Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
File: YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft (raw, json)
Hash identifier: 9B1Qv/iOGvCH+guzf7W5+t9kGNkmPVnjQdvS1MbqHK0=
Subject key identifier: F3:C3:21:27:67:AC:97:E2:A6:99:8B:D3:66:6C:83:F4:82:9D:68:3D
Authority key identifier: 61:17:D6:15:80:43:15:0B:0A:D2:24:A0:64:8D:F0:18:57:06:01:9C
Certificate issuer: /CN=6117d6158043150b0ad224a0648df0185706019c
Certificate serial: 019A01B6010439CD719E84FC84DC563C42E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YRfWFYBDFQsK0iSgZI3wGFcGAZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
Manifest number: 1173
Signing time: Mon 20 Oct 2025 13:01:36 +0000
Manifest this update: Mon 20 Oct 2025 13:01:36 +0000
Manifest next update: Tue 21 Oct 2025 13:01:36 +0000
Files and hashes: 1: YRfWFYBDFQsK0iSgZI3wGFcGAZw.crl (hash: UkEHcMVyLgtKjugKN0PE8JRPQFSkHj3m4BMn9khVZck=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
rsync://rpki.ripe.net/repository/DEFAULT/YRfWFYBDFQsK0iSgZI3wGFcGAZw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:b6:01:04:39:cd:71:9e:84:fc:84:dc:56:3c:42:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6117d6158043150b0ad224a0648df0185706019c
Validity
Not Before: Oct 20 13:01:36 2025 GMT
Not After : Oct 21 13:01:36 2025 GMT
Subject: CN=f3c3212767ac97e2a6998bd3666c83f4829d683d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1b:3c:ac:b1:b9:c3:66:b1:f7:63:74:85:4d:
25:5f:32:d7:63:75:5c:99:4e:e0:b3:aa:30:3e:6c:
84:3a:dd:db:ed:df:61:b6:8b:5a:d6:a1:b6:3f:0c:
f8:2f:0c:bc:f1:e8:44:bb:4d:9e:6f:4e:2f:36:99:
0d:a3:78:b0:aa:40:3f:c0:23:b4:7e:ab:4a:09:f9:
13:12:35:aa:d3:75:56:3c:1b:d3:c0:63:8a:7c:04:
d1:a8:34:c1:4e:81:c9:dc:2b:54:1c:b5:e0:91:c4:
e3:e6:33:ac:7a:2a:3e:f6:1c:9c:a2:c8:7d:db:10:
2d:a2:10:54:4e:89:98:85:03:ab:e7:50:57:0e:d5:
60:ec:a3:19:f5:d2:49:4e:aa:1f:81:87:cc:4c:f0:
bf:42:fc:7b:14:c4:e3:94:c2:45:c8:ec:a7:fc:c0:
19:f3:73:dc:01:32:e6:ad:64:c7:06:d7:38:8e:db:
fe:65:3a:f1:5a:ef:07:61:7d:1c:b9:6a:06:6e:94:
17:95:ad:06:99:1e:3a:c7:c3:ad:1a:49:2e:3a:3a:
0f:bb:38:76:89:d3:a8:2c:20:c3:6f:35:71:ff:6a:
37:bf:ed:55:2a:47:60:17:0e:60:c0:18:db:1f:b0:
4d:c5:64:a1:10:66:33:25:2b:77:9f:5d:37:ae:f9:
87:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:C3:21:27:67:AC:97:E2:A6:99:8B:D3:66:6C:83:F4:82:9D:68:3D
X509v3 Authority Key Identifier:
keyid:61:17:D6:15:80:43:15:0B:0A:D2:24:A0:64:8D:F0:18:57:06:01:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YRfWFYBDFQsK0iSgZI3wGFcGAZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:82:cd:b5:13:fe:a4:75:30:8a:9d:25:48:ab:17:f9:1b:ce:
b9:01:99:b4:ad:4e:49:94:78:bd:a8:68:18:bc:2a:0a:69:72:
2c:d2:2e:fc:04:21:4b:ce:c1:bb:46:26:cc:61:4a:c5:a8:fb:
a1:8c:e9:b1:b3:ae:1f:92:d1:4b:9b:a7:d3:9f:f3:a6:d1:9e:
c5:ff:d4:01:8c:87:18:4d:b5:7e:3c:8f:9f:b8:08:5f:68:ba:
55:2c:69:ff:3f:60:21:73:32:a3:e9:14:f4:2a:95:1d:92:bb:
d9:99:1b:28:a3:a4:9b:e1:34:2c:09:b7:bb:16:3b:6f:19:9f:
94:c8:7b:0a:fa:81:72:93:9f:d5:66:ce:3a:90:a8:52:a8:38:
48:03:5d:f3:cf:ce:3e:30:7d:b5:5a:c8:a5:17:16:81:a4:82:
ee:da:a8:c8:c6:9e:9e:d8:5f:04:6d:e1:05:dd:bd:9d:87:f5:
b1:00:ba:ff:a7:76:d8:1a:74:92:b5:03:27:f8:6c:7b:13:5d:
f4:72:e9:27:39:65:52:b5:67:ee:96:3f:17:93:58:ec:e8:15:
eb:db:4b:97:6e:7a:06:61:04:85:81:d5:47:16:42:9b:5b:56:
96:7e:41:9a:4e:5f:cd:12:5a:9d:8f:9d:80:55:40:9a:75:ca:
d6:77:42:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBtgEEOc1xnoT8hNxWPELgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMTdkNjE1ODA0MzE1MGIwYWQyMjRhMDY0OGRmMDE4NTcw
NjAxOWMwHhcNMjUxMDIwMTMwMTM2WhcNMjUxMDIxMTMwMTM2WjAzMTEwLwYDVQQD
EyhmM2MzMjEyNzY3YWM5N2UyYTY5OThiZDM2NjZjODNmNDgyOWQ2ODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRs8rLG5w2ax92N0hU0lXzLXY3Vc
mU7gs6owPmyEOt3b7d9htota1qG2Pwz4Lwy88ehEu02eb04vNpkNo3iwqkA/wCO0
fqtKCfkTEjWq03VWPBvTwGOKfATRqDTBToHJ3CtUHLXgkcTj5jOseio+9hycosh9
2xAtohBUTomYhQOr51BXDtVg7KMZ9dJJTqofgYfMTPC/Qvx7FMTjlMJFyOyn/MAZ
83PcATLmrWTHBtc4jtv+ZTrxWu8HYX0cuWoGbpQXla0GmR46x8OtGkkuOjoPuzh2
idOoLCDDbzVx/2o3v+1VKkdgFw5gwBjbH7BNxWShEGYzJSt3n103rvmHdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPPDISdnrJfippmL02Zsg/SCnWg9MB8GA1UdIwQY
MBaAFGEX1hWAQxULCtIkoGSN8BhXBgGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVJmV0ZZQkRGUXNLMGlTZ1pJM3dHRmNHQVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jOTY0MjYtNDgzYS00Y2JmLTlhYTMt
OTQ3MzU4MGJjODUwLzEvWVJmV0ZZQkRGUXNLMGlTZ1pJM3dHRmNHQVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9jOTY0MjYtNDgzYS00Y2JmLTlhYTMtOTQ3MzU4MGJjODUw
LzEvWVJmV0ZZQkRGUXNLMGlTZ1pJM3dHRmNHQVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaILNtRP+
pHUwip0lSKsX+RvOuQGZtK1OSZR4vahoGLwqCmlyLNIu/AQhS87Bu0YmzGFKxaj7
oYzpsbOuH5LRS5un05/zptGexf/UAYyHGE21fjyPn7gIX2i6VSxp/z9gIXMyo+kU
9CqVHZK72ZkbKKOkm+E0LAm3uxY7bxmflMh7CvqBcpOf1WbOOpCoUqg4SANd88/O
PjB9tVrIpRcWgaSC7tqoyMaenthfBG3hBd29nYf1sQC6/6d22Bp0krUDJ/hsexNd
9HLpJzllUrVn7pY/F5NY7OgV69tLl256BmEEhYHVRxZCm1tWln5Bmk5fzRJanY+d
gFVAmnXK1ndCkQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:34:29 2025 by rpki-client