Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft
File: y-lwmA1WXMdK2ylKpox7BvUTKJA.mft (raw, json)
Hash identifier: XzQQnyAW1Drnd2jXOuxm2W1X687qTQ99Wkbkt6nCTZ8=
Subject key identifier: ED:77:45:2C:82:C7:E2:F2:70:FE:9B:E1:D1:6F:45:B4:E2:7C:72:E1
Authority key identifier: CB:E9:70:98:0D:56:5C:C7:4A:DB:29:4A:A6:8C:7B:06:F5:13:28:90
Certificate issuer: /CN=cbe970980d565cc74adb294aa68c7b06f5132890
Certificate serial: 019CA97CA0BBBF93FEFD1CD86BB13446A324
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y-lwmA1WXMdK2ylKpox7BvUTKJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft
Manifest number: 0B51
Signing time: Sun 01 Mar 2026 13:00:42 +0000
Manifest this update: Sun 01 Mar 2026 13:00:42 +0000
Manifest next update: Mon 02 Mar 2026 13:00:42 +0000
Files and hashes: 1: NidyPRYUDsQcexHsJToZqXrMBV8.roa (hash: p65GZR4XN5l1qftmH4TTF0KOAaUQ1Yo/rxmu16Joj74=)
2: y-lwmA1WXMdK2ylKpox7BvUTKJA.crl (hash: 14IA8jmEdKNh3IJsKmoTFrbjFPIKaucD4wJIBN8UOaE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/y-lwmA1WXMdK2ylKpox7BvUTKJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 13:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:7c:a0:bb:bf:93:fe:fd:1c:d8:6b:b1:34:46:a3:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbe970980d565cc74adb294aa68c7b06f5132890
Validity
Not Before: Mar 1 13:00:42 2026 GMT
Not After : Mar 2 13:00:42 2026 GMT
Subject: CN=ed77452c82c7e2f270fe9be1d16f45b4e27c72e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e8:7f:ee:96:c9:f4:79:4e:7a:5b:c9:8a:7a:
da:3f:d5:92:47:e8:67:11:df:ff:d0:69:94:10:90:
18:aa:dd:6e:53:b6:d5:ac:9b:9e:ba:1a:41:67:ee:
88:bd:c7:5b:fe:4a:44:5c:91:33:79:21:bf:ea:ba:
50:50:46:67:12:53:68:eb:1c:b6:80:ff:22:03:cd:
db:c5:a1:fa:e0:53:22:c3:42:f5:db:2e:e6:d0:b8:
ac:f9:d4:93:a2:32:c7:5c:61:b9:57:58:5a:ab:48:
19:d8:9c:49:28:f7:eb:b5:11:8c:c0:e6:2b:5a:5f:
47:20:f7:ca:96:5e:1c:90:af:73:6b:f8:08:ab:f4:
8e:c4:51:93:3b:67:57:ab:74:07:2c:a0:c2:77:65:
c5:d4:f9:79:af:37:88:1d:98:27:b9:c8:ba:e2:c8:
9a:3f:1f:ce:69:75:84:64:66:70:26:3b:b8:32:84:
27:a2:c1:13:cb:5b:ba:89:fb:20:62:a9:81:2e:01:
b1:20:bc:f8:dd:7d:30:bc:6b:de:c8:13:22:93:9c:
5f:1d:b1:b4:62:55:d1:26:2b:5d:4d:ef:67:24:f3:
87:3a:da:b3:b7:8b:e8:9d:a0:7e:8d:5c:d4:a7:07:
ba:5e:3a:5a:67:b2:d9:fe:71:80:04:52:bc:56:07:
fc:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:77:45:2C:82:C7:E2:F2:70:FE:9B:E1:D1:6F:45:B4:E2:7C:72:E1
X509v3 Authority Key Identifier:
keyid:CB:E9:70:98:0D:56:5C:C7:4A:DB:29:4A:A6:8C:7B:06:F5:13:28:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y-lwmA1WXMdK2ylKpox7BvUTKJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b9:52:1f:c3:cf:e8:5a:3a:6c:02:7b:17:1c:30:c4:1e:8b:c5:
f5:6b:84:d2:27:3d:f9:71:41:9c:c4:f2:98:c6:0d:45:33:42:
61:a4:15:e7:7f:fd:13:e2:bc:99:b0:52:9e:93:74:24:6e:6c:
6f:4f:87:3d:9e:0a:e7:fb:bb:bf:39:61:cf:a3:88:db:be:37:
f7:61:a2:1c:f8:da:58:ac:f6:66:44:4b:47:87:8e:fb:c9:86:
a4:d5:34:be:37:6f:94:d5:a4:8c:fe:0f:e5:b2:76:ce:3a:a9:
e8:d6:35:b4:8c:dd:df:8f:15:d6:14:2f:9e:b8:82:b9:af:2d:
df:66:11:1e:0d:11:3e:e7:58:9f:a1:05:91:98:64:06:27:30:
e5:1f:9c:2e:15:c8:28:0f:54:6f:4c:77:1c:5f:ab:36:4e:1a:
c1:c2:87:06:2e:05:ad:be:c0:47:35:1e:78:e1:67:27:37:d4:
73:38:3f:09:d5:d4:ad:ad:4a:21:9f:56:91:ac:d9:5b:0c:56:
f7:05:dd:57:08:bd:7d:2f:c8:a2:57:15:db:b7:bd:ee:1f:c3:
4b:7c:5b:c3:b7:37:69:62:82:0e:4b:6f:35:7a:f3:fd:64:5d:
28:fa:26:3e:b4:47:12:07:71:18:8c:4b:a7:6d:c9:b3:56:1d:
4d:0d:41:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfKC7v5P+/RzYa7E0RqMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZTk3MDk4MGQ1NjVjYzc0YWRiMjk0YWE2OGM3YjA2ZjUx
MzI4OTAwHhcNMjYwMzAxMTMwMDQyWhcNMjYwMzAyMTMwMDQyWjAzMTEwLwYDVQQD
EyhlZDc3NDUyYzgyYzdlMmYyNzBmZTliZTFkMTZmNDViNGUyN2M3MmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+h/7pbJ9HlOelvJinraP9WSR+hn
Ed//0GmUEJAYqt1uU7bVrJueuhpBZ+6Ivcdb/kpEXJEzeSG/6rpQUEZnElNo6xy2
gP8iA83bxaH64FMiw0L12y7m0Lis+dSTojLHXGG5V1haq0gZ2JxJKPfrtRGMwOYr
Wl9HIPfKll4ckK9za/gIq/SOxFGTO2dXq3QHLKDCd2XF1Pl5rzeIHZgnuci64sia
Px/OaXWEZGZwJju4MoQnosETy1u6ifsgYqmBLgGxILz43X0wvGveyBMik5xfHbG0
YlXRJitdTe9nJPOHOtqzt4vonaB+jVzUpwe6XjpaZ7LZ/nGABFK8Vgf8LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO13RSyCx+LycP6b4dFvRbTifHLhMB8GA1UdIwQY
MBaAFMvpcJgNVlzHStspSqaMewb1EyiQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveS1sd21BMVdYTWRLMnlsS3BveDdCdlVUS0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zZGNmN2ItMTcwMy00NTlmLWFjMGIt
NzU2YTA4YTRhZGRhLzEveS1sd21BMVdYTWRLMnlsS3BveDdCdlVUS0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8zZGNmN2ItMTcwMy00NTlmLWFjMGItNzU2YTA4YTRhZGRh
LzEveS1sd21BMVdYTWRLMnlsS3BveDdCdlVUS0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuVIfw8/o
WjpsAnsXHDDEHovF9WuE0ic9+XFBnMTymMYNRTNCYaQV53/9E+K8mbBSnpN0JG5s
b0+HPZ4K5/u7vzlhz6OI274392GiHPjaWKz2ZkRLR4eO+8mGpNU0vjdvlNWkjP4P
5bJ2zjqp6NY1tIzd348V1hQvnriCua8t32YRHg0RPudYn6EFkZhkBicw5R+cLhXI
KA9Ub0x3HF+rNk4awcKHBi4Frb7ARzUeeOFnJzfUczg/CdXUra1KIZ9WkazZWwxW
9wXdVwi9fS/IolcV27e97h/DS3xbw7c3aWKCDktvNXrz/WRdKPomPrRHEgdxGIxL
p23Js1YdTQ1BfA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:59:27 2026 by rpki-client