Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.mft
File: ypAPHhHi0l0LIxatbgEmhIOayB4.mft (raw, json)
Hash identifier: n4RtykXwHshTDi8912mseISmSvXltETtwT5HqQgsMgk=
Subject key identifier: 28:42:BB:90:1D:9A:59:61:B8:5F:A3:44:D8:D6:89:3E:35:69:AA:48
Authority key identifier: CA:90:0F:1E:11:E2:D2:5D:0B:23:16:AD:6E:01:26:84:83:9A:C8:1E
Certificate issuer: /CN=ca900f1e11e2d25d0b2316ad6e012684839ac81e
Certificate serial: 019D29294484A766BE3CD1638CCCB19B287A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypAPHhHi0l0LIxatbgEmhIOayB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.mft
Manifest number: 1888
Signing time: Thu 26 Mar 2026 08:01:03 +0000
Manifest this update: Thu 26 Mar 2026 08:01:03 +0000
Manifest next update: Fri 27 Mar 2026 08:01:03 +0000
Files and hashes: 1: K2muBRhSzEeWwEOKyiaVJYw5K3c.roa (hash: 9FMIKD8yGkaykJTy68XJ8mxhdE87R0V7qtYcMc3oayY=)
2: ypAPHhHi0l0LIxatbgEmhIOayB4.crl (hash: M9gop5AHOvAdPw5qGEe6CwwjuhooyWGDooFVgEKLPIg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ypAPHhHi0l0LIxatbgEmhIOayB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:29:44:84:a7:66:be:3c:d1:63:8c:cc:b1:9b:28:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca900f1e11e2d25d0b2316ad6e012684839ac81e
Validity
Not Before: Mar 26 08:01:03 2026 GMT
Not After : Mar 27 08:01:03 2026 GMT
Subject: CN=2842bb901d9a5961b85fa344d8d6893e3569aa48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:73:9a:d5:4d:21:33:0f:da:0e:08:ba:2e:31:
57:15:2a:61:4c:29:d0:31:ce:04:30:c6:7a:62:62:
b9:a2:9b:df:11:07:2f:54:3f:e0:3f:a6:93:72:0d:
22:72:db:b5:9c:f9:8c:1d:a6:38:29:55:19:fc:be:
24:96:df:90:a2:66:60:42:c6:e3:f4:58:2e:20:6e:
23:ed:4b:af:e0:4d:10:5c:99:8b:73:bc:d3:88:6f:
4a:85:6c:9c:aa:59:ae:ce:06:e1:64:81:b7:84:4e:
41:be:77:f3:f3:81:96:b6:5f:1e:fc:73:3c:2b:8c:
01:16:64:55:86:1d:23:7e:40:82:b9:df:ad:ed:c8:
a6:6c:b1:42:70:ed:70:99:a1:1f:49:b0:b2:14:b1:
e5:5f:1e:56:fb:c5:07:77:92:ab:d3:d4:37:2e:3a:
b9:c5:9a:64:f9:32:45:bc:f4:ae:85:26:c1:9c:b2:
55:52:2c:f9:40:be:a1:b3:02:07:c7:ac:aa:7e:83:
84:26:5b:2e:c6:71:a3:f9:5f:d7:ed:b3:88:d5:8d:
1c:6d:6a:5a:f3:6e:ba:6c:6a:cc:aa:c9:eb:39:95:
a3:0e:db:79:77:50:ac:c1:d9:69:f0:44:51:0e:db:
ee:9c:c4:93:82:e1:84:6f:4b:b3:9b:c4:ea:1e:04:
30:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:42:BB:90:1D:9A:59:61:B8:5F:A3:44:D8:D6:89:3E:35:69:AA:48
X509v3 Authority Key Identifier:
keyid:CA:90:0F:1E:11:E2:D2:5D:0B:23:16:AD:6E:01:26:84:83:9A:C8:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypAPHhHi0l0LIxatbgEmhIOayB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
