Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
File: YcaCaHQ-gj4OHIcAYMChQiPxUes.mft (raw, json)
Hash identifier: cpqlASWavaSJCX7jhHRalPCI8V8lgoFVxjxgyLsVrxY=
Subject key identifier: 02:9E:D0:9D:A6:80:24:BE:84:44:E1:95:B3:34:82:E2:A7:84:A4:97
Authority key identifier: 61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
Certificate issuer: /CN=61c68268743e823e0e1c870060c0a14223f151eb
Certificate serial: 019CABD935223609ED93E9C0AC0D1E006303
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
Manifest number: 1846
Signing time: Mon 02 Mar 2026 00:01:04 +0000
Manifest this update: Mon 02 Mar 2026 00:01:04 +0000
Manifest next update: Tue 03 Mar 2026 00:01:04 +0000
Files and hashes: 1: YcaCaHQ-gj4OHIcAYMChQiPxUes.crl (hash: 0hcoOAAZl5+hL3mdKYrotEIRRZolWxcGJQ9QPzCv5Wo=)
2: b8CCvMj6XsXWpjo1kqL4lHdDIeI.roa (hash: ORCFwxYaf4vPg6tOj10K2FmfsSRr15XuWRZrPrnhk3A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:35:22:36:09:ed:93:e9:c0:ac:0d:1e:00:63:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61c68268743e823e0e1c870060c0a14223f151eb
Validity
Not Before: Mar 2 00:01:04 2026 GMT
Not After : Mar 3 00:01:04 2026 GMT
Subject: CN=029ed09da68024be8444e195b33482e2a784a497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:20:7c:43:68:1a:5f:40:8c:5f:04:02:15:b3:
aa:7d:56:f1:be:f8:fa:25:47:89:ff:aa:ad:b4:0f:
89:51:83:9f:0d:0e:8d:1a:d3:e0:9f:94:91:ed:f5:
1e:5b:7c:e9:0a:bc:0a:7f:78:3e:32:bf:b2:21:6f:
ac:c9:de:54:39:ec:50:12:d6:35:e3:76:eb:fe:46:
4f:f1:47:25:20:83:1f:eb:06:65:fd:87:ac:ac:51:
ae:ea:a4:98:c8:bd:e6:b1:d2:63:16:2a:c1:e2:77:
84:30:a1:f0:57:f9:6a:5b:57:e6:4d:55:e2:ef:2d:
e5:fa:f5:e2:e8:18:8a:46:4a:1f:84:d3:55:73:f1:
c8:dd:ba:6c:ac:d4:2d:d7:f9:1a:cf:ac:ef:65:76:
cf:bc:28:c8:27:7e:a4:21:a2:30:bd:b3:c5:41:03:
a7:35:54:cf:98:63:d2:9e:b4:b1:55:5a:57:b5:6e:
94:06:d7:69:41:bb:02:3f:64:58:3f:e6:97:21:ff:
88:95:57:7e:42:ae:54:a8:4f:cd:2c:6a:0c:cf:8a:
ad:c1:19:18:02:2e:54:58:00:c3:9f:c8:42:7a:6a:
78:d2:2a:6b:66:78:ce:fb:31:02:90:5b:12:65:26:
0e:77:35:65:70:cb:f3:e9:0a:0d:72:ab:7c:f8:7e:
c5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:9E:D0:9D:A6:80:24:BE:84:44:E1:95:B3:34:82:E2:A7:84:A4:97
X509v3 Authority Key Identifier:
keyid:61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:01:b1:b1:0a:40:53:6e:6e:ad:45:32:90:47:90:40:9b:d4:
12:63:bf:4c:ca:86:42:41:a6:89:a4:ca:97:7e:e3:31:0a:03:
aa:be:89:40:51:60:6d:77:c2:62:2f:34:97:3f:57:12:5b:03:
e1:e5:1b:27:4a:a3:31:ca:09:b3:8c:a1:67:3b:34:b6:fb:c0:
49:00:f6:e6:88:96:bd:ad:93:92:74:55:3c:ec:02:1e:6c:29:
d9:0c:2f:77:1d:02:f0:d4:08:8f:72:21:aa:9c:8c:d3:11:3c:
ad:13:97:e2:25:23:93:c2:a9:fc:84:f6:f0:de:11:5e:4e:0e:
93:e3:df:3b:db:60:4e:01:cf:56:43:3f:6d:23:0d:4b:c1:a6:
60:eb:70:ec:e0:69:4e:35:6a:0d:d0:00:a6:de:2f:84:16:c7:
2e:82:2a:8c:67:78:d4:f5:1f:eb:91:4b:a8:b6:3f:39:58:e3:
35:a2:7e:53:57:71:80:61:ab:18:da:c3:6a:98:c5:3a:a3:5b:
69:7c:48:52:fe:db:b1:91:f5:6a:73:5c:94:56:5f:76:04:33:
a6:ac:b1:3b:ff:bb:79:14:45:c6:7d:e7:64:34:95:9a:61:c9:
66:1d:b7:51:cf:d0:d4:a0:4a:58:8a:5e:05:be:6d:28:0d:d3:
57:dd:8b:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2TUiNgntk+nArA0eAGMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzY4MjY4NzQzZTgyM2UwZTFjODcwMDYwYzBhMTQyMjNm
MTUxZWIwHhcNMjYwMzAyMDAwMTA0WhcNMjYwMzAzMDAwMTA0WjAzMTEwLwYDVQQD
EygwMjllZDA5ZGE2ODAyNGJlODQ0NGUxOTViMzM0ODJlMmE3ODRhNDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SB8Q2gaX0CMXwQCFbOqfVbxvvj6
JUeJ/6qttA+JUYOfDQ6NGtPgn5SR7fUeW3zpCrwKf3g+Mr+yIW+syd5UOexQEtY1
43br/kZP8UclIIMf6wZl/YesrFGu6qSYyL3msdJjFirB4neEMKHwV/lqW1fmTVXi
7y3l+vXi6BiKRkofhNNVc/HI3bpsrNQt1/kaz6zvZXbPvCjIJ36kIaIwvbPFQQOn
NVTPmGPSnrSxVVpXtW6UBtdpQbsCP2RYP+aXIf+IlVd+Qq5UqE/NLGoMz4qtwRkY
Ai5UWADDn8hCemp40iprZnjO+zECkFsSZSYOdzVlcMvz6QoNcqt8+H7F6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAKe0J2mgCS+hEThlbM0guKnhKSXMB8GA1UdIwQY
MBaAFGHGgmh0PoI+DhyHAGDAoUIj8VHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEt
NmQwNWMwZDBkYTZmLzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEtNmQwNWMwZDBkYTZm
LzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJAGxsQpA
U25urUUykEeQQJvUEmO/TMqGQkGmiaTKl37jMQoDqr6JQFFgbXfCYi80lz9XElsD
4eUbJ0qjMcoJs4yhZzs0tvvASQD25oiWva2TknRVPOwCHmwp2Qwvdx0C8NQIj3Ih
qpyM0xE8rROX4iUjk8Kp/IT28N4RXk4Ok+PfO9tgTgHPVkM/bSMNS8GmYOtw7OBp
TjVqDdAApt4vhBbHLoIqjGd41PUf65FLqLY/OVjjNaJ+U1dxgGGrGNrDapjFOqNb
aXxIUv7bsZH1anNclFZfdgQzpqyxO/+7eRRFxn3nZDSVmmHJZh23Uc/Q1KBKWIpe
Bb5tKA3TV92LOA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:24:37 2026 by rpki-client