Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/f5794a-b191-4646-a842-f49fea545e78/1/YNCwIHYDvkPYSS6YUTeLi08JWU8.mft
File: YNCwIHYDvkPYSS6YUTeLi08JWU8.mft (raw, json)
Hash identifier: Uu9YunQhKtECbY9l8RjPvqfQddRH8kqmz6TfaYk6V4Y=
Subject key identifier: F8:DC:D4:F7:39:A4:6A:00:E1:31:E0:71:A9:28:42:61:25:11:B4:BF
Authority key identifier: 60:D0:B0:20:76:03:BE:43:D8:49:2E:98:51:37:8B:8B:4F:09:59:4F
Certificate issuer: /CN=60d0b0207603be43d8492e9851378b8b4f09594f
Certificate serial: 019CAB34416131A815C6EC99EADB79510B76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YNCwIHYDvkPYSS6YUTeLi08JWU8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/f5794a-b191-4646-a842-f49fea545e78/1/YNCwIHYDvkPYSS6YUTeLi08JWU8.mft
Manifest number: 17D9
Signing time: Sun 01 Mar 2026 21:00:54 +0000
Manifest this update: Sun 01 Mar 2026 21:00:54 +0000
Manifest next update: Mon 02 Mar 2026 21:00:54 +0000
Files and hashes: 1: Lft1TVXiYVdikjn_A01iU-k02DE.roa (hash: AUhYpOdbzarhMkv1M+Fv4hjTQh+rQF7twSf3TVX7HXM=)
2: PejTwsBdKH5-f3Vp_HDi2lV40HI.roa (hash: sQMSKyXDXZzbEaxAsB9c8v4n+R0LYVRrVo36SmpYF40=)
3: YNCwIHYDvkPYSS6YUTeLi08JWU8.crl (hash: OHdJx3JHZSdUVWzQo2lp0pXmtARhVEvWnq0X0wh/v1k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/f5794a-b191-4646-a842-f49fea545e78/1/YNCwIHYDvkPYSS6YUTeLi08JWU8.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/f5794a-b191-4646-a842-f49fea545e78/1/YNCwIHYDvkPYSS6YUTeLi08JWU8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YNCwIHYDvkPYSS6YUTeLi08JWU8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:34:41:61:31:a8:15:c6:ec:99:ea:db:79:51:0b:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60d0b0207603be43d8492e9851378b8b4f09594f
Validity
Not Before: Mar 1 21:00:54 2026 GMT
Not After : Mar 2 21:00:54 2026 GMT
Subject: CN=f8dcd4f739a46a00e131e071a92842612511b4bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:07:73:ee:b6:d5:e6:4a:74:9e:83:bd:58:96:
b0:4c:dd:0c:5e:6e:4a:e4:f5:8b:53:e9:4a:0b:75:
03:85:ef:1e:02:03:62:3d:d3:6f:8e:ce:09:ac:1c:
42:62:a7:3d:35:c7:4d:60:c3:a4:67:0a:2f:2f:ee:
fa:98:3b:7a:5b:db:7b:df:27:e6:df:d1:e8:64:cb:
09:ae:fa:b5:6f:d2:1c:f1:fd:3d:c6:b9:3c:dc:b5:
71:6b:e2:9a:3b:5c:f8:87:51:db:5d:1b:97:9b:5e:
37:0a:ba:45:03:ed:4c:33:8b:f7:85:79:06:45:9e:
67:48:e8:d9:38:da:08:42:e8:ae:c5:8b:27:5f:36:
a6:36:33:25:f0:7e:74:ed:a0:d2:fd:c7:9a:a4:d3:
95:7d:a2:af:7f:20:6e:c6:b2:70:dd:24:07:80:2d:
7d:3f:3f:13:8a:c0:e7:86:91:e9:5d:2f:a5:cf:68:
19:4d:cf:b9:8f:ed:9d:62:08:4b:93:03:54:3b:63:
1f:07:30:38:90:e8:5b:9b:32:7c:3f:d1:d7:52:2c:
01:fe:9c:74:fa:c1:8b:40:ab:4d:ac:92:bc:66:16:
20:9e:49:33:aa:ba:cf:38:86:9b:71:ac:9e:11:3b:
96:b4:ef:3f:6a:75:c3:05:65:c9:09:01:9a:ca:d6:
09:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:DC:D4:F7:39:A4:6A:00:E1:31:E0:71:A9:28:42:61:25:11:B4:BF
X509v3 Authority Key Identifier:
keyid:60:D0:B0:20:76:03:BE:43:D8:49:2E:98:51:37:8B:8B:4F:09:59:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNCwIHYDvkPYSS6YUTeLi08JWU8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/f5794a-b191-4646-a842-f49fea545e78/1/YNCwIHYDvkPYSS6YUTeLi08JWU8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/f5794a-b191-4646-a842-f49fea545e78/1/YNCwIHYDvkPYSS6YUTeLi08JWU8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:d6:1f:e1:86:62:ca:82:61:0f:29:a8:0a:91:32:ce:9f:4b:
67:cc:60:c1:30:5e:10:9b:00:c7:b0:d3:cb:cc:26:cd:c3:94:
3b:97:81:58:16:20:e8:42:08:7b:62:9a:05:3a:32:68:9c:97:
c4:e2:87:7e:34:06:e1:76:80:af:55:84:71:a2:e5:6a:a5:38:
3b:22:90:f7:07:28:7f:77:c2:62:90:d5:83:a5:32:29:c8:2d:
da:72:11:79:20:78:5a:d6:47:50:f1:ea:d1:29:80:45:6a:70:
0d:ab:60:14:d5:3a:8f:28:b6:c5:d6:88:32:1f:cc:b2:ac:a9:
e4:d7:25:2f:4e:ff:62:ca:64:e5:99:e9:b3:d7:32:76:53:3b:
69:ac:c7:35:82:92:e7:33:de:93:06:b5:71:e2:70:ab:82:18:
a4:1e:a3:6d:bb:fb:43:bb:67:5e:9e:3a:60:94:75:52:cd:d8:
ea:c9:9b:01:35:05:cd:49:fe:cd:87:b4:27:cc:a3:3c:de:6a:
70:ca:2f:fc:b1:52:a8:f0:c1:b7:28:4b:dc:02:9b:68:49:2a:
04:01:a8:90:6b:1e:7c:a7:15:22:f9:e1:41:bf:f3:69:ee:e5:
a8:9c:d6:97:af:21:9c:33:f2:b9:26:f2:dd:2a:97:10:40:a4:
8d:2c:bb:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNEFhMagVxuyZ6tt5UQt2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDBiMDIwNzYwM2JlNDNkODQ5MmU5ODUxMzc4YjhiNGYw
OTU5NGYwHhcNMjYwMzAxMjEwMDU0WhcNMjYwMzAyMjEwMDU0WjAzMTEwLwYDVQQD
EyhmOGRjZDRmNzM5YTQ2YTAwZTEzMWUwNzFhOTI4NDI2MTI1MTFiNGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAdz7rbV5kp0noO9WJawTN0MXm5K
5PWLU+lKC3UDhe8eAgNiPdNvjs4JrBxCYqc9NcdNYMOkZwovL+76mDt6W9t73yfm
39HoZMsJrvq1b9Ic8f09xrk83LVxa+KaO1z4h1HbXRuXm143CrpFA+1MM4v3hXkG
RZ5nSOjZONoIQuiuxYsnXzamNjMl8H507aDS/ceapNOVfaKvfyBuxrJw3SQHgC19
Pz8TisDnhpHpXS+lz2gZTc+5j+2dYghLkwNUO2MfBzA4kOhbmzJ8P9HXUiwB/px0
+sGLQKtNrJK8ZhYgnkkzqrrPOIabcayeETuWtO8/anXDBWXJCQGaytYJPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPjc1Pc5pGoA4THgcakoQmElEbS/MB8GA1UdIwQY
MBaAFGDQsCB2A75D2EkumFE3i4tPCVlPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5Dd0lIWUR2a1BZU1M2WVVUZUxpMDhKV1U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9mNTc5NGEtYjE5MS00NjQ2LWE4NDIt
ZjQ5ZmVhNTQ1ZTc4LzEvWU5Dd0lIWUR2a1BZU1M2WVVUZUxpMDhKV1U4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9mNTc5NGEtYjE5MS00NjQ2LWE4NDItZjQ5ZmVhNTQ1ZTc4
LzEvWU5Dd0lIWUR2a1BZU1M2WVVUZUxpMDhKV1U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAONYf4YZi
yoJhDymoCpEyzp9LZ8xgwTBeEJsAx7DTy8wmzcOUO5eBWBYg6EIIe2KaBToyaJyX
xOKHfjQG4XaAr1WEcaLlaqU4OyKQ9wcof3fCYpDVg6UyKcgt2nIReSB4WtZHUPHq
0SmARWpwDatgFNU6jyi2xdaIMh/Msqyp5NclL07/Yspk5Znps9cydlM7aazHNYKS
5zPekwa1ceJwq4IYpB6jbbv7Q7tnXp46YJR1Us3Y6smbATUFzUn+zYe0J8yjPN5q
cMov/LFSqPDBtyhL3AKbaEkqBAGokGsefKcVIvnhQb/zae7lqJzWl68hnDPyuSby
3SqXEECkjSy7NQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:07:12 2026 by rpki-client