Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/b8c13d-e7d3-4aa9-a911-ed64805977f0/1/ypQrJwZ2HCunUyiXg-35heM48Xc.mft
File: ypQrJwZ2HCunUyiXg-35heM48Xc.mft (raw, json)
Hash identifier: zIPQcM5yICSB6W8FTg8oNZTZmWIqfXZVM6tlxIVxxaA=
Subject key identifier: 2C:D9:20:CC:23:C6:54:FC:DF:FE:5E:BD:97:29:D5:E2:EB:59:71:99
Authority key identifier: CA:94:2B:27:06:76:1C:2B:A7:53:28:97:83:ED:F9:85:E3:38:F1:77
Certificate issuer: /CN=ca942b2706761c2ba753289783edf985e338f177
Certificate serial: 0199FEEBB4B23F948C4379BC47D84388E0C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypQrJwZ2HCunUyiXg-35heM48Xc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/b8c13d-e7d3-4aa9-a911-ed64805977f0/1/ypQrJwZ2HCunUyiXg-35heM48Xc.mft
Manifest number: 0C71
Signing time: Mon 20 Oct 2025 00:01:23 +0000
Manifest this update: Mon 20 Oct 2025 00:01:23 +0000
Manifest next update: Tue 21 Oct 2025 00:01:23 +0000
Files and hashes: 1: eiXFhQbxCQpcEPNruQeHmSAD-Z0.roa (hash: MfMam3uqTveTnOv++uzEyTkwTSJ0lTcdAkWlcL+odNo=)
2: ypQrJwZ2HCunUyiXg-35heM48Xc.crl (hash: 2BQQyU/39tsnIAZTQTeffLb/nnKWusGnJcsJjflDYQg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/b8c13d-e7d3-4aa9-a911-ed64805977f0/1/ypQrJwZ2HCunUyiXg-35heM48Xc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/b8c13d-e7d3-4aa9-a911-ed64805977f0/1/ypQrJwZ2HCunUyiXg-35heM48Xc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ypQrJwZ2HCunUyiXg-35heM48Xc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:eb:b4:b2:3f:94:8c:43:79:bc:47:d8:43:88:e0:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca942b2706761c2ba753289783edf985e338f177
Validity
Not Before: Oct 20 00:01:23 2025 GMT
Not After : Oct 21 00:01:23 2025 GMT
Subject: CN=2cd920cc23c654fcdffe5ebd9729d5e2eb597199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0b:c3:a9:97:64:85:89:8f:8d:d8:73:08:fb:
39:36:ed:b9:8f:1c:8c:eb:7b:52:95:c6:81:2e:80:
00:0a:db:d0:d1:52:26:b9:19:4c:66:d1:c3:96:d8:
a1:bc:94:64:52:c7:92:9f:0b:1a:40:9a:6e:5c:4f:
33:46:37:d5:07:c8:71:69:eb:fc:89:f2:25:23:df:
e3:52:d0:a3:97:1e:52:ec:f7:3b:b7:2d:0f:eb:ca:
fb:7b:6f:9e:af:b1:b3:35:10:1e:00:46:7b:4d:2b:
cb:e5:1c:88:03:a7:20:de:20:ac:90:cf:be:28:22:
4a:85:f8:60:17:99:f0:85:f8:a2:40:de:41:ca:ee:
0a:73:88:3d:38:39:75:0b:cb:f0:ce:5f:7b:f9:c3:
c6:29:3f:72:b1:02:fb:30:f2:95:cb:01:c2:b3:dd:
b2:75:0b:cd:c3:7e:e8:54:5a:b7:b3:a6:26:b3:c1:
83:2f:1e:66:ee:41:40:ad:c5:30:ac:15:83:11:e3:
87:a3:d0:75:3e:77:f6:8e:ef:fa:89:5b:13:e7:8c:
f7:b4:b4:f3:e3:b9:95:fe:e3:3b:30:b5:e1:53:c3:
ac:b7:62:f0:99:98:6b:2f:d8:3c:a1:8c:e2:2f:68:
05:69:54:ee:b0:cc:bf:86:a4:a0:25:6b:3b:51:46:
16:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:D9:20:CC:23:C6:54:FC:DF:FE:5E:BD:97:29:D5:E2:EB:59:71:99
X509v3 Authority Key Identifier:
