Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/424947-1c6a-48e9-b289-f23c5a531823/1/ylIg5T5PgcoljM_qGHKAKA9fYho.mft
File: ylIg5T5PgcoljM_qGHKAKA9fYho.mft (raw, json)
Hash identifier: 609eIk/0ZUX22wlbZU4AB3ridAtRBKNjsOix/04pkWY=
Subject key identifier: 6A:76:49:C0:27:07:7E:55:E2:90:1B:84:D8:21:C7:A9:56:9A:2D:E6
Authority key identifier: CA:52:20:E5:3E:4F:81:CA:25:8C:CF:EA:18:72:80:28:0F:5F:62:1A
Certificate issuer: /CN=ca5220e53e4f81ca258ccfea187280280f5f621a
Certificate serial: 019CAD90775FE9554753F703D50B650B781D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ylIg5T5PgcoljM_qGHKAKA9fYho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/424947-1c6a-48e9-b289-f23c5a531823/1/ylIg5T5PgcoljM_qGHKAKA9fYho.mft
Manifest number: 1845
Signing time: Mon 02 Mar 2026 08:00:51 +0000
Manifest this update: Mon 02 Mar 2026 08:00:51 +0000
Manifest next update: Tue 03 Mar 2026 08:00:51 +0000
Files and hashes: 1: DTnex-UlwV0zKy6UASXDNP6H64M.roa (hash: OS8JKI81uoNsyPVMBJm7f0QmGbnDk6BbHN/7FVmcoHg=)
2: q0Xg32RLpaZ2ftlLqcFE1HiFMHM.roa (hash: veVsiD7OXuZtD0ZpV5SiKVt3Azw07hmLxG5Vpo3m3dM=)
3: ylIg5T5PgcoljM_qGHKAKA9fYho.crl (hash: /8e1aVvN/NTX9Iv+A+w3eNoGrC4bXFKSt5Z3/bAV5bM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/424947-1c6a-48e9-b289-f23c5a531823/1/ylIg5T5PgcoljM_qGHKAKA9fYho.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/424947-1c6a-48e9-b289-f23c5a531823/1/ylIg5T5PgcoljM_qGHKAKA9fYho.mft
rsync://rpki.ripe.net/repository/DEFAULT/ylIg5T5PgcoljM_qGHKAKA9fYho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:90:77:5f:e9:55:47:53:f7:03:d5:0b:65:0b:78:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca5220e53e4f81ca258ccfea187280280f5f621a
Validity
Not Before: Mar 2 08:00:51 2026 GMT
Not After : Mar 3 08:00:51 2026 GMT
Subject: CN=6a7649c027077e55e2901b84d821c7a9569a2de6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2a:46:20:f7:0b:63:a3:a4:62:02:6c:7d:1d:
cf:4f:bb:21:a4:f8:c0:5c:ff:f2:c4:96:a8:0c:a1:
ce:cf:b0:46:2e:cb:51:97:26:e2:be:5e:9e:2f:d0:
90:63:74:a3:fe:5e:b1:58:6f:ca:64:83:e8:48:b4:
64:31:50:af:64:25:64:97:14:ca:9a:37:a3:72:5f:
66:df:3e:43:f7:0b:3b:50:67:4d:b1:a7:9e:49:9b:
78:10:eb:ca:7c:cc:8a:8d:3a:3b:2b:a4:65:2f:4e:
db:4e:4b:59:31:aa:9f:d2:d4:2e:3c:f2:4a:1f:29:
66:30:9e:e5:9f:d9:d2:dd:70:08:05:0b:fe:ec:8d:
ae:5e:1a:62:90:83:32:be:54:e9:1d:2c:18:f0:10:
5b:3a:67:56:a7:49:b8:12:dc:43:b9:fb:08:d3:a0:
50:5f:b4:46:96:e1:de:05:7f:2a:fc:26:e8:22:cc:
da:f0:41:30:fd:d5:39:d7:b1:9d:cc:90:b2:1d:a7:
f1:ac:01:a3:91:50:e5:b8:2b:ea:17:e6:ec:fa:2e:
2c:5f:76:ed:08:48:c9:bc:a8:3b:77:ca:fc:ec:e8:
81:04:05:b3:f3:69:a2:3f:d7:96:fa:c5:38:71:2f:
93:58:3c:92:cb:38:8c:a9:fa:4e:3b:77:ef:b3:bd:
e5:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:76:49:C0:27:07:7E:55:E2:90:1B:84:D8:21:C7:A9:56:9A:2D:E6
X509v3 Authority Key Identifier:
keyid:CA:52:20:E5:3E:4F:81:CA:25:8C:CF:EA:18:72:80:28:0F:5F:62:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ylIg5T5PgcoljM_qGHKAKA9fYho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/424947-1c6a-48e9-b289-f23c5a531823/1/ylIg5T5PgcoljM_qGHKAKA9fYho.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/424947-1c6a-48e9-b289-f23c5a531823/1/ylIg5T5PgcoljM_qGHKAKA9fYho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:d0:0a:65:4e:b7:84:f1:43:dc:8c:46:20:72:f0:45:3f:b2:
40:0b:06:31:9f:1f:e5:d5:ae:f1:ef:95:76:f2:42:5d:b1:60:
d2:19:86:0d:4c:fb:04:b6:91:8b:0d:7d:8e:53:fa:ad:d7:4c:
d1:cc:19:8e:99:b4:a7:51:e6:19:2d:6d:49:ed:5b:9d:09:be:
d2:19:0f:d2:3e:03:46:0d:e5:94:1c:60:5d:ed:ba:27:08:41:
5d:6a:c5:44:96:18:ef:c1:61:36:93:9b:fd:cf:7d:03:ea:aa:
86:59:a4:15:fa:c7:93:cc:2a:1f:2c:e9:82:c3:68:42:2f:c3:
66:52:42:83:d4:29:fa:1c:e7:9d:bc:17:12:d1:70:d8:b7:36:
c6:06:7a:1c:65:69:65:90:44:98:66:35:22:53:c6:c9:24:5a:
0a:6e:b7:29:50:a8:91:a2:7a:e5:9a:91:a1:a6:a0:f6:5a:e0:
08:b6:c3:f3:b4:d1:9c:96:fb:0f:32:3b:52:39:84:4a:cc:2c:
80:6c:98:f5:d5:d9:c3:b9:9e:9e:d5:53:c7:8a:0b:64:5c:39:
66:99:fc:9e:d4:45:9d:10:dd:98:7d:37:d3:90:53:7f:8d:2d:
1f:72:be:f7:4f:b3:cd:99:40:97:43:bd:4b:6c:0e:98:58:2f:
48:ac:f6:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytkHdf6VVHU/cD1QtlC3gdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNTIyMGU1M2U0ZjgxY2EyNThjY2ZlYTE4NzI4MDI4MGY1
ZjYyMWEwHhcNMjYwMzAyMDgwMDUxWhcNMjYwMzAzMDgwMDUxWjAzMTEwLwYDVQQD
Eyg2YTc2NDljMDI3MDc3ZTU1ZTI5MDFiODRkODIxYzdhOTU2OWEyZGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsypGIPcLY6OkYgJsfR3PT7shpPjA
XP/yxJaoDKHOz7BGLstRlybivl6eL9CQY3Sj/l6xWG/KZIPoSLRkMVCvZCVklxTK
mjejcl9m3z5D9ws7UGdNsaeeSZt4EOvKfMyKjTo7K6RlL07bTktZMaqf0tQuPPJK
HylmMJ7ln9nS3XAIBQv+7I2uXhpikIMyvlTpHSwY8BBbOmdWp0m4EtxDufsI06BQ
X7RGluHeBX8q/CboIsza8EEw/dU517GdzJCyHafxrAGjkVDluCvqF+bs+i4sX3bt
CEjJvKg7d8r87OiBBAWz82miP9eW+sU4cS+TWDySyziMqfpOO3fvs73lEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGp2ScAnB35V4pAbhNghx6lWmi3mMB8GA1UdIwQY
MBaAFMpSIOU+T4HKJYzP6hhygCgPX2IaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWxJZzVUNVBnY29sak1fcUdIS0FLQTlmWWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80MjQ5NDctMWM2YS00OGU5LWIyODkt
ZjIzYzVhNTMxODIzLzEveWxJZzVUNVBnY29sak1fcUdIS0FLQTlmWWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80MjQ5NDctMWM2YS00OGU5LWIyODktZjIzYzVhNTMxODIz
LzEveWxJZzVUNVBnY29sak1fcUdIS0FLQTlmWWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYNAKZU63
hPFD3IxGIHLwRT+yQAsGMZ8f5dWu8e+VdvJCXbFg0hmGDUz7BLaRiw19jlP6rddM
0cwZjpm0p1HmGS1tSe1bnQm+0hkP0j4DRg3llBxgXe26JwhBXWrFRJYY78FhNpOb
/c99A+qqhlmkFfrHk8wqHyzpgsNoQi/DZlJCg9Qp+hznnbwXEtFw2Lc2xgZ6HGVp
ZZBEmGY1IlPGySRaCm63KVCokaJ65ZqRoaag9lrgCLbD87TRnJb7DzI7UjmESsws
gGyY9dXZw7mentVTx4oLZFw5Zpn8ntRFnRDdmH0305BTf40tH3K+90+zzZlAl0O9
S2wOmFgvSKz2NA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:57:41 2026 by rpki-client