Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/61d42d-3b48-468e-9ad9-215fc390bfe4/1/YbcgLJIwwolFDtWmKxc2mgZZvGs.mft
File: YbcgLJIwwolFDtWmKxc2mgZZvGs.mft (raw, json)
Hash identifier: UgvCmorwAdJITSStyOkY11EJfA+VmvxLtZfZLN7JF30=
Subject key identifier: 9A:FA:91:F4:03:A9:55:02:6B:49:A6:12:8D:C0:EE:F4:91:18:3C:8E
Authority key identifier: 61:B7:20:2C:92:30:C2:89:45:0E:D5:A6:2B:17:36:9A:06:59:BC:6B
Certificate issuer: /CN=61b7202c9230c289450ed5a62b17369a0659bc6b
Certificate serial: 019A4DE1C684FB26F9D51F0463B57B08C193
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbcgLJIwwolFDtWmKxc2mgZZvGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/61d42d-3b48-468e-9ad9-215fc390bfe4/1/YbcgLJIwwolFDtWmKxc2mgZZvGs.mft
Manifest number: 09B1
Signing time: Tue 04 Nov 2025 08:00:33 +0000
Manifest this update: Tue 04 Nov 2025 08:00:33 +0000
Manifest next update: Wed 05 Nov 2025 08:00:33 +0000
Files and hashes: 1: WEJghusKIKSFibkCzqHCeJYzUzA.roa (hash: OzzJ4qVi0bEqkT53q5LfwPnutGydp+ntCXtobu4buTA=)
2: YbcgLJIwwolFDtWmKxc2mgZZvGs.crl (hash: bIUW2eSMyWdePzvmEr/aj+7fQ6p/Wljpnik1bWOWBN8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/61d42d-3b48-468e-9ad9-215fc390bfe4/1/YbcgLJIwwolFDtWmKxc2mgZZvGs.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/61d42d-3b48-468e-9ad9-215fc390bfe4/1/YbcgLJIwwolFDtWmKxc2mgZZvGs.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbcgLJIwwolFDtWmKxc2mgZZvGs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:c6:84:fb:26:f9:d5:1f:04:63:b5:7b:08:c1:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b7202c9230c289450ed5a62b17369a0659bc6b
Validity
Not Before: Nov 4 08:00:33 2025 GMT
Not After : Nov 5 08:00:33 2025 GMT
Subject: CN=9afa91f403a955026b49a6128dc0eef491183c8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c5:d5:d0:ae:84:ba:b9:54:45:c7:a0:0f:81:
f3:92:97:b7:82:e9:79:81:b6:81:ae:9d:ca:f5:e7:
bc:5b:f5:e1:b2:20:5d:51:66:b6:04:4f:10:dd:c4:
b7:56:42:27:d9:9d:2c:d3:9d:d3:dd:05:f6:47:00:
cf:f0:65:b0:6b:6a:7c:9e:98:a6:ff:c0:bd:d1:40:
62:6a:f6:28:1a:26:a9:ea:0b:57:cb:e0:0d:22:ba:
5d:27:50:82:b8:ff:54:e8:2a:67:9b:c3:cd:d7:0b:
62:e1:7f:99:ce:3e:43:1b:85:d0:fd:2e:18:45:df:
e9:51:ac:d9:f9:35:2a:5a:c7:9d:16:4f:0f:e6:c8:
e8:a2:dc:6e:7e:b7:0a:81:ba:b2:2d:02:ec:0d:a3:
53:51:92:9a:34:ab:b9:22:57:fc:03:90:95:85:35:
1a:9c:96:f7:bb:7b:05:de:b6:87:6d:f0:a5:bf:ed:
c0:9a:ca:6c:cd:ec:d8:a6:a5:09:7a:ec:11:d3:c9:
d4:45:35:fc:5a:96:52:c0:66:83:23:91:6b:8d:cc:
52:82:4a:76:d2:7e:d8:0f:b2:bc:2d:6e:59:5c:6e:
30:47:47:62:3d:91:46:c9:35:78:3a:48:c3:68:d0:
1f:15:27:82:16:40:25:43:9f:e5:0c:07:3b:b5:1a:
6d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:FA:91:F4:03:A9:55:02:6B:49:A6:12:8D:C0:EE:F4:91:18:3C:8E
X509v3 Authority Key Identifier:
