Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft
File: y1eZ2NBfSgIAEdyoAxdivqASJV0.mft (raw, json)
Hash identifier: B46CsYrpBkL/zdl7kyv85+g80Hx+jm3396Xp2h5I4W0=
Subject key identifier: 54:AC:5F:39:CF:49:CE:B7:E2:09:1D:47:9A:16:0C:D6:07:DC:FC:49
Authority key identifier: CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
Certificate issuer: /CN=cb5799d8d05f4a020011dca8031762bea012255d
Certificate serial: 019A4E19029A88B69E6B7CD9CE15DBB37244
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft
Manifest number: 0C80
Signing time: Tue 04 Nov 2025 09:00:53 +0000
Manifest this update: Tue 04 Nov 2025 09:00:53 +0000
Manifest next update: Wed 05 Nov 2025 09:00:53 +0000
Files and hashes: 1: FXCR9Lc6KgRx_HPpZhjXnE6ILJY.roa (hash: TawwcEelbsmmDw/jX+MvcIQud2NnCnis9eNEGbrjubs=)
2: y1eZ2NBfSgIAEdyoAxdivqASJV0.crl (hash: mnuw2jCKGt6pyXWc1Y5X8TMCeV6nFmSfTzuRk2lR/1Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft
rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:19:02:9a:88:b6:9e:6b:7c:d9:ce:15:db:b3:72:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb5799d8d05f4a020011dca8031762bea012255d
Validity
Not Before: Nov 4 09:00:53 2025 GMT
Not After : Nov 5 09:00:53 2025 GMT
Subject: CN=54ac5f39cf49ceb7e2091d479a160cd607dcfc49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:36:20:02:4b:a2:a6:95:6b:06:f4:07:28:37:
7c:5d:22:09:2e:11:e8:a2:ff:21:41:09:de:29:64:
7a:82:43:82:ad:a1:5e:e4:a1:9a:00:15:9c:9b:61:
57:53:3c:25:dc:73:87:9f:6b:78:8f:3c:54:29:57:
64:33:24:5f:4f:5d:35:ca:c1:5a:82:be:e9:bf:5f:
0d:8b:e1:0e:f0:fc:a1:52:26:cf:78:3d:44:69:b8:
b1:60:a4:26:5e:e3:f3:71:72:cd:44:33:c7:39:93:
4d:b0:ab:5d:a4:d6:0e:f8:1e:f1:b4:00:48:d2:a1:
e7:14:39:9d:12:54:96:f8:5e:ac:71:7b:d6:a2:b5:
9e:86:58:73:18:2a:18:cd:de:88:46:d6:4e:49:84:
28:fd:81:4b:35:d8:b9:5d:44:dc:30:89:c9:dc:9f:
44:1a:dd:70:50:32:30:cd:65:e5:8a:7f:2b:bd:cc:
fb:03:e9:8d:f4:45:95:14:89:bd:ed:16:31:32:c5:
aa:af:1e:94:76:18:d6:f8:be:ea:57:8a:bb:33:c4:
c5:af:82:17:1f:86:ca:c2:80:bc:49:6f:d3:2a:53:
5f:0a:eb:fb:02:5c:9e:ac:65:06:78:5f:18:45:b0:
af:a1:93:1d:23:63:5f:e5:9e:f7:f7:d9:a3:3c:89:
cf:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:AC:5F:39:CF:49:CE:B7:E2:09:1D:47:9A:16:0C:D6:07:DC:FC:49
X509v3 Authority Key Identifier:
keyid:CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3c:b8:d9:3f:da:02:85:4c:4b:ce:f3:64:5c:3b:98:b5:9f:d7:
68:42:95:15:a6:0d:25:bf:ac:4a:cf:dd:dd:bc:b7:65:67:c4:
2b:0f:ef:2c:c9:a6:45:b0:5c:88:f2:40:64:46:56:e2:d0:3c:
ab:15:ec:75:18:46:2f:0e:30:9f:fc:fc:25:1c:10:5d:a5:5e:
7f:db:1e:1d:84:9c:b1:42:26:4c:e4:f3:d9:d2:db:8a:52:42:
f0:7c:ad:a1:1f:05:48:10:57:7b:64:7f:88:c4:9c:d9:91:7f:
5c:fc:00:f8:59:6b:f6:b5:24:a6:a0:c4:54:30:74:4c:9a:7c:
80:26:19:ab:82:6e:90:23:b6:b1:4d:fc:02:2d:07:80:12:c3:
49:11:ce:da:f9:ee:5a:ce:7e:57:44:32:7a:9f:c9:77:3f:de:
60:6c:da:75:06:fb:71:7d:01:10:57:0c:47:59:67:34:68:ea:
41:24:2f:f7:93:da:2a:68:aa:4d:0d:e4:0a:7f:50:cd:ca:49:
aa:ec:90:f1:5b:bc:c7:d0:89:01:18:8d:04:92:95:e2:42:9b:
41:b2:61:b7:84:03:40:26:10:68:7d:b7:3e:ee:fa:6a:b8:7b:
34:e0:fe:9a:b1:59:6a:de:dc:89:c2:07:50:85:9d:ff:b7:85:
6c:50:b8:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGQKaiLaea3zZzhXbs3JEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNTc5OWQ4ZDA1ZjRhMDIwMDExZGNhODAzMTc2MmJlYTAx
MjI1NWQwHhcNMjUxMTA0MDkwMDUzWhcNMjUxMTA1MDkwMDUzWjAzMTEwLwYDVQQD
Eyg1NGFjNWYzOWNmNDljZWI3ZTIwOTFkNDc5YTE2MGNkNjA3ZGNmYzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDYgAkuippVrBvQHKDd8XSIJLhHo
ov8hQQneKWR6gkOCraFe5KGaABWcm2FXUzwl3HOHn2t4jzxUKVdkMyRfT101ysFa
gr7pv18Ni+EO8PyhUibPeD1EabixYKQmXuPzcXLNRDPHOZNNsKtdpNYO+B7xtABI
0qHnFDmdElSW+F6scXvWorWehlhzGCoYzd6IRtZOSYQo/YFLNdi5XUTcMInJ3J9E
Gt1wUDIwzWXlin8rvcz7A+mN9EWVFIm97RYxMsWqrx6UdhjW+L7qV4q7M8TFr4IX
H4bKwoC8SW/TKlNfCuv7AlyerGUGeF8YRbCvoZMdI2Nf5Z7399mjPInPRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFSsXznPSc634gkdR5oWDNYH3PxJMB8GA1UdIwQY
MBaAFMtXmdjQX0oCABHcqAMXYr6gEiVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQt
NWM2MDJmZGU5NjNiLzEveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQtNWM2MDJmZGU5NjNi
LzEveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPLjZP9oC
hUxLzvNkXDuYtZ/XaEKVFaYNJb+sSs/d3by3ZWfEKw/vLMmmRbBciPJAZEZW4tA8
qxXsdRhGLw4wn/z8JRwQXaVef9seHYScsUImTOTz2dLbilJC8HytoR8FSBBXe2R/
iMSc2ZF/XPwA+Flr9rUkpqDEVDB0TJp8gCYZq4JukCO2sU38Ai0HgBLDSRHO2vnu
Ws5+V0Qyep/Jdz/eYGzadQb7cX0BEFcMR1lnNGjqQSQv95PaKmiqTQ3kCn9QzcpJ
quyQ8Vu8x9CJARiNBJKV4kKbQbJht4QDQCYQaH23Pu76arh7NOD+mrFZat7cicIH
UIWd/7eFbFC4VQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:43:37 2025 by rpki-client