Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
File: y78j_5hnaDYlSUYv4JLGMV6sykA.mft (raw, json)
Hash identifier: B10Wk7oj7PJxzS013FM2JFXjTY6HQ1yyEcBSQajGvNI=
Subject key identifier: F9:05:BC:0C:99:94:1C:30:52:C1:C2:48:BD:38:2D:0D:FF:38:33:C0
Authority key identifier: CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40
Certificate issuer: /CN=cbbf23ff986768362549462fe092c6315eacca40
Certificate serial: 019A4C98464E2C9E35A3D85D6535363A6EFC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
Manifest number: 170B
Signing time: Tue 04 Nov 2025 02:00:39 +0000
Manifest this update: Tue 04 Nov 2025 02:00:39 +0000
Manifest next update: Wed 05 Nov 2025 02:00:39 +0000
Files and hashes: 1: a0gi81K4PU-mZZPSh82aNeLjsVI.roa (hash: Id1bqvDurbpWKdNvf29qBzclAu3m5HKcR5Kg3lRHGKE=)
2: y78j_5hnaDYlSUYv4JLGMV6sykA.crl (hash: TTc/ARuw98ggv/griYIjjBYe/qXW4o6Oe5OMQLhMwGY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 02:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4c:98:46:4e:2c:9e:35:a3:d8:5d:65:35:36:3a:6e:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbbf23ff986768362549462fe092c6315eacca40
Validity
Not Before: Nov 4 02:00:39 2025 GMT
Not After : Nov 5 02:00:39 2025 GMT
Subject: CN=f905bc0c99941c3052c1c248bd382d0dff3833c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ee:04:a6:ad:fa:ff:b6:44:8c:3a:ea:cd:9e:
4c:3f:01:02:a5:0d:0e:47:59:7e:c8:98:16:b7:73:
28:8b:ac:4a:4a:fc:e2:9a:7d:13:e3:6d:0d:4c:ad:
8f:a9:fd:f7:ea:d4:60:c4:c8:65:9c:54:c7:3e:86:
ed:34:22:8d:10:c7:aa:35:16:cf:36:4d:c0:a4:29:
2d:e4:05:81:bd:38:df:72:76:b0:8c:08:56:56:a9:
01:70:96:17:fe:74:4b:e7:70:02:c2:99:cf:d8:ed:
1f:f5:f5:96:c9:05:73:17:4a:c1:f6:fc:9a:b8:2a:
6a:18:f5:68:3b:4d:e3:ba:ac:f3:36:51:15:5c:88:
e8:b6:50:0b:13:5f:b2:fc:e1:6a:53:54:f4:cb:d4:
8f:2d:fe:27:84:4c:92:c0:d1:18:cc:9b:b0:47:e6:
d2:7e:0f:1d:27:ac:12:68:64:fd:13:c6:ec:92:36:
6e:af:d2:c0:9c:24:ed:e4:af:ce:b5:c5:cb:1f:d9:
a0:ce:71:f1:cf:2d:da:6f:56:6c:bb:52:05:6e:51:
65:a7:28:92:ae:c1:b5:76:3e:5c:93:ce:54:3c:15:
45:f5:1f:f6:cd:2e:82:5f:0a:db:43:f6:40:a5:b1:
d3:f3:70:40:23:05:3c:4d:3d:02:c1:48:d7:9b:cd:
91:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:05:BC:0C:99:94:1C:30:52:C1:C2:48:BD:38:2D:0D:FF:38:33:C0
X509v3 Authority Key Identifier:
