Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
File: ygHfSTk2pi4uyamAWo-ja4M1vVA.mft (raw, json)
Hash identifier: u266nLq/Lm2JtCrF2i4Mxlxk/Mu74llOTm7QaNhnO7Y=
Subject key identifier: 38:0E:32:1E:7B:B1:9D:91:6D:EF:3E:05:02:5A:33:0E:0B:5A:13:21
Authority key identifier: CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
Certificate issuer: /CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Certificate serial: 019D97AB3076B0E7E0DEFC3ADF897C9DC39A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
Manifest number: 0A4E
Signing time: Thu 16 Apr 2026 19:01:11 +0000
Manifest this update: Thu 16 Apr 2026 19:01:11 +0000
Manifest next update: Fri 17 Apr 2026 19:01:11 +0000
Files and hashes: 1: 3GkC4alpDAvrmyyfcuXDAMj59Ng.roa (hash: m2jng52J8d+SYelIcZHf8/G6o3/K/EOSsyHZ2TT8VOM=)
2: ygHfSTk2pi4uyamAWo-ja4M1vVA.crl (hash: fbKgHfkjmYRPwXYU0ScMxncXEY97A07eoPuytikLTiA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 19:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:ab:30:76:b0:e7:e0:de:fc:3a:df:89:7c:9d:c3:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Validity
Not Before: Apr 16 19:01:11 2026 GMT
Not After : Apr 17 19:01:11 2026 GMT
Subject: CN=380e321e7bb19d916def3e05025a330e0b5a1321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:c6:1a:bd:b8:94:83:ed:ac:11:82:bd:4d:92:
b9:37:0c:cb:da:8a:5c:30:9b:c7:88:d7:ae:0b:20:
35:7c:a0:bf:57:00:b5:02:75:9b:4b:20:71:83:eb:
95:56:5f:4b:02:74:ba:16:4c:f1:66:f8:31:f8:28:
f2:f2:07:b5:c2:2c:69:ae:8a:61:7b:ee:d6:79:08:
5c:00:0d:7e:69:23:dc:23:c5:cd:f4:d0:c3:6d:66:
70:6f:1e:56:82:62:cc:3e:93:cb:bd:b1:1f:ff:b0:
b5:ae:e4:9a:a2:45:7a:2d:f4:65:6c:93:71:f8:17:
48:6f:e3:8c:22:9a:66:a0:08:50:41:2e:95:d1:3c:
da:ba:98:97:7d:b4:2b:25:a4:b5:39:2b:61:fd:e0:
cf:00:44:1a:3f:a3:b2:a1:28:ae:1e:1b:49:40:f2:
31:f0:f8:2c:0f:bc:48:f6:bc:6d:3e:89:56:e9:e4:
f4:a4:a2:94:c4:1f:51:8f:70:e9:05:cb:d6:5e:dd:
60:69:48:ad:91:d3:6c:3f:df:75:88:f7:22:bd:05:
84:fb:49:6a:d3:51:a5:77:1f:ba:21:dc:a2:59:a1:
54:d3:1e:6e:28:3d:e1:33:a1:93:0e:20:27:28:cf:
0e:ce:5d:da:be:14:2e:8d:d0:88:69:72:e7:5d:9c:
5b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:0E:32:1E:7B:B1:9D:91:6D:EF:3E:05:02:5A:33:0E:0B:5A:13:21
X509v3 Authority Key Identifier:
keyid:CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:97:4c:4d:a2:12:29:ed:15:b5:73:90:22:e7:a1:8b:e8:0c:
67:5e:5e:8b:71:74:31:db:08:41:a6:09:14:75:42:2a:53:86:
cb:d1:5b:77:b3:52:69:c2:69:d0:9e:c0:c8:a1:01:48:13:aa:
81:f6:b8:a4:56:61:d5:f5:4a:13:51:54:44:bc:f6:58:22:c6:
d8:8b:c5:6d:5c:25:d3:f0:2e:ab:b4:43:b4:6a:1c:48:42:e8:
c4:b6:bb:9b:5b:42:6d:8d:d5:fb:0a:b7:1a:2e:94:64:21:1c:
26:b9:dd:fb:16:c8:20:ad:94:c4:9a:07:dd:3b:85:a3:06:41:
a4:ea:b4:0f:f3:16:50:ca:4b:20:e8:b7:fb:68:52:77:5c:68:
aa:0a:06:85:9a:a6:c5:2a:24:3c:31:2f:5d:b8:97:87:ca:18:
f4:fa:a5:be:eb:12:04:b0:da:e0:17:2d:1a:ab:8c:81:e2:e8:
58:0e:23:10:8b:33:21:fd:89:df:52:91:d5:fe:11:47:0f:bc:
c1:00:5b:28:28:80:71:60:84:49:52:57:20:68:f3:1f:ce:0a:
67:bf:77:2a:f9:ca:b3:e0:16:2a:34:4a:6d:d3:6f:be:28:f8:
aa:d6:69:fa:0b:50:53:4f:43:6e:d3:b7:99:33:2f:2d:d6:a1:
61:4f:70:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2XqzB2sOfg3vw634l8ncOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMDFkZjQ5MzkzNmE2MmUyZWM5YTk4MDVhOGZhMzZiODMz
NWJkNTAwHhcNMjYwNDE2MTkwMTExWhcNMjYwNDE3MTkwMTExWjAzMTEwLwYDVQQD
EygzODBlMzIxZTdiYjE5ZDkxNmRlZjNlMDUwMjVhMzMwZTBiNWExMzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sYavbiUg+2sEYK9TZK5NwzL2opc
MJvHiNeuCyA1fKC/VwC1AnWbSyBxg+uVVl9LAnS6FkzxZvgx+Cjy8ge1wixproph
e+7WeQhcAA1+aSPcI8XN9NDDbWZwbx5WgmLMPpPLvbEf/7C1ruSaokV6LfRlbJNx
+BdIb+OMIppmoAhQQS6V0TzaupiXfbQrJaS1OSth/eDPAEQaP6OyoSiuHhtJQPIx
8PgsD7xI9rxtPolW6eT0pKKUxB9Rj3DpBcvWXt1gaUitkdNsP991iPcivQWE+0lq
01Gldx+6IdyiWaFU0x5uKD3hM6GTDiAnKM8Ozl3avhQujdCIaXLnXZxbzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDgOMh57sZ2Rbe8+BQJaMw4LWhMhMB8GA1UdIwQY
MBaAFMoB30k5NqYuLsmpgFqPo2uDNb1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUt
OTYyNzU4YTNkNWVhLzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUtOTYyNzU4YTNkNWVh
LzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf5dMTaIS
Ke0VtXOQIuehi+gMZ15ei3F0MdsIQaYJFHVCKlOGy9Fbd7NSacJp0J7AyKEBSBOq
gfa4pFZh1fVKE1FURLz2WCLG2IvFbVwl0/Auq7RDtGocSELoxLa7m1tCbY3V+wq3
Gi6UZCEcJrnd+xbIIK2UxJoH3TuFowZBpOq0D/MWUMpLIOi3+2hSd1xoqgoGhZqm
xSokPDEvXbiXh8oY9PqlvusSBLDa4BctGquMgeLoWA4jEIszIf2J31KR1f4RRw+8
wQBbKCiAcWCESVJXIGjzH84KZ793KvnKs+AWKjRKbdNvvij4qtZp+gtQU09DbtO3
mTMvLdahYU9wVg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:40:41 2026 by rpki-client