Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/1cecb8-97d9-473f-b004-cc912746e47e/1/ylmb3Bz8eujML7oV_NgMoRc3hGc.mft
File: ylmb3Bz8eujML7oV_NgMoRc3hGc.mft (raw, json)
Hash identifier: GjkQLB06IPWIx5dLOxGGaSDZF5SK5r+QMy+5wP2FxQY=
Subject key identifier: 3D:2A:24:C1:AF:C9:79:00:8C:A5:77:94:71:8E:06:AA:D0:A7:EB:CF
Authority key identifier: CA:59:9B:DC:1C:FC:7A:E8:CC:2F:BA:15:FC:D8:0C:A1:17:37:84:67
Certificate issuer: /CN=ca599bdc1cfc7ae8cc2fba15fcd80ca117378467
Certificate serial: 019A5075043350CAADA99E9D3203C4ECCF6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ylmb3Bz8eujML7oV_NgMoRc3hGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/1cecb8-97d9-473f-b004-cc912746e47e/1/ylmb3Bz8eujML7oV_NgMoRc3hGc.mft
Manifest number: 0325
Signing time: Tue 04 Nov 2025 20:00:37 +0000
Manifest this update: Tue 04 Nov 2025 20:00:37 +0000
Manifest next update: Wed 05 Nov 2025 20:00:37 +0000
Files and hashes: 1: ylmb3Bz8eujML7oV_NgMoRc3hGc.crl (hash: mjJenxq2+Cu1G/Q8UJaB2/3IoRTG1FEEz0JgreJQsHg=)
2: zIZvUw6LEttnk9GqCkFL8S-ncbM.roa (hash: g5dRThI/Wu6nM24igsF8Y2hQEgVjjdxUN3aRLJWGc3E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/1cecb8-97d9-473f-b004-cc912746e47e/1/ylmb3Bz8eujML7oV_NgMoRc3hGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/1cecb8-97d9-473f-b004-cc912746e47e/1/ylmb3Bz8eujML7oV_NgMoRc3hGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ylmb3Bz8eujML7oV_NgMoRc3hGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 20:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:75:04:33:50:ca:ad:a9:9e:9d:32:03:c4:ec:cf:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca599bdc1cfc7ae8cc2fba15fcd80ca117378467
Validity
Not Before: Nov 4 20:00:37 2025 GMT
Not After : Nov 5 20:00:37 2025 GMT
Subject: CN=3d2a24c1afc979008ca57794718e06aad0a7ebcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d4:2d:ec:8f:58:22:6d:c0:6d:a1:54:b6:82:
f8:54:d9:2c:86:80:01:66:18:d2:48:ac:b7:34:f6:
55:2b:da:b1:55:23:5e:39:78:ac:c7:07:57:78:0c:
77:1b:27:9a:87:75:0d:39:6e:05:8c:2b:22:e8:af:
78:b3:ef:5b:72:34:eb:f5:df:e6:16:33:8c:e7:75:
0f:bf:5d:44:94:b7:3d:cf:54:3c:8b:73:79:fc:19:
5d:af:e1:74:99:8a:e3:2a:72:ee:e0:a3:71:23:53:
ca:0e:11:d3:43:04:14:d6:f9:db:33:35:b4:20:4c:
f7:74:b7:d6:82:4f:be:cd:e1:49:26:30:54:f5:d0:
c6:c4:79:88:8b:b8:df:a4:05:05:b4:75:b8:f2:ce:
6e:36:b5:e5:6e:9a:3e:6f:74:fc:3c:83:79:3d:b6:
af:56:ed:db:2d:eb:a3:e6:c6:ea:d7:ba:2b:9d:ae:
79:5d:39:85:b6:89:fc:98:22:e0:48:6d:d3:a3:63:
99:23:ab:90:69:e3:95:bf:4c:23:79:4d:00:35:96:
e6:69:d6:e6:f8:e2:df:0a:55:12:df:b9:3a:34:15:
78:d2:45:b9:be:26:5f:5e:a5:6c:74:5e:cf:c6:a4:
1a:3b:f2:b1:b5:1d:14:81:b9:93:a8:4f:d7:56:f9:
b3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:2A:24:C1:AF:C9:79:00:8C:A5:77:94:71:8E:06:AA:D0:A7:EB:CF
X509v3 Authority Key Identifier:
keyid:CA:59:9B:DC:1C:FC:7A:E8:CC:2F:BA:15:FC:D8:0C:A1:17:37:84:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ylmb3Bz8eujML7oV_NgMoRc3hGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1cecb8-97d9-473f-b004-cc912746e47e/1/ylmb3Bz8eujML7oV_NgMoRc3hGc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1cecb8-97d9-473f-b004-cc912746e47e/1/ylmb3Bz8eujML7oV_NgMoRc3hGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:af:5e:8e:8a:50:14:9c:1c:ce:fe:db:e0:65:28:8b:d9:cb:
c8:ab:1a:72:85:0e:4d:0f:08:5b:2b:20:3d:dd:ff:78:75:c1:
d7:18:91:36:c5:e1:09:3a:e4:b9:43:fb:a7:00:01:b5:85:f1:
fc:6f:28:24:44:39:45:74:98:bc:3f:1e:2e:6a:91:c6:c2:c5:
08:89:74:06:9d:cb:1a:81:f9:fd:06:c4:6b:d8:64:5a:db:ea:
52:75:4e:c6:21:7b:6d:dd:f4:33:40:ca:a5:cb:25:17:3c:2c:
5c:96:5a:c1:3a:28:f8:1d:27:a6:47:63:91:4e:31:d5:53:03:
16:21:e6:d0:fa:f4:ce:33:6d:5d:96:46:8b:30:da:19:42:35:
b9:46:71:1d:be:9a:61:60:16:40:40:ed:9a:e1:6d:86:ef:de:
52:c5:f9:fb:36:80:0d:5a:ed:45:0e:62:78:3d:b9:cd:7e:d3:
d0:4d:3c:b9:b4:f2:3a:57:e5:0e:a2:96:62:2d:aa:99:ce:a2:
f8:25:4a:a9:25:94:2e:e0:65:12:32:a8:73:41:30:9f:67:80:
2e:18:72:8a:cb:6a:94:ba:4e:81:93:90:8d:2b:f7:df:77:ac:
5d:d1:de:fa:31:55:00:93:59:a5:92:a6:ec:85:e0:00:3b:2b:
7f:1f:55:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQdQQzUMqtqZ6dMgPE7M9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNTk5YmRjMWNmYzdhZThjYzJmYmExNWZjZDgwY2ExMTcz
Nzg0NjcwHhcNMjUxMTA0MjAwMDM3WhcNMjUxMTA1MjAwMDM3WjAzMTEwLwYDVQQD
EygzZDJhMjRjMWFmYzk3OTAwOGNhNTc3OTQ3MThlMDZhYWQwYTdlYmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtQt7I9YIm3AbaFUtoL4VNkshoAB
ZhjSSKy3NPZVK9qxVSNeOXisxwdXeAx3Gyeah3UNOW4FjCsi6K94s+9bcjTr9d/m
FjOM53UPv11ElLc9z1Q8i3N5/Bldr+F0mYrjKnLu4KNxI1PKDhHTQwQU1vnbMzW0
IEz3dLfWgk++zeFJJjBU9dDGxHmIi7jfpAUFtHW48s5uNrXlbpo+b3T8PIN5Pbav
Vu3bLeuj5sbq17orna55XTmFton8mCLgSG3To2OZI6uQaeOVv0wjeU0ANZbmadbm
+OLfClUS37k6NBV40kW5viZfXqVsdF7PxqQaO/KxtR0UgbmTqE/XVvmztQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD0qJMGvyXkAjKV3lHGOBqrQp+vPMB8GA1UdIwQY
MBaAFMpZm9wc/HrozC+6FfzYDKEXN4RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWxtYjNCejhldWpNTDdvVl9OZ01vUmMzaEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8xY2VjYjgtOTdkOS00NzNmLWIwMDQt
Y2M5MTI3NDZlNDdlLzEveWxtYjNCejhldWpNTDdvVl9OZ01vUmMzaEdjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8xY2VjYjgtOTdkOS00NzNmLWIwMDQtY2M5MTI3NDZlNDdl
LzEveWxtYjNCejhldWpNTDdvVl9OZ01vUmMzaEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbK9ejopQ
FJwczv7b4GUoi9nLyKsacoUOTQ8IWysgPd3/eHXB1xiRNsXhCTrkuUP7pwABtYXx
/G8oJEQ5RXSYvD8eLmqRxsLFCIl0Bp3LGoH5/QbEa9hkWtvqUnVOxiF7bd30M0DK
pcslFzwsXJZawToo+B0npkdjkU4x1VMDFiHm0Pr0zjNtXZZGizDaGUI1uUZxHb6a
YWAWQEDtmuFthu/eUsX5+zaADVrtRQ5ieD25zX7T0E08ubTyOlflDqKWYi2qmc6i
+CVKqSWULuBlEjKoc0Ewn2eALhhyistqlLpOgZOQjSv333esXdHe+jFVAJNZpZKm
7IXgADsrfx9VxQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:52:28 2025 by rpki-client