XQqPPtDXhoRXeq5taS4kpbU=)
2: yohtVYfshfcSQs1XztQJVEUoFo0.crl (hash: FFXWjiul6sWZApwcLn4pW85RE9iYPGbktEwWxWBODW0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/yohtVYfshfcSQs1XztQJVEUoFo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/yohtVYfshfcSQs1XztQJVEUoFo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/yohtVYfshfcSQs1XztQJVEUoFo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:3a:74:14:fd:f6:1f:1e:c0:f1:a7:4e:62:6c:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca886d5587ec85f71242cd57ced409544528168d
Validity
Not Before: Nov 11 07:01:30 2025 GMT
Not After : Nov 12 07:01:30 2025 GMT
Subject: CN=9f46feeddbd913aa6eb748addf70b2734c804ddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3c:bb:2e:26:a6:8e:1a:d7:b9:88:cc:87:e5:
71:c8:4c:e0:93:5e:e0:8d:ee:4f:20:49:ce:63:5b:
b3:59:36:e0:58:5c:24:d2:03:36:52:28:12:85:ac:
ca:72:99:c8:7d:fd:97:be:d0:4e:4c:f0:fb:df:ad:
8b:ce:ea:22:ab:94:ff:11:02:03:aa:cf:68:d6:0b:
4c:9d:b7:e3:de:f1:d1:b4:20:a2:f5:2e:d6:3d:5d:
29:d2:09:39:b3:91:6c:0d:1e:89:e7:0d:b3:70:5a:
dc:0b:75:c5:a2:bf:1c:66:cd:d8:88:ee:f2:f2:5c:
e4:30:10:8c:79:3f:9b:b1:f3:68:4c:26:f0:0d:d9:
9d:1b:7d:85:a4:c2:c7:48:15:70:78:da:0d:25:66:
4f:8a:6d:68:47:f2:3c:28:fe:83:db:ba:4a:a7:55:
c4:54:d9:84:62:ce:c5:a6:fe:53:63:68:6a:ae:1c:
d3:be:85:b0:11:0e:88:91:3e:0b:4a:a3:76:7e:c8:
0a:eb:d0:2a:de:88:4e:2b:c1:dc:82:36:8e:c8:74:
69:fc:68:c3:bc:98:d9:34:b0:ad:53:09:1d:ba:a1:
19:92:1c:89:3d:56:d7:14:a9:3a:ff:f8:22:27:12:
11:4d:fa:fb:64:5c:89:55:e6:1b:7f:03:38:61:f2:
a8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:46:FE:ED:DB:D9:13:AA:6E:B7:48:AD:DF:70:B2:73:4C:80:4D:DC
X509v3 Authority Key Identifier:
keyid:CA:88:6D:55:87:EC:85:F7:12:42:CD:57:CE:D4:09:54:45:28:16:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yohtVYfshfcSQs1XztQJVEUoFo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/yohtVYfshfcSQs1XztQJVEUoFo0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/yohtVYfshfcSQs1XztQJVEUoFo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b4:67:35:fb:0c:77:d1:91:a9:5e:07:36:34:54:b9:db:db:e7:
03:cc:f3:57:ad:e3:62:b2:d3:7b:bb:98:d1:ad:9e:4e:e7:44:
a3:3a:c7:81:76:67:02:2b:af:e3:1a:29:b4:62:27:b8:73:91:
9b:88:00:95:0b:25:6f:fc:35:99:54:6c:a5:1b:7b:d8:80:13:
00:3f:ad:8c:37:72:92:7b:7b:cb:91:20:11:2c:b1:0c:a1:58:
df:30:1e:8d:f1:41:0f:cb:8b:fc:eb:aa:a5:c6:2c:4f:1d:9d:
95:d8:54:42:3d:35:62:64:dc:51:b9:1a:38:9e:17:50:b2:3b:
5d:00:cf:73:04:7d:b8:48:c9:f1:56:c2:97:24:32:4d:b9:7c:
6a:b2:f2:b3:84:11:69:86:f8:08:f0:e4:6f:67:31:1c:ea:0c:
8e:25:d8:b9:ce:53:ff:b4:e1:47:2a:ba:01:16:9f:4f:d0:2b:
35:23:b3:fa:2c:a4:62:4a:3a:a2:9f:43:dd:05:dc:a2:f6:6d:
2b:1a:a8:ea:b5:db:67:27:38:23:ac:0f:a9:d3:43:a5:8b:f6:
4b:3f:29:09:57:2a:93:9e:00:ec:d4:4e:24:2d:ec:cb:62:15:
c4:75:fc:95:02:f9:18:9e:f0:a6:34:67:3f:40:5d:7c:01:88:
23:94:0f:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuDp0FP32Hx7A8adOYmwpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhODg2ZDU1ODdlYzg1ZjcxMjQyY2Q1N2NlZDQwOTU0NDUy
ODE2OGQwHhcNMjUxMTExMDcwMTMwWhcNMjUxMTEyMDcwMTMwWjAzMTEwLwYDVQQD
Eyg5ZjQ2ZmVlZGRiZDkxM2FhNmViNzQ4YWRkZjcwYjI3MzRjODA0ZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jy7LiamjhrXuYjMh+VxyEzgk17g
je5PIEnOY1uzWTbgWFwk0gM2UigShazKcpnIff2XvtBOTPD7362Lzuoiq5T/EQID
qs9o1gtMnbfj3vHRtCCi9S7WPV0p0gk5s5FsDR6J5w2zcFrcC3XFor8cZs3YiO7y
8lzkMBCMeT+bsfNoTCbwDdmdG32FpMLHSBVweNoNJWZPim1oR/I8KP6D27pKp1XE
VNmEYs7Fpv5TY2hqrhzTvoWwEQ6IkT4LSqN2fsgK69Aq3ohOK8HcgjaOyHRp/GjD
vJjZNLCtUwkduqEZkhyJPVbXFKk6//giJxIRTfr7ZFyJVeYbfwM4YfKosQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ9G/u3b2ROqbrdIrd9wsnNMgE3cMB8GA1UdIwQY
MBaAFMqIbVWH7IX3EkLNV87UCVRFKBaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW9odFZZZnNoZmNTUXMxWHp0UUpWRVVvRm8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9mZTgyZDEtMTU3NS00N2MxLTlmMjIt
YzdlMjUyMGM0Y2VhLzEveW9odFZZZnNoZmNTUXMxWHp0UUpWRVVvRm8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9mZTgyZDEtMTU3NS00N2MxLTlmMjItYzdlMjUyMGM0Y2Vh
LzEveW9odFZZZnNoZmNTUXMxWHp0UUpWRVVvRm8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtGc1+wx3
0ZGpXgc2NFS529vnA8zzV63jYrLTe7uY0a2eTudEozrHgXZnAiuv4xoptGInuHOR
m4gAlQslb/w1mVRspRt72IATAD+tjDdyknt7y5EgESyxDKFY3zAejfFBD8uL/Ouq
pcYsTx2dldhUQj01YmTcUbkaOJ4XULI7XQDPcwR9uEjJ8VbClyQyTbl8arLys4QR
aYb4CPDkb2cxHOoMjiXYuc5T/7ThRyq6ARafT9ArNSOz+iykYko6op9D3QXcovZt
Kxqo6rXbZyc4I6wPqdNDpYv2Sz8pCVcqk54A7NROJC3sy2IVxHX8lQL5GJ7wpjRn
P0BdfAGII5QPww==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:52:59 2025 by rpki-client