Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
File: ygHfSTk2pi4uyamAWo-ja4M1vVA.mft (raw, json)
Hash identifier: ClFuuv6/0Lgt5RaSQbtTvjcGZZO0/WPlXHHne9ESY8g=
Subject key identifier: 50:AC:53:E2:47:61:58:6F:22:15:43:F5:EC:47:BB:83:15:C3:3C:3E
Authority key identifier: CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
Certificate issuer: /CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Certificate serial: 019CAC0FCE28BC37B33DA8C9183C0E81AB2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
Manifest number: 09D4
Signing time: Mon 02 Mar 2026 01:00:42 +0000
Manifest this update: Mon 02 Mar 2026 01:00:42 +0000
Manifest next update: Tue 03 Mar 2026 01:00:42 +0000
Files and hashes: 1: 3GkC4alpDAvrmyyfcuXDAMj59Ng.roa (hash: m2jng52J8d+SYelIcZHf8/G6o3/K/EOSsyHZ2TT8VOM=)
2: ygHfSTk2pi4uyamAWo-ja4M1vVA.crl (hash: DwmE70vtzXZts3Y0zVkav1s0/e68HCTKH7yx5ofFj8Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:0f:ce:28:bc:37:b3:3d:a8:c9:18:3c:0e:81:ab:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Validity
Not Before: Mar 2 01:00:42 2026 GMT
Not After : Mar 3 01:00:42 2026 GMT
Subject: CN=50ac53e24761586f221543f5ec47bb8315c33c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:c3:47:d2:81:df:20:be:db:57:b3:95:52:ab:
3e:6b:c2:63:a2:90:63:02:d0:af:2d:cc:f5:16:4e:
ef:64:63:a1:d1:b5:c7:08:6c:3f:f1:c4:b6:71:3c:
c4:49:5f:3c:9f:13:0a:e8:f7:39:67:41:b8:06:d7:
51:7e:e4:ac:0c:8f:57:71:e4:dd:38:b3:9b:b5:de:
4f:7b:92:be:57:ba:62:4a:0e:00:37:8c:8f:c8:cb:
fb:74:ab:53:6b:3e:62:55:b2:60:f7:72:8d:4a:2d:
b6:d6:44:ff:85:b6:83:e3:d9:01:b5:7d:2c:8a:15:
f0:9e:36:f8:37:4f:3c:76:33:a2:3e:f1:e4:12:ab:
0b:3d:14:c0:72:5c:d4:48:23:10:45:e5:de:64:b8:
6d:9d:00:30:01:00:61:0b:c5:28:d2:92:fb:8c:e6:
39:a9:a8:7d:af:11:a5:87:43:0e:52:d5:d0:ac:1b:
2f:0b:7a:1b:b2:4a:20:7d:80:7c:fd:9a:d5:f0:a0:
d4:e3:5f:9e:2f:71:4d:1d:d1:fb:bd:f1:1e:c1:26:
2c:ae:db:d4:a4:b0:c6:da:01:c2:89:5a:0e:ae:16:
54:76:48:5f:db:37:32:c6:6b:f1:b6:6f:f3:16:5a:
3d:4c:12:3c:d5:dc:aa:2f:df:fb:ae:37:92:9f:ef:
d0:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:AC:53:E2:47:61:58:6F:22:15:43:F5:EC:47:BB:83:15:C3:3C:3E
X509v3 Authority Key Identifier:
keyid:CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:bb:33:1a:ae:95:47:95:a6:7b:0a:85:43:7c:2a:e8:b3:2e:
26:f6:8c:73:9a:9e:6f:5f:25:f7:8e:7b:e6:be:1f:13:73:92:
37:bc:e6:3f:e9:e7:b2:0c:94:96:59:85:8d:c1:29:45:b5:52:
ad:d0:7a:b1:8c:6b:86:33:8f:7c:67:1e:01:1b:45:8a:eb:eb:
ef:fe:39:0a:c4:c8:22:b9:98:04:2a:50:f1:57:37:a2:ee:8c:
77:54:19:60:a3:b0:07:f7:45:94:ba:41:e2:54:1f:61:91:5d:
77:34:34:33:96:58:7a:47:5f:5b:74:83:18:56:cc:63:ca:fa:
3d:a6:ff:2c:71:a2:fa:1d:1d:6a:dd:98:d2:0a:20:73:cd:54:
86:d0:17:a9:e9:ea:62:b4:b9:b5:43:d9:d9:d6:1d:f5:31:fc:
7c:6b:49:f3:ad:53:57:85:a7:07:17:36:11:50:74:c8:12:dc:
bd:ea:60:41:30:e9:ba:2d:1b:3d:d4:52:55:f7:c4:75:7f:a1:
21:91:54:e1:a5:1a:af:bb:6b:81:f9:0b:c5:79:13:58:09:6f:
6d:09:79:e0:24:8e:0b:03:c7:91:04:dd:37:c3:49:75:e3:6f:
42:07:31:e6:15:2a:ff:28:56:6f:16:cb:9c:63:bd:45:f7:bd:
77:e5:e4:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD84ovDezPajJGDwOgasvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMDFkZjQ5MzkzNmE2MmUyZWM5YTk4MDVhOGZhMzZiODMz
NWJkNTAwHhcNMjYwMzAyMDEwMDQyWhcNMjYwMzAzMDEwMDQyWjAzMTEwLwYDVQQD
Eyg1MGFjNTNlMjQ3NjE1ODZmMjIxNTQzZjVlYzQ3YmI4MzE1YzMzYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9cNH0oHfIL7bV7OVUqs+a8JjopBj
AtCvLcz1Fk7vZGOh0bXHCGw/8cS2cTzESV88nxMK6Pc5Z0G4BtdRfuSsDI9XceTd
OLObtd5Pe5K+V7piSg4AN4yPyMv7dKtTaz5iVbJg93KNSi221kT/hbaD49kBtX0s
ihXwnjb4N088djOiPvHkEqsLPRTAclzUSCMQReXeZLhtnQAwAQBhC8Uo0pL7jOY5
qah9rxGlh0MOUtXQrBsvC3obskogfYB8/ZrV8KDU41+eL3FNHdH7vfEewSYsrtvU
pLDG2gHCiVoOrhZUdkhf2zcyxmvxtm/zFlo9TBI81dyqL9/7rjeSn+/Q0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFCsU+JHYVhvIhVD9exHu4MVwzw+MB8GA1UdIwQY
MBaAFMoB30k5NqYuLsmpgFqPo2uDNb1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUt
OTYyNzU4YTNkNWVhLzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUtOTYyNzU4YTNkNWVh
LzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmLszGq6V
R5WmewqFQ3wq6LMuJvaMc5qeb18l94575r4fE3OSN7zmP+nnsgyUllmFjcEpRbVS
rdB6sYxrhjOPfGceARtFiuvr7/45CsTIIrmYBCpQ8Vc3ou6Md1QZYKOwB/dFlLpB
4lQfYZFddzQ0M5ZYekdfW3SDGFbMY8r6Pab/LHGi+h0dat2Y0gogc81UhtAXqenq
YrS5tUPZ2dYd9TH8fGtJ861TV4WnBxc2EVB0yBLcvepgQTDpui0bPdRSVffEdX+h
IZFU4aUar7trgfkLxXkTWAlvbQl54CSOCwPHkQTdN8NJdeNvQgcx5hUq/yhWbxbL
nGO9Rfe9d+Xk0w==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:51:10 2026 by rpki-client