keyid:61:B7:20:2C:92:30:C2:89:45:0E:D5:A6:2B:17:36:9A:06:59:BC:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbcgLJIwwolFDtWmKxc2mgZZvGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/61d42d-3b48-468e-9ad9-215fc390bfe4/1/YbcgLJIwwolFDtWmKxc2mgZZvGs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/61d42d-3b48-468e-9ad9-215fc390bfe4/1/YbcgLJIwwolFDtWmKxc2mgZZvGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:c6:10:6d:3f:56:ec:19:d0:c4:25:d0:74:2b:4f:65:fb:e2:
6d:c0:72:2f:bb:ae:f3:01:40:99:56:80:98:ab:14:e4:50:f5:
0b:b0:3b:ba:26:1b:c0:b1:52:66:e6:28:cb:28:9e:6c:a2:02:
71:fe:1d:73:b9:d0:57:77:97:81:01:45:80:8d:39:4c:3a:46:
b8:25:b9:d9:c9:0c:a4:39:19:b6:9c:6e:0e:a9:be:a1:24:f0:
03:8f:ba:66:6d:76:8c:d6:67:2f:f7:41:b1:04:8b:8b:2d:51:
9e:6c:6c:db:ae:58:85:04:c9:21:7e:1d:bc:03:7c:22:04:4e:
ec:5e:8c:e9:d5:f4:6c:22:c0:a0:f7:89:60:00:85:6c:f7:3d:
9b:d4:93:e7:dc:dc:2d:52:35:53:c8:f9:ce:31:28:5d:e5:52:
fd:52:74:54:6c:5d:c7:72:42:f2:a3:10:a2:5b:5c:9a:b4:85:
fd:44:75:9a:03:b5:a3:94:03:eb:07:1a:6b:61:05:7f:64:06:
2c:9e:d0:09:df:3f:15:04:e9:11:6f:e1:75:22:55:4d:13:e8:
e3:6b:7f:b2:7c:9a:e2:97:45:e8:f8:0d:44:6d:98:35:27:46:
f8:85:8e:d9:ac:f3:d2:f3:cf:4c:19:d6:c1:32:e0:24:04:cd:
6e:7b:f0:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4caE+yb51R8EY7V7CMGTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjcyMDJjOTIzMGMyODk0NTBlZDVhNjJiMTczNjlhMDY1
OWJjNmIwHhcNMjUxMTA0MDgwMDMzWhcNMjUxMTA1MDgwMDMzWjAzMTEwLwYDVQQD
Eyg5YWZhOTFmNDAzYTk1NTAyNmI0OWE2MTI4ZGMwZWVmNDkxMTgzYzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsXV0K6EurlURcegD4Hzkpe3gul5
gbaBrp3K9ee8W/XhsiBdUWa2BE8Q3cS3VkIn2Z0s053T3QX2RwDP8GWwa2p8npim
/8C90UBiavYoGiap6gtXy+ANIrpdJ1CCuP9U6Cpnm8PN1wti4X+Zzj5DG4XQ/S4Y
Rd/pUazZ+TUqWsedFk8P5sjootxufrcKgbqyLQLsDaNTUZKaNKu5Ilf8A5CVhTUa
nJb3u3sF3raHbfClv+3AmspszezYpqUJeuwR08nURTX8WpZSwGaDI5FrjcxSgkp2
0n7YD7K8LW5ZXG4wR0diPZFGyTV4OkjDaNAfFSeCFkAlQ5/lDAc7tRptpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJr6kfQDqVUCa0mmEo3A7vSRGDyOMB8GA1UdIwQY
MBaAFGG3ICySMMKJRQ7VpisXNpoGWbxrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJjZ0xKSXd3b2xGRHRXbUt4YzJtZ1padkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC82MWQ0MmQtM2I0OC00NjhlLTlhZDkt
MjE1ZmMzOTBiZmU0LzEvWWJjZ0xKSXd3b2xGRHRXbUt4YzJtZ1padkdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC82MWQ0MmQtM2I0OC00NjhlLTlhZDktMjE1ZmMzOTBiZmU0
LzEvWWJjZ0xKSXd3b2xGRHRXbUt4YzJtZ1padkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADcYQbT9W
7BnQxCXQdCtPZfvibcByL7uu8wFAmVaAmKsU5FD1C7A7uiYbwLFSZuYoyyiebKIC
cf4dc7nQV3eXgQFFgI05TDpGuCW52ckMpDkZtpxuDqm+oSTwA4+6Zm12jNZnL/dB
sQSLiy1Rnmxs265YhQTJIX4dvAN8IgRO7F6M6dX0bCLAoPeJYACFbPc9m9ST59zc
LVI1U8j5zjEoXeVS/VJ0VGxdx3JC8qMQoltcmrSF/UR1mgO1o5QD6wcaa2EFf2QG
LJ7QCd8/FQTpEW/hdSJVTRPo42t/snya4pdF6PgNRG2YNSdG+IWO2azz0vPPTBnW
wTLgJATNbnvwgA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:46:43 2025 by rpki-client