Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft
File: Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft (raw, json)
Hash identifier: lR6OvN3NOVKNQk0r9g9C7JibFfRQrxJVhm01rER7SfU=
Subject key identifier: 3B:A7:CE:44:D4:BE:10:F2:6A:B4:BE:FC:37:85:13:D7:E7:E1:08:22
Authority key identifier: 63:3B:68:95:FE:49:93:39:7B:66:23:2B:B0:A2:D3:E3:C6:25:CC:1B
Certificate issuer: /CN=633b6895fe4993397b66232bb0a2d3e3c625cc1b
Certificate serial: 0199FBEBF0712E6E52A9E1F8FBC55833DAC5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft
Manifest number: 10FD
Signing time: Sun 19 Oct 2025 10:02:47 +0000
Manifest this update: Sun 19 Oct 2025 10:02:47 +0000
Manifest next update: Mon 20 Oct 2025 10:02:47 +0000
Files and hashes: 1: YFIa0scc_xVUT5FKi7LKvASoEWc.roa (hash: V1CwEQLm9iXZGzptcaHc4LFmcOryBT2Kfmx1HSv4RTc=)
2: Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl (hash: CV0tp8GmJ/bVUoc/EjlalD/5EpT6ypa4KfKxFxWocFQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:02:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:f0:71:2e:6e:52:a9:e1:f8:fb:c5:58:33:da:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=633b6895fe4993397b66232bb0a2d3e3c625cc1b
Validity
Not Before: Oct 19 10:02:47 2025 GMT
Not After : Oct 20 10:02:47 2025 GMT
Subject: CN=3ba7ce44d4be10f26ab4befc378513d7e7e10822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2e:85:96:da:c3:72:72:e6:ad:39:df:9d:c9:
48:7c:7e:79:9b:62:79:41:95:99:cb:22:36:fb:e4:
5a:ff:cb:71:21:c6:0b:6b:d6:67:db:99:95:32:4c:
d9:88:9d:9a:e1:6b:00:c4:21:4d:af:04:8e:3f:ae:
33:82:2a:b8:90:27:b0:ec:de:ae:b1:61:41:a8:1b:
82:f5:41:40:a8:ab:8e:c4:d8:7c:4d:db:ff:48:2d:
16:40:b3:1d:dd:2b:57:0d:7d:51:46:da:68:5e:43:
c7:6c:d6:6f:fc:81:f2:74:56:e1:9c:b2:6f:8c:d2:
bc:76:28:b5:76:10:4e:1d:08:d5:9a:be:e8:d2:bb:
9f:a2:e6:a3:73:fb:5f:34:0c:b3:57:82:26:f9:3f:
00:4c:f5:01:cd:ed:61:0a:fc:e1:69:16:71:a8:33:
12:46:e7:6a:0d:21:0c:63:cf:b8:45:cf:ca:b6:5c:
1a:4c:c8:e0:81:85:30:91:4c:a6:fd:72:4d:1c:f3:
0d:d5:2a:e5:96:f0:0b:64:7c:90:7d:13:eb:7e:44:
dd:d0:33:53:77:2e:ff:b0:e6:9e:18:e3:b4:b9:61:
1b:91:2e:c6:91:83:5b:de:9f:55:1c:e7:f8:5b:b2:
8b:47:2b:4a:42:ce:ee:ee:aa:ee:7f:e4:e4:1f:12:
7a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:A7:CE:44:D4:BE:10:F2:6A:B4:BE:FC:37:85:13:D7:E7:E1:08:22
X509v3 Authority Key Identifier:
