Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft
File: y1eZ2NBfSgIAEdyoAxdivqASJV0.mft (raw, json)
Hash identifier: FH2h+Z65TtOgOHRarOVTXniIxSCdNmXqGAoGSgIIOAM=
Subject key identifier: 5D:99:64:BC:5B:B8:F8:DE:7A:4C:65:0F:B0:92:14:A2:98:D0:4C:C5
Authority key identifier: CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
Certificate issuer: /CN=cb5799d8d05f4a020011dca8031762bea012255d
Certificate serial: 019CABD97C811DD85B6BC09BF7B097A28FFC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft
Manifest number: 0DBA
Signing time: Mon 02 Mar 2026 00:01:22 +0000
Manifest this update: Mon 02 Mar 2026 00:01:22 +0000
Manifest next update: Tue 03 Mar 2026 00:01:22 +0000
Files and hashes: 1: xm2EH0bMS7Lp6R8nocX142XHBiE.roa (hash: Sw8xk1+itLI+I+ws0cUgg1V722l6xa6aNkokvCgQUD4=)
2: y1eZ2NBfSgIAEdyoAxdivqASJV0.crl (hash: nnhGsSFL26P7tMTFA6WXHg2HAxDFR5ajReuwoEBjbSI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft
rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:7c:81:1d:d8:5b:6b:c0:9b:f7:b0:97:a2:8f:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb5799d8d05f4a020011dca8031762bea012255d
Validity
Not Before: Mar 2 00:01:22 2026 GMT
Not After : Mar 3 00:01:22 2026 GMT
Subject: CN=5d9964bc5bb8f8de7a4c650fb09214a298d04cc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5e:81:b1:e2:12:84:4b:6a:9d:98:9a:36:1a:
04:d9:e1:3b:79:da:2a:31:43:6a:b7:bc:08:f2:16:
01:c1:c8:0b:20:b7:ce:cd:6f:be:04:2a:6e:2d:7c:
f2:f6:86:ff:95:e2:45:1d:5f:03:d5:1d:57:84:e6:
2d:61:8d:c2:32:f6:11:0f:b7:75:c5:c2:5a:57:57:
b9:2f:64:d7:e2:c4:90:09:a4:fd:56:b1:10:38:b1:
52:e7:e9:04:0c:89:7a:83:33:49:b2:3a:60:b1:40:
ba:22:8d:87:75:57:6e:a0:fa:3b:ee:32:c8:55:a5:
2f:08:5b:fd:d4:2f:56:62:d9:e8:7d:ae:1c:ed:2d:
42:f3:4f:3b:21:31:e6:d5:16:a8:80:99:67:7e:64:
a0:09:05:3e:7f:76:05:9f:73:2b:7e:78:26:00:14:
ea:f4:f8:13:a4:80:1f:4c:57:51:56:a3:ec:ea:a4:
f3:1a:da:8f:0a:ab:05:84:23:52:ce:24:6f:e4:db:
64:7b:c5:7e:93:2c:c8:99:3f:39:30:0e:9e:4d:e1:
da:5e:9b:be:1c:ed:45:7a:62:4b:ae:02:c0:43:ac:
63:34:47:53:11:36:00:67:c1:ae:b9:58:fd:be:e0:
f2:f4:b3:d9:39:ba:9d:b0:05:48:ad:d5:06:90:74:
44:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:99:64:BC:5B:B8:F8:DE:7A:4C:65:0F:B0:92:14:A2:98:D0:4C:C5
X509v3 Authority Key Identifier:
keyid:CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:e7:2d:90:ef:a4:65:fc:4e:d4:65:b3:c2:63:90:5e:8d:93:
1b:eb:b3:ea:35:0b:8c:3c:78:17:78:41:82:59:45:b7:e4:6c:
51:b6:57:d0:22:dc:08:6f:83:b6:14:20:39:c3:48:ba:99:80:
8f:d8:b1:be:a2:89:d2:b1:d3:98:b4:3c:10:09:54:bc:a8:31:
8b:0b:0b:ec:d2:2a:00:41:f0:e8:6f:27:8b:50:98:cc:bc:5d:
6b:24:8c:83:92:72:4a:ab:31:eb:42:9e:93:82:2e:c7:47:f0:
b4:2d:c7:eb:1e:19:0c:a7:1d:7a:a4:b5:f0:4e:9a:5a:ac:22:
ad:3b:5b:09:66:86:46:9d:96:b5:08:0e:c0:37:43:c6:85:37:
c3:21:4f:bb:0e:e8:86:5a:c8:b2:27:b1:80:69:33:d6:c5:ef:
ec:f5:70:0a:f6:e6:ea:40:d0:36:f1:3e:5b:8b:cb:4f:3d:4a:
c2:08:91:4b:a7:ac:fa:67:29:c1:0c:52:b5:08:2a:57:13:ab:
82:7c:bc:b0:14:8e:40:e9:2a:32:5a:5a:98:48:e5:99:44:bf:
97:5c:84:01:94:20:b1:96:a0:56:52:04:0d:71:66:16:1e:ca:
20:d1:1c:67:45:af:b7:16:21:dc:99:84:e1:63:e3:a1:4b:a9:
61:eb:db:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2XyBHdhba8Cb97CXoo/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNTc5OWQ4ZDA1ZjRhMDIwMDExZGNhODAzMTc2MmJlYTAx
MjI1NWQwHhcNMjYwMzAyMDAwMTIyWhcNMjYwMzAzMDAwMTIyWjAzMTEwLwYDVQQD
Eyg1ZDk5NjRiYzViYjhmOGRlN2E0YzY1MGZiMDkyMTRhMjk4ZDA0Y2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAql6BseIShEtqnZiaNhoE2eE7edoq
MUNqt7wI8hYBwcgLILfOzW++BCpuLXzy9ob/leJFHV8D1R1XhOYtYY3CMvYRD7d1
xcJaV1e5L2TX4sSQCaT9VrEQOLFS5+kEDIl6gzNJsjpgsUC6Io2HdVduoPo77jLI
VaUvCFv91C9WYtnofa4c7S1C8087ITHm1RaogJlnfmSgCQU+f3YFn3MrfngmABTq
9PgTpIAfTFdRVqPs6qTzGtqPCqsFhCNSziRv5Ntke8V+kyzImT85MA6eTeHaXpu+
HO1FemJLrgLAQ6xjNEdTETYAZ8GuuVj9vuDy9LPZObqdsAVIrdUGkHREpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2ZZLxbuPjeekxlD7CSFKKY0EzFMB8GA1UdIwQY
MBaAFMtXmdjQX0oCABHcqAMXYr6gEiVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQt
NWM2MDJmZGU5NjNiLzEveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQtNWM2MDJmZGU5NjNi
LzEveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJuctkO+k
ZfxO1GWzwmOQXo2TG+uz6jULjDx4F3hBgllFt+RsUbZX0CLcCG+DthQgOcNIupmA
j9ixvqKJ0rHTmLQ8EAlUvKgxiwsL7NIqAEHw6G8ni1CYzLxdaySMg5JySqsx60Ke
k4Iux0fwtC3H6x4ZDKcdeqS18E6aWqwirTtbCWaGRp2WtQgOwDdDxoU3wyFPuw7o
hlrIsiexgGkz1sXv7PVwCvbm6kDQNvE+W4vLTz1KwgiRS6es+mcpwQxStQgqVxOr
gny8sBSOQOkqMlpamEjlmUS/l1yEAZQgsZagVlIEDXFmFh7KINEcZ0WvtxYh3JmE
4WPjoUupYevbVw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:56:47 2026 by rpki-client