Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.mft
File: yF9RDHLOC3nCiZs1hF_-NnBpPwU.mft (raw, json)
Hash identifier: vAp6tZZOHRk6Yyp9CZRgVpnaOSR4uh2Cb47WA2E/Bok=
Subject key identifier: 20:46:89:BE:00:42:1B:77:C8:84:C8:93:B4:DF:F8:37:D4:AA:C7:E6
Authority key identifier: C8:5F:51:0C:72:CE:0B:79:C2:89:9B:35:84:5F:FE:36:70:69:3F:05
Certificate issuer: /CN=c85f510c72ce0b79c2899b35845ffe3670693f05
Certificate serial: 019A4D06398D28A2B7AA8F4E2DDC69D03CEF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yF9RDHLOC3nCiZs1hF_-NnBpPwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 04:00:44 +0000
Manifest this update: Tue 04 Nov 2025 04:00:44 +0000
Manifest next update: Wed 05 Nov 2025 04:00:44 +0000
Files and hashes: 1: fewPOq5Sy5alJvzpYZYieD6pmV8.roa (hash: nQVFjlDzgmj3SLHG29wBX3sEI4Pk0MW5juplwGFMB6g=)
2: yF9RDHLOC3nCiZs1hF_-NnBpPwU.crl (hash: 93z7LDuSfYmaRjJEWc5a9xie+WfjMFXgkEfFgj9CDTc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yF9RDHLOC3nCiZs1hF_-NnBpPwU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 04:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:06:39:8d:28:a2:b7:aa:8f:4e:2d:dc:69:d0:3c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c85f510c72ce0b79c2899b35845ffe3670693f05
Validity
Not Before: Nov 4 04:00:44 2025 GMT
Not After : Nov 5 04:00:44 2025 GMT
Subject: CN=204689be00421b77c884c893b4dff837d4aac7e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c3:98:85:53:ef:8d:96:0b:7a:a3:5d:b0:ab:
90:d4:bf:0c:ec:33:a6:cd:79:24:c8:c6:3c:38:16:
5a:fa:8e:1a:5f:fa:0c:2c:85:73:15:fe:29:38:04:
af:aa:ad:0a:89:ab:fc:94:c7:55:e4:cc:94:d0:01:
04:32:fe:32:11:d9:8b:82:20:91:42:a0:c7:59:04:
fe:c1:85:31:df:fd:fd:05:8a:8e:13:10:28:84:de:
82:17:48:e2:14:10:7c:b1:4e:ed:06:13:3f:08:41:
57:73:2a:92:d0:b5:1d:67:c4:f4:c8:1e:1b:9d:5e:
b1:e6:21:7c:37:9d:b0:db:e4:cf:53:41:4a:2d:c8:
2c:66:bd:52:61:e0:29:af:0d:4e:b2:6f:93:35:7f:
62:31:a4:56:be:ee:8e:c4:a5:d7:70:17:45:1d:fb:
66:bd:bd:51:f6:b7:2a:47:b5:0d:60:14:f5:58:90:
74:52:b5:de:af:58:be:65:bf:73:ba:41:64:2c:c1:
b8:f3:bf:9e:7d:17:4f:92:64:57:9b:ad:54:db:24:
22:bd:db:64:bc:2c:2d:a3:c2:79:e6:ac:2e:d1:2b:
71:f1:d0:46:5c:08:c6:46:40:e3:af:a8:da:81:52:
8d:4e:98:ab:f7:02:0d:5c:d1:0d:14:2e:e5:ba:b8:
eb:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:46:89:BE:00:42:1B:77:C8:84:C8:93:B4:DF:F8:37:D4:AA:C7:E6
X509v3 Authority Key Identifier:
keyid:C8:5F:51:0C:72:CE:0B:79:C2:89:9B:35:84:5F:FE:36:70:69:3F:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yF9RDHLOC3nCiZs1hF_-NnBpPwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:5f:52:17:fc:0d:0d:ee:1a:76:f2:cb:2b:d4:c9:41:e9:10:
