Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
File: yalITKcIq3cesduQuvyKEUwsPXk.mft (raw, json)
Hash identifier: hVk/K8mIdCBOX3NX37J/C0gWqAsgtAyrwxZkhsGHQ3U=
Subject key identifier: 4A:87:66:08:53:81:6F:04:E5:83:9E:77:EC:C8:4C:0E:5E:54:BC:36
Authority key identifier: C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
Certificate issuer: /CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Certificate serial: 019CAAC680FEA45F7E30B6B56CCCDAE5AC92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
Manifest number: 1847
Signing time: Sun 01 Mar 2026 19:01:01 +0000
Manifest this update: Sun 01 Mar 2026 19:01:01 +0000
Manifest next update: Mon 02 Mar 2026 19:01:01 +0000
Files and hashes: 1: 3eahbNs7sLSlMwMQAPIK4WlF5S0.roa (hash: iShcDJZ7gmNtw4FSGePEabrCqu38c4kHe0CrQJ2Q7ow=)
2: MuKPEjpSeKLvjqZfVopVa-G44-Y.roa (hash: gXY94gXYWU1Pqibv85vvI+18JY770F42380MRYt28Gc=)
3: yalITKcIq3cesduQuvyKEUwsPXk.crl (hash: nK94Dj4iOT7dfSLb7oUZxSKzemP68v7ML+n+jZY3gV8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:80:fe:a4:5f:7e:30:b6:b5:6c:cc:da:e5:ac:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Validity
Not Before: Mar 1 19:01:01 2026 GMT
Not After : Mar 2 19:01:01 2026 GMT
Subject: CN=4a87660853816f04e5839e77ecc84c0e5e54bc36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:0c:94:57:41:82:27:a2:78:15:7a:04:2e:cc:
93:e8:75:b2:9d:12:8b:1f:bb:bc:b6:ed:d7:46:da:
78:ee:7e:31:38:e3:8e:c5:a3:40:fe:57:e3:69:d4:
03:e2:6d:a3:8e:a4:c5:b4:a2:f1:41:4f:5e:4d:6e:
03:af:4f:54:46:e5:99:de:bf:f0:6a:5e:64:be:dd:
50:a1:8a:a2:04:f5:2a:fc:c5:0a:5a:73:ec:ec:0e:
51:c2:b3:1e:0b:98:da:52:b1:17:bd:f3:c2:96:60:
3c:d8:df:c0:78:af:f6:ec:aa:08:a3:ca:e6:3b:3b:
97:9b:24:cf:7f:5d:58:d7:12:44:87:fe:37:d1:ec:
87:4c:0e:40:e1:64:a2:93:9b:be:50:f7:af:4e:c6:
2c:99:d5:50:39:e7:09:d5:38:7f:47:03:ae:f8:90:
c5:89:bb:51:e8:05:da:05:f2:36:b9:26:ce:a5:af:
2b:cd:21:0e:80:28:7a:fe:1d:55:07:c9:84:88:39:
c0:36:83:c9:93:c2:64:35:d0:1b:29:77:31:7c:53:
6b:a1:26:3a:65:f6:a3:8a:71:4b:59:1b:8b:f9:9d:
f2:5d:36:ed:3c:65:13:81:99:13:f0:c6:5d:9b:61:
7e:58:b7:13:20:93:bc:3f:4e:57:1b:c8:69:3d:00:
c8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:87:66:08:53:81:6F:04:E5:83:9E:77:EC:C8:4C:0E:5E:54:BC:36
X509v3 Authority Key Identifier:
keyid:C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:ec:bd:d5:e8:7f:1c:56:85:ce:c4:7c:36:ac:78:e4:e4:b2:
f0:38:39:9d:da:13:d4:4c:cc:00:12:91:8e:ef:c2:b3:fd:6e:
e5:0f:f1:0d:66:64:9d:5d:8a:57:b6:6d:52:62:e5:d0:ad:9b:
5c:9d:39:09:5a:6f:93:5f:f4:41:bb:49:01:ac:15:a2:91:a3:
d4:28:44:d8:85:2c:10:c8:31:de:62:63:9f:22:07:9c:6f:33:
4a:fc:ca:5b:0b:f4:48:0f:ce:eb:92:68:16:17:b9:06:9c:db:
13:22:e2:55:bd:05:30:6a:b3:95:25:6d:e3:8b:b1:11:2c:19:
9c:55:39:8c:57:e8:97:71:06:a2:4f:01:87:cf:93:b9:d0:55:
3f:e7:93:76:90:61:2c:ab:19:e6:63:29:9e:6f:e7:d7:f2:ac:
34:f4:d6:32:34:6c:f9:4d:97:c8:67:57:69:f9:f7:76:75:d6:
f6:0d:84:74:89:2d:66:e1:04:29:d0:7d:bf:e7:55:5a:42:c5:
a1:29:99:91:6e:df:b6:be:2e:c1:66:47:b4:ab:fa:d2:45:73:
bf:ff:cf:ad:c7:b5:97:9b:47:68:54:6d:3b:b6:d9:a9:5b:4a:
1f:d3:bb:9a:7b:76:51:c8:dc:f1:4a:fd:69:a9:eb:eb:74:42:
b3:94:84:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxoD+pF9+MLa1bMza5aySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YTk0ODRjYTcwOGFiNzcxZWIxZGI5MGJhZmM4YTExNGMy
YzNkNzkwHhcNMjYwMzAxMTkwMTAxWhcNMjYwMzAyMTkwMTAxWjAzMTEwLwYDVQQD
Eyg0YTg3NjYwODUzODE2ZjA0ZTU4MzllNzdlY2M4NGMwZTVlNTRiYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4gyUV0GCJ6J4FXoELsyT6HWynRKL
H7u8tu3XRtp47n4xOOOOxaNA/lfjadQD4m2jjqTFtKLxQU9eTW4Dr09URuWZ3r/w
al5kvt1QoYqiBPUq/MUKWnPs7A5RwrMeC5jaUrEXvfPClmA82N/AeK/27KoIo8rm
OzuXmyTPf11Y1xJEh/430eyHTA5A4WSik5u+UPevTsYsmdVQOecJ1Th/RwOu+JDF
ibtR6AXaBfI2uSbOpa8rzSEOgCh6/h1VB8mEiDnANoPJk8JkNdAbKXcxfFNroSY6
ZfajinFLWRuL+Z3yXTbtPGUTgZkT8MZdm2F+WLcTIJO8P05XG8hpPQDIWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqHZghTgW8E5YOed+zITA5eVLw2MB8GA1UdIwQY
MBaAFMmpSEynCKt3HrHbkLr8ihFMLD15MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAt
ZDA1MTdkYjI2ZGFkLzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAtZDA1MTdkYjI2ZGFk
LzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe+y91eh/
HFaFzsR8Nqx45OSy8Dg5ndoT1EzMABKRju/Cs/1u5Q/xDWZknV2KV7ZtUmLl0K2b
XJ05CVpvk1/0QbtJAawVopGj1ChE2IUsEMgx3mJjnyIHnG8zSvzKWwv0SA/O65Jo
Fhe5BpzbEyLiVb0FMGqzlSVt44uxESwZnFU5jFfol3EGok8Bh8+TudBVP+eTdpBh
LKsZ5mMpnm/n1/KsNPTWMjRs+U2XyGdXafn3dnXW9g2EdIktZuEEKdB9v+dVWkLF
oSmZkW7ftr4uwWZHtKv60kVzv//Prce1l5tHaFRtO7bZqVtKH9O7mnt2Ucjc8Ur9
aanr63RCs5SEQQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:21:25 2026 by rpki-client