Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b4bf60-d593-40d2-9783-1e19168f5d73/1/ylF4miMTWsImjCKihWAKX5sFN3A.mft
File: ylF4miMTWsImjCKihWAKX5sFN3A.mft (raw, json)
Hash identifier: kNpACHuvOdc0zciT8vHvoaDAZlP4xIa8CTHYTveY86g=
Subject key identifier: 91:CE:12:47:87:EE:2C:45:01:33:44:2A:E8:C1:02:3C:0A:B5:9E:D4
Authority key identifier: CA:51:78:9A:23:13:5A:C2:26:8C:22:A2:85:60:0A:5F:9B:05:37:70
Certificate issuer: /CN=ca51789a23135ac2268c22a285600a5f9b053770
Certificate serial: 019CAD59B2A7006358ACBC76A9AA8AED63E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ylF4miMTWsImjCKihWAKX5sFN3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b4bf60-d593-40d2-9783-1e19168f5d73/1/ylF4miMTWsImjCKihWAKX5sFN3A.mft
Manifest number: 13AF
Signing time: Mon 02 Mar 2026 07:01:02 +0000
Manifest this update: Mon 02 Mar 2026 07:01:02 +0000
Manifest next update: Tue 03 Mar 2026 07:01:02 +0000
Files and hashes: 1: sr2F0zsExdSQr-zgnrk17i9FhUg.roa (hash: hKUfnAYzGISD3itupUfCkChJsvs636FejLl9Oqr8aQA=)
2: ylF4miMTWsImjCKihWAKX5sFN3A.crl (hash: oCLKMvNOt/5reL8ckvMoU3IeP28fJTSz5XCXAquMkTc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/b4bf60-d593-40d2-9783-1e19168f5d73/1/ylF4miMTWsImjCKihWAKX5sFN3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/b4bf60-d593-40d2-9783-1e19168f5d73/1/ylF4miMTWsImjCKihWAKX5sFN3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/ylF4miMTWsImjCKihWAKX5sFN3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:59:b2:a7:00:63:58:ac:bc:76:a9:aa:8a:ed:63:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca51789a23135ac2268c22a285600a5f9b053770
Validity
Not Before: Mar 2 07:01:02 2026 GMT
Not After : Mar 3 07:01:02 2026 GMT
Subject: CN=91ce124787ee2c450133442ae8c1023c0ab59ed4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d9:3a:5b:ef:54:f3:9f:16:f9:3f:53:5f:34:
4d:ab:b0:25:69:1c:eb:5f:b7:d4:08:a8:40:6a:db:
b2:65:c8:ee:99:cc:a0:c3:7c:b4:c2:07:01:f7:9e:
27:90:1a:d5:ba:18:c2:99:6a:61:62:f5:03:21:58:
1a:5b:e7:ab:ad:31:5a:79:b3:d9:13:9b:3e:b0:b5:
94:41:11:e2:ec:9b:bf:d7:42:2e:74:a6:53:fe:74:
d1:c6:6b:95:07:d1:ef:33:a4:a5:8f:75:b8:44:f9:
88:be:6d:31:ce:b0:ee:2b:32:b5:f4:ad:07:e5:4f:
cd:26:d8:c5:f1:28:c1:22:c0:38:f0:49:dd:79:80:
55:52:7b:ad:01:da:5f:82:7c:e0:03:4b:86:00:11:
7d:4f:0f:02:fd:8d:23:b8:70:45:ad:e6:31:5e:53:
d7:d4:17:5d:a9:2a:70:54:36:61:cb:21:01:39:8d:
73:46:99:c6:1a:05:79:e4:aa:5f:a9:df:c2:df:b8:
3a:6f:e1:7f:af:fc:ea:59:3b:a1:f2:b9:0e:17:17:
0e:d8:5d:bb:24:5b:86:e4:72:90:2c:8d:09:e4:5a:
fb:31:33:5c:69:8f:07:cd:fe:c8:fe:c8:a5:69:59:
10:d5:7f:3a:2d:cb:a7:75:f0:09:31:41:1d:bb:61:
46:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:CE:12:47:87:EE:2C:45:01:33:44:2A:E8:C1:02:3C:0A:B5:9E:D4
X509v3 Authority Key Identifier:
