Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
File: y78j_5hnaDYlSUYv4JLGMV6sykA.mft (raw, json)
Hash identifier: chmTtxKPr0k830Hxmz3PHzQrcaEmlKHQgvF2VcjEB+I=
Subject key identifier: EA:D1:02:BD:57:01:9E:4E:BF:DA:B4:E8:2F:B6:4D:F6:22:08:1A:70
Authority key identifier: CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40
Certificate issuer: /CN=cbbf23ff986768362549462fe092c6315eacca40
Certificate serial: 0199FB7CE479ACA01134D58280890E47DC16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
Manifest number: 16E1
Signing time: Sun 19 Oct 2025 08:01:30 +0000
Manifest this update: Sun 19 Oct 2025 08:01:30 +0000
Manifest next update: Mon 20 Oct 2025 08:01:30 +0000
Files and hashes: 1: a0gi81K4PU-mZZPSh82aNeLjsVI.roa (hash: Id1bqvDurbpWKdNvf29qBzclAu3m5HKcR5Kg3lRHGKE=)
2: y78j_5hnaDYlSUYv4JLGMV6sykA.crl (hash: i8qTh1q5nMslKmVyBkE2VmMcE8sDbrfe4RplYRRcAI0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:7c:e4:79:ac:a0:11:34:d5:82:80:89:0e:47:dc:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbbf23ff986768362549462fe092c6315eacca40
Validity
Not Before: Oct 19 08:01:30 2025 GMT
Not After : Oct 20 08:01:30 2025 GMT
Subject: CN=ead102bd57019e4ebfdab4e82fb64df622081a70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3a:fc:14:5e:c6:25:b5:1c:f9:65:cc:34:1e:
6f:d3:f7:db:e7:9d:a9:27:23:f3:74:e4:0b:88:d1:
9a:48:6d:c5:67:00:f6:ce:18:61:92:3a:15:af:55:
98:be:95:ac:15:7c:69:d8:2f:43:3d:59:d5:11:01:
0e:c9:7c:6b:91:61:0f:6b:f3:13:71:36:49:b8:73:
4f:17:46:83:ed:0f:a7:40:cd:66:cd:d6:a0:bf:41:
71:51:6a:98:4d:6e:14:52:e1:0d:21:0e:9a:c0:38:
01:a5:a1:b4:6b:a3:92:7c:a9:b0:37:78:71:ea:3e:
a8:94:34:d6:3e:45:2d:a1:68:31:1e:74:59:d8:b6:
5e:1c:f0:bc:c6:0b:74:7f:8a:71:5e:f6:ff:a3:c1:
62:04:52:70:fc:c2:ab:29:aa:de:cd:07:8c:5b:fd:
8a:a0:b4:46:64:18:13:30:18:0c:f2:35:99:0b:98:
ec:1b:44:4e:51:61:44:c0:90:82:37:3d:30:d8:09:
9a:5c:9a:4a:6f:5d:95:9c:8b:fa:05:96:90:c4:32:
a5:07:34:40:1b:c1:20:d7:2e:c1:b3:2f:be:11:61:
da:c7:6e:0b:5d:14:b6:69:54:72:2a:3c:e1:72:fc:
3f:b4:da:2d:3c:04:9a:71:e2:b9:5a:ec:46:e6:4d:
9c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:D1:02:BD:57:01:9E:4E:BF:DA:B4:E8:2F:B6:4D:F6:22:08:1A:70
X509v3 Authority Key Identifier:
keyid:CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:f8:09:ce:04:84:b9:15:9c:83:40:91:b4:7f:f5:ad:ec:36:
34:b3:c3:7b:66:57:a3:9f:f9:f1:e6:a4:39:4a:54:15:1e:8a:
4e:7e:93:73:4f:3a:14:4a:24:71:fe:71:c4:78:66:03:04:b4:
9c:30:b4:29:88:10:49:64:ac:87:6d:0d:29:fe:33:80:de:03:
51:20:a5:67:65:a4:c2:c2:28:fc:64:9d:e8:a3:7f:a9:5d:90:
50:ad:e4:48:fc:1c:07:45:85:8a:21:4e:f9:e9:93:c4:a7:85:
e5:1e:f2:81:45:0b:8a:7d:c8:69:a1:04:18:55:f7:c7:02:da:
1a:68:a1:9c:b1:b3:db:55:db:01:38:bf:74:3d:c7:6a:1e:64:
6b:56:cd:03:06:92:25:63:cc:68:d8:7e:52:0c:60:02:24:88:
db:5f:e4:e6:28:ea:bc:72:06:f2:96:9c:02:0b:b8:eb:cf:bb:
35:db:82:f4:8b:b1:9e:b9:e0:31:79:05:0d:e4:83:f8:01:9f:
2f:7c:2f:47:52:3f:6e:31:d4:cf:f2:49:d5:d4:2f:c6:6f:c6:
1c:c7:70:aa:34:23:2b:14:76:65:1e:a3:99:fb:7c:ab:7b:cc:
5a:ce:f2:76:8c:be:e5:2d:b6:fa:04:da:17:50:bc:08:6f:14:
e1:96:f2:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fOR5rKARNNWCgIkOR9wWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYmYyM2ZmOTg2NzY4MzYyNTQ5NDYyZmUwOTJjNjMxNWVh
Y2NhNDAwHhcNMjUxMDE5MDgwMTMwWhcNMjUxMDIwMDgwMTMwWjAzMTEwLwYDVQQD
EyhlYWQxMDJiZDU3MDE5ZTRlYmZkYWI0ZTgyZmI2NGRmNjIyMDgxYTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTr8FF7GJbUc+WXMNB5v0/fb552p
JyPzdOQLiNGaSG3FZwD2zhhhkjoVr1WYvpWsFXxp2C9DPVnVEQEOyXxrkWEPa/MT
cTZJuHNPF0aD7Q+nQM1mzdagv0FxUWqYTW4UUuENIQ6awDgBpaG0a6OSfKmwN3hx
6j6olDTWPkUtoWgxHnRZ2LZeHPC8xgt0f4pxXvb/o8FiBFJw/MKrKarezQeMW/2K
oLRGZBgTMBgM8jWZC5jsG0ROUWFEwJCCNz0w2AmaXJpKb12VnIv6BZaQxDKlBzRA
G8Eg1y7Bsy++EWHax24LXRS2aVRyKjzhcvw/tNotPASaceK5WuxG5k2cMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOrRAr1XAZ5Ov9q06C+2TfYiCBpwMB8GA1UdIwQY
MBaAFMu/I/+YZ2g2JUlGL+CSxjFerMpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjct
ODU0MTgyZjA5ZWY1LzEveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjctODU0MTgyZjA5ZWY1
LzEveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL/gJzgSE
uRWcg0CRtH/1rew2NLPDe2ZXo5/58eakOUpUFR6KTn6Tc086FEokcf5xxHhmAwS0
nDC0KYgQSWSsh20NKf4zgN4DUSClZ2WkwsIo/GSd6KN/qV2QUK3kSPwcB0WFiiFO
+emTxKeF5R7ygUULin3IaaEEGFX3xwLaGmihnLGz21XbATi/dD3Hah5ka1bNAwaS
JWPMaNh+UgxgAiSI21/k5ijqvHIG8pacAgu468+7NduC9IuxnrngMXkFDeSD+AGf
L3wvR1I/bjHUz/JJ1dQvxm/GHMdwqjQjKxR2ZR6jmft8q3vMWs7ydoy+5S22+gTa
F1C8CG8U4Zbyug==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:11:04 2025 by rpki-client