keyid:CA:94:2B:27:06:76:1C:2B:A7:53:28:97:83:ED:F9:85:E3:38:F1:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypQrJwZ2HCunUyiXg-35heM48Xc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b8c13d-e7d3-4aa9-a911-ed64805977f0/1/ypQrJwZ2HCunUyiXg-35heM48Xc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b8c13d-e7d3-4aa9-a911-ed64805977f0/1/ypQrJwZ2HCunUyiXg-35heM48Xc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:aa:ce:fe:ca:23:cc:59:4b:0f:a4:bf:2c:0a:7a:94:b9:97:
02:6b:c9:cb:b0:de:fe:81:f6:ff:45:29:32:6c:70:0e:98:38:
3e:df:f8:1e:05:e4:b9:a0:ad:17:8e:da:46:b4:ec:d3:26:73:
54:9f:91:e3:e1:b7:53:21:73:75:4e:cf:91:34:54:c3:ac:d8:
f0:2f:4e:ad:32:7d:10:ea:99:2e:0e:22:a5:c7:77:0c:15:81:
47:45:b5:8c:ec:bc:97:82:a3:0f:15:e9:6f:07:b7:6e:28:47:
d3:91:6c:8d:51:1d:dc:3d:88:e7:db:d9:bc:4e:2b:c7:31:7e:
24:82:34:b1:f7:8d:51:6d:01:80:3d:4b:40:bd:dd:72:1e:75:
02:bc:3a:58:41:05:05:5b:de:23:27:09:b9:a6:dc:b9:29:da:
8f:20:cb:b1:8a:fe:9c:c8:47:f4:2b:12:7b:99:b3:dc:b6:a7:
6d:82:2d:ee:91:45:38:e9:f9:9d:cb:52:3a:7f:57:9f:71:4f:
61:dc:7b:00:8a:fc:c6:8b:63:2a:a9:25:56:f5:8f:00:64:8d:
13:1a:ba:69:6a:6c:2d:5b:26:35:ea:7a:be:27:b9:ee:e3:af:
6f:a7:3b:bd:3c:e6:a0:01:3e:3b:ad:ed:22:58:78:f4:e0:3d:
5b:57:f5:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+67SyP5SMQ3m8R9hDiODHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTQyYjI3MDY3NjFjMmJhNzUzMjg5NzgzZWRmOTg1ZTMz
OGYxNzcwHhcNMjUxMDIwMDAwMTIzWhcNMjUxMDIxMDAwMTIzWjAzMTEwLwYDVQQD
EygyY2Q5MjBjYzIzYzY1NGZjZGZmZTVlYmQ5NzI5ZDVlMmViNTk3MTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwvDqZdkhYmPjdhzCPs5Nu25jxyM
63tSlcaBLoAACtvQ0VImuRlMZtHDltihvJRkUseSnwsaQJpuXE8zRjfVB8hxaev8
ifIlI9/jUtCjlx5S7Pc7ty0P68r7e2+er7GzNRAeAEZ7TSvL5RyIA6cg3iCskM++
KCJKhfhgF5nwhfiiQN5Byu4Kc4g9ODl1C8vwzl97+cPGKT9ysQL7MPKVywHCs92y
dQvNw37oVFq3s6Yms8GDLx5m7kFArcUwrBWDEeOHo9B1Pnf2ju/6iVsT54z3tLTz
47mV/uM7MLXhU8Ost2LwmZhrL9g8oYziL2gFaVTusMy/hqSgJWs7UUYWWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCzZIMwjxlT83/5evZcp1eLrWXGZMB8GA1UdIwQY
MBaAFMqUKycGdhwrp1Mol4Pt+YXjOPF3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBRckp3WjJIQ3VuVXlpWGctMzVoZU00OFhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9iOGMxM2QtZTdkMy00YWE5LWE5MTEt
ZWQ2NDgwNTk3N2YwLzEveXBRckp3WjJIQ3VuVXlpWGctMzVoZU00OFhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9iOGMxM2QtZTdkMy00YWE5LWE5MTEtZWQ2NDgwNTk3N2Yw
LzEveXBRckp3WjJIQ3VuVXlpWGctMzVoZU00OFhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiarO/soj
zFlLD6S/LAp6lLmXAmvJy7De/oH2/0UpMmxwDpg4Pt/4HgXkuaCtF47aRrTs0yZz
VJ+R4+G3UyFzdU7PkTRUw6zY8C9OrTJ9EOqZLg4ipcd3DBWBR0W1jOy8l4KjDxXp
bwe3bihH05FsjVEd3D2I59vZvE4rxzF+JII0sfeNUW0BgD1LQL3dch51Arw6WEEF
BVveIycJuabcuSnajyDLsYr+nMhH9CsSe5mz3LanbYIt7pFFOOn5nctSOn9Xn3FP
Ydx7AIr8xotjKqklVvWPAGSNExq6aWpsLVsmNep6vie57uOvb6c7vTzmoAE+O63t
Ilh49OA9W1f1/w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:24:08 2025 by rpki-client