Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.mft
File: ypAPHhHi0l0LIxatbgEmhIOayB4.mft (raw, json)
Hash identifier: PS7Fin7TS4qmEiJdBkGF0G/EEYASTOns32evRqIqS2s=
Subject key identifier: 2A:71:A0:B0:B0:79:EA:3D:D1:0B:F7:66:0C:18:5C:73:7B:D0:9A:59
Authority key identifier: CA:90:0F:1E:11:E2:D2:5D:0B:23:16:AD:6E:01:26:84:83:9A:C8:1E
Certificate issuer: /CN=ca900f1e11e2d25d0b2316ad6e012684839ac81e
Certificate serial: 019CAD9019EE1FA1C786171695D7C7CA8092
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypAPHhHi0l0LIxatbgEmhIOayB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.mft
Manifest number: 1848
Signing time: Mon 02 Mar 2026 08:00:27 +0000
Manifest this update: Mon 02 Mar 2026 08:00:27 +0000
Manifest next update: Tue 03 Mar 2026 08:00:27 +0000
Files and hashes: 1: K2muBRhSzEeWwEOKyiaVJYw5K3c.roa (hash: 9FMIKD8yGkaykJTy68XJ8mxhdE87R0V7qtYcMc3oayY=)
2: ypAPHhHi0l0LIxatbgEmhIOayB4.crl (hash: bzdExkNifOPnKepny7ldm1ytD7z7R6zTqMhaaO3M96I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ypAPHhHi0l0LIxatbgEmhIOayB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:90:19:ee:1f:a1:c7:86:17:16:95:d7:c7:ca:80:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca900f1e11e2d25d0b2316ad6e012684839ac81e
Validity
Not Before: Mar 2 08:00:27 2026 GMT
Not After : Mar 3 08:00:27 2026 GMT
Subject: CN=2a71a0b0b079ea3dd10bf7660c185c737bd09a59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:95:01:b9:78:60:9b:0a:03:d4:a9:b5:e3:00:
db:2f:05:f2:61:5b:8e:60:ea:de:6c:85:17:ab:8d:
ee:98:88:2b:36:de:3d:da:16:6f:ff:54:7d:5a:e6:
70:03:1c:51:b5:1a:73:4a:ab:1b:8c:ed:29:16:75:
4f:df:8b:7c:76:4c:0e:c5:eb:c8:24:50:55:32:7a:
55:99:bd:f8:5b:82:0d:12:8b:99:7c:f6:7d:df:16:
5c:0d:1a:f6:67:35:d0:d7:44:fe:47:9e:69:2b:bb:
86:1c:0b:04:fd:72:1c:d8:24:ea:fc:41:95:92:94:
cf:11:13:81:63:18:4f:7f:0f:cb:e8:8b:1a:27:98:
39:47:43:39:3f:b5:f2:ad:90:dc:cb:f6:12:83:4d:
b9:4a:3b:82:8d:85:9c:e1:fe:62:28:f6:b5:f7:be:
e4:51:70:53:95:58:16:06:26:ea:e2:4b:54:e2:d8:
0d:37:79:24:19:2c:8f:c7:f4:b5:fd:11:66:2f:18:
85:1d:e1:a8:c5:3d:e9:23:ab:b3:e7:4f:4b:ee:0c:
8f:24:ca:fa:89:50:87:0d:0a:a7:68:8c:df:5d:82:
6b:2b:8a:0b:40:dc:32:44:88:54:85:79:97:ec:8e:
c0:31:7b:cc:c9:dd:46:7a:1f:ff:aa:4d:31:65:c6:
a2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:71:A0:B0:B0:79:EA:3D:D1:0B:F7:66:0C:18:5C:73:7B:D0:9A:59
X509v3 Authority Key Identifier:
keyid:CA:90:0F:1E:11:E2:D2:5D:0B:23:16:AD:6E:01:26:84:83:9A:C8:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypAPHhHi0l0LIxatbgEmhIOayB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:30:cd:db:7f:24:f8:74:94:1a:13:9e:e0:b7:1d:4b:65:1a:
