Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/7da34c-3984-4442-b646-e3138ff1e899/1/yniqfjFrIfhDz7lYEMaAzdv6bm8.mft
File: yniqfjFrIfhDz7lYEMaAzdv6bm8.mft (raw, json)
Hash identifier: aMKOGAnadrAvgzQhYaCKVytt7oYCYsu5E5e2Ft+Wrg4=
Subject key identifier: 91:CF:A9:73:9A:06:25:C4:DC:F4:19:94:D9:99:B1:6B:C3:61:A5:BC
Authority key identifier: CA:78:AA:7E:31:6B:21:F8:43:CF:B9:58:10:C6:80:CD:DB:FA:6E:6F
Certificate issuer: /CN=ca78aa7e316b21f843cfb95810c680cddbfa6e6f
Certificate serial: 019A4D74401E7E04D7211F1F0707E99F020C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yniqfjFrIfhDz7lYEMaAzdv6bm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/7da34c-3984-4442-b646-e3138ff1e899/1/yniqfjFrIfhDz7lYEMaAzdv6bm8.mft
Manifest number: 045D
Signing time: Tue 04 Nov 2025 06:00:55 +0000
Manifest this update: Tue 04 Nov 2025 06:00:55 +0000
Manifest next update: Wed 05 Nov 2025 06:00:55 +0000
Files and hashes: 1: KmT0zBeAxHbx64CqcJ4Kw-HSMGw.roa (hash: g294VQOsqRVKkLhlE8NKqam6KvGQ9H8e4fukJsFTk1Y=)
2: yniqfjFrIfhDz7lYEMaAzdv6bm8.crl (hash: dwnm2UE6egctl4Vc8EtTyMYO8hY3YiVuRvACFxdzR7w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/7da34c-3984-4442-b646-e3138ff1e899/1/yniqfjFrIfhDz7lYEMaAzdv6bm8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/7da34c-3984-4442-b646-e3138ff1e899/1/yniqfjFrIfhDz7lYEMaAzdv6bm8.mft
rsync://rpki.ripe.net/repository/DEFAULT/yniqfjFrIfhDz7lYEMaAzdv6bm8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:74:40:1e:7e:04:d7:21:1f:1f:07:07:e9:9f:02:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca78aa7e316b21f843cfb95810c680cddbfa6e6f
Validity
Not Before: Nov 4 06:00:55 2025 GMT
Not After : Nov 5 06:00:55 2025 GMT
Subject: CN=91cfa9739a0625c4dcf41994d999b16bc361a5bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7c:61:66:d1:5d:75:b5:c8:b9:20:57:4c:11:
7b:41:78:cc:cd:9f:d5:d0:6d:77:e6:43:7e:db:4a:
34:22:d1:ec:1a:71:1d:c6:ca:84:e9:f3:a4:e6:98:
ec:65:4d:0e:03:3b:2d:e9:c0:27:19:ca:79:7c:08:
5c:07:5b:02:9b:b9:3a:9b:ae:cd:33:b8:9e:d2:1f:
ab:e3:ec:6d:41:9f:be:63:d4:31:83:64:03:5e:58:
84:99:93:61:c5:05:82:6e:cd:cb:5f:bf:47:5d:eb:
a4:14:9b:8e:c0:d0:b0:69:09:00:d8:5f:f1:ee:90:
5a:0e:c7:b6:5f:8f:cb:b7:02:47:d3:57:0d:e2:ee:
7c:b5:7b:47:a9:e7:4c:74:4f:a2:3d:b7:18:7e:24:
76:a0:c6:54:c6:b1:0f:aa:ad:01:db:71:42:43:13:
ca:8f:b1:f6:60:b5:8d:4b:41:58:ab:6e:a0:3f:22:
bd:12:46:bc:12:9f:fd:90:60:9c:4a:80:d9:23:f8:
43:16:f2:0d:85:66:b4:dc:c3:0b:6b:e8:01:3b:af:
80:c7:67:da:d3:2b:d2:24:7f:60:08:33:4a:f4:ab:
39:61:4e:14:4f:62:b2:ee:93:2c:3b:bd:09:37:4e:
f6:c7:c6:3d:45:06:c6:2e:d7:cd:f9:21:d5:bc:57:
2f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:CF:A9:73:9A:06:25:C4:DC:F4:19:94:D9:99:B1:6B:C3:61:A5:BC
X509v3 Authority Key Identifier:
