Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
File: y78j_5hnaDYlSUYv4JLGMV6sykA.mft (raw, json)
Hash identifier: 3XkUYLvJPLRI4BOF/FyxoLPz66qycxmn+xN/g77rHIo=
Subject key identifier: 43:5E:9E:29:53:16:7E:FF:34:E8:17:27:46:18:C7:B5:74:20:21:13
Authority key identifier: CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40
Certificate issuer: /CN=cbbf23ff986768362549462fe092c6315eacca40
Certificate serial: 019D29CE0B90E1194CB3A89992B57D125A46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
Manifest number: 1887
Signing time: Thu 26 Mar 2026 11:01:02 +0000
Manifest this update: Thu 26 Mar 2026 11:01:02 +0000
Manifest next update: Fri 27 Mar 2026 11:01:02 +0000
Files and hashes: 1: 1-eZ3i0dxANHC7WiRV9EvIipS61A.roa (hash: Ak1nuU6x8cZ4QdQ6COojFaQA6BvDEXKIeiGaihwMfjI=)
2: y78j_5hnaDYlSUYv4JLGMV6sykA.crl (hash: I95yh8Jag0yTpVAxDaB4nTMdtHLNdUp/w70CPxeahm8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:ce:0b:90:e1:19:4c:b3:a8:99:92:b5:7d:12:5a:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbbf23ff986768362549462fe092c6315eacca40
Validity
Not Before: Mar 26 11:01:02 2026 GMT
Not After : Mar 27 11:01:02 2026 GMT
Subject: CN=435e9e2953167eff34e817274618c7b574202113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b1:3d:52:5d:93:22:7c:39:08:f4:44:ab:fb:
4c:e4:9e:9f:1a:0d:41:1c:58:c7:24:44:80:5e:89:
bb:ac:3d:1b:5f:12:96:93:64:61:61:ed:5e:5d:52:
87:8d:d6:7f:56:0a:1f:41:b0:b1:d9:ea:ce:f6:05:
26:01:de:4f:00:69:ee:0a:3e:96:9a:b4:96:5b:7c:
7d:23:a3:2a:14:0d:3b:44:ca:bd:92:33:01:fc:b4:
33:33:b6:c3:c0:48:87:82:8a:85:d3:bf:72:7c:c7:
fe:dd:24:ba:1d:f3:59:9a:92:a3:04:92:dd:f3:0f:
c9:f1:2c:ef:f0:47:4a:64:bb:4c:b4:3a:7f:a1:53:
7a:14:ec:3a:a2:ab:67:fb:42:10:4b:d3:e5:ca:ea:
d7:d1:f1:de:82:74:11:b0:bd:9d:81:b7:77:f1:e2:
8a:51:32:5c:75:7a:d4:73:7b:7b:21:0a:e0:ce:d9:
90:3a:5f:89:90:df:cf:16:b6:20:b3:bb:66:9f:26:
b7:d7:5b:0a:66:fa:81:19:d2:07:cb:8e:17:b4:33:
3d:f8:cd:10:8b:f6:77:05:96:e7:e7:22:ec:5b:1b:
35:7c:ed:3a:b1:47:c0:fd:5e:df:39:c6:e1:d4:cf:
d9:c0:4d:af:cf:42:2d:ab:29:50:df:38:a4:a3:22:
05:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:5E:9E:29:53:16:7E:FF:34:E8:17:27:46:18:C7:B5:74:20:21:13
X509v3 Authority Key Identifier:
keyid:CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:6e:24:28:f9:47:85:b1:5d:4f:04:d7:56:79:d2:30:26:75:
1b:b8:36:c5:33:f0:65:d1:84:b5:ab:46:36:0d:fb:5c:64:00:
9e:73:cd:86:03:35:12:2c:6c:c3:41:7d:01:33:eb:b6:e4:fd:
6b:4f:c1:73:fe:66:45:33:9a:17:24:27:91:39:66:90:9c:4f:
d4:af:10:fd:1e:3e:81:70:6f:33:ca:3c:c7:fd:a2:05:75:f6:
c4:9e:c4:88:01:8a:fc:b2:5d:8a:a3:a0:66:07:7c:49:7f:27:
39:54:01:6d:93:7f:72:b7:65:f2:f8:1d:ac:f2:ec:91:f8:c3:
6d:c6:45:46:a9:f3:29:41:4f:f6:ed:ab:d9:b6:b9:59:f0:37:
8d:f6:ee:af:58:12:17:a6:86:f9:33:5f:3f:40:5e:d1:4b:07:
d6:21:2a:c6:3f:29:d8:06:ea:4a:d3:1f:3f:fd:8d:bd:03:d8:
76:6d:d0:f9:ef:2c:a7:06:34:5a:19:27:a9:a2:2e:36:60:1a:
bc:1e:01:39:38:f5:b2:57:30:d9:fc:d4:86:63:48:2d:cc:e7:
05:23:d3:f4:c1:02:eb:43:4a:9c:c3:b9:d4:b0:2e:56:54:c5:
15:9e:ac:b9:f2:c8:31:9d:8d:03:18:e1:ac:d9:e0:7a:dc:7d:
9b:be:30:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzguQ4RlMs6iZkrV9ElpGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYmYyM2ZmOTg2NzY4MzYyNTQ5NDYyZmUwOTJjNjMxNWVh
Y2NhNDAwHhcNMjYwMzI2MTEwMTAyWhcNMjYwMzI3MTEwMTAyWjAzMTEwLwYDVQQD
Eyg0MzVlOWUyOTUzMTY3ZWZmMzRlODE3Mjc0NjE4YzdiNTc0MjAyMTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7E9Ul2TInw5CPREq/tM5J6fGg1B
HFjHJESAXom7rD0bXxKWk2RhYe1eXVKHjdZ/VgofQbCx2erO9gUmAd5PAGnuCj6W
mrSWW3x9I6MqFA07RMq9kjMB/LQzM7bDwEiHgoqF079yfMf+3SS6HfNZmpKjBJLd
8w/J8Szv8EdKZLtMtDp/oVN6FOw6oqtn+0IQS9PlyurX0fHegnQRsL2dgbd38eKK
UTJcdXrUc3t7IQrgztmQOl+JkN/PFrYgs7tmnya311sKZvqBGdIHy44XtDM9+M0Q
i/Z3BZbn5yLsWxs1fO06sUfA/V7fOcbh1M/ZwE2vz0ItqylQ3zikoyIF6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFENenilTFn7/NOgXJ0YYx7V0ICETMB8GA1UdIwQY
MBaAFMu/I/+YZ2g2JUlGL+CSxjFerMpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjct
ODU0MTgyZjA5ZWY1LzEveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjctODU0MTgyZjA5ZWY1
LzEveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARm4kKPlH
hbFdTwTXVnnSMCZ1G7g2xTPwZdGEtatGNg37XGQAnnPNhgM1Eixsw0F9ATPrtuT9
a0/Bc/5mRTOaFyQnkTlmkJxP1K8Q/R4+gXBvM8o8x/2iBXX2xJ7EiAGK/LJdiqOg
Zgd8SX8nOVQBbZN/crdl8vgdrPLskfjDbcZFRqnzKUFP9u2r2ba5WfA3jfbur1gS
F6aG+TNfP0Be0UsH1iEqxj8p2AbqStMfP/2NvQPYdm3Q+e8spwY0WhknqaIuNmAa
vB4BOTj1slcw2fzUhmNILcznBSPT9MEC60NKnMO51LAuVlTFFZ6sufLIMZ2NAxjh
rNngetx9m74wQA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:52:56 2026 by rpki-client