69:a2:1e:81:5d:65:e3:b0:72:20:d8:cb:e1:f8:f8:50:04:3a:
78:72:79:35:3e:71:30:3a:09:1e:84:0f:29:55:2f:0f:94:f9:
47:fd:66:72:1d:73:4e:ad:b4:1c:0b:87:2e:6a:6c:2e:ef:58:
39:a3:1a:d3:6b:53:6f:14:f9:26:a1:34:34:9c:30:b4:f7:ad:
46:69:e9:10:8a:4f:9e:a6:ec:7a:e6:dd:ad:32:63:b0:8e:b4:
da:e4:88:96:db:c5:44:2c:97:27:a1:d1:8a:ec:38:14:ff:26:
b0:61:fb:0c:c5:d7:5b:67:d6:1e:a2:09:7d:dc:06:13:4a:91:
bb:12:08:17:c8:02:39:00:64:b8:86:71:37:ea:11:64:5d:65:
9d:fa:80:63:1d:6b:0d:ee:66:60:c9:8d:00:7f:6c:1c:ca:44:
88:8a:e6:bc:fe:a2:a1:a2:1f:6e:6c:d1:3e:10:d1:ff:4b:2e:
c8:16:bf:17:44:87:a8:e8:99:fd:18:83:37:b4:09:0f:26:96:
50:91:69:74:3c:02:ba:d8:52:28:25:3f:c8:4e:a4:60:23:a4:
90:0c:7d:b2:62:f3:10:b1:23:8a:c0:ac:d0:27:01:be:18:03:
eb:d2:5b:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytkBnuH6HHhhcWldfHyoCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTAwZjFlMTFlMmQyNWQwYjIzMTZhZDZlMDEyNjg0ODM5
YWM4MWUwHhcNMjYwMzAyMDgwMDI3WhcNMjYwMzAzMDgwMDI3WjAzMTEwLwYDVQQD
EygyYTcxYTBiMGIwNzllYTNkZDEwYmY3NjYwYzE4NWM3MzdiZDA5YTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZUBuXhgmwoD1Km14wDbLwXyYVuO
YOrebIUXq43umIgrNt492hZv/1R9WuZwAxxRtRpzSqsbjO0pFnVP34t8dkwOxevI
JFBVMnpVmb34W4INEouZfPZ93xZcDRr2ZzXQ10T+R55pK7uGHAsE/XIc2CTq/EGV
kpTPEROBYxhPfw/L6IsaJ5g5R0M5P7XyrZDcy/YSg025SjuCjYWc4f5iKPa1977k
UXBTlVgWBibq4ktU4tgNN3kkGSyPx/S1/RFmLxiFHeGoxT3pI6uz509L7gyPJMr6
iVCHDQqnaIzfXYJrK4oLQNwyRIhUhXmX7I7AMXvMyd1Geh//qk0xZcaicwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpxoLCweeo90Qv3ZgwYXHN70JpZMB8GA1UdIwQY
MBaAFMqQDx4R4tJdCyMWrW4BJoSDmsgeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBBUEhoSGkwbDBMSXhhdGJnRW1oSU9heUI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9mNjk2OWMtM2E2ZS00YmVjLTk3NDIt
ZWNlODdjNmEwMzE4LzEveXBBUEhoSGkwbDBMSXhhdGJnRW1oSU9heUI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9mNjk2OWMtM2E2ZS00YmVjLTk3NDItZWNlODdjNmEwMzE4
LzEveXBBUEhoSGkwbDBMSXhhdGJnRW1oSU9heUI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcDDN238k
+HSUGhOe4LcdS2UaaaIegV1l47ByINjL4fj4UAQ6eHJ5NT5xMDoJHoQPKVUvD5T5
R/1mch1zTq20HAuHLmpsLu9YOaMa02tTbxT5JqE0NJwwtPetRmnpEIpPnqbseubd
rTJjsI602uSIltvFRCyXJ6HRiuw4FP8msGH7DMXXW2fWHqIJfdwGE0qRuxIIF8gC
OQBkuIZxN+oRZF1lnfqAYx1rDe5mYMmNAH9sHMpEiIrmvP6ioaIfbmzRPhDR/0su
yBa/F0SHqOiZ/RiDN7QJDyaWUJFpdDwCuthSKCU/yE6kYCOkkAx9smLzELEjisCs
0CcBvhgD69JbMg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:34:48 2026 by rpki-client