Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
File: yalITKcIq3cesduQuvyKEUwsPXk.mft (raw, json)
Hash identifier: hxwtDGpyn51bNbAYjnm3TKY0JiCQKtH7niCGXyEPxD4=
Subject key identifier: F6:C1:FA:1F:4F:56:10:BC:7A:B4:BF:29:E4:B5:D5:C7:9B:D6:68:88
Authority key identifier: C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
Certificate issuer: /CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Certificate serial: 019A4D747C8BD2D92B0A7BEDF7271A596C02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 06:01:10 +0000
Manifest this update: Tue 04 Nov 2025 06:01:10 +0000
Manifest next update: Wed 05 Nov 2025 06:01:10 +0000
Files and hashes: 1: __KLjvjgMO1LuKrx6zZXZJBcRtk.roa (hash: kZSjdOtgx956Q9WcOxsnl5QBMbkPJAPdg2gED1ZbQy4=)
2: xmOvbRNpbfTNvGRi0NGmoChwF8k.roa (hash: 7oU4y3FJaTZ6zlZMUwxbLqzJR9lqEVzJSwfHVW5xI4s=)
3: yalITKcIq3cesduQuvyKEUwsPXk.crl (hash: WnD3bYFOs19kL0+wbWp8BbUuaOEPZ7iXteGlxJkyuIY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:74:7c:8b:d2:d9:2b:0a:7b:ed:f7:27:1a:59:6c:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Validity
Not Before: Nov 4 06:01:10 2025 GMT
Not After : Nov 5 06:01:10 2025 GMT
Subject: CN=f6c1fa1f4f5610bc7ab4bf29e4b5d5c79bd66888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2d:0f:5f:85:7b:a1:60:b8:39:0a:ec:04:70:
07:a1:ae:25:25:60:81:39:fd:52:fe:fc:c7:3d:35:
af:9d:90:a1:7f:bd:63:38:ec:3b:e1:9c:c6:cb:09:
fc:44:ea:08:51:b1:21:30:ad:4e:fe:ca:20:59:5b:
de:0a:a5:2b:6e:c3:1a:84:de:bc:79:22:3a:33:f1:
c6:4e:94:a4:2f:89:da:c6:d9:a0:66:cc:40:02:1d:
a7:05:bb:b0:e9:74:2c:26:2e:03:88:c9:80:40:a2:
c3:c1:02:5d:2c:73:19:76:f5:b7:dd:bf:f4:e0:3e:
f8:c1:c1:49:59:9e:7c:fb:d2:12:a8:91:6e:49:7a:
f1:5a:c9:80:9d:01:d8:c0:64:11:86:41:24:35:83:
d4:2a:d1:96:cd:c4:b4:02:71:ab:b1:2d:b5:86:d6:
44:ac:4c:0c:81:32:e6:cd:26:54:c4:82:b7:a5:e4:
12:c5:45:aa:41:74:7d:31:08:ac:b5:5c:ee:a1:4f:
2c:36:78:5d:05:79:80:6d:43:d0:32:21:00:f0:21:
5f:f0:e5:9c:77:2b:9e:5c:09:4e:73:fe:78:0b:5e:
da:11:08:97:69:91:d3:d5:32:f4:86:cf:a9:60:eb:
b0:83:96:a7:13:d4:ff:92:37:1b:a9:b8:65:23:08:
db:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C1:FA:1F:4F:56:10:BC:7A:B4:BF:29:E4:B5:D5:C7:9B:D6:68:88
X509v3 Authority Key Identifier:
keyid:C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:5b:1a:84:a7:b4:59:1b:f7:84:6d:e6:24:e6:60:f3:a1:72:
50:92:8b:01:dd:96:e7:19:f0:a8:c5:27:72:00:e0:23:0c:79:
e6:63:3b:6d:12:6e:75:46:74:ea:a3:86:b9:20:be:dd:2f:da:
79:03:a4:8e:03:e3:ab:c0:22:2c:7b:c0:7b:e8:17:7e:4d:92:
9a:53:10:19:75:79:2f:32:3f:44:d7:6c:78:3e:7c:a1:7b:69:
4b:5b:03:3f:04:58:b8:c2:51:0e:11:51:e4:87:61:d4:69:39:
ac:4f:21:e4:70:5f:f8:f1:59:1e:3b:98:3f:58:fd:ea:8a:a5:
1c:74:58:b4:8b:23:2c:a6:20:b7:3b:68:8f:cd:52:eb:2e:87:
2f:f8:74:b5:73:d7:cf:cf:04:c7:a0:f2:33:18:25:36:51:9b:
57:01:21:3a:96:33:47:ec:d8:f0:2f:43:f4:22:35:fc:02:0b:
ac:d7:01:96:54:6c:85:74:ae:50:6b:27:4c:8c:be:ff:fc:37:
91:0b:e0:84:5d:2f:65:f0:c0:49:ed:0a:e4:81:4d:f3:18:ab:
63:39:b9:6f:2d:17:d9:46:36:fe:6f:7b:13:b2:25:e1:f2:59:
fa:7c:dd:ad:51:7e:a0:9a:51:3e:08:5f:92:34:6f:fc:7d:ea:
cc:4d:9a:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdHyL0tkrCnvt9ycaWWwCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YTk0ODRjYTcwOGFiNzcxZWIxZGI5MGJhZmM4YTExNGMy
YzNkNzkwHhcNMjUxMTA0MDYwMTEwWhcNMjUxMTA1MDYwMTEwWjAzMTEwLwYDVQQD
EyhmNmMxZmExZjRmNTYxMGJjN2FiNGJmMjllNGI1ZDVjNzliZDY2ODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxC0PX4V7oWC4OQrsBHAHoa4lJWCB
Of1S/vzHPTWvnZChf71jOOw74ZzGywn8ROoIUbEhMK1O/sogWVveCqUrbsMahN68
eSI6M/HGTpSkL4naxtmgZsxAAh2nBbuw6XQsJi4DiMmAQKLDwQJdLHMZdvW33b/0
4D74wcFJWZ58+9ISqJFuSXrxWsmAnQHYwGQRhkEkNYPUKtGWzcS0AnGrsS21htZE
rEwMgTLmzSZUxIK3peQSxUWqQXR9MQistVzuoU8sNnhdBXmAbUPQMiEA8CFf8OWc
dyueXAlOc/54C17aEQiXaZHT1TL0hs+pYOuwg5anE9T/kjcbqbhlIwjbQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPbB+h9PVhC8erS/KeS11ceb1miIMB8GA1UdIwQY
MBaAFMmpSEynCKt3HrHbkLr8ihFMLD15MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAt
ZDA1MTdkYjI2ZGFkLzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAtZDA1MTdkYjI2ZGFk
LzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgFsahKe0
WRv3hG3mJOZg86FyUJKLAd2W5xnwqMUncgDgIwx55mM7bRJudUZ06qOGuSC+3S/a
eQOkjgPjq8AiLHvAe+gXfk2SmlMQGXV5LzI/RNdseD58oXtpS1sDPwRYuMJRDhFR
5Idh1Gk5rE8h5HBf+PFZHjuYP1j96oqlHHRYtIsjLKYgtztoj81S6y6HL/h0tXPX
z88Ex6DyMxglNlGbVwEhOpYzR+zY8C9D9CI1/AILrNcBllRshXSuUGsnTIy+//w3
kQvghF0vZfDASe0K5IFN8xirYzm5by0X2UY2/m97E7Il4fJZ+nzdrVF+oJpRPghf
kjRv/H3qzE2aPw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:41:36 2025 by rpki-client