Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
File: YcaCaHQ-gj4OHIcAYMChQiPxUes.mft (raw, json)
Hash identifier: /FDTawOd7MRsIbHzBdS1n/0iJiGgot0TExFD8dpzJpE=
Subject key identifier: EA:2A:DE:C2:4F:E4:BA:E7:64:48:C8:87:08:5E:F6:D3:E4:E6:62:A0
Authority key identifier: 61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
Certificate issuer: /CN=61c68268743e823e0e1c870060c0a14223f151eb
Certificate serial: 019D29615A866C5E32674035BD9F8E507D40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
Manifest number: 1887
Signing time: Thu 26 Mar 2026 09:02:19 +0000
Manifest this update: Thu 26 Mar 2026 09:02:19 +0000
Manifest next update: Fri 27 Mar 2026 09:02:19 +0000
Files and hashes: 1: YcaCaHQ-gj4OHIcAYMChQiPxUes.crl (hash: PFPlo5CWWuts8PvV+JIBSZNW3jUiSp8SwmO+fMWdQW8=)
2: b8CCvMj6XsXWpjo1kqL4lHdDIeI.roa (hash: ORCFwxYaf4vPg6tOj10K2FmfsSRr15XuWRZrPrnhk3A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:61:5a:86:6c:5e:32:67:40:35:bd:9f:8e:50:7d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61c68268743e823e0e1c870060c0a14223f151eb
Validity
Not Before: Mar 26 09:02:19 2026 GMT
Not After : Mar 27 09:02:19 2026 GMT
Subject: CN=ea2adec24fe4bae76448c887085ef6d3e4e662a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:d6:d3:52:a8:65:80:68:b2:4d:06:7a:18:cf:
d0:e1:87:0c:39:6f:3e:b0:3b:4b:2e:eb:06:de:c3:
77:b3:e8:ca:cb:93:07:70:0f:bb:bf:e6:ee:9e:f9:
4c:df:f2:ef:fd:cf:86:b2:2c:db:8e:63:0a:3a:36:
0c:94:f8:8b:2d:46:c3:79:cb:3f:e5:a8:1f:64:8d:
c6:95:b7:aa:22:1f:fd:eb:ee:99:e9:da:46:23:26:
82:2b:d2:57:3f:58:99:6b:6b:9a:7c:15:52:28:ec:
b2:c8:06:cc:13:d5:ed:68:46:78:d9:67:c2:3e:1d:
2f:1a:2a:3c:87:e6:9d:ce:b8:9b:fe:93:3d:e2:d8:
6a:1c:ec:1b:96:de:79:f8:b7:b4:5b:bb:9d:7d:fd:
9e:98:fb:44:bd:4e:48:2d:03:77:1e:e3:cd:3a:cc:
d0:5a:46:9b:2d:c4:7a:b6:1a:9c:9d:d3:7d:6d:d5:
83:62:61:7a:cc:d7:34:1d:7e:1a:c4:35:5d:61:ac:
48:b5:b6:60:38:e0:78:a6:89:72:24:18:7c:73:44:
43:48:cf:69:c2:06:33:02:ba:c3:d9:16:0d:9c:86:
f2:14:1e:42:d3:e0:b3:57:6f:38:6c:19:b9:cc:2e:
83:5e:e2:3b:c1:48:10:bc:a7:25:85:20:92:a6:91:
a0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:2A:DE:C2:4F:E4:BA:E7:64:48:C8:87:08:5E:F6:D3:E4:E6:62:A0
X509v3 Authority Key Identifier:
keyid:61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:61:49:b2:cc:cf:43:4e:c3:ea:01:8a:48:2c:b0:db:44:1c:
cc:2c:69:4b:33:ef:94:06:24:08:61:45:da:4e:eb:e9:11:f1:
ed:38:dd:c3:09:1d:47:f3:b5:61:84:1b:b6:6d:e0:44:67:36:
a4:a9:45:71:b8:60:d9:bd:d6:09:4b:db:fe:c0:d6:42:03:65:
c2:e3:1d:10:b3:41:21:47:19:1c:ce:db:f3:24:7b:aa:ea:92:
83:ca:dc:72:15:72:5d:50:db:1d:7c:5b:dd:3a:84:9c:91:52:
85:a8:07:99:2a:87:eb:a0:b7:8a:7f:cb:ec:87:e1:31:9c:f3:
9f:4e:03:f4:26:c1:3b:ca:38:bc:eb:7d:ad:1b:58:fd:f5:57:
3d:ca:0b:0a:16:62:ae:ca:fd:a9:04:b2:4d:ce:08:65:2c:20:
81:5d:79:27:2c:9d:4e:ea:11:1d:1b:8e:be:66:ae:cd:15:ea:
2f:c0:cf:1c:28:24:e0:e2:77:48:66:14:1a:c8:e3:12:db:b8:
88:3c:8b:1d:cf:8b:db:4b:05:78:f2:96:02:e4:80:93:fc:e1:
39:e8:ea:b0:78:25:b1:f2:d2:75:63:95:52:b2:70:76:d1:a0:
8e:44:84:5d:47:98:6e:8b:c9:1d:dc:6d:f3:ac:8c:d6:97:50:
3f:2e:03:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYVqGbF4yZ0A1vZ+OUH1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzY4MjY4NzQzZTgyM2UwZTFjODcwMDYwYzBhMTQyMjNm
MTUxZWIwHhcNMjYwMzI2MDkwMjE5WhcNMjYwMzI3MDkwMjE5WjAzMTEwLwYDVQQD
EyhlYTJhZGVjMjRmZTRiYWU3NjQ0OGM4ODcwODVlZjZkM2U0ZTY2MmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+NbTUqhlgGiyTQZ6GM/Q4YcMOW8+
sDtLLusG3sN3s+jKy5MHcA+7v+bunvlM3/Lv/c+GsizbjmMKOjYMlPiLLUbDecs/
5agfZI3GlbeqIh/96+6Z6dpGIyaCK9JXP1iZa2uafBVSKOyyyAbME9XtaEZ42WfC
Ph0vGio8h+adzrib/pM94thqHOwblt55+Le0W7udff2emPtEvU5ILQN3HuPNOszQ
WkabLcR6thqcndN9bdWDYmF6zNc0HX4axDVdYaxItbZgOOB4polyJBh8c0RDSM9p
wgYzArrD2RYNnIbyFB5C0+CzV284bBm5zC6DXuI7wUgQvKclhSCSppGgCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOoq3sJP5LrnZEjIhwhe9tPk5mKgMB8GA1UdIwQY
MBaAFGHGgmh0PoI+DhyHAGDAoUIj8VHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEt
NmQwNWMwZDBkYTZmLzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEtNmQwNWMwZDBkYTZm
LzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYGFJsszP
Q07D6gGKSCyw20QczCxpSzPvlAYkCGFF2k7r6RHx7TjdwwkdR/O1YYQbtm3gRGc2
pKlFcbhg2b3WCUvb/sDWQgNlwuMdELNBIUcZHM7b8yR7quqSg8rcchVyXVDbHXxb
3TqEnJFShagHmSqH66C3in/L7IfhMZzzn04D9CbBO8o4vOt9rRtY/fVXPcoLChZi
rsr9qQSyTc4IZSwggV15JyydTuoRHRuOvmauzRXqL8DPHCgk4OJ3SGYUGsjjEtu4
iDyLHc+L20sFePKWAuSAk/zhOejqsHglsfLSdWOVUrJwdtGgjkSEXUeYbovJHdxt
86yM1pdQPy4Ddg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:29:15 2026 by rpki-client