
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.mft
File: y5-GErfxR1ABa4SMQvYN82rYMtk.mft (raw, json)
Hash identifier: 1Vo/5ABIcpzVvxSbheSvrS2tVkWant9MzIRyEsBPEU4=
Subject key identifier: 3A:F9:34:86:2B:BC:F0:BF:32:01:6D:67:A8:9F:A4:CE:0A:36:49:AC
Authority key identifier: CB:9F:86:12:B7:F1:47:50:01:6B:84:8C:42:F6:0D:F3:6A:D8:32:D9
Certificate issuer: /CN=cb9f8612b7f14750016b848c42f60df36ad832d9
Certificate serial: 0199FBEAA948EEB5B33E8499D316E94A9C0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y5-GErfxR1ABa4SMQvYN82rYMtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.mft
Manifest number: 16E2
Signing time: Sun 19 Oct 2025 10:01:23 +0000
Manifest this update: Sun 19 Oct 2025 10:01:23 +0000
Manifest next update: Mon 20 Oct 2025 10:01:23 +0000
Files and hashes: 1: 35Hkh6WGB56LhQUZWJy4fWu8adc.roa (hash: N+zjw78vBIKP/bKJa3b5qGQ6N/RlG9tWFNOT+GZrtRA=)
2: y5-GErfxR1ABa4SMQvYN82rYMtk.crl (hash: rsJb6ZI5edfr906HFxPVKWk5wsa0ZHwdRuKK6X2G4tE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.mft
rsync://rpki.ripe.net/repository/DEFAULT/y5-GErfxR1ABa4SMQvYN82rYMtk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:ea:a9:48:ee:b5:b3:3e:84:99:d3:16:e9:4a:9c:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb9f8612b7f14750016b848c42f60df36ad832d9
Validity
Not Before: Oct 19 10:01:23 2025 GMT
Not After : Oct 20 10:01:23 2025 GMT
Subject: CN=3af934862bbcf0bf32016d67a89fa4ce0a3649ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3c:b1:99:62:f5:00:6b:59:5e:9c:db:84:93:
dc:22:71:3a:c8:65:2c:b9:ef:6f:3c:16:52:5b:fd:
86:5f:0a:5d:fc:e3:ed:1e:89:49:27:5e:25:79:95:
12:46:84:1f:2e:26:d3:7f:ef:32:0a:04:96:29:14:
3b:95:f1:67:2a:36:5b:bf:31:af:41:8b:0a:d9:25:
63:ad:88:4d:80:50:b9:8e:b7:b5:3d:3c:3c:68:76:
60:4a:26:3c:e2:5a:4d:66:65:86:fb:66:32:42:d8:
b7:45:d3:0b:9c:0d:dd:e1:6e:cd:a6:48:b8:4f:93:
12:92:c1:85:dd:f6:0d:2d:80:3e:d4:04:87:e1:f0:
17:13:67:6a:64:f3:e1:d3:30:a4:70:ae:13:c2:11:
23:c6:5a:f7:6c:51:85:8e:72:e3:dd:1d:43:46:15:
c8:88:3c:ed:7b:37:ae:7b:28:b4:34:d7:3f:54:8f:
cb:65:8e:4a:af:7f:8c:c5:36:79:47:f3:52:62:67:
bc:3c:8f:30:9f:16:8e:6a:66:4c:01:6a:5f:36:8c:
b6:af:6c:70:f0:1e:0b:57:f0:6f:64:fb:9a:aa:84:
c7:a7:a5:7d:8e:a9:7a:82:47:71:ae:12:8f:82:21:
4f:6a:dd:df:86:9e:76:52:3c:91:91:53:0c:2b:ab:
8a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F9:34:86:2B:BC:F0:BF:32:01:6D:67:A8:9F:A4:CE:0A:36:49:AC
X509v3 Authority Key Identifier:
keyid:CB:9F:86:12:B7:F1:47:50:01:6B:84:8C:42:F6:0D:F3:6A:D8:32:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5-GErfxR1ABa4SMQvYN82rYMtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:e4:3f:31:8a:d5:ec:84:04:84:60:f8:80:65:98:e7:ea:41:
9f:0e:5a:30:00:39:4b:29:7d:78:b9:a5:d3:3f:70:fe:13:14:
4b:9b:6d:3a:f7:7f:77:e0:9d:59:92:b8:93:14:6f:b1:d5:3f:
0b:e4:11:00:7d:da:99:82:bd:f2:ed:d3:dc:4b:b1:5f:92:0f:
40:e0:bc:60:29:97:f7:50:ae:78:9e:ab:cc:7e:6c:bc:2a:d6:
dd:56:11:ea:8f:fe:9c:e8:26:cd:a8:e5:4b:41:da:b1:94:2d:
c1:23:da:fa:db:85:c6:e8:d4:e6:73:47:b5:48:96:d1:97:04:
51:b4:44:aa:0d:9c:e5:de:54:11:0f:55:55:a3:94:19:36:9f:
24:54:f0:91:d5:f4:2f:2c:96:4a:02:81:ee:e0:23:07:76:1e:
31:e0:e4:07:cd:43:63:74:c2:47:82:5f:2a:ca:49:9d:3c:8b:
97:25:32:4d:49:b3:fd:0d:86:d0:ef:77:a0:76:ca:ef:1d:5c:
58:e3:bf:24:a6:bb:9c:57:e9:ea:7d:ef:2b:a6:8b:93:df:4f:
ae:7e:ff:49:e4:20:43:f5:1f:22:9b:73:e9:b9:99:42:8f:b6:
3b:78:d6:b4:72:97:66:89:25:08:3c:6a:6f:97:36:d9:56:43:
62:4a:48:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76qlI7rWzPoSZ0xbpSpwLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOWY4NjEyYjdmMTQ3NTAwMTZiODQ4YzQyZjYwZGYzNmFk
ODMyZDkwHhcNMjUxMDE5MTAwMTIzWhcNMjUxMDIwMTAwMTIzWjAzMTEwLwYDVQQD
EygzYWY5MzQ4NjJiYmNmMGJmMzIwMTZkNjdhODlmYTRjZTBhMzY0OWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzyxmWL1AGtZXpzbhJPcInE6yGUs
ue9vPBZSW/2GXwpd/OPtHolJJ14leZUSRoQfLibTf+8yCgSWKRQ7lfFnKjZbvzGv
QYsK2SVjrYhNgFC5jre1PTw8aHZgSiY84lpNZmWG+2YyQti3RdMLnA3d4W7Npki4
T5MSksGF3fYNLYA+1ASH4fAXE2dqZPPh0zCkcK4TwhEjxlr3bFGFjnLj3R1DRhXI
iDztezeueyi0NNc/VI/LZY5Kr3+MxTZ5R/NSYme8PI8wnxaOamZMAWpfNoy2r2xw
8B4LV/BvZPuaqoTHp6V9jql6gkdxrhKPgiFPat3fhp52UjyRkVMMK6uKKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDr5NIYrvPC/MgFtZ6ifpM4KNkmsMB8GA1UdIwQY
MBaAFMufhhK38UdQAWuEjEL2DfNq2DLZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTUtR0VyZnhSMUFCYTRTTVF2WU44MnJZTXRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iODQ1MDAtZmZkYi00MmQyLTk0NjUt
YTJlYWRlODM5NTVkLzEveTUtR0VyZnhSMUFCYTRTTVF2WU44MnJZTXRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iODQ1MDAtZmZkYi00MmQyLTk0NjUtYTJlYWRlODM5NTVk
LzEveTUtR0VyZnhSMUFCYTRTTVF2WU44MnJZTXRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIOQ/MYrV
7IQEhGD4gGWY5+pBnw5aMAA5Syl9eLml0z9w/hMUS5ttOvd/d+CdWZK4kxRvsdU/
C+QRAH3amYK98u3T3EuxX5IPQOC8YCmX91CueJ6rzH5svCrW3VYR6o/+nOgmzajl
S0HasZQtwSPa+tuFxujU5nNHtUiW0ZcEUbREqg2c5d5UEQ9VVaOUGTafJFTwkdX0
LyyWSgKB7uAjB3YeMeDkB81DY3TCR4JfKspJnTyLlyUyTUmz/Q2G0O93oHbK7x1c
WOO/JKa7nFfp6n3vK6aLk99Prn7/SeQgQ/UfIptz6bmZQo+2O3jWtHKXZoklCDxq
b5c22VZDYkpIaQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:05:25 2025 by rpki-client