Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f377bd-8e42-4875-a124-3abfafe74aa9/1/YKzX2WuVbeXbA2c80dHjo3uN2d0.mft
File: YKzX2WuVbeXbA2c80dHjo3uN2d0.mft (raw, json)
Hash identifier: mincvTTzx5TZ3llW4YPdxgoAEuOeD8Krugz3NFky/pk=
Subject key identifier: CA:88:8F:0F:04:16:CD:BC:88:04:E7:79:AF:FD:30:9E:17:BF:E4:35
Authority key identifier: 60:AC:D7:D9:6B:95:6D:E5:DB:03:67:3C:D1:D1:E3:A3:7B:8D:D9:DD
Certificate issuer: /CN=60acd7d96b956de5db03673cd1d1e3a37b8dd9dd
Certificate serial: 019D2997174CC0730DD6B81910DA84A2BDA9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YKzX2WuVbeXbA2c80dHjo3uN2d0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f377bd-8e42-4875-a124-3abfafe74aa9/1/YKzX2WuVbeXbA2c80dHjo3uN2d0.mft
Manifest number: 07DB
Signing time: Thu 26 Mar 2026 10:01:00 +0000
Manifest this update: Thu 26 Mar 2026 10:01:00 +0000
Manifest next update: Fri 27 Mar 2026 10:01:00 +0000
Files and hashes: 1: Ewfu9z930MhyPX8313muaLXe2oM.roa (hash: xaNiT68XuLXKua+vW1yOiyZ2EeD/WOwvk5iab3yyEqE=)
2: YKzX2WuVbeXbA2c80dHjo3uN2d0.crl (hash: tFbc3vY+7cMVF2VO3q3n7SgDxoxTLvZuKY7f6mL9kGU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/f377bd-8e42-4875-a124-3abfafe74aa9/1/YKzX2WuVbeXbA2c80dHjo3uN2d0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/f377bd-8e42-4875-a124-3abfafe74aa9/1/YKzX2WuVbeXbA2c80dHjo3uN2d0.mft
rsync://rpki.ripe.net/repository/DEFAULT/YKzX2WuVbeXbA2c80dHjo3uN2d0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:97:17:4c:c0:73:0d:d6:b8:19:10:da:84:a2:bd:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60acd7d96b956de5db03673cd1d1e3a37b8dd9dd
Validity
Not Before: Mar 26 10:01:00 2026 GMT
Not After : Mar 27 10:01:00 2026 GMT
Subject: CN=ca888f0f0416cdbc8804e779affd309e17bfe435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:da:ed:69:10:39:55:ca:97:0b:7a:29:cd:6b:
06:cf:21:04:87:49:9f:fc:a9:21:c9:b5:5f:f4:ef:
d1:f1:d7:84:6e:c7:33:d0:78:14:f4:26:1b:32:4e:
73:b2:d5:4f:ca:23:71:73:e1:b9:ea:55:c0:1a:95:
24:cc:10:09:c8:94:8a:9e:df:a0:be:6e:10:0f:e7:
a0:cc:71:d9:82:5d:47:67:f9:64:b4:09:8b:03:90:
16:0c:94:17:2c:65:6b:5f:69:a8:34:73:ee:37:a7:
89:dd:4e:79:60:53:0f:b7:a3:8c:35:2c:5a:06:62:
d2:b0:91:94:65:c7:d2:42:0a:e3:3a:bd:6e:bd:1b:
0f:8f:e8:df:97:fc:44:fa:2b:1f:d4:5b:3b:38:5a:
05:10:35:59:9c:13:91:60:cd:bf:b4:4a:c3:24:9f:
c4:bc:96:b4:fc:b6:44:96:65:7b:f1:59:12:ca:84:
d4:e2:a4:c5:48:80:c3:14:e2:af:c4:94:c4:07:3f:
91:48:ae:0f:25:71:11:20:8f:10:dd:b5:6c:1e:10:
c3:24:78:98:ad:e3:b8:6b:ae:43:5a:2e:23:c4:4d:
b8:6d:21:c5:f8:d5:aa:b9:36:3e:26:02:2c:a5:6e:
0e:a2:99:2f:5d:25:a2:5e:fc:4b:a8:93:27:b7:e2:
f9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:88:8F:0F:04:16:CD:BC:88:04:E7:79:AF:FD:30:9E:17:BF:E4:35
X509v3 Authority Key Identifier:
