Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
File: ygHfSTk2pi4uyamAWo-ja4M1vVA.mft (raw, json)
Hash identifier: aKJ15zQLnczNa0Mg6qYvvuvyHUheHOrwplDk9I5cHc0=
Subject key identifier: BC:BD:D0:14:99:6B:A0:93:BB:C8:A4:12:EF:3F:40:6A:60:FD:4A:AD
Authority key identifier: CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
Certificate issuer: /CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Certificate serial: 019A53E4039EF51DB7D48113B1EBE84CA585
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
Manifest number: 089D
Signing time: Wed 05 Nov 2025 12:00:43 +0000
Manifest this update: Wed 05 Nov 2025 12:00:43 +0000
Manifest next update: Thu 06 Nov 2025 12:00:43 +0000
Files and hashes: 1: VJejrkbQcGz8ZtoJmN8x1bw4bkc.roa (hash: fTHkpU+4ZrTAo/sH1aFITBDz8Ocuvc9wBymMbgUJLms=)
2: ygHfSTk2pi4uyamAWo-ja4M1vVA.crl (hash: ZJDqNSR19bD0kqDj+B9FI3sZQiMoZ4o5T/ZdpKjO6w4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:e4:03:9e:f5:1d:b7:d4:81:13:b1:eb:e8:4c:a5:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Validity
Not Before: Nov 5 12:00:43 2025 GMT
Not After : Nov 6 12:00:43 2025 GMT
Subject: CN=bcbdd014996ba093bbc8a412ef3f406a60fd4aad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:52:ef:2f:5a:4e:e5:05:7a:fe:e4:28:4e:16:
ba:1e:88:49:fe:62:f5:9c:df:b6:da:62:10:11:d5:
f0:02:71:f5:92:0d:9a:ba:69:e0:4d:c3:0a:5b:ba:
70:d2:68:f4:5d:a5:91:cd:94:b8:af:dd:6d:36:21:
71:ac:05:c6:2b:4c:15:4a:97:69:99:c1:2c:e4:11:
b2:e1:fb:8d:a0:4c:75:66:97:2b:83:ca:0b:0a:eb:
ed:c6:0f:f0:58:ed:b0:15:70:6b:6a:f1:5b:5b:30:
de:a1:af:d9:54:18:b5:50:eb:81:30:7d:4a:20:de:
40:55:1d:94:07:45:a8:41:36:f7:a1:b5:b4:c5:b5:
a2:9f:bd:a8:7d:67:e3:ea:0a:ca:9a:1d:c2:a5:96:
f6:4e:d8:87:3c:47:c6:33:5d:2b:56:4d:28:d5:d9:
bc:a9:a7:f8:cf:34:37:61:39:68:35:ad:24:6e:93:
27:d2:6d:85:50:f0:5e:2f:3d:0d:fa:ce:e7:da:98:
9f:8d:73:36:ac:6f:8e:56:6d:7f:81:6b:b5:84:c7:
33:cb:ec:43:79:76:d6:83:96:54:5a:7f:53:b1:68:
e4:4f:46:7d:c5:33:40:65:e8:cf:89:af:c5:b5:5a:
44:e5:40:3d:d3:71:1c:71:8d:5c:bd:25:84:b2:02:
f2:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:BD:D0:14:99:6B:A0:93:BB:C8:A4:12:EF:3F:40:6A:60:FD:4A:AD
X509v3 Authority Key Identifier:
keyid:CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:36:fc:c2:dd:a2:00:20:11:f8:71:72:45:51:21:98:bf:6b:
69:a5:a9:c5:b2:dd:9f:9b:3c:b7:d3:60:ec:9e:bc:6f:ff:3c:
a7:7c:dd:51:c3:20:06:4b:70:fa:9a:05:b6:3c:e1:0e:e5:67:
09:9a:8b:b0:13:1a:aa:e7:19:30:05:27:36:c4:e3:0e:99:42:
fb:1e:90:08:7d:3f:a2:1a:8b:7e:4c:76:c4:d1:29:2f:71:17:
ae:9f:51:48:3b:b9:ad:cf:05:2d:d4:1b:e9:e0:f2:61:3f:7f:
16:62:f2:ac:f0:ec:a1:11:0a:9c:ab:19:49:2d:e7:14:65:de:
c1:0c:01:f4:22:a9:20:3f:42:1b:82:0b:9b:35:5e:a9:bf:f9:
97:68:bd:35:c4:cf:18:21:78:2c:e0:21:92:a7:5a:ab:d6:d7:
b5:7e:8d:8f:de:2a:79:5f:33:3f:12:e8:a3:bf:a0:3e:a4:85:
87:58:22:3a:47:d2:c5:42:43:47:6b:ec:c3:04:04:28:a9:d1:
e3:5f:4f:02:13:ca:2b:fa:ec:33:3d:d1:c8:7a:40:78:47:2a:
de:3d:0b:c4:9b:f2:7e:8f:58:e6:f6:d3:2a:c8:ba:bd:97:7f:
84:4e:5c:10:91:8d:03:f9:20:47:fc:f8:e2:fe:30:24:6e:4e:
91:71:b1:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpT5AOe9R231IETsevoTKWFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMDFkZjQ5MzkzNmE2MmUyZWM5YTk4MDVhOGZhMzZiODMz
NWJkNTAwHhcNMjUxMTA1MTIwMDQzWhcNMjUxMTA2MTIwMDQzWjAzMTEwLwYDVQQD
EyhiY2JkZDAxNDk5NmJhMDkzYmJjOGE0MTJlZjNmNDA2YTYwZmQ0YWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVLvL1pO5QV6/uQoTha6HohJ/mL1
nN+22mIQEdXwAnH1kg2aumngTcMKW7pw0mj0XaWRzZS4r91tNiFxrAXGK0wVSpdp
mcEs5BGy4fuNoEx1Zpcrg8oLCuvtxg/wWO2wFXBravFbWzDeoa/ZVBi1UOuBMH1K
IN5AVR2UB0WoQTb3obW0xbWin72ofWfj6grKmh3CpZb2TtiHPEfGM10rVk0o1dm8
qaf4zzQ3YTloNa0kbpMn0m2FUPBeLz0N+s7n2pifjXM2rG+OVm1/gWu1hMczy+xD
eXbWg5ZUWn9TsWjkT0Z9xTNAZejPia/FtVpE5UA903EccY1cvSWEsgLykwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLy90BSZa6CTu8ikEu8/QGpg/UqtMB8GA1UdIwQY
MBaAFMoB30k5NqYuLsmpgFqPo2uDNb1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUt
OTYyNzU4YTNkNWVhLzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUtOTYyNzU4YTNkNWVh
LzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAATb8wt2i
ACAR+HFyRVEhmL9raaWpxbLdn5s8t9Ng7J68b/88p3zdUcMgBktw+poFtjzhDuVn
CZqLsBMaqucZMAUnNsTjDplC+x6QCH0/ohqLfkx2xNEpL3EXrp9RSDu5rc8FLdQb
6eDyYT9/FmLyrPDsoREKnKsZSS3nFGXewQwB9CKpID9CG4ILmzVeqb/5l2i9NcTP
GCF4LOAhkqdaq9bXtX6Nj94qeV8zPxLoo7+gPqSFh1giOkfSxUJDR2vswwQEKKnR
419PAhPKK/rsMz3RyHpAeEcq3j0LxJvyfo9Y5vbTKsi6vZd/hE5cEJGNA/kgR/z4
4v4wJG5OkXGxBA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:29:41 2025 by rpki-client