Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/f5794a-b191-4646-a842-f49fea545e78/1/YNCwIHYDvkPYSS6YUTeLi08JWU8.mft
File: YNCwIHYDvkPYSS6YUTeLi08JWU8.mft (raw, json)
Hash identifier: IHaQGXjd9aIXIRcjFsJjNBo/xesVBsEcZH7DeOOSKnk=
Subject key identifier: 51:27:14:25:4B:FA:B3:F3:47:FC:3B:48:23:26:D8:D5:41:29:89:08
Authority key identifier: 60:D0:B0:20:76:03:BE:43:D8:49:2E:98:51:37:8B:8B:4F:09:59:4F
Certificate issuer: /CN=60d0b0207603be43d8492e9851378b8b4f09594f
Certificate serial: 019A53E3E9E288B6BA57644F57987D903BBC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YNCwIHYDvkPYSS6YUTeLi08JWU8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/f5794a-b191-4646-a842-f49fea545e78/1/YNCwIHYDvkPYSS6YUTeLi08JWU8.mft
Manifest number: 16A2
Signing time: Wed 05 Nov 2025 12:00:36 +0000
Manifest this update: Wed 05 Nov 2025 12:00:36 +0000
Manifest next update: Thu 06 Nov 2025 12:00:36 +0000
Files and hashes: 1: TGCJDTG82pX-vT9LeK2kOQ4sDi8.roa (hash: zRKBbHZChcvp4qDJB7Pkx8ohWvBK1TWvnJD0kE9wiHc=)
2: YNCwIHYDvkPYSS6YUTeLi08JWU8.crl (hash: VuXWIvnI/IzUxw+Qo+9WAdacFRqwX8jv/SOWZCZAqEk=)
3: hmDTZOEMQo2FsgMZ2bH5HdU2vyI.roa (hash: NbIM1acTbudT3ToneHmDuzQP2dnfQF8A/BNgiqfCI44=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/f5794a-b191-4646-a842-f49fea545e78/1/YNCwIHYDvkPYSS6YUTeLi08JWU8.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/f5794a-b191-4646-a842-f49fea545e78/1/YNCwIHYDvkPYSS6YUTeLi08JWU8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YNCwIHYDvkPYSS6YUTeLi08JWU8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:e3:e9:e2:88:b6:ba:57:64:4f:57:98:7d:90:3b:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60d0b0207603be43d8492e9851378b8b4f09594f
Validity
Not Before: Nov 5 12:00:36 2025 GMT
Not After : Nov 6 12:00:36 2025 GMT
Subject: CN=512714254bfab3f347fc3b482326d8d541298908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f5:10:c2:fd:18:a5:12:70:8c:d8:1a:46:0e:
3a:b4:ef:bd:06:69:d1:ab:c9:aa:57:65:65:a5:d8:
ee:fe:01:16:1b:5b:3c:65:e8:28:f7:39:9d:c0:84:
e5:9f:e6:41:05:a2:7e:26:d1:61:d4:83:a9:37:51:
1f:78:f7:7c:25:a3:20:8e:cf:51:40:4f:cf:1c:99:
ac:6c:d2:ae:97:59:46:a1:8e:40:18:08:79:7c:07:
61:a1:54:af:bb:48:5f:27:a3:85:39:0a:34:ea:52:
67:32:8a:67:2c:b9:5e:be:02:dc:99:96:2a:11:a0:
e0:5d:1a:d3:9a:3d:4e:ab:f9:31:56:09:33:c0:c3:
0c:fe:a8:2d:7f:29:09:4c:b8:f3:55:76:69:93:3d:
71:b9:bd:d9:42:2b:d1:d1:17:1b:6f:c6:75:09:1a:
18:46:c3:0e:b4:c4:a6:eb:5d:05:d1:af:fc:01:5b:
0b:39:2d:d4:eb:d8:70:cc:3f:e7:21:c7:20:42:81:
8d:33:40:a8:f4:75:65:d6:54:16:7e:13:20:3d:7c:
13:e4:74:ac:8c:9b:e8:3a:4f:8d:59:9f:62:cd:b5:
f1:c8:07:ac:48:e6:49:9b:c4:ff:74:5a:04:9e:43:
ff:9f:f1:6c:35:d9:12:0d:ac:bc:80:bb:25:80:08:
02:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:27:14:25:4B:FA:B3:F3:47:FC:3B:48:23:26:D8:D5:41:29:89:08
X509v3 Authority Key Identifier:
