Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.mft
File: yHX3bo-JQkeSPA4nYjTZikw-xcI.mft (raw, json)
Hash identifier: jTRGIGAUrkFDIkQVIfdFtCCdKSLAiC+A4w0D9sAhNmU=
Subject key identifier: 58:6D:2A:4A:BC:A2:59:D1:89:85:E7:AB:29:FB:4B:2A:F9:AC:5F:25
Authority key identifier: C8:75:F7:6E:8F:89:42:47:92:3C:0E:27:62:34:D9:8A:4C:3E:C5:C2
Certificate issuer: /CN=c875f76e8f894247923c0e276234d98a4c3ec5c2
Certificate serial: 019A52633F85FA50EC0E9CC48927C8C8D16F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHX3bo-JQkeSPA4nYjTZikw-xcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.mft
Manifest number: 170E
Signing time: Wed 05 Nov 2025 05:00:27 +0000
Manifest this update: Wed 05 Nov 2025 05:00:27 +0000
Manifest next update: Thu 06 Nov 2025 05:00:27 +0000
Files and hashes: 1: FGsyv-avFXn_iimzPOzOCwcPyYs.roa (hash: x+nbArqL7XpMEWFfS8pufHXCc23im3EMURx/7GPfFLI=)
2: I709bbaWjjvBjycgl5Y9TKJLvE0.roa (hash: XtOSTkSn/jS5PlGEkzSWe5jgilvzImx3IY3GpNZBgXs=)
3: yHX3bo-JQkeSPA4nYjTZikw-xcI.crl (hash: AovY8QivuRJD991BdgbXXEqE+C0kRmLyQ0GIogHWAII=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.mft
rsync://rpki.ripe.net/repository/DEFAULT/yHX3bo-JQkeSPA4nYjTZikw-xcI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:63:3f:85:fa:50:ec:0e:9c:c4:89:27:c8:c8:d1:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c875f76e8f894247923c0e276234d98a4c3ec5c2
Validity
Not Before: Nov 5 05:00:27 2025 GMT
Not After : Nov 6 05:00:27 2025 GMT
Subject: CN=586d2a4abca259d18985e7ab29fb4b2af9ac5f25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d4:61:e9:67:cc:de:f9:84:cc:4f:b1:cf:2c:
e5:72:fc:97:e3:0a:c1:ad:44:87:19:a3:9c:67:ab:
86:2b:50:6c:ec:6b:15:2b:cb:e4:e0:e1:12:70:98:
00:21:11:9c:1d:a6:dd:2c:b8:a8:76:2c:80:6e:1d:
a0:22:81:bb:cd:b8:6c:5f:a3:13:99:d6:6a:ec:c1:
61:2b:e5:dc:3b:b9:df:88:d6:3e:cd:c3:17:13:11:
b7:db:73:db:e1:e0:f5:1f:89:ce:9d:3b:cc:2e:4b:
ed:69:c7:2f:9c:b0:0d:c2:09:97:6e:d5:7e:ba:64:
ee:00:8c:2d:50:3c:bc:1a:03:68:6b:35:d4:7f:d3:
ce:f3:e5:25:1d:fb:ad:fd:4c:43:f8:65:3d:0c:01:
d8:a0:f8:58:94:39:1f:3a:17:a2:f8:ca:7b:ad:f4:
66:88:62:3d:3e:2f:55:a6:a2:27:9d:34:4a:b0:da:
a4:37:b9:d1:fd:fa:b8:6c:43:47:e3:25:4e:73:f4:
da:6a:ae:22:05:5a:95:5f:8d:6a:1e:b1:91:70:10:
6d:3f:7e:86:29:01:3b:94:42:97:dd:74:7f:0c:36:
5e:63:22:8f:49:7e:6a:56:77:93:e5:5d:e4:b0:71:
59:cc:29:15:04:e9:29:5b:e0:27:e0:6c:a9:90:33:
37:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:6D:2A:4A:BC:A2:59:D1:89:85:E7:AB:29:FB:4B:2A:F9:AC:5F:25
X509v3 Authority Key Identifier:
keyid:C8:75:F7:6E:8F:89:42:47:92:3C:0E:27:62:34:D9:8A:4C:3E:C5:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHX3bo-JQkeSPA4nYjTZikw-xcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:71:64:96:7d:8b:97:37:4b:cc:0e:93:4f:cd:a6:2b:99:49:
3c:b2:b3:d4:b5:01:7d:b4:b2:58:60:f4:95:86:44:78:1b:b9:
27:a6:c7:84:2d:ac:23:2c:e5:4e:4a:bb:07:9f:1c:e6:00:56:
b0:71:d2:b9:19:29:17:bd:a6:09:71:24:2e:de:76:c0:a8:aa:
74:e3:88:5e:f8:e0:3f:03:df:2b:54:45:f4:41:35:c4:32:4f:
63:ef:74:d1:75:58:b5:86:6f:07:3c:4a:60:f8:96:b9:57:ef:
37:c0:10:80:7b:75:d9:b9:a7:77:42:a3:85:0a:66:25:db:ec:
ae:88:a7:8e:ef:4b:a8:56:ed:1f:41:19:c2:3d:71:05:46:e2:
b7:83:a9:d3:05:53:82:f0:41:b7:49:dc:3d:a3:58:ad:1f:6e:
9d:d1:96:52:aa:c9:ec:60:65:31:26:1e:42:64:ea:15:d5:80:
4c:43:cf:23:d9:f7:92:48:6b:28:2d:37:d9:14:f9:19:bc:49:
38:85:60:7e:a0:be:0d:70:aa:88:9d:44:88:dd:82:3b:1c:2c:
a4:39:f4:d7:0c:13:c2:fd:f4:bd:68:bc:32:ad:a6:02:4a:19:
14:73:dc:b6:5a:e2:a9:b4:40:41:59:ff:1e:51:16:53:95:b6:
a4:9f:3d:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSYz+F+lDsDpzEiSfIyNFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NzVmNzZlOGY4OTQyNDc5MjNjMGUyNzYyMzRkOThhNGMz
ZWM1YzIwHhcNMjUxMTA1MDUwMDI3WhcNMjUxMTA2MDUwMDI3WjAzMTEwLwYDVQQD
Eyg1ODZkMmE0YWJjYTI1OWQxODk4NWU3YWIyOWZiNGIyYWY5YWM1ZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNRh6WfM3vmEzE+xzyzlcvyX4wrB
rUSHGaOcZ6uGK1Bs7GsVK8vk4OEScJgAIRGcHabdLLiodiyAbh2gIoG7zbhsX6MT
mdZq7MFhK+XcO7nfiNY+zcMXExG323Pb4eD1H4nOnTvMLkvtaccvnLANwgmXbtV+
umTuAIwtUDy8GgNoazXUf9PO8+UlHfut/UxD+GU9DAHYoPhYlDkfOhei+Mp7rfRm
iGI9Pi9VpqInnTRKsNqkN7nR/fq4bENH4yVOc/Taaq4iBVqVX41qHrGRcBBtP36G
KQE7lEKX3XR/DDZeYyKPSX5qVneT5V3ksHFZzCkVBOkpW+An4GypkDM39wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFhtKkq8olnRiYXnqyn7Syr5rF8lMB8GA1UdIwQY
MBaAFMh1926PiUJHkjwOJ2I02YpMPsXCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUhYM2JvLUpRa2VTUEE0bllqVFppa3cteGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lOWU3OTgtNGVmMy00YWE4LTgxZjAt
MzA1NjU4ZjkxNjM1LzEveUhYM2JvLUpRa2VTUEE0bllqVFppa3cteGNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lOWU3OTgtNGVmMy00YWE4LTgxZjAtMzA1NjU4ZjkxNjM1
LzEveUhYM2JvLUpRa2VTUEE0bllqVFppa3cteGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHHFkln2L
lzdLzA6TT82mK5lJPLKz1LUBfbSyWGD0lYZEeBu5J6bHhC2sIyzlTkq7B58c5gBW
sHHSuRkpF72mCXEkLt52wKiqdOOIXvjgPwPfK1RF9EE1xDJPY+900XVYtYZvBzxK
YPiWuVfvN8AQgHt12bmnd0KjhQpmJdvsroinju9LqFbtH0EZwj1xBUbit4Op0wVT
gvBBt0ncPaNYrR9undGWUqrJ7GBlMSYeQmTqFdWATEPPI9n3kkhrKC032RT5GbxJ
OIVgfqC+DXCqiJ1EiN2COxwspDn01wwTwv30vWi8Mq2mAkoZFHPctlriqbRAQVn/
HlEWU5W2pJ89gA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:28:25 2025 by rpki-client