7f:cb:29:4d:ac:e6:07:31:98:58:71:21:f2:33:04:c9:fd:99:
07:36:92:e1:eb:e2:e6:91:7e:bb:92:d1:ab:1f:c7:cb:9e:5f:
16:8c:44:f1:6a:fc:ab:e9:37:7f:65:55:8b:64:33:5e:e2:32:
73:11:01:a2:68:63:34:8c:d2:2a:3c:36:bc:c8:44:04:47:7d:
36:f0:1c:d1:b7:1d:f5:bb:67:71:42:76:8e:ab:dd:06:ad:d5:
cd:25:07:27:93:87:45:80:04:71:ef:23:76:55:52:6a:13:19:
cc:bb:cf:ce:71:54:da:e8:b7:56:4e:18:fc:2c:da:49:82:4d:
55:17:11:d7:59:bb:0d:18:7d:20:28:49:34:be:60:58:49:0e:
6d:9f:76:e7:6c:9a:98:81:c4:c4:16:f0:aa:5a:97:ec:20:ea:
b0:3a:c4:23:97:ca:9d:9a:0a:ef:4a:3a:b2:6a:49:bc:75:22:
62:d8:92:60:29:64:4e:11:e2:79:a5:e9:e4:9f:e5:4a:01:b3:
73:08:93:d8:da:89:8d:d4:f9:28:cb:7d:b1:0d:d5:bd:22:52:
ba:02:db:0e:7e:56:a3:fe:21:13:84:41:61:ed:a0:07:ed:bf:
63:a6:86:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBjmNKKK3qo9OLdxp0DzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NWY1MTBjNzJjZTBiNzljMjg5OWIzNTg0NWZmZTM2NzA2
OTNmMDUwHhcNMjUxMTA0MDQwMDQ0WhcNMjUxMTA1MDQwMDQ0WjAzMTEwLwYDVQQD
EygyMDQ2ODliZTAwNDIxYjc3Yzg4NGM4OTNiNGRmZjgzN2Q0YWFjN2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8OYhVPvjZYLeqNdsKuQ1L8M7DOm
zXkkyMY8OBZa+o4aX/oMLIVzFf4pOASvqq0Kiav8lMdV5MyU0AEEMv4yEdmLgiCR
QqDHWQT+wYUx3/39BYqOExAohN6CF0jiFBB8sU7tBhM/CEFXcyqS0LUdZ8T0yB4b
nV6x5iF8N52w2+TPU0FKLcgsZr1SYeAprw1Osm+TNX9iMaRWvu6OxKXXcBdFHftm
vb1R9rcqR7UNYBT1WJB0UrXer1i+Zb9zukFkLMG487+efRdPkmRXm61U2yQivdtk
vCwto8J55qwu0Stx8dBGXAjGRkDjr6jagVKNTpir9wINXNENFC7lurjrfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCBGib4AQht3yITIk7Tf+DfUqsfmMB8GA1UdIwQY
MBaAFMhfUQxyzgt5wombNYRf/jZwaT8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUY5UkRITE9DM25DaVpzMWhGXy1ObkJwUHdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9hMmNmYjAtMGU2OC00ZTQ3LTg4ODEt
YjhjOWEyYTlkYTQ2LzEveUY5UkRITE9DM25DaVpzMWhGXy1ObkJwUHdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9hMmNmYjAtMGU2OC00ZTQ3LTg4ODEtYjhjOWEyYTlkYTQ2
LzEveUY5UkRITE9DM25DaVpzMWhGXy1ObkJwUHdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADF9SF/wN
De4advLLK9TJQekQf8spTazmBzGYWHEh8jMEyf2ZBzaS4evi5pF+u5LRqx/Hy55f
FoxE8Wr8q+k3f2VVi2QzXuIycxEBomhjNIzSKjw2vMhEBEd9NvAc0bcd9btncUJ2
jqvdBq3VzSUHJ5OHRYAEce8jdlVSahMZzLvPznFU2ui3Vk4Y/CzaSYJNVRcR11m7
DRh9IChJNL5gWEkObZ9252yamIHExBbwqlqX7CDqsDrEI5fKnZoK70o6smpJvHUi
YtiSYClkThHieaXp5J/lSgGzcwiT2NqJjdT5KMt9sQ3VvSJSugLbDn5Wo/4hE4RB
Ye2gB+2/Y6aG5w==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:56:27 2025 by rpki-client