Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.mft
File: YcXtDe2GJbMrZTMgcinyxGclmEg.mft (raw, json)
Hash identifier: LtuVqy8TP9q63atuiBhdGiwoIDr2IgiydLXfbJXXsv0=
Subject key identifier: 2F:A1:53:78:33:DE:29:D9:46:6E:72:75:60:53:45:D7:24:76:20:29
Authority key identifier: 61:C5:ED:0D:ED:86:25:B3:2B:65:33:20:72:29:F2:C4:67:25:98:48
Certificate issuer: /CN=61c5ed0ded8625b32b6533207229f2c467259848
Certificate serial: 019D25BA4313D0C2881647EB29BFE51D68E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcXtDe2GJbMrZTMgcinyxGclmEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.mft
Manifest number: 1886
Signing time: Wed 25 Mar 2026 16:00:56 +0000
Manifest this update: Wed 25 Mar 2026 16:00:56 +0000
Manifest next update: Thu 26 Mar 2026 16:00:56 +0000
Files and hashes: 1: QdSCp7V6SXB6kY3MDm-0dxcIQJY.roa (hash: j90AwqYuVEioYPkOABNDsET8wy4V7UafpGuH2RPQHeg=)
2: YcXtDe2GJbMrZTMgcinyxGclmEg.crl (hash: obBgxGoM/V1zOphFjQY5yO06BbV/PUger0ukg1/xpfQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/YcXtDe2GJbMrZTMgcinyxGclmEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:ba:43:13:d0:c2:88:16:47:eb:29:bf:e5:1d:68:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61c5ed0ded8625b32b6533207229f2c467259848
Validity
Not Before: Mar 25 16:00:56 2026 GMT
Not After : Mar 26 16:00:56 2026 GMT
Subject: CN=2fa1537833de29d9466e7275605345d724762029
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:19:a8:ac:3b:a4:59:a0:cc:00:81:68:49:19:
9b:8b:ca:fe:18:fb:57:ea:44:82:43:38:71:9c:90:
49:58:73:ce:ad:b6:41:7b:b7:5b:60:ac:7b:11:f2:
a2:a1:a0:1d:f9:f5:73:3a:fa:37:42:fb:64:e5:d9:
f4:c7:ba:f3:48:ef:b9:e5:be:4f:18:4c:71:35:ee:
ab:ee:53:4e:07:d4:8b:52:2f:f7:11:0f:4b:5c:63:
ce:31:d3:9a:d6:1c:a7:c9:66:f0:b6:ae:3b:1a:4e:
03:4e:0a:0c:a9:9b:fd:63:52:be:5a:79:c5:6b:be:
9b:3d:62:00:e0:0b:a0:9d:2e:e7:98:7a:59:61:36:
be:fb:34:db:d0:a5:83:a5:9d:7c:07:65:f6:30:27:
5c:e1:e1:49:81:f5:55:45:5f:7d:5c:a3:ed:88:b9:
74:b5:16:83:12:06:ed:46:7e:27:da:d0:e8:73:79:
6d:99:70:7f:59:b2:2a:df:7e:52:86:82:03:cf:8b:
be:66:98:c7:b6:a4:89:61:54:f0:3f:13:77:04:e2:
d4:31:43:f4:d6:7f:58:d1:53:80:aa:0b:00:1d:25:
f5:96:3a:f4:4e:93:1c:b0:00:10:db:6c:b7:c4:af:
51:f4:d9:8d:ed:75:8f:57:9a:90:74:a0:b2:ab:20:
a4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A1:53:78:33:DE:29:D9:46:6E:72:75:60:53:45:D7:24:76:20:29
X509v3 Authority Key Identifier:
keyid:61:C5:ED:0D:ED:86:25:B3:2B:65:33:20:72:29:F2:C4:67:25:98:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcXtDe2GJbMrZTMgcinyxGclmEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:87:5d:bd:24:55:e8:4a:64:9a:02:29:f1:f7:76:05:ed:38:
9c:9b:3c:4f:6b:cc:fc:96:9c:5f:ed:7a:a2:66:78:3d:cd:bb:
ac:0c:be:d4:d0:fe:68:3d:b2:52:fd:3c:fb:f5:5c:e5:42:0c:
19:a7:90:87:99:14:23:8c:8d:27:5f:61:95:11:07:e6:f5:56:
25:27:02:1a:d3:f1:33:c9:d9:2c:67:64:6b:6a:e7:e1:5e:8b:
fb:55:eb:a7:7a:8b:8d:33:79:9a:70:6a:77:8f:57:52:37:76:
50:89:84:8d:d9:fc:a0:f7:06:82:c9:a2:8e:1a:51:09:9c:0f:
4d:f4:7b:0e:85:2d:4c:76:f3:e3:bb:3e:5d:50:72:7e:4a:30:
75:db:0a:c4:d0:36:36:52:ec:ba:48:fa:cf:10:0b:f7:5a:02:
ab:c6:06:90:da:70:05:91:d0:1e:e4:3b:ff:e1:43:68:e1:7c:
42:a0:4c:77:73:9d:35:4b:b7:4d:2e:54:1a:58:21:9f:c0:0a:
f6:05:ed:00:47:41:e4:ef:bd:1d:c5:59:45:82:1c:18:d4:37:
a6:cb:d8:ea:ee:e6:2e:85:81:f9:8f:a5:6d:43:5c:6c:f9:64:
cb:e3:71:94:ab:f8:d6:da:10:41:68:63:e0:52:94:ce:f0:30:
3c:9e:d0:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lukMT0MKIFkfrKb/lHWjkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzVlZDBkZWQ4NjI1YjMyYjY1MzMyMDcyMjlmMmM0Njcy
NTk4NDgwHhcNMjYwMzI1MTYwMDU2WhcNMjYwMzI2MTYwMDU2WjAzMTEwLwYDVQQD
EygyZmExNTM3ODMzZGUyOWQ5NDY2ZTcyNzU2MDUzNDVkNzI0NzYyMDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBmorDukWaDMAIFoSRmbi8r+GPtX
6kSCQzhxnJBJWHPOrbZBe7dbYKx7EfKioaAd+fVzOvo3Qvtk5dn0x7rzSO+55b5P
GExxNe6r7lNOB9SLUi/3EQ9LXGPOMdOa1hynyWbwtq47Gk4DTgoMqZv9Y1K+WnnF
a76bPWIA4AugnS7nmHpZYTa++zTb0KWDpZ18B2X2MCdc4eFJgfVVRV99XKPtiLl0
tRaDEgbtRn4n2tDoc3ltmXB/WbIq335ShoIDz4u+ZpjHtqSJYVTwPxN3BOLUMUP0
1n9Y0VOAqgsAHSX1ljr0TpMcsAAQ22y3xK9R9NmN7XWPV5qQdKCyqyCkBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC+hU3gz3inZRm5ydWBTRdckdiApMB8GA1UdIwQY
MBaAFGHF7Q3thiWzK2UzIHIp8sRnJZhIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNYdERlMkdKYk1yWlRNZ2Npbnl4R2NsbUVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82MDYyYWYtNTNiYy00MzVkLWI1ZmIt
YTExODQ5ODMyNWY3LzEvWWNYdERlMkdKYk1yWlRNZ2Npbnl4R2NsbUVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82MDYyYWYtNTNiYy00MzVkLWI1ZmItYTExODQ5ODMyNWY3
LzEvWWNYdERlMkdKYk1yWlRNZ2Npbnl4R2NsbUVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZIddvSRV
6EpkmgIp8fd2Be04nJs8T2vM/JacX+16omZ4Pc27rAy+1ND+aD2yUv08+/Vc5UIM
GaeQh5kUI4yNJ19hlREH5vVWJScCGtPxM8nZLGdka2rn4V6L+1Xrp3qLjTN5mnBq
d49XUjd2UImEjdn8oPcGgsmijhpRCZwPTfR7DoUtTHbz47s+XVByfkowddsKxNA2
NlLsukj6zxAL91oCq8YGkNpwBZHQHuQ7/+FDaOF8QqBMd3OdNUu3TS5UGlghn8AK
9gXtAEdB5O+9HcVZRYIcGNQ3psvY6u7mLoWB+Y+lbUNcbPlky+NxlKv41toQQWhj
4FKUzvAwPJ7Q5Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:15:19 2026 by rpki-client