Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/yohtVYfshfcSQs1XztQJVEUoFo0.mft
File: yohtVYfshfcSQs1XztQJVEUoFo0.mft (raw, json)
Hash identifier: qPHYjl1uEgvVE2XN+7sIXIaqlT8AW3NG6Qz4Y5jlMV4=
Subject key identifier: 45:6E:54:64:85:D0:10:CE:DB:1C:88:8C:3D:05:0F:0D:50:BA:27:AD
Authority key identifier: CA:88:6D:55:87:EC:85:F7:12:42:CD:57:CE:D4:09:54:45:28:16:8D
Certificate issuer: /CN=ca886d5587ec85f71242cd57ced409544528168d
Certificate serial: 019DB1D85FF29CDC47F20B203AAAAB20A4AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yohtVYfshfcSQs1XztQJVEUoFo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/yohtVYfshfcSQs1XztQJVEUoFo0.mft
Manifest number: 0682
Signing time: Tue 21 Apr 2026 21:00:40 +0000
Manifest this update: Tue 21 Apr 2026 21:00:40 +0000
Manifest next update: Wed 22 Apr 2026 21:00:40 +0000
Files and hashes: 1: I2kHiqxmSF3p6V9W7eV_eTfDN3k.roa (hash: fCpVVld0L94vFLqVKGMCfHN/hOXwKxcQlDEoGOWDUFo=)
2: XExavfpXuaZ3MydZbyDnyFn5ni0.roa (hash: WQdTsTZhStmdezt2VotpAadyLft0mMYrZPTmmKNNRro=)
3: yohtVYfshfcSQs1XztQJVEUoFo0.crl (hash: PvK/6evdYNouQDEKaQyu+x6CR0te/VwZIl/TW5yEJiw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/yohtVYfshfcSQs1XztQJVEUoFo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/yohtVYfshfcSQs1XztQJVEUoFo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/yohtVYfshfcSQs1XztQJVEUoFo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 21:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b1:d8:5f:f2:9c:dc:47:f2:0b:20:3a:aa:ab:20:a4:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca886d5587ec85f71242cd57ced409544528168d
Validity
Not Before: Apr 21 21:00:40 2026 GMT
Not After : Apr 22 21:00:40 2026 GMT
Subject: CN=456e546485d010cedb1c888c3d050f0d50ba27ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e9:3c:5d:53:f1:1f:94:60:12:5f:87:ff:1d:
c8:b5:f8:43:8d:a4:3b:11:61:f5:d6:71:b2:28:d3:
e8:d1:aa:8b:f4:af:62:91:7d:6b:25:68:9a:15:b8:
b0:cd:d4:62:83:ba:68:68:1f:cf:f8:2b:a7:6e:49:
2a:d3:07:85:9b:85:b0:34:f9:77:a7:7e:33:ee:11:
0b:c0:19:65:9c:90:82:50:9d:f5:78:39:57:33:d5:
14:e2:62:8d:64:b4:db:8e:9f:92:54:d9:76:49:f4:
c0:75:7d:bd:30:87:51:d2:d1:5f:f9:dd:ff:83:de:
41:ad:e6:29:90:ae:ed:ed:5d:57:99:41:0f:08:ec:
15:df:71:db:49:a4:c2:52:f4:47:8e:6f:96:03:97:
47:68:97:0e:09:f3:d3:42:ed:ea:72:bb:1b:f2:cb:
5e:4e:a2:b6:5a:53:75:df:74:d8:06:52:b2:f2:69:
36:81:a6:c4:ee:06:21:a2:71:1a:4c:31:f8:74:8d:
eb:41:3d:e8:a9:2a:d7:7b:5b:13:ca:25:1a:10:90:
68:02:a4:6a:16:df:42:c1:fc:60:ba:c0:65:78:6a:
8f:4b:52:ef:24:97:3e:cb:8e:bf:a5:57:d3:39:b1:
ad:38:ac:b8:e6:ac:f3:05:d6:6f:1d:7f:e6:0d:91:
85:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:6E:54:64:85:D0:10:CE:DB:1C:88:8C:3D:05:0F:0D:50:BA:27:AD
X509v3 Authority Key Identifier:
keyid:CA:88:6D:55:87:EC:85:F7:12:42:CD:57:CE:D4:09:54:45:28:16:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yohtVYfshfcSQs1XztQJVEUoFo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/yohtVYfshfcSQs1XztQJVEUoFo0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/yohtVYfshfcSQs1XztQJVEUoFo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:44:1f:e1:e4:3e:13:77:68:34:f5:93:44:25:5b:81:67:86:
34:a7:99:7c:20:50:40:60:5e:09:4a:90:ef:9a:69:47:af:0b:
ff:87:31:fe:86:cf:5f:38:38:a7:4c:8d:c9:5b:0d:ec:c0:43:
7a:04:24:95:df:bb:93:6f:36:bb:f2:7c:5b:27:eb:e9:2e:1f:
d2:3e:5f:c9:cc:13:15:d6:96:1e:b0:5e:96:5a:09:07:9a:5f:
fb:1d:e1:66:a4:93:b2:b5:e1:05:9b:01:65:8e:fd:57:ae:a1:
19:4d:29:07:61:42:66:3b:03:c7:34:73:0c:de:0e:a4:28:ab:
b8:4f:ab:b9:5e:d7:b4:b1:9c:ef:ea:89:9f:cb:3c:84:59:47:
4e:7a:1c:d5:dd:38:8a:5f:92:b6:f4:56:eb:9e:9d:73:e8:7f:
4e:77:9f:05:de:15:de:80:3d:c8:5a:f9:d7:fc:57:24:06:ec:
a3:12:ab:fa:c6:13:12:25:59:f3:5c:2d:7a:bd:94:af:dd:e5:
a7:ce:cb:91:d4:e6:a1:ee:26:73:1b:20:57:4c:a6:e3:f7:61:
30:0c:34:a0:cb:8e:df:7c:c4:57:db:ad:d9:e5:84:80:a1:f8:
08:83:d9:86:b4:30:60:56:d7:fd:5c:cc:fb:2e:8c:57:19:a5:
82:ee:0e:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2x2F/ynNxH8gsgOqqrIKSvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhODg2ZDU1ODdlYzg1ZjcxMjQyY2Q1N2NlZDQwOTU0NDUy
ODE2OGQwHhcNMjYwNDIxMjEwMDQwWhcNMjYwNDIyMjEwMDQwWjAzMTEwLwYDVQQD
Eyg0NTZlNTQ2NDg1ZDAxMGNlZGIxYzg4OGMzZDA1MGYwZDUwYmEyN2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuk8XVPxH5RgEl+H/x3ItfhDjaQ7
EWH11nGyKNPo0aqL9K9ikX1rJWiaFbiwzdRig7poaB/P+Cunbkkq0weFm4WwNPl3
p34z7hELwBllnJCCUJ31eDlXM9UU4mKNZLTbjp+SVNl2SfTAdX29MIdR0tFf+d3/
g95BreYpkK7t7V1XmUEPCOwV33HbSaTCUvRHjm+WA5dHaJcOCfPTQu3qcrsb8ste
TqK2WlN133TYBlKy8mk2gabE7gYhonEaTDH4dI3rQT3oqSrXe1sTyiUaEJBoAqRq
Ft9CwfxgusBleGqPS1LvJJc+y46/pVfTObGtOKy45qzzBdZvHX/mDZGFuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEVuVGSF0BDO2xyIjD0FDw1QuietMB8GA1UdIwQY
MBaAFMqIbVWH7IX3EkLNV87UCVRFKBaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW9odFZZZnNoZmNTUXMxWHp0UUpWRVVvRm8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9mZTgyZDEtMTU3NS00N2MxLTlmMjIt
YzdlMjUyMGM0Y2VhLzEveW9odFZZZnNoZmNTUXMxWHp0UUpWRVVvRm8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9mZTgyZDEtMTU3NS00N2MxLTlmMjItYzdlMjUyMGM0Y2Vh
LzEveW9odFZZZnNoZmNTUXMxWHp0UUpWRVVvRm8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfEQf4eQ+
E3doNPWTRCVbgWeGNKeZfCBQQGBeCUqQ75ppR68L/4cx/obPXzg4p0yNyVsN7MBD
egQkld+7k282u/J8Wyfr6S4f0j5fycwTFdaWHrBelloJB5pf+x3hZqSTsrXhBZsB
ZY79V66hGU0pB2FCZjsDxzRzDN4OpCiruE+ruV7XtLGc7+qJn8s8hFlHTnoc1d04
il+StvRW656dc+h/TnefBd4V3oA9yFr51/xXJAbsoxKr+sYTEiVZ81wter2Ur93l
p87LkdTmoe4mcxsgV0ym4/dhMAw0oMuO33zEV9ut2eWEgKH4CIPZhrQwYFbX/VzM
+y6MVxmlgu4OVw==
-----END CERTIFICATE-----
Generated at Wed Apr 22 02:37:38 2026 by rpki-client