27:4c:47:4c:9f:2d:91:55:b3:68:f8:ca:69:7f:74:57:d2:01:
1a:08:9d:21:d7:ef:37:e2:d5:55:b1:81:1b:9a:7c:9c:fa:97:
55:77:3c:28:a4:e4:06:c6:94:f2:5a:9c:19:48:bf:82:96:7f:
6c:4c:9f:9b:0d:91:2f:3d:9a:0d:a1:ed:9f:5f:45:98:fd:d7:
b0:e9:f4:75:da:24:ee:d8:23:1a:db:69:46:b9:2e:b9:f4:2f:
0b:67:66:3e:11:38:5d:eb:55:ed:37:22:cc:91:f5:e5:95:ed:
14:30:b7:c9:ed:a0:26:89:9a:dc:c5:73:5b:50:1f:0d:a6:20:
b3:38:1c:fc:f4:06:7c:f6:76:6d:eb:f9:f9:4a:41:b1:03:75:
3b:66:fb:8d:f8:3a:55:3f:a6:61:7b:5f:a9:20:c6:38:97:44:
49:54:22:2c:31:00:90:a6:6c:e1:88:d5:fe:65:c3:eb:2d:ae:
ec:79:fc:8c:51:40:d8:03:e5:74:16:ac:21:7c:bd:7f:11:34:
7a:a6:79:3f:5b:48:fa:ea:22:4c:d3:14:0c:73:4d:ff:3c:35:
f1:4b:26:63:1c:dc:37:cc:d5:9a:06:70:16:49:f9:13:51:de:
8d:d9:81:d9:73:3e:87:ea:18:18:fc:ed:54:4a:16:cb:c0:82:
0b:18:98:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKUSEp2a+PNFjjMyxmyh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTAwZjFlMTFlMmQyNWQwYjIzMTZhZDZlMDEyNjg0ODM5
YWM4MWUwHhcNMjYwMzI2MDgwMTAzWhcNMjYwMzI3MDgwMTAzWjAzMTEwLwYDVQQD
EygyODQyYmI5MDFkOWE1OTYxYjg1ZmEzNDRkOGQ2ODkzZTM1NjlhYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3Oa1U0hMw/aDgi6LjFXFSphTCnQ
Mc4EMMZ6YmK5opvfEQcvVD/gP6aTcg0ictu1nPmMHaY4KVUZ/L4klt+QomZgQsbj
9FguIG4j7Uuv4E0QXJmLc7zTiG9KhWycqlmuzgbhZIG3hE5Bvnfz84GWtl8e/HM8
K4wBFmRVhh0jfkCCud+t7cimbLFCcO1wmaEfSbCyFLHlXx5W+8UHd5Kr09Q3Ljq5
xZpk+TJFvPSuhSbBnLJVUiz5QL6hswIHx6yqfoOEJlsuxnGj+V/X7bOI1Y0cbWpa
8266bGrMqsnrOZWjDtt5d1Cswdlp8ERRDtvunMSTguGEb0uzm8TqHgQwuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChCu5AdmllhuF+jRNjWiT41aapIMB8GA1UdIwQY
MBaAFMqQDx4R4tJdCyMWrW4BJoSDmsgeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBBUEhoSGkwbDBMSXhhdGJnRW1oSU9heUI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9mNjk2OWMtM2E2ZS00YmVjLTk3NDIt
ZWNlODdjNmEwMzE4LzEveXBBUEhoSGkwbDBMSXhhdGJnRW1oSU9heUI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9mNjk2OWMtM2E2ZS00YmVjLTk3NDItZWNlODdjNmEwMzE4
LzEveXBBUEhoSGkwbDBMSXhhdGJnRW1oSU9heUI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ0xHTJ8t
kVWzaPjKaX90V9IBGgidIdfvN+LVVbGBG5p8nPqXVXc8KKTkBsaU8lqcGUi/gpZ/
bEyfmw2RLz2aDaHtn19FmP3XsOn0ddok7tgjGttpRrkuufQvC2dmPhE4XetV7Tci
zJH15ZXtFDC3ye2gJoma3MVzW1AfDaYgszgc/PQGfPZ2bev5+UpBsQN1O2b7jfg6
VT+mYXtfqSDGOJdESVQiLDEAkKZs4YjV/mXD6y2u7Hn8jFFA2APldBasIXy9fxE0
eqZ5P1tI+uoiTNMUDHNN/zw18UsmYxzcN8zVmgZwFkn5E1HejdmB2XM+h+oYGPzt
VEoWy8CCCxiYyQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:16:54 2026 by rpki-client