keyid:60:D0:B0:20:76:03:BE:43:D8:49:2E:98:51:37:8B:8B:4F:09:59:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNCwIHYDvkPYSS6YUTeLi08JWU8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/f5794a-b191-4646-a842-f49fea545e78/1/YNCwIHYDvkPYSS6YUTeLi08JWU8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/f5794a-b191-4646-a842-f49fea545e78/1/YNCwIHYDvkPYSS6YUTeLi08JWU8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b4:d6:4a:96:35:52:e0:c3:ac:c1:24:d5:1f:cd:0d:92:d1:8e:
37:8e:38:15:4b:39:64:30:b6:1e:d4:fc:f6:9c:98:4a:95:90:
59:e9:ac:b0:93:c4:7b:c9:14:2b:a0:c4:31:40:53:b3:36:8c:
14:09:15:d0:fb:18:74:6d:b8:ff:62:40:53:67:24:88:5f:21:
2e:56:46:8e:4e:13:4c:76:17:30:c1:d6:e1:c8:c9:a8:68:a3:
54:5c:da:d8:a4:09:6c:9f:96:f7:78:1c:36:86:68:9e:33:4f:
79:47:cf:66:20:eb:4d:f3:91:94:1e:cf:06:33:e0:ea:87:2f:
34:3b:94:83:bb:36:66:df:84:1b:c2:67:db:18:72:42:80:21:
c0:88:f5:73:0c:51:f9:de:bc:be:57:2c:c7:bd:5f:f1:42:c9:
e4:75:de:85:ce:5d:02:5f:54:79:4c:e2:57:d6:f0:80:cb:86:
28:55:23:7b:46:47:d0:76:f1:e0:56:73:fa:6a:1e:b3:82:de:
c6:a1:32:53:dd:a5:59:a7:c1:f5:3d:10:5f:d4:9f:f2:0d:f6:
d8:50:5f:f8:da:35:20:f1:f6:4a:fa:24:55:09:b8:fd:21:cd:
6b:0c:11:18:b4:72:a8:1f:41:76:51:ac:f8:1e:e7:64:5a:cd:
f1:b8:57:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpT4+niiLa6V2RPV5h9kDu8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDBiMDIwNzYwM2JlNDNkODQ5MmU5ODUxMzc4YjhiNGYw
OTU5NGYwHhcNMjUxMTA1MTIwMDM2WhcNMjUxMTA2MTIwMDM2WjAzMTEwLwYDVQQD
Eyg1MTI3MTQyNTRiZmFiM2YzNDdmYzNiNDgyMzI2ZDhkNTQxMjk4OTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfUQwv0YpRJwjNgaRg46tO+9BmnR
q8mqV2Vlpdju/gEWG1s8Zego9zmdwITln+ZBBaJ+JtFh1IOpN1EfePd8JaMgjs9R
QE/PHJmsbNKul1lGoY5AGAh5fAdhoVSvu0hfJ6OFOQo06lJnMopnLLlevgLcmZYq
EaDgXRrTmj1Oq/kxVgkzwMMM/qgtfykJTLjzVXZpkz1xub3ZQivR0Rcbb8Z1CRoY
RsMOtMSm610F0a/8AVsLOS3U69hwzD/nIccgQoGNM0Co9HVl1lQWfhMgPXwT5HSs
jJvoOk+NWZ9izbXxyAesSOZJm8T/dFoEnkP/n/FsNdkSDay8gLslgAgCcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFEnFCVL+rPzR/w7SCMm2NVBKYkIMB8GA1UdIwQY
MBaAFGDQsCB2A75D2EkumFE3i4tPCVlPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5Dd0lIWUR2a1BZU1M2WVVUZUxpMDhKV1U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9mNTc5NGEtYjE5MS00NjQ2LWE4NDIt
ZjQ5ZmVhNTQ1ZTc4LzEvWU5Dd0lIWUR2a1BZU1M2WVVUZUxpMDhKV1U4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9mNTc5NGEtYjE5MS00NjQ2LWE4NDItZjQ5ZmVhNTQ1ZTc4
LzEvWU5Dd0lIWUR2a1BZU1M2WVVUZUxpMDhKV1U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtNZKljVS
4MOswSTVH80NktGON444FUs5ZDC2HtT89pyYSpWQWemssJPEe8kUK6DEMUBTszaM
FAkV0PsYdG24/2JAU2ckiF8hLlZGjk4TTHYXMMHW4cjJqGijVFza2KQJbJ+W93gc
NoZonjNPeUfPZiDrTfORlB7PBjPg6ocvNDuUg7s2Zt+EG8Jn2xhyQoAhwIj1cwxR
+d68vlcsx71f8ULJ5HXehc5dAl9UeUziV9bwgMuGKFUje0ZH0Hbx4FZz+moes4Le
xqEyU92lWafB9T0QX9Sf8g322FBf+No1IPH2SvokVQm4/SHNawwRGLRyqB9BdlGs
+B7nZFrN8bhXAA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 17:50:51 2025 by rpki-client