Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft
File: Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft (raw, json)
Hash identifier: PgSW8Z9GG+kFua0dj4yNafddROEWmVE48UFZ6g35pco=
Subject key identifier: 8A:84:E4:E8:D3:D9:A0:E2:A4:09:76:3A:FD:13:E7:65:06:80:7D:6A
Authority key identifier: 63:3B:68:95:FE:49:93:39:7B:66:23:2B:B0:A2:D3:E3:C6:25:CC:1B
Certificate issuer: /CN=633b6895fe4993397b66232bb0a2d3e3c625cc1b
Certificate serial: 019D265F87A9D96CD4C296B315C517ABD8EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft
Manifest number: 12A1
Signing time: Wed 25 Mar 2026 19:01:28 +0000
Manifest this update: Wed 25 Mar 2026 19:01:28 +0000
Manifest next update: Thu 26 Mar 2026 19:01:28 +0000
Files and hashes: 1: YS4KfdF48rW5SEIpeCeYxOP-Du0.roa (hash: FKGkIDKaHogWgazEiZbFbdSEfBT5S7dX/PkphiCX2e8=)
2: Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl (hash: kSN+cZj8JztvD6JpMPhfI46G65hW49rkSLoO0L3JBDM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5f:87:a9:d9:6c:d4:c2:96:b3:15:c5:17:ab:d8:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=633b6895fe4993397b66232bb0a2d3e3c625cc1b
Validity
Not Before: Mar 25 19:01:28 2026 GMT
Not After : Mar 26 19:01:28 2026 GMT
Subject: CN=8a84e4e8d3d9a0e2a409763afd13e76506807d6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0a:c6:fe:52:f1:74:5d:24:7e:99:90:57:ba:
4b:0f:e0:ac:fb:ea:24:f6:05:84:cc:c8:27:77:99:
ab:ed:b4:ce:30:9b:b8:3e:1a:4a:d8:b8:40:ef:34:
5f:88:6d:1f:1c:29:cb:1f:e2:6a:91:07:5a:dc:cf:
26:03:a6:f8:a0:d8:cc:9a:72:2e:1c:d7:c5:f0:10:
65:b2:cc:80:80:75:bb:3f:72:45:9d:2f:bb:5c:9c:
e5:7e:31:96:b9:1d:f1:7b:ea:e0:39:cd:3e:f0:93:
f7:80:29:8a:57:16:1d:35:87:5c:94:75:2c:f6:86:
ea:0b:70:0b:12:86:90:0c:03:15:0a:aa:96:8f:ab:
b5:97:90:9b:7f:1c:54:87:1d:b7:4b:e2:2d:34:72:
86:e3:72:91:f8:64:37:95:7c:ed:54:b5:51:a3:95:
09:83:f7:e5:b1:27:a5:ad:6f:f3:35:a0:86:4b:8f:
a1:45:55:2e:f4:97:0d:0c:46:9e:ac:0b:40:3d:49:
23:55:82:65:d6:66:b6:77:6b:86:87:7e:5f:34:ba:
f9:ab:9c:07:3e:50:15:1c:a2:b6:03:bf:45:96:0b:
d1:04:3a:a6:a3:ea:93:50:9c:23:de:80:f9:b5:88:
0d:be:2c:eb:20:d0:0a:6f:0a:f6:0a:8d:d7:41:44:
83:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:84:E4:E8:D3:D9:A0:E2:A4:09:76:3A:FD:13:E7:65:06:80:7D:6A
X509v3 Authority Key Identifier:
keyid:63:3B:68:95:FE:49:93:39:7B:66:23:2B:B0:A2:D3:E3:C6:25:CC:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:9c:cc:c1:01:ad:68:9c:d4:2b:f4:0a:7f:7d:ac:7d:6a:f7:
52:bc:80:52:ea:17:55:35:2a:53:61:50:60:1c:d9:75:e2:fc:
e6:ea:c8:6f:0a:b9:fc:59:b4:f2:97:78:21:e1:07:04:67:9a:
0b:9e:13:18:2e:1f:db:af:f3:f7:09:48:db:48:04:0f:67:6e:
42:9b:c8:6b:b6:93:30:95:d8:19:80:d0:df:60:dc:92:b8:e0:
8d:c0:30:72:1f:b9:6f:8c:86:aa:bd:b2:4c:fe:2d:c4:28:06:
b5:f9:b4:a9:5e:b2:88:f4:7e:68:66:bd:a1:b7:c7:3d:03:85:
50:dc:88:23:5f:55:3c:5d:f9:38:eb:7f:fb:b6:43:b3:37:9b:
38:8b:3d:cf:6d:af:b7:0b:20:f5:d3:9b:ee:72:ac:d7:9f:54:
26:ac:ed:d5:da:fd:42:b8:4d:be:5e:8b:d3:50:d7:9f:08:27:
14:a6:41:8d:19:92:3a:a6:d0:61:57:de:2e:0c:07:bd:f6:b8:
29:b4:2a:15:34:fb:31:4a:41:ae:3f:62:f4:42:c0:cd:75:2a:
80:00:ff:32:bb:e7:8f:f7:bd:65:da:69:17:fd:6e:e5:13:0a:
df:12:93:0a:fa:4b:29:1c:b1:2f:84:1e:80:a3:3f:3b:1a:d4:
80:ea:26:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX4ep2WzUwpazFcUXq9jrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzM2I2ODk1ZmU0OTkzMzk3YjY2MjMyYmIwYTJkM2UzYzYy
NWNjMWIwHhcNMjYwMzI1MTkwMTI4WhcNMjYwMzI2MTkwMTI4WjAzMTEwLwYDVQQD
Eyg4YTg0ZTRlOGQzZDlhMGUyYTQwOTc2M2FmZDEzZTc2NTA2ODA3ZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwrG/lLxdF0kfpmQV7pLD+Cs++ok
9gWEzMgnd5mr7bTOMJu4PhpK2LhA7zRfiG0fHCnLH+JqkQda3M8mA6b4oNjMmnIu
HNfF8BBlssyAgHW7P3JFnS+7XJzlfjGWuR3xe+rgOc0+8JP3gCmKVxYdNYdclHUs
9obqC3ALEoaQDAMVCqqWj6u1l5CbfxxUhx23S+ItNHKG43KR+GQ3lXztVLVRo5UJ
g/flsSelrW/zNaCGS4+hRVUu9JcNDEaerAtAPUkjVYJl1ma2d2uGh35fNLr5q5wH
PlAVHKK2A79FlgvRBDqmo+qTUJwj3oD5tYgNvizrINAKbwr2Co3XQUSDfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqE5OjT2aDipAl2Ov0T52UGgH1qMB8GA1UdIwQY
MBaAFGM7aJX+SZM5e2YjK7Ci0+PGJcwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yZmM0MGEtNTVlMy00YWJhLTkxYjUt
NzBiODg3MWI4ZTIwLzEvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yZmM0MGEtNTVlMy00YWJhLTkxYjUtNzBiODg3MWI4ZTIw
LzEvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfpzMwQGt
aJzUK/QKf32sfWr3UryAUuoXVTUqU2FQYBzZdeL85urIbwq5/Fm08pd4IeEHBGea
C54TGC4f26/z9wlI20gED2duQpvIa7aTMJXYGYDQ32DckrjgjcAwch+5b4yGqr2y
TP4txCgGtfm0qV6yiPR+aGa9obfHPQOFUNyII19VPF35OOt/+7ZDszebOIs9z22v
twsg9dOb7nKs159UJqzt1dr9QrhNvl6L01DXnwgnFKZBjRmSOqbQYVfeLgwHvfa4
KbQqFTT7MUpBrj9i9ELAzXUqgAD/Mrvnj/e9ZdppF/1u5RMK3xKTCvpLKRyxL4Qe
gKM/OxrUgOomdQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:58:17 2026 by rpki-client