Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
File: yalITKcIq3cesduQuvyKEUwsPXk.mft (raw, json)
Hash identifier: t6+LjwfkF0f6pUWxnFRjHv3tw67ab9zOXFHJEIdnHdw=
Subject key identifier: 25:3B:5F:52:15:38:8D:F9:40:89:44:80:5F:A8:A3:6C:F8:AB:48:1E
Authority key identifier: C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
Certificate issuer: /CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Certificate serial: 019DA3E68CD379D5187D5BDEE907261D9918
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
Manifest number: 18C8
Signing time: Sun 19 Apr 2026 04:01:28 +0000
Manifest this update: Sun 19 Apr 2026 04:01:28 +0000
Manifest next update: Mon 20 Apr 2026 04:01:28 +0000
Files and hashes: 1: 3eahbNs7sLSlMwMQAPIK4WlF5S0.roa (hash: iShcDJZ7gmNtw4FSGePEabrCqu38c4kHe0CrQJ2Q7ow=)
2: MuKPEjpSeKLvjqZfVopVa-G44-Y.roa (hash: gXY94gXYWU1Pqibv85vvI+18JY770F42380MRYt28Gc=)
3: yalITKcIq3cesduQuvyKEUwsPXk.crl (hash: XCOEXlLbfka+j4jb31VYYG3PpsIggt2s6N/nZg5p8JY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a3:e6:8c:d3:79:d5:18:7d:5b:de:e9:07:26:1d:99:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Validity
Not Before: Apr 19 04:01:28 2026 GMT
Not After : Apr 20 04:01:28 2026 GMT
Subject: CN=253b5f5215388df9408944805fa8a36cf8ab481e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f0:96:48:7e:52:a7:84:1b:c0:38:eb:8d:85:
77:d7:3d:c7:da:58:11:8b:5f:5f:e8:dc:02:a6:3e:
f7:55:e9:68:96:78:9c:d8:87:bf:53:16:a7:72:07:
e3:97:5e:50:6d:c7:21:95:fc:91:94:4a:6c:bb:b2:
fa:a4:07:7b:32:48:3c:06:25:07:53:fc:00:a1:75:
89:74:9c:24:51:32:19:67:7d:1f:3f:19:29:a1:be:
70:3c:c4:71:fb:59:28:fe:fa:e2:c6:6c:de:32:40:
6b:1f:76:77:40:de:b9:69:7a:bd:9d:54:43:79:0c:
1e:b4:26:a6:19:ec:79:dc:43:b0:df:41:af:5f:b8:
b0:6c:2d:61:53:5b:41:01:46:23:47:a9:33:e1:97:
27:6a:e8:64:ee:a3:64:02:08:5c:b5:10:1f:49:5c:
84:fc:10:2b:cd:35:4f:95:3d:d9:33:e6:df:47:fb:
60:8b:b1:83:0f:21:66:64:4b:c6:61:ce:b4:4b:76:
95:63:73:40:2f:a6:d8:f5:68:2f:97:86:a2:3a:d8:
4b:1b:e2:56:fd:7a:74:7e:08:c7:b4:0c:00:e2:9e:
2e:8d:3c:5d:4d:9c:e7:e5:c7:0d:ba:d2:25:6e:cf:
9c:ef:c4:19:ab:dc:b5:42:d7:76:7a:1f:b6:03:70:
02:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:3B:5F:52:15:38:8D:F9:40:89:44:80:5F:A8:A3:6C:F8:AB:48:1E
X509v3 Authority Key Identifier:
keyid:C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:c5:4b:f5:88:98:6e:43:98:ee:6a:aa:a5:52:5a:c9:57:06:
08:86:2c:a1:cf:b2:e2:20:a1:cf:0d:d7:27:93:67:68:00:da:
d2:c4:0b:9e:2a:68:98:d8:41:ff:94:03:f6:a6:11:8e:7f:01:
91:ad:e2:89:d5:ea:b6:a6:23:92:6f:72:31:84:13:7d:f3:d0:
a7:af:17:9c:2c:a4:74:3d:ea:85:d1:1a:e0:36:0f:15:b5:ed:
ec:68:5e:25:ee:4b:cf:f9:3b:06:69:87:3f:38:4b:2d:93:56:
29:12:ee:d6:87:ed:b0:ff:d0:ba:8f:69:c0:f6:d7:6f:78:0f:
53:dc:31:24:65:61:87:f1:51:c5:f0:3f:6e:df:63:bf:44:37:
79:a0:0a:71:9d:e2:c4:c2:cd:ed:b7:2f:f6:e4:ed:d2:d1:3e:
75:e3:ba:ff:c0:85:9c:09:f6:d9:a6:e9:a5:9b:52:f9:5c:6f:
8b:67:20:96:34:da:a4:86:ea:d1:2b:07:e9:75:7a:86:99:c1:
7b:e7:b0:29:2d:7b:7e:5b:59:54:f0:42:dd:e4:6f:39:ea:cb:
aa:d0:f2:e9:54:94:dc:c3:d2:91:7e:3e:09:9e:d9:98:66:0b:
ba:f3:0a:83:50:79:27:79:ab:3f:b9:84:79:b1:fd:d2:15:0c:
12:ba:8a:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2j5ozTedUYfVve6QcmHZkYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YTk0ODRjYTcwOGFiNzcxZWIxZGI5MGJhZmM4YTExNGMy
YzNkNzkwHhcNMjYwNDE5MDQwMTI4WhcNMjYwNDIwMDQwMTI4WjAzMTEwLwYDVQQD
EygyNTNiNWY1MjE1Mzg4ZGY5NDA4OTQ0ODA1ZmE4YTM2Y2Y4YWI0ODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfCWSH5Sp4QbwDjrjYV31z3H2lgR
i19f6NwCpj73Velolnic2Ie/Uxancgfjl15QbcchlfyRlEpsu7L6pAd7Mkg8BiUH
U/wAoXWJdJwkUTIZZ30fPxkpob5wPMRx+1ko/vrixmzeMkBrH3Z3QN65aXq9nVRD
eQwetCamGex53EOw30GvX7iwbC1hU1tBAUYjR6kz4Zcnauhk7qNkAghctRAfSVyE
/BArzTVPlT3ZM+bfR/tgi7GDDyFmZEvGYc60S3aVY3NAL6bY9Wgvl4aiOthLG+JW
/Xp0fgjHtAwA4p4ujTxdTZzn5ccNutIlbs+c78QZq9y1Qtd2eh+2A3AC7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCU7X1IVOI35QIlEgF+oo2z4q0geMB8GA1UdIwQY
MBaAFMmpSEynCKt3HrHbkLr8ihFMLD15MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAt
ZDA1MTdkYjI2ZGFkLzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAtZDA1MTdkYjI2ZGFk
LzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdsVL9YiY
bkOY7mqqpVJayVcGCIYsoc+y4iChzw3XJ5NnaADa0sQLnipomNhB/5QD9qYRjn8B
ka3iidXqtqYjkm9yMYQTffPQp68XnCykdD3qhdEa4DYPFbXt7GheJe5Lz/k7BmmH
PzhLLZNWKRLu1oftsP/Quo9pwPbXb3gPU9wxJGVhh/FRxfA/bt9jv0Q3eaAKcZ3i
xMLN7bcv9uTt0tE+deO6/8CFnAn22abppZtS+Vxvi2cgljTapIbq0SsH6XV6hpnB
e+ewKS17fltZVPBC3eRvOerLqtDy6VSU3MPSkX4+CZ7ZmGYLuvMKg1B5J3mrP7mE
ebH90hUMErqKXg==
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:45:14 2026 by rpki-client