Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft
File: y-lwmA1WXMdK2ylKpox7BvUTKJA.mft (raw, json)
Hash identifier: v8gk4PmnicA7wx6S19MomRnKfl5j7/08wuqfKdmO3hI=
Subject key identifier: 9A:B4:6C:28:FC:9F:48:8B:0D:A3:FA:2A:CF:E7:1A:1E:2E:F7:16:14
Authority key identifier: CB:E9:70:98:0D:56:5C:C7:4A:DB:29:4A:A6:8C:7B:06:F5:13:28:90
Certificate issuer: /CN=cbe970980d565cc74adb294aa68c7b06f5132890
Certificate serial: 019A5074D8AB1ADE4E9EBB96826AD82B530F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y-lwmA1WXMdK2ylKpox7BvUTKJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft
Manifest number: 0A19
Signing time: Tue 04 Nov 2025 20:00:26 +0000
Manifest this update: Tue 04 Nov 2025 20:00:26 +0000
Manifest next update: Wed 05 Nov 2025 20:00:26 +0000
Files and hashes: 1: w3_nPHf7a07mKfqvAI84MjCWgdc.roa (hash: zETLR/82/cCeh7r1wtGHL+Bc+UNE2hnrIZTGYx5oKPQ=)
2: y-lwmA1WXMdK2ylKpox7BvUTKJA.crl (hash: EhyEEVcXbuRxiq4AtEDEGTiJssiZNrZIR3Uk3mgGimQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/y-lwmA1WXMdK2ylKpox7BvUTKJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:74:d8:ab:1a:de:4e:9e:bb:96:82:6a:d8:2b:53:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbe970980d565cc74adb294aa68c7b06f5132890
Validity
Not Before: Nov 4 20:00:26 2025 GMT
Not After : Nov 5 20:00:26 2025 GMT
Subject: CN=9ab46c28fc9f488b0da3fa2acfe71a1e2ef71614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:25:d8:d4:df:a2:e6:5a:a5:18:61:30:6e:3b:
83:ba:06:0f:25:31:43:ac:2f:aa:e5:96:34:73:d3:
0d:cc:26:b0:d8:d3:a8:7b:01:58:12:5d:9a:de:a7:
e5:3f:c2:d8:24:8f:d4:35:a6:c7:9c:8b:11:65:1d:
bf:14:ad:11:5a:2b:f5:b3:41:e2:0d:2b:43:10:97:
55:87:b3:55:13:88:fe:9a:e8:19:1b:d6:5d:0d:c6:
cf:d7:c4:cb:b7:6f:c2:1c:fc:f2:fe:5b:a5:bd:7e:
43:e9:3d:74:c5:57:ad:0b:13:49:b2:90:4f:24:c2:
60:94:a4:0f:a9:42:43:36:37:b7:6f:5e:a2:15:79:
0d:dd:27:ff:b1:0f:d8:9b:fd:d2:4c:79:8c:7c:6a:
21:9e:91:a7:c6:35:ec:b4:1f:3e:4a:2d:10:82:74:
06:c4:ef:9b:41:8a:15:4e:59:c6:8f:1e:24:05:8d:
c6:2e:9b:74:ad:25:c5:ed:06:81:bf:a9:bb:e3:4c:
9a:07:d2:60:d7:30:58:f7:48:e2:e4:b6:6f:f5:48:
01:ad:68:db:86:e1:a1:75:aa:5a:c7:22:59:16:80:
93:9c:a3:fa:0d:75:df:cc:c4:36:d2:8b:09:60:eb:
b0:c6:9e:fa:5c:90:c8:48:68:e3:5e:bf:20:a3:ca:
95:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:B4:6C:28:FC:9F:48:8B:0D:A3:FA:2A:CF:E7:1A:1E:2E:F7:16:14
X509v3 Authority Key Identifier:
keyid:CB:E9:70:98:0D:56:5C:C7:4A:DB:29:4A:A6:8C:7B:06:F5:13:28:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y-lwmA1WXMdK2ylKpox7BvUTKJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:f0:40:95:0d:42:2a:54:ae:f4:3e:d8:cf:9a:48:14:ce:3a:
