Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.mft
File: yzYYCrRULW7uZtn5kDDfcSNs4mQ.mft (raw, json)
Hash identifier: CrcnnB2JKdWSjPasXbU0M8mYihw+B9VlWPPUKimi9h4=
Subject key identifier: 48:6B:7B:8D:79:95:2C:B9:BB:97:AF:30:17:E1:5F:AA:58:5B:63:11
Authority key identifier: CB:36:18:0A:B4:54:2D:6E:EE:66:D9:F9:90:30:DF:71:23:6C:E2:64
Certificate issuer: /CN=cb36180ab4542d6eee66d9f99030df71236ce264
Certificate serial: 019CAC10123B818EF404E41DB3AF2B09FBD2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzYYCrRULW7uZtn5kDDfcSNs4mQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.mft
Manifest number: 168D
Signing time: Mon 02 Mar 2026 01:01:00 +0000
Manifest this update: Mon 02 Mar 2026 01:01:00 +0000
Manifest next update: Tue 03 Mar 2026 01:01:00 +0000
Files and hashes: 1: YgLAaePPCvDZh9ZzJBrsmZywRkU.roa (hash: 10ewXw/vVeO2nVxiawAtU8/pk3cVQJEH1/dY2293hpE=)
2: yzYYCrRULW7uZtn5kDDfcSNs4mQ.crl (hash: bR7wseIWdkwPjWo+a2g/H3ozK2nOOCWN7LzjeG9Fpnw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/yzYYCrRULW7uZtn5kDDfcSNs4mQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:10:12:3b:81:8e:f4:04:e4:1d:b3:af:2b:09:fb:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb36180ab4542d6eee66d9f99030df71236ce264
Validity
Not Before: Mar 2 01:01:00 2026 GMT
Not After : Mar 3 01:01:00 2026 GMT
Subject: CN=486b7b8d79952cb9bb97af3017e15faa585b6311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d8:60:6a:fb:db:e6:fc:68:a6:f6:18:4e:87:
64:6b:a9:e2:63:5b:ef:b1:95:ac:d5:77:ae:fa:e2:
4d:a4:1b:f2:41:f8:15:9b:07:8d:c7:ac:3d:72:a5:
42:5a:f6:9d:ca:2e:e6:56:14:42:9f:ab:b4:a4:1f:
61:84:dd:84:e9:44:e1:fa:36:a9:29:d6:f8:8c:b1:
54:68:97:a9:c2:89:0d:6d:40:c1:a3:b8:1e:49:c5:
22:9f:99:e2:96:a3:42:c3:24:48:b8:29:43:80:79:
4e:4e:52:0a:42:5b:8d:d7:71:19:e9:71:21:cb:7b:
cf:58:64:3b:d9:05:03:a8:ec:68:72:65:8c:df:d3:
05:b1:d1:7c:35:4b:fe:cb:63:43:a1:dd:e6:51:4e:
0d:42:55:b4:2c:26:4d:b3:d3:75:08:b2:93:d3:e6:
be:ed:cb:a6:6d:fc:12:ff:49:c7:30:c2:a2:18:35:
71:cd:4c:da:97:9e:cd:4f:df:7a:67:c0:58:89:c0:
7f:a8:26:0f:bf:bb:f3:fd:24:df:a2:f3:4c:88:35:
d5:d0:62:3d:7d:66:d9:55:3f:5e:2f:13:af:c9:4d:
53:a3:c5:66:1a:1e:82:d4:02:7a:0c:8e:98:9e:91:
62:8c:a8:e4:38:64:b0:96:1b:13:ff:ed:44:9c:f1:
da:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:6B:7B:8D:79:95:2C:B9:BB:97:AF:30:17:E1:5F:AA:58:5B:63:11
X509v3 Authority Key Identifier:
keyid:CB:36:18:0A:B4:54:2D:6E:EE:66:D9:F9:90:30:DF:71:23:6C:E2:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzYYCrRULW7uZtn5kDDfcSNs4mQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:71:e9:a8:7e:62:49:86:80:ec:9f:f5:43:02:97:7f:b2:79:
62:d2:01:b8:88:77:f2:47:48:59:e4:8d:dc:15:29:8d:15:33:
37:d2:24:43:7a:cf:d9:f1:bb:08:c7:be:db:2b:86:0a:47:68:
a3:6c:37:eb:a6:0e:c2:2a:54:f4:33:81:5e:e7:99:92:0f:0f:
64:1e:8e:aa:e2:89:dc:b6:59:bf:7b:fd:6f:9b:81:c4:dd:23:
6d:a9:29:a9:c1:3f:9c:fd:5f:20:9c:19:c9:26:81:5d:10:9c:
61:86:78:70:f6:5e:67:bd:04:82:e4:06:8f:64:47:bd:8e:d4:
4d:73:34:15:cf:17:63:d2:70:4e:b3:78:43:b6:33:a5:b2:9f:
39:78:70:6d:1d:54:c3:ee:c4:6a:3c:31:5c:b1:d4:c7:65:86:
a9:8b:18:01:1f:96:02:e6:51:5e:b5:50:83:3a:8d:dc:1b:b9:
9c:3b:0a:fa:f4:ef:bc:fe:73:27:31:75:37:b6:12:74:93:31:
45:3e:86:94:e1:9e:d6:30:33:60:52:b3:df:21:a5:00:32:fe:
70:5a:30:f1:55:bd:eb:52:96:44:f2:bb:e4:d0:84:01:5d:9a:
2a:a2:1f:2a:67:19:41:e7:d3:fa:71:79:cb:f7:11:24:50:f6:
a5:a8:7d:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysEBI7gY70BOQds68rCfvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMzYxODBhYjQ1NDJkNmVlZTY2ZDlmOTkwMzBkZjcxMjM2
Y2UyNjQwHhcNMjYwMzAyMDEwMTAwWhcNMjYwMzAzMDEwMTAwWjAzMTEwLwYDVQQD
Eyg0ODZiN2I4ZDc5OTUyY2I5YmI5N2FmMzAxN2UxNWZhYTU4NWI2MzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNhgavvb5vxopvYYTodka6niY1vv
sZWs1Xeu+uJNpBvyQfgVmweNx6w9cqVCWvadyi7mVhRCn6u0pB9hhN2E6UTh+jap
Kdb4jLFUaJepwokNbUDBo7geScUin5nilqNCwyRIuClDgHlOTlIKQluN13EZ6XEh
y3vPWGQ72QUDqOxocmWM39MFsdF8NUv+y2NDod3mUU4NQlW0LCZNs9N1CLKT0+a+
7cumbfwS/0nHMMKiGDVxzUzal57NT996Z8BYicB/qCYPv7vz/STfovNMiDXV0GI9
fWbZVT9eLxOvyU1To8VmGh6C1AJ6DI6YnpFijKjkOGSwlhsT/+1EnPHaqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEhre415lSy5u5evMBfhX6pYW2MRMB8GA1UdIwQY
MBaAFMs2GAq0VC1u7mbZ+ZAw33EjbOJkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXpZWUNyUlVMVzd1WnRuNWtERGZjU05zNG1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8wNzk3ZDQtOGIyYy00MGFjLTljYWIt
NjY3ZGIxZGMxYjg2LzEveXpZWUNyUlVMVzd1WnRuNWtERGZjU05zNG1RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8wNzk3ZDQtOGIyYy00MGFjLTljYWItNjY3ZGIxZGMxYjg2
LzEveXpZWUNyUlVMVzd1WnRuNWtERGZjU05zNG1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ3HpqH5i
SYaA7J/1QwKXf7J5YtIBuIh38kdIWeSN3BUpjRUzN9IkQ3rP2fG7CMe+2yuGCkdo
o2w366YOwipU9DOBXueZkg8PZB6OquKJ3LZZv3v9b5uBxN0jbakpqcE/nP1fIJwZ
ySaBXRCcYYZ4cPZeZ70EguQGj2RHvY7UTXM0Fc8XY9JwTrN4Q7YzpbKfOXhwbR1U
w+7EajwxXLHUx2WGqYsYAR+WAuZRXrVQgzqN3Bu5nDsK+vTvvP5zJzF1N7YSdJMx
RT6GlOGe1jAzYFKz3yGlADL+cFow8VW961KWRPK75NCEAV2aKqIfKmcZQefT+nF5
y/cRJFD2pah9CA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:37:55 2026 by rpki-client