Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/424947-1c6a-48e9-b289-f23c5a531823/1/ylIg5T5PgcoljM_qGHKAKA9fYho.mft
File: ylIg5T5PgcoljM_qGHKAKA9fYho.mft (raw, json)
Hash identifier: ZG94sopBcN0cV4yHwkaPXMTOuhZV/1Y6pJjmmUka1kg=
Subject key identifier: B5:F9:9C:61:5C:8C:B3:0E:D8:AC:89:62:EC:C7:9B:3E:13:24:6F:B0
Authority key identifier: CA:52:20:E5:3E:4F:81:CA:25:8C:CF:EA:18:72:80:28:0F:5F:62:1A
Certificate issuer: /CN=ca5220e53e4f81ca258ccfea187280280f5f621a
Certificate serial: 019A4DE2104C31BB704C00A8B010D3413C23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ylIg5T5PgcoljM_qGHKAKA9fYho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/424947-1c6a-48e9-b289-f23c5a531823/1/ylIg5T5PgcoljM_qGHKAKA9fYho.mft
Manifest number: 170A
Signing time: Tue 04 Nov 2025 08:00:52 +0000
Manifest this update: Tue 04 Nov 2025 08:00:52 +0000
Manifest next update: Wed 05 Nov 2025 08:00:52 +0000
Files and hashes: 1: HnblzgjRhv7ohFCku2dgX5Jr7vw.roa (hash: o9K0gGCxUA0R4sGgN9lj9M6IzHoNtSXBjdq46DJlaa4=)
2: dem0uBwT7g7YZDZIQsS-aXVQdOI.roa (hash: XISttqO419C7SgkgSmOfFJd6GmXYZpUuMQWw/YZudzA=)
3: ylIg5T5PgcoljM_qGHKAKA9fYho.crl (hash: YmugXdsgADmkHdNbv8MRXND+UcBSKyiMihxJPu98oWg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/424947-1c6a-48e9-b289-f23c5a531823/1/ylIg5T5PgcoljM_qGHKAKA9fYho.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/424947-1c6a-48e9-b289-f23c5a531823/1/ylIg5T5PgcoljM_qGHKAKA9fYho.mft
rsync://rpki.ripe.net/repository/DEFAULT/ylIg5T5PgcoljM_qGHKAKA9fYho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e2:10:4c:31:bb:70:4c:00:a8:b0:10:d3:41:3c:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca5220e53e4f81ca258ccfea187280280f5f621a
Validity
Not Before: Nov 4 08:00:52 2025 GMT
Not After : Nov 5 08:00:52 2025 GMT
Subject: CN=b5f99c615c8cb30ed8ac8962ecc79b3e13246fb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1c:fa:81:2e:1c:5b:04:e7:d9:8d:37:b8:df:
40:4e:c4:d6:12:09:97:18:75:ea:24:5f:34:e7:a4:
7b:be:6c:de:ab:2d:f1:f7:1c:fe:d4:da:6e:37:5f:
4e:57:61:33:a6:d7:e1:c9:9b:94:13:b0:0d:a7:a7:
b3:a1:c0:dc:56:8d:f3:cf:66:d3:9e:65:bf:ad:25:
89:39:30:00:c7:88:b5:44:9c:84:06:18:52:a7:4c:
1e:74:4d:d1:1e:0f:03:9e:8f:86:92:1c:3e:48:d2:
0d:bf:c1:39:14:dd:b6:1b:59:1f:34:db:fd:40:6c:
28:06:75:11:8c:59:da:2d:7c:71:5b:68:a5:ea:55:
1a:42:6a:e4:65:87:fb:60:57:58:d4:d0:22:12:b3:
bb:72:0e:fd:f5:a6:05:f0:ba:95:5f:a0:e4:7c:14:
be:69:94:36:5e:d0:e7:3a:0e:2a:55:0d:8c:6b:7a:
70:fe:cc:e4:91:20:02:67:63:65:38:db:4f:47:a3:
7d:0e:41:a0:8d:43:f3:22:f8:e0:e4:33:73:6a:c2:
c8:ad:ee:6c:56:34:4b:91:bb:1f:ae:76:a9:f7:22:
61:2d:b2:88:36:63:0f:cc:ef:b9:8c:ed:7f:ab:22:
7b:b2:63:c6:cb:db:9a:c3:72:28:7a:8c:f8:57:c9:
bb:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F9:9C:61:5C:8C:B3:0E:D8:AC:89:62:EC:C7:9B:3E:13:24:6F:B0
X509v3 Authority Key Identifier:
keyid:CA:52:20:E5:3E:4F:81:CA:25:8C:CF:EA:18:72:80:28:0F:5F:62:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ylIg5T5PgcoljM_qGHKAKA9fYho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/424947-1c6a-48e9-b289-f23c5a531823/1/ylIg5T5PgcoljM_qGHKAKA9fYho.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/424947-1c6a-48e9-b289-f23c5a531823/1/ylIg5T5PgcoljM_qGHKAKA9fYho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:87:6a:57:54:02:4b:8d:f2:04:ff:0f:57:d1:03:2c:d8:b6:
16:1b:d4:ed:91:da:5d:e1:3d:c8:d9:0a:ef:5f:3f:4d:41:f1:
9e:3a:e3:86:4a:07:8b:1d:f4:a5:b2:64:98:4c:2c:8f:2a:83:
eb:f4:5e:cc:c3:15:73:7c:3b:23:6e:af:c8:ff:03:ea:b1:d4:
92:dc:ed:c6:a2:fb:b9:24:fc:58:0d:bd:53:2b:4c:20:23:94:
85:44:47:f7:81:f1:86:74:ef:b8:90:2e:b2:23:fa:07:7c:68:
06:ec:d9:14:95:10:c3:4a:67:e6:37:07:04:40:3e:9f:21:f1:
72:83:38:2e:cd:61:8e:07:0c:f0:17:9d:d7:63:ee:10:ac:04:
0e:2c:05:b2:f0:4f:40:40:6b:2f:1d:0c:95:82:b3:e4:fb:a9:
7e:c0:78:2c:8b:85:79:09:3f:43:e3:c3:98:30:2b:1b:e7:00:
d6:77:69:16:db:26:5c:a3:54:3c:4b:5c:f7:fb:88:04:4b:ea:
4b:fb:3a:db:f0:86:f2:2a:84:b9:fd:c9:fc:ef:02:ab:bf:15:
e6:6b:42:a1:55:73:9e:22:4b:69:38:d6:1a:c9:38:40:1b:2c:
38:42:9e:11:90:0d:ef:34:95:b1:33:ef:fd:67:87:e7:b3:09:
dc:a7:f8:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4hBMMbtwTACosBDTQTwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNTIyMGU1M2U0ZjgxY2EyNThjY2ZlYTE4NzI4MDI4MGY1
ZjYyMWEwHhcNMjUxMTA0MDgwMDUyWhcNMjUxMTA1MDgwMDUyWjAzMTEwLwYDVQQD
EyhiNWY5OWM2MTVjOGNiMzBlZDhhYzg5NjJlY2M3OWIzZTEzMjQ2ZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxz6gS4cWwTn2Y03uN9ATsTWEgmX
GHXqJF8056R7vmzeqy3x9xz+1NpuN19OV2EzptfhyZuUE7ANp6ezocDcVo3zz2bT
nmW/rSWJOTAAx4i1RJyEBhhSp0wedE3RHg8Dno+Gkhw+SNINv8E5FN22G1kfNNv9
QGwoBnURjFnaLXxxW2il6lUaQmrkZYf7YFdY1NAiErO7cg799aYF8LqVX6DkfBS+
aZQ2XtDnOg4qVQ2Ma3pw/szkkSACZ2NlONtPR6N9DkGgjUPzIvjg5DNzasLIre5s
VjRLkbsfrnap9yJhLbKINmMPzO+5jO1/qyJ7smPGy9uaw3Ioeoz4V8m7FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLX5nGFcjLMO2KyJYuzHmz4TJG+wMB8GA1UdIwQY
MBaAFMpSIOU+T4HKJYzP6hhygCgPX2IaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWxJZzVUNVBnY29sak1fcUdIS0FLQTlmWWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80MjQ5NDctMWM2YS00OGU5LWIyODkt
ZjIzYzVhNTMxODIzLzEveWxJZzVUNVBnY29sak1fcUdIS0FLQTlmWWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80MjQ5NDctMWM2YS00OGU5LWIyODktZjIzYzVhNTMxODIz
LzEveWxJZzVUNVBnY29sak1fcUdIS0FLQTlmWWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlYdqV1QC
S43yBP8PV9EDLNi2FhvU7ZHaXeE9yNkK718/TUHxnjrjhkoHix30pbJkmEwsjyqD
6/RezMMVc3w7I26vyP8D6rHUktztxqL7uST8WA29UytMICOUhURH94HxhnTvuJAu
siP6B3xoBuzZFJUQw0pn5jcHBEA+nyHxcoM4Ls1hjgcM8Bed12PuEKwEDiwFsvBP
QEBrLx0MlYKz5PupfsB4LIuFeQk/Q+PDmDArG+cA1ndpFtsmXKNUPEtc9/uIBEvq
S/s62/CG8iqEuf3J/O8Cq78V5mtCoVVzniJLaTjWGsk4QBssOEKeEZAN7zSVsTPv
/WeH57MJ3Kf4xA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 11:00:43 2025 by rpki-client