keyid:CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:fe:60:8e:2b:71:93:d6:31:e6:df:00:b6:c3:50:7d:36:c0:
aa:f7:c6:51:81:13:ea:85:db:0e:d4:0a:f3:b6:3e:63:6d:54:
a9:f2:52:d2:ff:c5:7b:d7:49:d1:c2:e0:c0:6e:d5:7b:b2:47:
ed:5c:27:6b:52:9e:34:df:f5:b5:a1:e9:9d:35:0d:99:8e:51:
b4:4c:4a:4c:29:2e:73:05:0c:85:33:67:1e:50:5d:9e:b4:9a:
d4:15:33:af:07:b8:3b:04:cd:7c:f1:bd:e9:20:10:2f:33:7a:
45:5c:3c:c3:d4:61:e6:0e:c7:b0:98:40:d4:8f:2c:73:bc:63:
b9:49:9d:9d:5d:8f:8a:fc:f0:2e:f8:4e:2b:5b:e8:0a:96:ca:
8a:d5:6e:ef:13:aa:65:35:b7:df:67:99:df:df:95:7e:f4:ea:
83:9f:81:94:31:e6:a9:7b:14:a2:01:c4:7e:80:87:f8:c2:28:
52:0b:b1:1f:59:d8:3a:42:e3:02:74:0a:3c:ff:c1:93:d9:40:
9d:86:db:f1:16:81:e5:36:a6:20:06:b9:92:68:dd:e9:d5:75:
55:82:a9:8c:b5:49:54:d0:b2:67:78:62:63:23:89:dd:c2:bf:
cf:63:47:76:be:92:91:9e:65:46:37:59:0e:b1:52:e9:a2:e8:
e3:2f:dd:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpMmEZOLJ41o9hdZTU2Om78MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYmYyM2ZmOTg2NzY4MzYyNTQ5NDYyZmUwOTJjNjMxNWVh
Y2NhNDAwHhcNMjUxMTA0MDIwMDM5WhcNMjUxMTA1MDIwMDM5WjAzMTEwLwYDVQQD
EyhmOTA1YmMwYzk5OTQxYzMwNTJjMWMyNDhiZDM4MmQwZGZmMzgzM2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+4Epq36/7ZEjDrqzZ5MPwECpQ0O
R1l+yJgWt3Moi6xKSvzimn0T420NTK2Pqf336tRgxMhlnFTHPobtNCKNEMeqNRbP
Nk3ApCkt5AWBvTjfcnawjAhWVqkBcJYX/nRL53ACwpnP2O0f9fWWyQVzF0rB9vya
uCpqGPVoO03juqzzNlEVXIjotlALE1+y/OFqU1T0y9SPLf4nhEySwNEYzJuwR+bS
fg8dJ6wSaGT9E8bskjZur9LAnCTt5K/OtcXLH9mgznHxzy3ab1Zsu1IFblFlpyiS
rsG1dj5ck85UPBVF9R/2zS6CXwrbQ/ZApbHT83BAIwU8TT0CwUjXm82R+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPkFvAyZlBwwUsHCSL04LQ3/ODPAMB8GA1UdIwQY
MBaAFMu/I/+YZ2g2JUlGL+CSxjFerMpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjct
ODU0MTgyZjA5ZWY1LzEveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjctODU0MTgyZjA5ZWY1
LzEveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf/5gjitx
k9Yx5t8AtsNQfTbAqvfGUYET6oXbDtQK87Y+Y21UqfJS0v/Fe9dJ0cLgwG7Ve7JH
7Vwna1KeNN/1taHpnTUNmY5RtExKTCkucwUMhTNnHlBdnrSa1BUzrwe4OwTNfPG9
6SAQLzN6RVw8w9Rh5g7HsJhA1I8sc7xjuUmdnV2PivzwLvhOK1voCpbKitVu7xOq
ZTW332eZ39+VfvTqg5+BlDHmqXsUogHEfoCH+MIoUguxH1nYOkLjAnQKPP/Bk9lA
nYbb8RaB5TamIAa5kmjd6dV1VYKpjLVJVNCyZ3hiYyOJ3cK/z2NHdr6SkZ5lRjdZ
DrFS6aLo4y/d5w==
-----END CERTIFICATE-----
Generated at Tue Nov 4 11:18:59 2025 by rpki-client