keyid:63:3B:68:95:FE:49:93:39:7B:66:23:2B:B0:A2:D3:E3:C6:25:CC:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:d9:6b:70:33:65:53:01:9d:bc:b9:3b:67:e8:aa:c5:b2:ae:
3b:c1:00:d4:9a:d2:17:ae:31:13:22:25:a3:cd:86:64:1a:96:
de:06:89:b7:b9:a5:6e:5e:25:88:38:b5:26:49:cf:bb:de:b2:
7b:b6:9d:f0:3b:bd:95:ff:c5:9f:ce:a3:3a:86:9e:e4:20:f1:
51:6c:21:5d:5d:06:c9:14:be:f7:b5:08:4d:62:69:04:cd:c4:
d8:89:63:89:94:91:02:83:5f:93:a0:f5:a7:bd:c9:c9:70:59:
cb:a9:6a:04:21:76:55:a1:4a:94:03:0d:1a:00:c0:f4:bc:04:
d7:1c:ea:38:c5:1b:0e:83:5c:11:a1:ca:6c:f4:11:c1:a0:e4:
eb:f0:5c:6d:c6:f7:17:cc:ec:43:ce:46:b7:8a:6f:10:fb:08:
4b:34:9f:bd:de:25:dc:4d:a7:35:53:08:b0:4e:9a:fb:0f:35:
46:22:dc:1a:55:f7:77:eb:4f:65:9c:98:b8:50:54:3c:a7:f3:
ae:49:41:b0:c9:16:f5:a8:aa:d3:4c:45:a4:6f:3c:f3:62:6d:
a3:aa:7e:aa:07:07:fa:af:1f:6d:a4:5d:3d:b3:37:dc:bc:d4:
b0:70:da:18:1c:c0:a6:da:8f:f1:31:5e:f5:d2:aa:4c:15:a6:
17:f8:53:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76/BxLm5SqeH4+8VYM9rFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzM2I2ODk1ZmU0OTkzMzk3YjY2MjMyYmIwYTJkM2UzYzYy
NWNjMWIwHhcNMjUxMDE5MTAwMjQ3WhcNMjUxMDIwMTAwMjQ3WjAzMTEwLwYDVQQD
EygzYmE3Y2U0NGQ0YmUxMGYyNmFiNGJlZmMzNzg1MTNkN2U3ZTEwODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsC6FltrDcnLmrTnfnclIfH55m2J5
QZWZyyI2++Ra/8txIcYLa9Zn25mVMkzZiJ2a4WsAxCFNrwSOP64zgiq4kCew7N6u
sWFBqBuC9UFAqKuOxNh8Tdv/SC0WQLMd3StXDX1RRtpoXkPHbNZv/IHydFbhnLJv
jNK8dii1dhBOHQjVmr7o0rufouajc/tfNAyzV4Im+T8ATPUBze1hCvzhaRZxqDMS
RudqDSEMY8+4Rc/KtlwaTMjggYUwkUym/XJNHPMN1SrllvALZHyQfRPrfkTd0DNT
dy7/sOaeGOO0uWEbkS7GkYNb3p9VHOf4W7KLRytKQs7u7qruf+TkHxJ6oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDunzkTUvhDyarS+/DeFE9fn4QgiMB8GA1UdIwQY
MBaAFGM7aJX+SZM5e2YjK7Ci0+PGJcwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yZmM0MGEtNTVlMy00YWJhLTkxYjUt
NzBiODg3MWI4ZTIwLzEvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yZmM0MGEtNTVlMy00YWJhLTkxYjUtNzBiODg3MWI4ZTIw
LzEvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG9lrcDNl
UwGdvLk7Z+iqxbKuO8EA1JrSF64xEyIlo82GZBqW3gaJt7mlbl4liDi1JknPu96y
e7ad8Du9lf/Fn86jOoae5CDxUWwhXV0GyRS+97UITWJpBM3E2IljiZSRAoNfk6D1
p73JyXBZy6lqBCF2VaFKlAMNGgDA9LwE1xzqOMUbDoNcEaHKbPQRwaDk6/Bcbcb3
F8zsQ85Gt4pvEPsISzSfvd4l3E2nNVMIsE6a+w81RiLcGlX3d+tPZZyYuFBUPKfz
rklBsMkW9aiq00xFpG8882Jto6p+qgcH+q8fbaRdPbM33LzUsHDaGBzAptqP8TFe
9dKqTBWmF/hTOg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:01:45 2025 by rpki-client