Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
File: YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft (raw, json)
Hash identifier: lTUqqvnYzsni/hwlnwPuuozcSha5M6S4xzTT4r9PumA=
Subject key identifier: D6:C8:90:BF:B9:CB:AA:4A:06:DA:D6:E6:53:97:5F:5A:41:3E:2F:DD
Authority key identifier: 61:17:D6:15:80:43:15:0B:0A:D2:24:A0:64:8D:F0:18:57:06:01:9C
Certificate issuer: /CN=6117d6158043150b0ad224a0648df0185706019c
Certificate serial: 019A4EF50C40F0F67E4D0011811AD58584A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YRfWFYBDFQsK0iSgZI3wGFcGAZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
Manifest number: 119B
Signing time: Tue 04 Nov 2025 13:01:13 +0000
Manifest this update: Tue 04 Nov 2025 13:01:13 +0000
Manifest next update: Wed 05 Nov 2025 13:01:13 +0000
Files and hashes: 1: YRfWFYBDFQsK0iSgZI3wGFcGAZw.crl (hash: wci5eHFUjUXDL9K6E62+/n+HlXT/LVGxttj7OAB8N5U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
rsync://rpki.ripe.net/repository/DEFAULT/YRfWFYBDFQsK0iSgZI3wGFcGAZw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:0c:40:f0:f6:7e:4d:00:11:81:1a:d5:85:84:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6117d6158043150b0ad224a0648df0185706019c
Validity
Not Before: Nov 4 13:01:13 2025 GMT
Not After : Nov 5 13:01:13 2025 GMT
Subject: CN=d6c890bfb9cbaa4a06dad6e653975f5a413e2fdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:99:82:6c:7e:9c:85:17:62:51:1e:85:71:64:
7f:6c:86:71:b0:e0:cc:46:3a:89:df:91:ef:c3:7f:
c0:6f:85:a9:82:64:03:d6:d4:f9:6d:15:47:73:42:
cf:e6:1f:e2:5d:9a:de:07:27:e6:0c:25:e0:d7:63:
5d:74:77:04:53:96:68:99:87:50:e1:06:49:16:76:
3a:79:61:b5:57:5e:0e:7b:59:c0:bd:fe:55:31:03:
79:76:8c:75:6b:a7:c2:38:8e:d2:45:66:a9:9b:f1:
d1:cb:76:e0:29:66:fa:c8:10:0f:7a:df:5b:bb:1d:
ba:23:67:ef:45:bd:31:ec:11:e3:9f:74:7b:35:b3:
06:f5:11:dd:f8:bc:3d:e0:91:3f:ab:45:e8:57:9e:
80:69:82:53:5e:1d:de:bc:39:a9:b4:99:fc:51:0a:
6f:7e:15:de:dd:c4:f3:aa:02:24:88:38:0c:fc:e1:
23:43:a3:ec:70:ad:9d:59:19:7f:01:45:6a:20:a2:
aa:31:1f:98:70:c0:67:36:84:0a:6c:be:38:ab:71:
46:41:69:26:70:4a:a2:49:65:fc:0e:9c:77:6c:16:
1c:b9:58:a4:58:ed:41:39:cb:6d:2f:80:e7:c1:c2:
62:14:bc:b4:f8:a3:a9:f3:94:c8:70:b5:97:19:66:
e6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:C8:90:BF:B9:CB:AA:4A:06:DA:D6:E6:53:97:5F:5A:41:3E:2F:DD
X509v3 Authority Key Identifier:
keyid:61:17:D6:15:80:43:15:0B:0A:D2:24:A0:64:8D:F0:18:57:06:01:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YRfWFYBDFQsK0iSgZI3wGFcGAZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:5f:10:7e:be:ef:92:bc:fd:c7:1c:4b:b7:03:38:1a:02:e5:
44:65:fb:b8:47:6f:b2:98:5a:19:1f:06:cc:0b:40:d2:18:72:
ce:31:06:d7:95:06:c4:a1:70:6f:8e:f3:58:e4:b2:ee:3c:4b:
1e:83:1d:82:07:e5:c3:c6:d7:85:9b:ed:d5:44:26:32:7d:09:
15:14:cf:32:2f:51:12:62:1b:33:9c:1f:0f:f9:8f:61:17:26:
a2:c2:8d:98:57:96:8f:71:e8:78:e5:e7:05:2c:78:df:eb:94:
b8:fc:5c:63:24:ff:d6:8c:91:fd:0a:2a:81:c0:00:42:0a:29:
a7:28:58:b2:f7:d8:77:8a:9b:9b:53:3c:01:e2:8f:17:43:e4:
16:2c:e7:9b:b8:4d:a9:6a:89:ee:2a:b4:da:4c:8c:13:cc:d8:
f5:a6:73:26:c2:a8:fc:62:1e:8d:e0:58:7b:83:e9:5c:48:fa:
c5:40:37:81:3d:eb:e7:11:c6:58:a4:68:84:7a:da:e0:38:9c:
d9:18:57:da:67:9a:07:95:4f:d4:f1:55:e9:5c:1a:fe:d0:61:
6a:77:b5:a1:d5:d5:81:46:7e:42:f0:d6:f9:03:79:2d:e7:97:
a6:a7:1b:82:8d:f1:9f:57:e7:ed:5d:7f:92:19:7a:54:61:01:
e5:7c:5d:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9QxA8PZ+TQARgRrVhYShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMTdkNjE1ODA0MzE1MGIwYWQyMjRhMDY0OGRmMDE4NTcw
NjAxOWMwHhcNMjUxMTA0MTMwMTEzWhcNMjUxMTA1MTMwMTEzWjAzMTEwLwYDVQQD
EyhkNmM4OTBiZmI5Y2JhYTRhMDZkYWQ2ZTY1Mzk3NWY1YTQxM2UyZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3JmCbH6chRdiUR6FcWR/bIZxsODM
RjqJ35Hvw3/Ab4WpgmQD1tT5bRVHc0LP5h/iXZreByfmDCXg12NddHcEU5ZomYdQ
4QZJFnY6eWG1V14Oe1nAvf5VMQN5dox1a6fCOI7SRWapm/HRy3bgKWb6yBAPet9b
ux26I2fvRb0x7BHjn3R7NbMG9RHd+Lw94JE/q0XoV56AaYJTXh3evDmptJn8UQpv
fhXe3cTzqgIkiDgM/OEjQ6PscK2dWRl/AUVqIKKqMR+YcMBnNoQKbL44q3FGQWkm
cEqiSWX8Dpx3bBYcuVikWO1BOcttL4DnwcJiFLy0+KOp85TIcLWXGWbmIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNbIkL+5y6pKBtrW5lOXX1pBPi/dMB8GA1UdIwQY
MBaAFGEX1hWAQxULCtIkoGSN8BhXBgGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVJmV0ZZQkRGUXNLMGlTZ1pJM3dHRmNHQVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jOTY0MjYtNDgzYS00Y2JmLTlhYTMt
OTQ3MzU4MGJjODUwLzEvWVJmV0ZZQkRGUXNLMGlTZ1pJM3dHRmNHQVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9jOTY0MjYtNDgzYS00Y2JmLTlhYTMtOTQ3MzU4MGJjODUw
LzEvWVJmV0ZZQkRGUXNLMGlTZ1pJM3dHRmNHQVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASF8Qfr7v
krz9xxxLtwM4GgLlRGX7uEdvsphaGR8GzAtA0hhyzjEG15UGxKFwb47zWOSy7jxL
HoMdggflw8bXhZvt1UQmMn0JFRTPMi9REmIbM5wfD/mPYRcmosKNmFeWj3HoeOXn
BSx43+uUuPxcYyT/1oyR/QoqgcAAQgoppyhYsvfYd4qbm1M8AeKPF0PkFiznm7hN
qWqJ7iq02kyME8zY9aZzJsKo/GIejeBYe4PpXEj6xUA3gT3r5xHGWKRohHra4Dic
2RhX2meaB5VP1PFV6Vwa/tBhane1odXVgUZ+QvDW+QN5LeeXpqcbgo3xn1fn7V1/
khl6VGEB5XxdeQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:55:36 2025 by rpki-client