Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.mft
File: ym3NrZkpBFbG18GOscBY2UEIiAE.mft (raw, json)
Hash identifier: 9oMXf+rL65FVRk+iOkwKfdz3ITMtlKMYzKX0Ep3fi1s=
Subject key identifier: F9:69:3F:D5:E9:31:1F:65:C3:38:00:21:97:A2:E7:8A:2D:89:85:52
Authority key identifier: CA:6D:CD:AD:99:29:04:56:C6:D7:C1:8E:B1:C0:58:D9:41:08:88:01
Certificate issuer: /CN=ca6dcdad99290456c6d7c18eb1c058d941088801
Certificate serial: 019A52633A03D1854C73D8DFA92E374C8940
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ym3NrZkpBFbG18GOscBY2UEIiAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.mft
Manifest number: 16B1
Signing time: Wed 05 Nov 2025 05:00:25 +0000
Manifest this update: Wed 05 Nov 2025 05:00:25 +0000
Manifest next update: Thu 06 Nov 2025 05:00:25 +0000
Files and hashes: 1: Vm2xySa3TZzRcufAzxt4hRBLNss.roa (hash: O5+b4nw4CSapOt9ANvlpqmvnfoL7HE4era1klJG6PPo=)
2: ym3NrZkpBFbG18GOscBY2UEIiAE.crl (hash: PF12PFraa8cXgKbxZIDlGi0wRAnDktu7gqRZb7PF2Ys=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ym3NrZkpBFbG18GOscBY2UEIiAE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 05:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:63:3a:03:d1:85:4c:73:d8:df:a9:2e:37:4c:89:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca6dcdad99290456c6d7c18eb1c058d941088801
Validity
Not Before: Nov 5 05:00:25 2025 GMT
Not After : Nov 6 05:00:25 2025 GMT
Subject: CN=f9693fd5e9311f65c338002197a2e78a2d898552
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:52:57:b9:cc:61:bb:cc:08:a7:2c:b0:89:01:
20:b9:ca:8f:a2:bd:9c:39:2d:88:ec:3f:31:43:8d:
f6:86:35:58:97:c1:76:5f:85:ad:36:7a:97:6a:cf:
98:61:2b:81:00:da:3c:39:69:e3:5c:ed:d5:eb:9c:
00:b9:f4:0c:04:11:f0:6d:1e:76:90:32:f2:78:28:
2e:c0:03:0a:a5:1d:8e:f2:4c:be:17:6f:6f:ac:7b:
72:76:b6:b6:9b:47:aa:7b:39:ea:79:bd:f1:07:0b:
64:4e:37:c7:8c:92:0c:6e:c8:2c:3d:8d:fc:69:b7:
e2:36:2b:4c:a7:cd:89:52:56:11:c2:16:9d:ba:c1:
7f:80:0b:b5:89:09:b4:4d:5c:7b:22:df:90:b6:f8:
ac:fa:7a:75:a8:05:0d:d5:c1:7b:3a:44:b9:7c:6a:
8d:bd:75:96:04:ed:72:86:12:28:ea:9a:1e:fc:39:
eb:eb:82:ce:e0:16:ca:7d:46:95:08:b4:68:88:de:
43:4a:d0:44:17:98:6f:06:98:bb:15:c6:4b:a1:9c:
f6:5f:90:dc:59:dd:92:94:81:e5:59:4b:28:2e:8f:
df:c1:5e:c5:18:61:8e:c2:5b:9d:55:f0:1b:d8:09:
81:2b:5f:41:9e:42:5b:fb:4d:dd:5f:c8:90:b0:a8:
42:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:69:3F:D5:E9:31:1F:65:C3:38:00:21:97:A2:E7:8A:2D:89:85:52
X509v3 Authority Key Identifier:
