Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft
File: y-lwmA1WXMdK2ylKpox7BvUTKJA.mft (raw, json)
Hash identifier: ml2WOFpH1MiKgmGi/9bTqYNgafUhGo+0d8BIhEniWM8=
Subject key identifier: 5D:1E:67:5E:EF:36:AD:C4:D6:1C:62:2A:47:3F:3D:2D:A5:9E:10:35
Authority key identifier: CB:E9:70:98:0D:56:5C:C7:4A:DB:29:4A:A6:8C:7B:06:F5:13:28:90
Certificate issuer: /CN=cbe970980d565cc74adb294aa68c7b06f5132890
Certificate serial: 019D98F4B02AAE1A46B800C3D3200DCD0182
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y-lwmA1WXMdK2ylKpox7BvUTKJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft
Manifest number: 0BCD
Signing time: Fri 17 Apr 2026 01:01:05 +0000
Manifest this update: Fri 17 Apr 2026 01:01:05 +0000
Manifest next update: Sat 18 Apr 2026 01:01:05 +0000
Files and hashes: 1: NidyPRYUDsQcexHsJToZqXrMBV8.roa (hash: p65GZR4XN5l1qftmH4TTF0KOAaUQ1Yo/rxmu16Joj74=)
2: y-lwmA1WXMdK2ylKpox7BvUTKJA.crl (hash: RrNIViAy9cd3fNlTPloObPJ1xmWT8wmwPiCvH//Obgg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/y-lwmA1WXMdK2ylKpox7BvUTKJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 01:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:f4:b0:2a:ae:1a:46:b8:00:c3:d3:20:0d:cd:01:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbe970980d565cc74adb294aa68c7b06f5132890
Validity
Not Before: Apr 17 01:01:05 2026 GMT
Not After : Apr 18 01:01:05 2026 GMT
Subject: CN=5d1e675eef36adc4d61c622a473f3d2da59e1035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4d:31:10:0c:6f:06:39:02:c7:76:a5:e7:06:
85:d6:bb:dd:df:1d:78:63:a0:13:11:b0:28:dd:a9:
e4:ca:28:a4:ab:ec:01:46:d2:5e:07:70:c0:e0:7f:
31:21:27:f3:58:78:43:49:63:8e:28:b3:fc:55:e8:
6b:e7:2b:e7:8d:18:8a:96:f2:ab:58:1a:c0:78:c1:
80:00:32:77:96:2b:9a:13:b3:e9:24:de:e4:b9:13:
dd:f8:31:e2:da:33:04:9e:9f:a8:d9:51:8a:55:99:
85:11:f5:63:45:77:8b:c7:85:9e:80:fa:04:cc:e0:
05:79:67:37:34:35:a6:84:d6:94:59:81:f4:9b:d9:
19:4a:d2:67:17:b4:7a:22:93:c5:5b:41:25:44:8d:
d8:e4:e7:fb:f6:bd:c9:69:37:6f:e6:03:4b:3f:25:
14:e2:95:db:71:0f:ac:be:9b:43:e7:0b:5c:80:1c:
a0:a7:1a:66:00:16:5d:db:73:64:a5:0c:7a:17:9c:
5a:81:fa:44:f9:07:0d:f8:b6:f4:3e:44:03:2a:ab:
6e:ca:a3:ae:93:e0:d7:74:fd:d9:1c:3e:98:e4:5b:
c7:41:74:25:09:0b:03:ae:5a:00:28:53:8b:04:e7:
30:77:16:26:bc:db:51:d7:a9:f7:52:59:06:86:4d:
5c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:1E:67:5E:EF:36:AD:C4:D6:1C:62:2A:47:3F:3D:2D:A5:9E:10:35
X509v3 Authority Key Identifier:
keyid:CB:E9:70:98:0D:56:5C:C7:4A:DB:29:4A:A6:8C:7B:06:F5:13:28:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y-lwmA1WXMdK2ylKpox7BvUTKJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3c:c5:1a:5b:b6:ac:27:cf:eb:e7:ec:81:4a:9d:ac:03:1c:97:
61:3c:0d:29:65:35:07:51:a9:82:52:1b:d6:2b:32:af:b0:23:
7d:66:d1:6d:99:07:60:38:71:1a:67:e3:53:2d:a2:d2:f3:2f:
11:3e:e7:d8:6f:32:fa:91:92:70:e6:88:03:d4:d9:85:e2:54:
b0:d7:db:05:12:08:f8:05:64:cd:49:4f:fa:53:9a:52:46:ee:
18:04:17:97:2e:a1:cb:a8:bf:fc:cf:dd:4d:d6:d2:ca:55:62:
c4:94:11:1a:f5:ce:5d:62:21:fb:ce:f5:34:a7:4b:72:2a:70:
cf:90:6b:87:1d:d0:d4:93:76:a2:f4:29:a3:b4:25:17:73:1b:
d7:b3:33:dd:28:7f:b3:c2:dc:a7:20:06:58:4c:0f:96:83:c4:
4b:74:82:a1:db:f9:c0:cd:dd:3d:f3:17:25:22:b5:c5:dc:46:
73:47:38:a4:30:dd:04:23:2c:fc:73:41:89:64:cd:47:d5:7a:
42:3c:7e:58:30:bc:b4:78:7f:75:66:0b:e2:de:de:91:90:b0:
ce:22:ba:d9:00:8f:10:91:e8:4b:43:2f:a6:6b:64:8f:95:71:
6e:58:4a:9f:61:b1:0d:90:f4:a1:74:0f:61:ba:7d:6b:19:d1:
9f:dc:95:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9LAqrhpGuADD0yANzQGCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZTk3MDk4MGQ1NjVjYzc0YWRiMjk0YWE2OGM3YjA2ZjUx
MzI4OTAwHhcNMjYwNDE3MDEwMTA1WhcNMjYwNDE4MDEwMTA1WjAzMTEwLwYDVQQD
Eyg1ZDFlNjc1ZWVmMzZhZGM0ZDYxYzYyMmE0NzNmM2QyZGE1OWUxMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArE0xEAxvBjkCx3al5waF1rvd3x14
Y6ATEbAo3ankyiikq+wBRtJeB3DA4H8xISfzWHhDSWOOKLP8Vehr5yvnjRiKlvKr
WBrAeMGAADJ3liuaE7PpJN7kuRPd+DHi2jMEnp+o2VGKVZmFEfVjRXeLx4WegPoE
zOAFeWc3NDWmhNaUWYH0m9kZStJnF7R6IpPFW0ElRI3Y5Of79r3JaTdv5gNLPyUU
4pXbcQ+svptD5wtcgBygpxpmABZd23NkpQx6F5xagfpE+QcN+Lb0PkQDKqtuyqOu
k+DXdP3ZHD6Y5FvHQXQlCQsDrloAKFOLBOcwdxYmvNtR16n3UlkGhk1c1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF0eZ17vNq3E1hxiKkc/PS2lnhA1MB8GA1UdIwQY
MBaAFMvpcJgNVlzHStspSqaMewb1EyiQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveS1sd21BMVdYTWRLMnlsS3BveDdCdlVUS0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zZGNmN2ItMTcwMy00NTlmLWFjMGIt
NzU2YTA4YTRhZGRhLzEveS1sd21BMVdYTWRLMnlsS3BveDdCdlVUS0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8zZGNmN2ItMTcwMy00NTlmLWFjMGItNzU2YTA4YTRhZGRh
LzEveS1sd21BMVdYTWRLMnlsS3BveDdCdlVUS0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPMUaW7as
J8/r5+yBSp2sAxyXYTwNKWU1B1GpglIb1isyr7AjfWbRbZkHYDhxGmfjUy2i0vMv
ET7n2G8y+pGScOaIA9TZheJUsNfbBRII+AVkzUlP+lOaUkbuGAQXly6hy6i//M/d
TdbSylVixJQRGvXOXWIh+871NKdLcipwz5Brhx3Q1JN2ovQpo7QlF3Mb17Mz3Sh/
s8LcpyAGWEwPloPES3SCodv5wM3dPfMXJSK1xdxGc0c4pDDdBCMs/HNBiWTNR9V6
Qjx+WDC8tHh/dWYL4t7ekZCwziK62QCPEJHoS0Mvpmtkj5VxblhKn2GxDZD0oXQP
Ybp9axnRn9yVJA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:06:41 2026 by rpki-client