keyid:CA:78:AA:7E:31:6B:21:F8:43:CF:B9:58:10:C6:80:CD:DB:FA:6E:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yniqfjFrIfhDz7lYEMaAzdv6bm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/7da34c-3984-4442-b646-e3138ff1e899/1/yniqfjFrIfhDz7lYEMaAzdv6bm8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/7da34c-3984-4442-b646-e3138ff1e899/1/yniqfjFrIfhDz7lYEMaAzdv6bm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bc:04:7c:1d:5c:ed:3a:5b:25:e7:f8:df:3c:ce:6d:fb:f8:1a:
5c:74:14:2e:a4:6d:05:5e:5d:b9:04:6c:b7:89:8e:0e:73:cb:
1f:2d:51:a8:e2:e3:ec:29:c6:8b:1b:b0:c8:5e:18:fa:9e:20:
e4:1d:fd:e2:f9:8c:54:03:c4:47:6c:dd:7b:d9:71:73:f8:85:
65:98:33:14:ab:41:cb:81:d0:c6:e6:ac:56:12:86:10:80:28:
51:39:64:86:ef:51:74:ba:30:78:26:a9:29:9a:8d:1d:14:4f:
dc:f9:a5:78:40:fd:e6:79:74:a4:25:80:f6:55:6d:f5:8e:cb:
4d:42:58:e8:a0:4d:1d:58:b6:17:c1:9c:a5:13:de:88:87:7e:
cf:87:9a:e9:93:cb:1f:46:89:f4:2b:3e:b4:c5:96:e9:8a:f3:
66:f4:cc:dc:8c:06:0b:b1:37:a1:a4:e5:a5:90:89:bb:8f:13:
75:25:a0:d9:50:90:9a:9f:7d:7b:e3:7a:ae:35:8b:7b:4a:82:
43:a5:d3:fb:22:73:5f:ed:21:b4:58:2d:4c:f0:b7:6b:d4:a5:
de:5c:e1:ec:b9:ae:c7:8f:ac:8c:9f:b6:57:2a:d3:79:70:4c:
9f:6d:de:47:7f:29:ab:04:14:d9:88:ab:28:dd:d0:96:5e:2e:
7c:b8:97:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdEAefgTXIR8fBwfpnwIMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNzhhYTdlMzE2YjIxZjg0M2NmYjk1ODEwYzY4MGNkZGJm
YTZlNmYwHhcNMjUxMTA0MDYwMDU1WhcNMjUxMTA1MDYwMDU1WjAzMTEwLwYDVQQD
Eyg5MWNmYTk3MzlhMDYyNWM0ZGNmNDE5OTRkOTk5YjE2YmMzNjFhNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXxhZtFddbXIuSBXTBF7QXjMzZ/V
0G135kN+20o0ItHsGnEdxsqE6fOk5pjsZU0OAzst6cAnGcp5fAhcB1sCm7k6m67N
M7ie0h+r4+xtQZ++Y9Qxg2QDXliEmZNhxQWCbs3LX79HXeukFJuOwNCwaQkA2F/x
7pBaDse2X4/LtwJH01cN4u58tXtHqedMdE+iPbcYfiR2oMZUxrEPqq0B23FCQxPK
j7H2YLWNS0FYq26gPyK9Eka8Ep/9kGCcSoDZI/hDFvINhWa03MMLa+gBO6+Ax2fa
0yvSJH9gCDNK9Ks5YU4UT2Ky7pMsO70JN072x8Y9RQbGLtfN+SHVvFcvGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJHPqXOaBiXE3PQZlNmZsWvDYaW8MB8GA1UdIwQY
MBaAFMp4qn4xayH4Q8+5WBDGgM3b+m5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW5pcWZqRnJJZmhEejdsWUVNYUF6ZHY2Ym04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy83ZGEzNGMtMzk4NC00NDQyLWI2NDYt
ZTMxMzhmZjFlODk5LzEveW5pcWZqRnJJZmhEejdsWUVNYUF6ZHY2Ym04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy83ZGEzNGMtMzk4NC00NDQyLWI2NDYtZTMxMzhmZjFlODk5
LzEveW5pcWZqRnJJZmhEejdsWUVNYUF6ZHY2Ym04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvAR8HVzt
Olsl5/jfPM5t+/gaXHQULqRtBV5duQRst4mODnPLHy1RqOLj7CnGixuwyF4Y+p4g
5B394vmMVAPER2zde9lxc/iFZZgzFKtBy4HQxuasVhKGEIAoUTlkhu9RdLoweCap
KZqNHRRP3PmleED95nl0pCWA9lVt9Y7LTUJY6KBNHVi2F8GcpRPeiId+z4ea6ZPL
H0aJ9Cs+tMWW6YrzZvTM3IwGC7E3oaTlpZCJu48TdSWg2VCQmp99e+N6rjWLe0qC
Q6XT+yJzX+0htFgtTPC3a9Sl3lzh7Lmux4+sjJ+2VyrTeXBMn23eR38pqwQU2Yir
KN3Qll4ufLiXgQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:53:53 2025 by rpki-client