keyid:CA:6D:CD:AD:99:29:04:56:C6:D7:C1:8E:B1:C0:58:D9:41:08:88:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ym3NrZkpBFbG18GOscBY2UEIiAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:fa:5e:96:22:b7:87:14:a8:b9:19:7c:38:5b:64:d0:85:5e:
f3:77:84:38:d2:da:43:53:f5:c2:b8:5c:79:24:3f:1e:ff:07:
33:c8:df:17:44:60:c4:4c:46:6c:da:1e:cb:b9:a3:a7:bb:a6:
43:d7:4a:f8:e5:61:67:e8:7d:03:c6:4b:87:0d:8f:e2:3c:a0:
02:40:2f:84:46:8a:79:04:b9:b4:19:be:7f:b8:94:a5:07:16:
07:7d:ba:0c:8b:a4:9f:a2:eb:0c:a7:a9:3c:1b:4d:3c:d5:f8:
86:b4:c2:bb:41:f4:42:b4:a7:ed:92:96:5f:d5:4f:e7:3c:06:
ff:e7:f3:f5:c4:f4:ac:ad:c1:f7:bc:2b:9d:75:c3:34:9a:c7:
3a:47:a0:f3:39:0d:06:db:6f:00:dd:c4:b8:ef:3e:20:44:a1:
cb:77:ff:49:b7:59:31:46:0e:1a:5d:3c:fe:b0:40:4a:7a:77:
47:b0:40:e4:92:b3:a6:44:0a:2c:c2:b8:80:5b:fa:be:9f:25:
86:85:bb:b4:e9:89:f1:9b:f6:4d:6d:ee:61:35:f4:e0:df:f1:
d6:17:de:c8:79:98:37:7d:78:91:f5:29:3b:8a:ef:d6:d5:3d:
85:cb:5b:0e:de:05:f9:4d:57:7b:67:3e:ae:d6:79:ee:42:7b:
31:4c:14:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSYzoD0YVMc9jfqS43TIlAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNmRjZGFkOTkyOTA0NTZjNmQ3YzE4ZWIxYzA1OGQ5NDEw
ODg4MDEwHhcNMjUxMTA1MDUwMDI1WhcNMjUxMTA2MDUwMDI1WjAzMTEwLwYDVQQD
EyhmOTY5M2ZkNWU5MzExZjY1YzMzODAwMjE5N2EyZTc4YTJkODk4NTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1JXucxhu8wIpyywiQEgucqPor2c
OS2I7D8xQ432hjVYl8F2X4WtNnqXas+YYSuBANo8OWnjXO3V65wAufQMBBHwbR52
kDLyeCguwAMKpR2O8ky+F29vrHtydra2m0eqeznqeb3xBwtkTjfHjJIMbsgsPY38
abfiNitMp82JUlYRwhadusF/gAu1iQm0TVx7It+Qtvis+np1qAUN1cF7OkS5fGqN
vXWWBO1yhhIo6poe/Dnr64LO4BbKfUaVCLRoiN5DStBEF5hvBpi7FcZLoZz2X5Dc
Wd2SlIHlWUsoLo/fwV7FGGGOwludVfAb2AmBK19BnkJb+03dX8iQsKhCIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlpP9XpMR9lwzgAIZei54otiYVSMB8GA1UdIwQY
MBaAFMptza2ZKQRWxtfBjrHAWNlBCIgBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW0zTnJaa3BCRmJHMThHT3NjQlkyVUVJaUFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83Njc1OWUtMzk2NC00YzRmLTg3NmIt
YmM0NzVkMDA4ODY5LzEveW0zTnJaa3BCRmJHMThHT3NjQlkyVUVJaUFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83Njc1OWUtMzk2NC00YzRmLTg3NmItYmM0NzVkMDA4ODY5
LzEveW0zTnJaa3BCRmJHMThHT3NjQlkyVUVJaUFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQfpeliK3
hxSouRl8OFtk0IVe83eEONLaQ1P1wrhceSQ/Hv8HM8jfF0RgxExGbNoey7mjp7um
Q9dK+OVhZ+h9A8ZLhw2P4jygAkAvhEaKeQS5tBm+f7iUpQcWB326DIukn6LrDKep
PBtNPNX4hrTCu0H0QrSn7ZKWX9VP5zwG/+fz9cT0rK3B97wrnXXDNJrHOkeg8zkN
BttvAN3EuO8+IEShy3f/SbdZMUYOGl08/rBASnp3R7BA5JKzpkQKLMK4gFv6vp8l
hoW7tOmJ8Zv2TW3uYTX04N/x1hfeyHmYN314kfUpO4rv1tU9hctbDt4F+U1Xe2c+
rtZ57kJ7MUwU4w==
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:42:26 2025 by rpki-client