Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
File: YcaCaHQ-gj4OHIcAYMChQiPxUes.mft (raw, json)
Hash identifier: HSfI0Pep8oiRzwiIutreIpJnqMmSjraQ2oZYXdP+43M=
Subject key identifier: A1:16:AE:FB:24:26:FE:41:FC:77:3B:0E:A8:88:A1:13:84:38:86:DE
Authority key identifier: 61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
Certificate issuer: /CN=61c68268743e823e0e1c870060c0a14223f151eb
Certificate serial: 019A4EF5B835BD109E6CD2A17A7BC491C9CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
Manifest number: 170C
Signing time: Tue 04 Nov 2025 13:01:57 +0000
Manifest this update: Tue 04 Nov 2025 13:01:57 +0000
Manifest next update: Wed 05 Nov 2025 13:01:57 +0000
Files and hashes: 1: KXik7lH7rXobKNDojQJvsYz5RkY.roa (hash: OmHOyyMTUBadMMSlHfFTN/cjiEKBhDbZve1q3aoF8Wg=)
2: YcaCaHQ-gj4OHIcAYMChQiPxUes.crl (hash: j0jzhgNDHO6SkHbkh6bNKeg6aIYZrys7mw659A4dqho=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:b8:35:bd:10:9e:6c:d2:a1:7a:7b:c4:91:c9:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61c68268743e823e0e1c870060c0a14223f151eb
Validity
Not Before: Nov 4 13:01:57 2025 GMT
Not After : Nov 5 13:01:57 2025 GMT
Subject: CN=a116aefb2426fe41fc773b0ea888a113843886de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9a:69:ea:89:e2:4d:97:05:41:9f:71:9d:33:
9d:31:6d:68:aa:41:11:f0:6e:1a:f2:99:68:80:77:
df:da:44:39:7e:d2:9c:67:b2:80:37:6f:4e:4b:e2:
6f:7f:e9:44:fe:be:48:95:76:44:0e:16:bd:c7:e7:
5a:9f:00:15:64:0a:4d:7f:34:82:c5:33:1b:e0:20:
d2:93:73:a3:b6:6a:75:f6:96:99:1a:83:a0:16:81:
47:3d:e1:1e:dc:0f:d2:6d:32:1b:da:36:b6:3e:e1:
06:c0:f4:c4:1a:3c:db:64:b7:7a:59:1d:05:f3:cd:
67:eb:1f:33:fb:73:71:17:22:f0:e2:87:7b:c4:9a:
30:e1:f0:e3:7b:26:76:d3:74:0f:85:39:f3:59:25:
28:71:7d:a2:19:44:a9:67:40:2e:9e:cb:2f:58:d8:
aa:88:de:4d:5d:a4:49:08:0a:07:cb:80:9f:97:47:
96:f3:78:d5:e9:1b:c4:61:d8:5e:20:71:49:28:e0:
9e:8e:71:e4:7d:f5:68:f2:32:47:30:9f:c9:35:2f:
2f:91:8a:d3:cb:a0:71:5b:c1:d0:8e:d0:59:1d:1d:
9e:c2:4e:a6:11:1b:5a:14:3c:85:45:38:37:ca:6c:
27:13:eb:a5:26:1e:51:88:33:7f:76:8f:8a:ce:39:
61:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:16:AE:FB:24:26:FE:41:FC:77:3B:0E:A8:88:A1:13:84:38:86:DE
X509v3 Authority Key Identifier:
keyid:61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:02:31:41:28:83:1c:b7:02:48:0f:de:b0:06:ea:67:18:45:
f4:eb:35:47:93:c1:b2:8e:c5:91:75:25:4f:00:4f:64:cb:8f:
9b:2d:0a:7b:c5:7b:bf:1f:b8:6b:c0:3c:d6:54:86:42:30:05:
79:04:83:8a:91:f2:8f:ff:2c:82:99:2a:4f:14:bb:17:fb:6c:
db:60:d6:f2:ca:54:4d:b0:6a:76:81:0b:54:69:fe:63:4f:a2:
d0:4f:25:d6:af:cf:70:b5:f7:03:5b:e1:95:75:93:fd:a8:3c:
21:db:d1:df:a2:5e:73:2b:34:37:71:80:a5:82:bd:47:9e:ea:
19:89:28:53:ac:45:7b:8a:9c:ea:eb:91:b4:7c:b1:c3:39:90:
73:3d:05:a8:16:4a:89:0d:8d:d5:c3:50:6e:34:66:ea:d9:bb:
70:c3:27:af:78:c4:ae:6c:51:6b:3f:f3:9a:7a:ec:f1:9a:55:
d1:e9:79:1d:1f:77:b1:29:c6:5b:29:2f:db:80:aa:6b:7c:f6:
c8:08:f8:90:03:77:64:cb:98:e2:e9:ed:8b:36:ad:c1:f4:65:
26:60:8a:6b:45:36:99:3c:c8:c5:60:50:8f:b1:96:ae:67:12:
9e:94:01:84:f6:b0:93:ef:39:39:e7:8f:1e:43:73:4d:9c:32:
59:10:50:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9bg1vRCebNKhenvEkcnLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzY4MjY4NzQzZTgyM2UwZTFjODcwMDYwYzBhMTQyMjNm
MTUxZWIwHhcNMjUxMTA0MTMwMTU3WhcNMjUxMTA1MTMwMTU3WjAzMTEwLwYDVQQD
EyhhMTE2YWVmYjI0MjZmZTQxZmM3NzNiMGVhODg4YTExMzg0Mzg4NmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwppp6oniTZcFQZ9xnTOdMW1oqkER
8G4a8plogHff2kQ5ftKcZ7KAN29OS+Jvf+lE/r5IlXZEDha9x+danwAVZApNfzSC
xTMb4CDSk3Ojtmp19paZGoOgFoFHPeEe3A/SbTIb2ja2PuEGwPTEGjzbZLd6WR0F
881n6x8z+3NxFyLw4od7xJow4fDjeyZ203QPhTnzWSUocX2iGUSpZ0AunssvWNiq
iN5NXaRJCAoHy4Cfl0eW83jV6RvEYdheIHFJKOCejnHkffVo8jJHMJ/JNS8vkYrT
y6BxW8HQjtBZHR2ewk6mERtaFDyFRTg3ymwnE+ulJh5RiDN/do+KzjlhBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKEWrvskJv5B/Hc7DqiIoROEOIbeMB8GA1UdIwQY
MBaAFGHGgmh0PoI+DhyHAGDAoUIj8VHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEt
NmQwNWMwZDBkYTZmLzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEtNmQwNWMwZDBkYTZm
LzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHgIxQSiD
HLcCSA/esAbqZxhF9Os1R5PBso7FkXUlTwBPZMuPmy0Ke8V7vx+4a8A81lSGQjAF
eQSDipHyj/8sgpkqTxS7F/ts22DW8spUTbBqdoELVGn+Y0+i0E8l1q/PcLX3A1vh
lXWT/ag8IdvR36Jecys0N3GApYK9R57qGYkoU6xFe4qc6uuRtHyxwzmQcz0FqBZK
iQ2N1cNQbjRm6tm7cMMnr3jErmxRaz/zmnrs8ZpV0el5HR93sSnGWykv24Cqa3z2
yAj4kAN3ZMuY4untizatwfRlJmCKa0U2mTzIxWBQj7GWrmcSnpQBhPawk+85OeeP
HkNzTZwyWRBQpw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:00:33 2025 by rpki-client