keyid:60:AC:D7:D9:6B:95:6D:E5:DB:03:67:3C:D1:D1:E3:A3:7B:8D:D9:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKzX2WuVbeXbA2c80dHjo3uN2d0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f377bd-8e42-4875-a124-3abfafe74aa9/1/YKzX2WuVbeXbA2c80dHjo3uN2d0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f377bd-8e42-4875-a124-3abfafe74aa9/1/YKzX2WuVbeXbA2c80dHjo3uN2d0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:68:3d:30:78:98:5c:2b:3a:1c:64:5d:5b:d6:4d:8b:c3:47:
e8:ea:c1:df:a0:80:d9:d4:ed:5c:ac:20:77:6e:47:12:06:cb:
06:1b:92:ac:b0:21:dd:3d:00:23:80:10:1c:50:4a:cb:b5:24:
f6:10:55:c5:6d:8b:e5:3f:98:d1:eb:a8:ee:ee:46:e1:ab:85:
da:b2:e0:95:f2:83:4a:a1:1b:2b:d5:d7:3c:19:c6:8f:a9:6e:
66:03:ef:88:ed:b7:45:54:d6:67:64:27:5d:83:09:f8:34:0f:
8e:4c:e6:8a:1f:49:63:aa:fe:6d:8f:bd:c4:aa:0b:94:98:4c:
d0:ff:2a:50:4e:c3:ac:ab:5f:68:b9:44:04:b4:ff:99:f3:d2:
84:6c:ee:11:e7:e4:f4:4d:c5:32:32:58:e1:39:90:cc:d9:30:
19:7b:4b:9f:fe:fd:8a:28:9f:5c:81:a2:f0:dd:21:92:11:3a:
69:85:86:8f:ad:ae:4c:bc:3d:c6:89:26:7e:b5:5f:b6:22:19:
38:f5:60:32:c3:7a:f9:25:81:18:9c:e9:a1:a6:cb:21:82:aa:
9c:39:84:4c:eb:60:f9:82:2e:e1:1f:f3:a7:c8:d9:f6:4e:8a:
2b:ba:7b:e5:88:98:b8:e5:49:27:39:92:f3:67:11:da:bb:b4:
04:61:91:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0plxdMwHMN1rgZENqEor2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYWNkN2Q5NmI5NTZkZTVkYjAzNjczY2QxZDFlM2EzN2I4
ZGQ5ZGQwHhcNMjYwMzI2MTAwMTAwWhcNMjYwMzI3MTAwMTAwWjAzMTEwLwYDVQQD
EyhjYTg4OGYwZjA0MTZjZGJjODgwNGU3NzlhZmZkMzA5ZTE3YmZlNDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0drtaRA5VcqXC3opzWsGzyEEh0mf
/KkhybVf9O/R8deEbscz0HgU9CYbMk5zstVPyiNxc+G56lXAGpUkzBAJyJSKnt+g
vm4QD+egzHHZgl1HZ/lktAmLA5AWDJQXLGVrX2moNHPuN6eJ3U55YFMPt6OMNSxa
BmLSsJGUZcfSQgrjOr1uvRsPj+jfl/xE+isf1Fs7OFoFEDVZnBORYM2/tErDJJ/E
vJa0/LZElmV78VkSyoTU4qTFSIDDFOKvxJTEBz+RSK4PJXERII8Q3bVsHhDDJHiY
reO4a65DWi4jxE24bSHF+NWquTY+JgIspW4OopkvXSWiXvxLqJMnt+L5gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMqIjw8EFs28iATnea/9MJ4Xv+Q1MB8GA1UdIwQY
MBaAFGCs19lrlW3l2wNnPNHR46N7jdndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUt6WDJXdVZiZVhiQTJjODBkSGpvM3VOMmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mMzc3YmQtOGU0Mi00ODc1LWExMjQt
M2FiZmFmZTc0YWE5LzEvWUt6WDJXdVZiZVhiQTJjODBkSGpvM3VOMmQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mMzc3YmQtOGU0Mi00ODc1LWExMjQtM2FiZmFmZTc0YWE5
LzEvWUt6WDJXdVZiZVhiQTJjODBkSGpvM3VOMmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS2g9MHiY
XCs6HGRdW9ZNi8NH6OrB36CA2dTtXKwgd25HEgbLBhuSrLAh3T0AI4AQHFBKy7Uk
9hBVxW2L5T+Y0euo7u5G4auF2rLglfKDSqEbK9XXPBnGj6luZgPviO23RVTWZ2Qn
XYMJ+DQPjkzmih9JY6r+bY+9xKoLlJhM0P8qUE7DrKtfaLlEBLT/mfPShGzuEefk
9E3FMjJY4TmQzNkwGXtLn/79iiifXIGi8N0hkhE6aYWGj62uTLw9xokmfrVftiIZ
OPVgMsN6+SWBGJzpoabLIYKqnDmETOtg+YIu4R/zp8jZ9k6KK7p75YiYuOVJJzmS
82cR2ru0BGGRsw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:59:51 2026 by rpki-client