Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
File: YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft (raw, json)
Hash identifier: fkFL4U52EiNZ3jdqOEzCb6R+pDHxprr1urN4+OAkm+o=
Subject key identifier: 86:63:0C:36:DC:AA:E4:4D:CF:D8:B0:6B:A4:07:37:E5:DD:21:D4:36
Authority key identifier: 60:F3:1D:82:0C:32:40:0D:EC:0C:60:49:61:78:99:4D:57:75:2A:CC
Certificate issuer: /CN=60f31d820c32400dec0c60496178994d57752acc
Certificate serial: 019A4EF524F0995F5E3B309C41C2D480CEDA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
Manifest number: 1709
Signing time: Tue 04 Nov 2025 13:01:19 +0000
Manifest this update: Tue 04 Nov 2025 13:01:19 +0000
Manifest next update: Wed 05 Nov 2025 13:01:19 +0000
Files and hashes: 1: YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl (hash: oKP+iCUwc/dqKNnlHxJEIyzwRmd+kbIIrZeEsxIl7ok=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:24:f0:99:5f:5e:3b:30:9c:41:c2:d4:80:ce:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60f31d820c32400dec0c60496178994d57752acc
Validity
Not Before: Nov 4 13:01:19 2025 GMT
Not After : Nov 5 13:01:19 2025 GMT
Subject: CN=86630c36dcaae44dcfd8b06ba40737e5dd21d436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8e:27:7e:73:5d:9a:a8:48:2d:d0:e0:47:53:
5e:60:70:58:04:be:95:70:47:04:a5:27:4e:3a:d6:
01:ed:0b:0e:c7:8d:1d:0a:df:ae:8a:82:87:dc:19:
eb:66:0d:81:6c:56:fe:d6:39:86:d5:b2:39:a8:8c:
52:82:e3:29:8e:85:61:9a:f5:6f:c1:00:99:e5:02:
0d:5a:5f:85:9c:5c:81:1a:ee:13:e0:1f:23:36:bd:
e0:b0:b7:20:b5:f8:07:8d:8b:be:3a:52:a0:0e:2b:
a2:97:10:d0:9c:15:41:33:e6:00:94:6a:78:b7:a9:
bb:c6:0b:7d:fa:e3:7f:d6:df:f9:77:1c:21:00:43:
e6:ab:61:1e:4a:20:be:46:5e:ef:35:0d:e8:ef:39:
34:a9:c3:92:db:b1:8f:99:0a:2b:72:6c:18:6f:86:
86:63:38:cc:99:35:f0:e9:42:cc:36:b3:ab:1d:6a:
83:8e:34:35:1e:b8:8d:25:45:ce:a6:07:9e:a6:ad:
3e:83:d0:7a:f4:cb:56:9d:c4:ee:8d:3c:76:8c:3a:
c8:c4:d1:ec:d2:ba:30:f2:76:85:03:e7:77:ed:29:
21:ed:87:36:14:f5:ba:7e:03:d0:4b:1b:16:d7:6d:
94:cd:a4:4f:c2:ed:d2:d2:5f:e3:6d:b9:61:40:16:
99:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:63:0C:36:DC:AA:E4:4D:CF:D8:B0:6B:A4:07:37:E5:DD:21:D4:36
X509v3 Authority Key Identifier:
keyid:60:F3:1D:82:0C:32:40:0D:EC:0C:60:49:61:78:99:4D:57:75:2A:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:9d:c7:ec:4e:62:78:11:e8:c5:a0:a7:50:6e:9c:bc:6b:91:
da:f1:93:36:1e:f2:10:30:c6:cd:36:34:3e:56:4d:25:83:c4:
c3:54:87:18:8b:6f:0d:c7:46:f3:77:02:06:5b:70:8c:71:5d:
30:9e:f5:cb:77:e1:61:47:cd:f1:62:67:de:27:55:be:a6:d7:
f3:e7:de:13:95:bb:7e:34:64:98:d5:df:00:9e:ff:fb:98:ac:
84:2a:be:84:55:6f:cd:89:f7:a2:d1:64:cc:be:b2:ab:0e:a5:
1b:1a:eb:46:7f:ef:25:7f:9f:29:13:d1:a6:62:fc:53:dd:e2:
d7:9d:9a:8f:f8:5f:7b:a2:3a:cc:07:d4:f5:54:8a:e1:65:f8:
57:3b:f4:29:16:4a:6d:31:8b:c8:96:00:da:e4:c8:57:b1:da:
59:88:40:cb:95:2d:cf:1d:b4:d6:a3:f1:23:41:f4:7a:7b:cc:
98:59:29:4d:39:f1:5c:78:80:e4:ad:42:9d:47:70:07:99:92:
5a:ae:71:33:83:1a:c1:a0:6d:90:5c:ee:39:0c:6d:37:83:98:
c2:15:bf:8c:f9:a8:38:53:fa:d1:50:a0:e3:2b:c7:22:f1:22:
58:6d:d2:b4:10:ba:73:ee:b0:5c:8d:31:1f:9d:70:e4:84:99:
be:d2:4f:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9STwmV9eOzCcQcLUgM7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZjMxZDgyMGMzMjQwMGRlYzBjNjA0OTYxNzg5OTRkNTc3
NTJhY2MwHhcNMjUxMTA0MTMwMTE5WhcNMjUxMTA1MTMwMTE5WjAzMTEwLwYDVQQD
Eyg4NjYzMGMzNmRjYWFlNDRkY2ZkOGIwNmJhNDA3MzdlNWRkMjFkNDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx44nfnNdmqhILdDgR1NeYHBYBL6V
cEcEpSdOOtYB7QsOx40dCt+uioKH3BnrZg2BbFb+1jmG1bI5qIxSguMpjoVhmvVv
wQCZ5QINWl+FnFyBGu4T4B8jNr3gsLcgtfgHjYu+OlKgDiuilxDQnBVBM+YAlGp4
t6m7xgt9+uN/1t/5dxwhAEPmq2EeSiC+Rl7vNQ3o7zk0qcOS27GPmQorcmwYb4aG
YzjMmTXw6ULMNrOrHWqDjjQ1HriNJUXOpgeepq0+g9B69MtWncTujTx2jDrIxNHs
0row8naFA+d37Skh7Yc2FPW6fgPQSxsW122UzaRPwu3S0l/jbblhQBaZPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZjDDbcquRNz9iwa6QHN+XdIdQ2MB8GA1UdIwQY
MBaAFGDzHYIMMkAN7AxgSWF4mU1XdSrMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9hMjg1NTMtODk5Yy00MDY4LTk2NzMt
ZGVkMjExM2I5MDYwLzEvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9hMjg1NTMtODk5Yy00MDY4LTk2NzMtZGVkMjExM2I5MDYw
LzEvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATZ3H7E5i
eBHoxaCnUG6cvGuR2vGTNh7yEDDGzTY0PlZNJYPEw1SHGItvDcdG83cCBltwjHFd
MJ71y3fhYUfN8WJn3idVvqbX8+feE5W7fjRkmNXfAJ7/+5ishCq+hFVvzYn3otFk
zL6yqw6lGxrrRn/vJX+fKRPRpmL8U93i152aj/hfe6I6zAfU9VSK4WX4Vzv0KRZK
bTGLyJYA2uTIV7HaWYhAy5Utzx201qPxI0H0envMmFkpTTnxXHiA5K1CnUdwB5mS
Wq5xM4MawaBtkFzuOQxtN4OYwhW/jPmoOFP60VCg4yvHIvEiWG3StBC6c+6wXI0x
H51w5ISZvtJPLw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:15:53 2025 by rpki-client