Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
File: RyyyiCCZANGvGpmLsDnsdX5JPdU.mft (raw, json)
Hash identifier: SABsG62SGPM6FnMmNCseSGhoH26I1EFAOei7Ga0XGhY=
Subject key identifier: 94:90:F9:D8:6D:95:DA:46:8F:9D:E8:7B:09:5B:97:9E:43:E4:44:E8
Authority key identifier: 47:2C:B2:88:20:99:00:D1:AF:1A:99:8B:B0:39:EC:75:7E:49:3D:D5
Certificate issuer: /CN=472cb288209900d1af1a998bb039ec757e493dd5
Certificate serial: 019D273B32B55358D05F91B376FC201C9AD9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyyyiCCZANGvGpmLsDnsdX5JPdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
Manifest number: 0AAF
Signing time: Wed 25 Mar 2026 23:01:24 +0000
Manifest this update: Wed 25 Mar 2026 23:01:24 +0000
Manifest next update: Thu 26 Mar 2026 23:01:24 +0000
Files and hashes: 1: JJzMSTrLw8Mj9A-jTJgxuAcpCQg.roa (hash: bTN07ZSVj23jINcVNw98RDlf14ha9z+H0npRvmlsk8E=)
2: RyyyiCCZANGvGpmLsDnsdX5JPdU.crl (hash: CJ7zrsSCFVtpGsztPR3FxPP1Dydhl9NrPeVTmc6jcFY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
rsync://rpki.ripe.net/repository/DEFAULT/RyyyiCCZANGvGpmLsDnsdX5JPdU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:3b:32:b5:53:58:d0:5f:91:b3:76:fc:20:1c:9a:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=472cb288209900d1af1a998bb039ec757e493dd5
Validity
Not Before: Mar 25 23:01:24 2026 GMT
Not After : Mar 26 23:01:24 2026 GMT
Subject: CN=9490f9d86d95da468f9de87b095b979e43e444e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f5:17:6f:ff:e3:01:f1:80:ec:92:cb:c6:3c:
db:97:f1:14:10:e9:93:80:33:75:6b:5f:00:b1:e6:
9b:8a:4d:51:6b:65:39:6e:04:b4:d3:66:90:9e:45:
09:a4:57:ba:48:62:a8:ac:05:2f:9a:f4:e8:d1:e1:
34:4a:50:18:ca:0a:e2:90:3d:80:8f:81:96:de:f2:
2c:63:2b:e1:a3:db:9e:3b:1a:44:3b:c8:8b:3b:b4:
82:59:a6:bf:6a:98:aa:fc:fc:6e:f3:09:de:65:81:
45:d7:c4:ab:e2:9e:f8:0d:ac:7b:13:4c:46:5e:49:
7d:56:96:c2:f6:d1:98:d0:ab:12:c8:54:1b:ac:41:
f0:d5:1c:b2:04:53:c2:0f:43:56:c5:27:69:ae:66:
1d:d1:77:22:53:8c:b1:8b:d2:ea:9c:a6:6e:5f:47:
7e:df:51:22:38:5e:aa:74:60:a7:90:d7:3f:d9:2f:
0c:ff:56:f7:cf:c8:6f:55:b1:76:a8:9b:11:09:a8:
5d:da:f3:af:b2:68:b5:f0:7c:40:33:5f:8d:d3:fb:
bf:38:26:16:6a:92:89:c5:34:a4:d0:43:23:80:04:
65:fe:2b:78:ca:51:65:f7:f5:54:22:29:0a:aa:25:
c4:e4:05:3e:d0:5b:4e:93:64:4a:4c:2e:cc:a0:95:
a7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:90:F9:D8:6D:95:DA:46:8F:9D:E8:7B:09:5B:97:9E:43:E4:44:E8
X509v3 Authority Key Identifier:
keyid:47:2C:B2:88:20:99:00:D1:AF:1A:99:8B:B0:39:EC:75:7E:49:3D:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyyyiCCZANGvGpmLsDnsdX5JPdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:d3:ed:dd:94:df:d6:e4:ee:47:0e:38:1b:67:67:56:87:80:
d9:d5:26:34:16:b6:64:eb:a9:be:d9:1d:c9:47:98:bf:5a:83:
b3:05:a4:a2:23:e9:50:98:da:be:99:33:ba:f0:1b:8d:5c:23:
94:0a:67:e6:ad:b8:fa:01:fd:39:4c:99:b9:f0:87:d3:a5:9d:
ba:eb:cb:fc:39:93:6e:99:62:2b:ab:34:09:bd:de:36:7f:3c:
79:bb:5f:dc:78:e4:4b:8d:0d:3f:2e:76:e9:9a:fa:9d:b4:ad:
1e:a3:d8:a4:f2:78:81:e4:0f:32:b2:a0:b5:93:e6:a4:ff:75:
79:92:22:41:29:92:d0:8a:d1:df:27:c5:03:ad:58:3a:ca:44:
4a:70:7f:b2:46:b5:5e:ec:aa:d5:a1:44:da:7e:d8:5c:21:93:
7b:fc:2e:84:17:08:23:9c:d7:68:da:dc:f5:72:e5:ad:84:e9:
db:d5:0a:a2:1d:5d:12:96:5f:dd:1d:28:0d:34:ab:e0:67:2c:
39:dd:96:57:39:0a:1d:c6:d9:ac:a5:ef:4d:63:52:8b:0a:74:
45:6f:85:82:f4:9a:78:ba:2d:c7:de:93:01:39:f5:ff:25:fd:
a5:13:c7:26:6f:5d:9e:5b:41:7d:b1:3f:0c:f5:2b:76:1b:e8:
88:c5:dd:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOzK1U1jQX5GzdvwgHJrZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MmNiMjg4MjA5OTAwZDFhZjFhOTk4YmIwMzllYzc1N2U0
OTNkZDUwHhcNMjYwMzI1MjMwMTI0WhcNMjYwMzI2MjMwMTI0WjAzMTEwLwYDVQQD
Eyg5NDkwZjlkODZkOTVkYTQ2OGY5ZGU4N2IwOTViOTc5ZTQzZTQ0NGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPUXb//jAfGA7JLLxjzbl/EUEOmT
gDN1a18Aseabik1Ra2U5bgS002aQnkUJpFe6SGKorAUvmvTo0eE0SlAYygrikD2A
j4GW3vIsYyvho9ueOxpEO8iLO7SCWaa/apiq/Pxu8wneZYFF18Sr4p74Dax7E0xG
Xkl9VpbC9tGY0KsSyFQbrEHw1RyyBFPCD0NWxSdprmYd0XciU4yxi9LqnKZuX0d+
31EiOF6qdGCnkNc/2S8M/1b3z8hvVbF2qJsRCahd2vOvsmi18HxAM1+N0/u/OCYW
apKJxTSk0EMjgARl/it4ylFl9/VUIikKqiXE5AU+0FtOk2RKTC7MoJWnrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJSQ+dhtldpGj53oewlbl55D5EToMB8GA1UdIwQY
MBaAFEcssoggmQDRrxqZi7A57HV+ST3VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnl5eWlDQ1pBTkd2R3BtTHNEbnNkWDVKUGRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9mOWI2YjktYjc4Ny00ZTI4LWIwYmYt
YWE5MDJkYmFlOTI4LzEvUnl5eWlDQ1pBTkd2R3BtTHNEbnNkWDVKUGRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9mOWI2YjktYjc4Ny00ZTI4LWIwYmYtYWE5MDJkYmFlOTI4
LzEvUnl5eWlDQ1pBTkd2R3BtTHNEbnNkWDVKUGRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJNPt3ZTf
1uTuRw44G2dnVoeA2dUmNBa2ZOupvtkdyUeYv1qDswWkoiPpUJjavpkzuvAbjVwj
lApn5q24+gH9OUyZufCH06WduuvL/DmTbpliK6s0Cb3eNn88ebtf3HjkS40NPy52
6Zr6nbStHqPYpPJ4geQPMrKgtZPmpP91eZIiQSmS0IrR3yfFA61YOspESnB/ska1
Xuyq1aFE2n7YXCGTe/wuhBcII5zXaNrc9XLlrYTp29UKoh1dEpZf3R0oDTSr4Gcs
Od2WVzkKHcbZrKXvTWNSiwp0RW+FgvSaeLotx96TATn1/yX9pRPHJm9dnltBfbE/
DPUrdhvoiMXdtw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:20:02 2026 by rpki-client