Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.mft
File: ypAPHhHi0l0LIxatbgEmhIOayB4.mft (raw, json)
Hash identifier: 3txyrCQ4whfa80v3X54eS4yChhazUMagCadc/LP9nnY=
Subject key identifier: E7:EA:C0:6A:0D:06:A0:41:D6:B8:14:EB:4A:02:65:B6:CD:88:27:C2
Authority key identifier: CA:90:0F:1E:11:E2:D2:5D:0B:23:16:AD:6E:01:26:84:83:9A:C8:1E
Certificate issuer: /CN=ca900f1e11e2d25d0b2316ad6e012684839ac81e
Certificate serial: 019A4DAAFABDA9DE924C447BECD57D82BFBD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypAPHhHi0l0LIxatbgEmhIOayB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 07:00:42 +0000
Manifest this update: Tue 04 Nov 2025 07:00:42 +0000
Manifest next update: Wed 05 Nov 2025 07:00:42 +0000
Files and hashes: 1: UvHXXFoVL7W8kRf_CmjRtC48uH4.roa (hash: E8q/i3b6Anio6852XqG98vgAFVWa9Xn560kQh/u0aSY=)
2: ypAPHhHi0l0LIxatbgEmhIOayB4.crl (hash: zxBI1ath996eZ6lX+Zw3nNS8FmQwz82HXJt+lxQKfDo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ypAPHhHi0l0LIxatbgEmhIOayB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:aa:fa:bd:a9:de:92:4c:44:7b:ec:d5:7d:82:bf:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca900f1e11e2d25d0b2316ad6e012684839ac81e
Validity
Not Before: Nov 4 07:00:42 2025 GMT
Not After : Nov 5 07:00:42 2025 GMT
Subject: CN=e7eac06a0d06a041d6b814eb4a0265b6cd8827c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b6:1a:f8:7c:9c:54:24:60:37:12:f5:66:a5:
f3:43:34:fa:8f:7a:f6:fb:88:fc:6c:a1:b0:d9:5c:
90:c1:29:74:7b:ed:71:ba:8c:00:18:d1:9f:c9:c0:
e0:e6:40:b3:dd:3b:02:01:d8:dd:7e:d8:88:c3:bd:
6b:84:68:7a:f5:7d:cc:68:a4:65:cd:6d:59:79:f2:
53:77:22:e7:20:12:bc:80:29:db:c9:0e:6d:f0:48:
0b:29:06:51:3d:31:30:7e:49:5c:57:7a:fe:df:21:
34:86:1f:1d:db:7c:63:fa:48:81:d4:71:9b:d6:7b:
a3:0d:86:69:31:62:bd:e5:c6:74:e0:b0:d2:fa:23:
c7:10:8c:5b:51:f5:98:44:9d:86:a7:02:f4:ad:9d:
e4:71:72:00:85:b1:69:a2:27:13:08:df:51:b9:f0:
0e:8b:d3:0a:20:a4:ac:85:19:b4:aa:c9:e3:0e:ef:
33:b6:db:9a:e9:5c:ab:b2:89:de:7b:ef:bd:f5:4d:
f3:33:02:c8:7c:0b:7f:e3:12:6d:cc:c1:a9:14:f2:
dd:8e:72:67:61:b9:f8:31:b6:84:b3:fb:26:12:f3:
cd:28:94:13:ae:c1:11:ac:a9:3f:77:bd:cf:cc:3f:
f5:94:b1:47:ee:16:88:9a:36:93:92:ee:83:18:81:
99:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:EA:C0:6A:0D:06:A0:41:D6:B8:14:EB:4A:02:65:B6:CD:88:27:C2
X509v3 Authority Key Identifier:
keyid:CA:90:0F:1E:11:E2:D2:5D:0B:23:16:AD:6E:01:26:84:83:9A:C8:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypAPHhHi0l0LIxatbgEmhIOayB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:3c:1c:e1:82:e3:83:ab:d2:95:ed:57:2f:9f:34:9b:67:0e:
f6:26:85:27:8c:95:ee:0a:95:1f:bd:76:15:b3:9d:89:05:d5:
d1:55:f1:d4:53:42:89:f8:dc:62:3e:72:da:fd:29:c1:ac:c0:
81:a0:26:3e:88:43:4e:10:fd:8e:f2:1b:7d:f0:92:77:4d:c7:
a5:3a:19:a4:a6:88:0b:4c:bb:55:54:e0:f2:77:94:33:7a:94:
d8:ec:db:45:9c:5f:46:ac:e8:78:d9:7c:b7:f1:2e:c5:78:76:
94:0a:72:e2:d2:4d:9f:ae:5a:50:78:c9:d4:03:25:6a:f5:6f:
e5:21:dc:15:26:49:1d:6c:68:0c:b1:e4:93:a2:44:62:b6:d2:
84:25:6e:fe:65:ec:13:ca:9e:b1:22:ba:20:35:36:55:44:70:
db:35:8e:1f:a0:98:0b:b5:b0:04:77:ed:d4:f5:89:6c:62:d9:
9f:f6:58:b5:36:54:c8:b9:9a:98:03:b1:5b:ce:88:c7:6a:7b:
e3:9f:c4:32:73:c9:67:e9:68:c3:18:8e:58:c3:ac:d1:e9:a8:
df:c2:8c:35:a7:09:59:38:f3:a7:04:2e:e2:df:df:54:41:3e:
da:f5:95:4a:84:ed:a8:42:de:bf:8b:9f:03:9f:91:19:1a:71:
1f:19:51:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqvq9qd6STER77NV9gr+9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTAwZjFlMTFlMmQyNWQwYjIzMTZhZDZlMDEyNjg0ODM5
YWM4MWUwHhcNMjUxMTA0MDcwMDQyWhcNMjUxMTA1MDcwMDQyWjAzMTEwLwYDVQQD
EyhlN2VhYzA2YTBkMDZhMDQxZDZiODE0ZWI0YTAyNjViNmNkODgyN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7Ya+HycVCRgNxL1ZqXzQzT6j3r2
+4j8bKGw2VyQwSl0e+1xuowAGNGfycDg5kCz3TsCAdjdftiIw71rhGh69X3MaKRl
zW1ZefJTdyLnIBK8gCnbyQ5t8EgLKQZRPTEwfklcV3r+3yE0hh8d23xj+kiB1HGb
1nujDYZpMWK95cZ04LDS+iPHEIxbUfWYRJ2GpwL0rZ3kcXIAhbFpoicTCN9RufAO
i9MKIKSshRm0qsnjDu8zttua6Vyrsonee++99U3zMwLIfAt/4xJtzMGpFPLdjnJn
Ybn4MbaEs/smEvPNKJQTrsERrKk/d73PzD/1lLFH7haImjaTku6DGIGZ/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOfqwGoNBqBB1rgU60oCZbbNiCfCMB8GA1UdIwQY
MBaAFMqQDx4R4tJdCyMWrW4BJoSDmsgeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBBUEhoSGkwbDBMSXhhdGJnRW1oSU9heUI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9mNjk2OWMtM2E2ZS00YmVjLTk3NDIt
ZWNlODdjNmEwMzE4LzEveXBBUEhoSGkwbDBMSXhhdGJnRW1oSU9heUI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9mNjk2OWMtM2E2ZS00YmVjLTk3NDItZWNlODdjNmEwMzE4
LzEveXBBUEhoSGkwbDBMSXhhdGJnRW1oSU9heUI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhDwc4YLj
g6vSle1XL580m2cO9iaFJ4yV7gqVH712FbOdiQXV0VXx1FNCifjcYj5y2v0pwazA
gaAmPohDThD9jvIbffCSd03HpToZpKaIC0y7VVTg8neUM3qU2OzbRZxfRqzoeNl8
t/EuxXh2lApy4tJNn65aUHjJ1AMlavVv5SHcFSZJHWxoDLHkk6JEYrbShCVu/mXs
E8qesSK6IDU2VURw2zWOH6CYC7WwBHft1PWJbGLZn/ZYtTZUyLmamAOxW86Ix2p7
45/EMnPJZ+lowxiOWMOs0emo38KMNacJWTjzpwQu4t/fVEE+2vWVSoTtqELev4uf
A5+RGRpxHxlR4w==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:56:14 2025 by rpki-client