keyid:CA:51:78:9A:23:13:5A:C2:26:8C:22:A2:85:60:0A:5F:9B:05:37:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ylF4miMTWsImjCKihWAKX5sFN3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b4bf60-d593-40d2-9783-1e19168f5d73/1/ylF4miMTWsImjCKihWAKX5sFN3A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b4bf60-d593-40d2-9783-1e19168f5d73/1/ylF4miMTWsImjCKihWAKX5sFN3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:c9:d5:78:3c:db:67:9c:0b:7c:85:cf:0f:d6:2b:9b:e5:40:
3e:b1:17:1b:91:51:a0:bc:95:e7:31:3b:90:5f:bc:bc:96:b0:
39:d0:26:38:8a:e1:0a:1b:40:cc:42:a7:50:5a:08:7d:d1:ed:
c4:7e:3f:18:9c:2e:44:de:99:18:d0:2e:09:90:e9:6b:5c:5c:
00:53:91:49:40:47:88:16:d0:b5:4d:55:55:78:27:47:1f:7f:
da:fc:0a:b9:f2:a0:a5:ad:8e:17:43:6d:da:6c:78:e9:1e:25:
e2:02:b1:dd:e4:13:60:23:11:c1:f0:09:c8:63:50:79:59:bf:
91:6b:32:cb:28:db:4b:d9:cb:47:95:3c:43:34:da:dd:c5:cd:
5c:b2:8d:4b:b1:9d:a6:5f:95:13:3e:b5:e9:34:85:47:95:e6:
01:f3:e0:82:4b:bc:49:eb:3d:41:fb:c5:9f:c0:5a:41:57:e9:
a6:c7:00:f6:9e:c4:76:62:60:2c:c2:a5:de:e5:83:d0:9e:e1:
56:32:ff:52:c7:2d:9e:77:3e:55:a3:77:10:45:d3:55:1f:3e:
65:b4:c7:d7:d9:b0:8b:b9:3a:3c:93:01:a5:f6:ec:02:07:35:
e6:24:0f:c2:20:06:a3:ca:84:43:ed:55:9c:cf:ef:10:9d:f8:
72:8f:67:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWbKnAGNYrLx2qaqK7WPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNTE3ODlhMjMxMzVhYzIyNjhjMjJhMjg1NjAwYTVmOWIw
NTM3NzAwHhcNMjYwMzAyMDcwMTAyWhcNMjYwMzAzMDcwMTAyWjAzMTEwLwYDVQQD
Eyg5MWNlMTI0Nzg3ZWUyYzQ1MDEzMzQ0MmFlOGMxMDIzYzBhYjU5ZWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9k6W+9U858W+T9TXzRNq7AlaRzr
X7fUCKhAatuyZcjumcygw3y0wgcB954nkBrVuhjCmWphYvUDIVgaW+errTFaebPZ
E5s+sLWUQRHi7Ju/10IudKZT/nTRxmuVB9HvM6Slj3W4RPmIvm0xzrDuKzK19K0H
5U/NJtjF8SjBIsA48EndeYBVUnutAdpfgnzgA0uGABF9Tw8C/Y0juHBFreYxXlPX
1BddqSpwVDZhyyEBOY1zRpnGGgV55Kpfqd/C37g6b+F/r/zqWTuh8rkOFxcO2F27
JFuG5HKQLI0J5Fr7MTNcaY8Hzf7I/silaVkQ1X86LcundfAJMUEdu2FGfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJHOEkeH7ixFATNEKujBAjwKtZ7UMB8GA1UdIwQY
MBaAFMpReJojE1rCJowiooVgCl+bBTdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWxGNG1pTVRXc0ltakNLaWhXQUtYNXNGTjNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iNGJmNjAtZDU5My00MGQyLTk3ODMt
MWUxOTE2OGY1ZDczLzEveWxGNG1pTVRXc0ltakNLaWhXQUtYNXNGTjNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iNGJmNjAtZDU5My00MGQyLTk3ODMtMWUxOTE2OGY1ZDcz
LzEveWxGNG1pTVRXc0ltakNLaWhXQUtYNXNGTjNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHcnVeDzb
Z5wLfIXPD9Yrm+VAPrEXG5FRoLyV5zE7kF+8vJawOdAmOIrhChtAzEKnUFoIfdHt
xH4/GJwuRN6ZGNAuCZDpa1xcAFORSUBHiBbQtU1VVXgnRx9/2vwKufKgpa2OF0Nt
2mx46R4l4gKx3eQTYCMRwfAJyGNQeVm/kWsyyyjbS9nLR5U8QzTa3cXNXLKNS7Gd
pl+VEz616TSFR5XmAfPggku8Ses9QfvFn8BaQVfppscA9p7EdmJgLMKl3uWD0J7h
VjL/Usctnnc+VaN3EEXTVR8+ZbTH19mwi7k6PJMBpfbsAgc15iQPwiAGo8qEQ+1V
nM/vEJ34co9nMQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:01:48 2026 by rpki-client