e8:e6:67:69:2b:21:1c:18:72:b1:87:2e:ec:11:29:69:4a:64:
f9:07:bc:d7:79:44:a2:f5:48:4f:4c:c8:2a:47:7b:8f:9e:57:
67:04:d2:16:30:b5:61:03:ff:61:a6:d2:b0:a5:c8:2c:5c:0f:
e5:08:11:c1:15:94:7a:13:bb:f7:19:28:31:bc:f9:5f:69:07:
b7:c5:6c:67:c7:27:05:1e:fd:82:9b:08:1a:d1:70:d9:52:87:
37:dc:ae:b2:7f:68:f3:69:d4:77:d2:7f:d5:59:50:3c:49:fd:
c1:e4:89:4e:e3:dd:08:a1:67:b7:b5:7c:27:c2:1b:02:99:72:
01:e5:91:57:3d:3e:21:af:67:98:8b:66:61:6d:41:a2:c0:ea:
93:6b:8f:52:21:0d:15:26:a7:78:89:9a:a3:b1:0f:1c:76:a9:
5d:0c:f6:e4:ca:9d:f7:b4:db:a2:66:de:b5:65:e9:ca:2d:b6:
c6:fa:c1:d5:c8:84:3d:36:5b:aa:36:39:e6:14:8c:15:4e:4b:
d3:ef:5d:39:65:79:67:82:bd:9b:04:cc:f6:9b:9c:c9:01:f0:
00:76:55:93:44:5c:35:55:e9:1f:71:d9:3a:4e:09:36:63:0e:
3b:a5:ab:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQdNirGt5OnruWgmrYK1MPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZTk3MDk4MGQ1NjVjYzc0YWRiMjk0YWE2OGM3YjA2ZjUx
MzI4OTAwHhcNMjUxMTA0MjAwMDI2WhcNMjUxMTA1MjAwMDI2WjAzMTEwLwYDVQQD
Eyg5YWI0NmMyOGZjOWY0ODhiMGRhM2ZhMmFjZmU3MWExZTJlZjcxNjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSXY1N+i5lqlGGEwbjuDugYPJTFD
rC+q5ZY0c9MNzCaw2NOoewFYEl2a3qflP8LYJI/UNabHnIsRZR2/FK0RWiv1s0Hi
DStDEJdVh7NVE4j+mugZG9ZdDcbP18TLt2/CHPzy/lulvX5D6T10xVetCxNJspBP
JMJglKQPqUJDNje3b16iFXkN3Sf/sQ/Ym/3STHmMfGohnpGnxjXstB8+Si0QgnQG
xO+bQYoVTlnGjx4kBY3GLpt0rSXF7QaBv6m740yaB9Jg1zBY90ji5LZv9UgBrWjb
huGhdapaxyJZFoCTnKP6DXXfzMQ20osJYOuwxp76XJDISGjjXr8go8qVgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJq0bCj8n0iLDaP6Ks/nGh4u9xYUMB8GA1UdIwQY
MBaAFMvpcJgNVlzHStspSqaMewb1EyiQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveS1sd21BMVdYTWRLMnlsS3BveDdCdlVUS0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zZGNmN2ItMTcwMy00NTlmLWFjMGIt
NzU2YTA4YTRhZGRhLzEveS1sd21BMVdYTWRLMnlsS3BveDdCdlVUS0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8zZGNmN2ItMTcwMy00NTlmLWFjMGItNzU2YTA4YTRhZGRh
LzEveS1sd21BMVdYTWRLMnlsS3BveDdCdlVUS0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYPBAlQ1C
KlSu9D7Yz5pIFM466OZnaSshHBhysYcu7BEpaUpk+Qe813lEovVIT0zIKkd7j55X
ZwTSFjC1YQP/YabSsKXILFwP5QgRwRWUehO79xkoMbz5X2kHt8VsZ8cnBR79gpsI
GtFw2VKHN9yusn9o82nUd9J/1VlQPEn9weSJTuPdCKFnt7V8J8IbAplyAeWRVz0+
Ia9nmItmYW1BosDqk2uPUiENFSaneImao7EPHHapXQz25Mqd97TbombetWXpyi22
xvrB1ciEPTZbqjY55hSMFU5L0+9dOWV5Z4K9mwTM9pucyQHwAHZVk0RcNVXpH3HZ
Ok4JNmMOO6WrtA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:40:29 2025 by rpki-client