Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft
File: ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft (raw, json)
Hash identifier: W0Rk69v8oso3hyce1cVtwIdfGrCPW7hyr5Ioy8urMS4=
Subject key identifier: F8:A7:16:85:6B:20:14:1C:B3:EB:E1:74:A3:58:89:73:09:1B:D0:9D
Authority key identifier: CA:43:4D:39:9D:93:A1:9D:8A:81:08:45:6C:55:75:09:6C:2A:E5:88
Certificate issuer: /CN=ca434d399d93a19d8a8108456c5575096c2ae588
Certificate serial: 019D2816B74AD9DE774A7659BC019E1829C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft
Manifest number: 08A8
Signing time: Thu 26 Mar 2026 03:01:10 +0000
Manifest this update: Thu 26 Mar 2026 03:01:10 +0000
Manifest next update: Fri 27 Mar 2026 03:01:10 +0000
Files and hashes: 1: G-foIY1cv2s-pbmJJsngENBWLwM.roa (hash: /sje/fJ/oYoi2zdAPSdZ79XrD4oozBnY/U0gHu3a9bM=)
2: ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.crl (hash: ay9OtlwnNf609Fk27/GnUj/ZqGi7y0SjuEhtUW+S4MA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:16:b7:4a:d9:de:77:4a:76:59:bc:01:9e:18:29:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca434d399d93a19d8a8108456c5575096c2ae588
Validity
Not Before: Mar 26 03:01:10 2026 GMT
Not After : Mar 27 03:01:10 2026 GMT
Subject: CN=f8a716856b20141cb3ebe174a3588973091bd09d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:19:31:73:4e:60:31:a8:33:c1:41:ec:28:1e:
07:26:a2:64:c0:0f:fa:c0:99:e2:32:c8:df:56:7a:
dd:ba:73:ce:85:8c:21:3a:1a:ee:8b:27:dc:1c:86:
d4:bf:99:93:84:53:d1:45:49:3b:10:6f:0a:ac:2e:
e1:53:cb:3e:62:34:98:07:20:e2:14:e5:41:36:67:
4b:ff:ec:62:3e:1a:1a:47:33:dc:98:63:b7:20:11:
40:7a:dd:ed:10:e4:0f:be:c7:db:b2:bd:28:59:41:
f9:eb:71:2f:37:96:e7:31:31:ed:33:15:b8:91:72:
8c:7f:43:23:15:05:7c:27:ca:e8:37:3e:69:ae:69:
ae:78:64:98:40:27:39:a5:4e:9a:d5:ed:c3:04:3b:
ea:bc:6b:36:75:31:fb:d3:35:1e:75:e0:23:5a:7c:
c6:2d:15:9a:a8:42:15:92:2e:d1:7e:82:26:12:c9:
2e:56:0d:1c:62:cb:e6:72:f0:71:6f:44:ca:8e:11:
ca:e5:84:bd:d9:d0:f0:dc:d0:53:31:ea:bd:a3:d1:
70:59:4d:eb:ea:68:bb:da:b2:a5:d6:52:32:2c:4c:
be:19:2d:ae:d4:21:77:89:48:30:76:29:4c:d4:6b:
ba:d5:a0:63:30:f5:89:90:8b:fe:c7:de:bf:ab:3b:
33:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A7:16:85:6B:20:14:1C:B3:EB:E1:74:A3:58:89:73:09:1B:D0:9D
X509v3 Authority Key Identifier:
keyid:CA:43:4D:39:9D:93:A1:9D:8A:81:08:45:6C:55:75:09:6C:2A:E5:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:af:a4:2b:fd:01:9d:81:1d:ff:57:d2:a5:0f:f9:0c:45:60:
91:79:02:a0:bc:9f:04:a4:94:3e:1f:22:39:8e:9b:4d:b2:71:
f3:64:04:20:da:35:54:ee:1a:12:44:5a:0c:51:38:61:68:7d:
96:24:77:39:dd:d1:0a:c2:39:05:09:b6:b1:52:ba:b4:db:d0:
64:50:9d:b6:16:38:2f:e9:26:19:31:bf:1d:47:8a:a2:0b:76:
7e:49:6a:e7:e2:1c:de:0c:bb:a6:7f:ea:50:8e:dd:8e:37:ea:
9d:70:32:dc:43:dc:d2:62:0e:22:00:e2:fd:aa:73:6d:18:3d:
c6:ff:88:31:b3:8c:51:da:fb:45:83:13:12:01:72:50:ed:31:
b2:9d:a0:12:ca:c4:35:fa:e9:db:4f:4e:b7:93:28:49:5a:f9:
3b:90:5d:08:1e:77:93:28:8e:e1:b9:ff:d2:1b:f6:37:c4:4f:
9d:e1:13:3c:9b:2c:52:2d:d6:b8:c4:02:28:9c:5e:44:f6:13:
fe:d8:cd:ec:b1:9f:16:a1:1b:2f:f1:63:e1:c4:3d:84:e1:47:
1b:91:cf:51:a8:12:62:7b:8c:85:b3:00:a7:36:3d:25:8f:9e:
e4:78:87:bb:63:d9:c3:1f:42:2c:d8:6a:e3:9b:a8:8f:f9:73:
fa:39:bf:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFrdK2d53SnZZvAGeGCnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNDM0ZDM5OWQ5M2ExOWQ4YTgxMDg0NTZjNTU3NTA5NmMy
YWU1ODgwHhcNMjYwMzI2MDMwMTEwWhcNMjYwMzI3MDMwMTEwWjAzMTEwLwYDVQQD
EyhmOGE3MTY4NTZiMjAxNDFjYjNlYmUxNzRhMzU4ODk3MzA5MWJkMDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Rkxc05gMagzwUHsKB4HJqJkwA/6
wJniMsjfVnrdunPOhYwhOhruiyfcHIbUv5mThFPRRUk7EG8KrC7hU8s+YjSYByDi
FOVBNmdL/+xiPhoaRzPcmGO3IBFAet3tEOQPvsfbsr0oWUH563EvN5bnMTHtMxW4
kXKMf0MjFQV8J8roNz5prmmueGSYQCc5pU6a1e3DBDvqvGs2dTH70zUedeAjWnzG
LRWaqEIVki7RfoImEskuVg0cYsvmcvBxb0TKjhHK5YS92dDw3NBTMeq9o9FwWU3r
6mi72rKl1lIyLEy+GS2u1CF3iUgwdilM1Gu61aBjMPWJkIv+x96/qzszsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPinFoVrIBQcs+vhdKNYiXMJG9CdMB8GA1UdIwQY
MBaAFMpDTTmdk6GdioEIRWxVdQlsKuWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWtOTk9aMlRvWjJLZ1FoRmJGVjFDV3dxNVlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC82YWVjNmEtMzY4My00MDVhLTllNjEt
ZGIyMzY4MjcxOTEzLzEveWtOTk9aMlRvWjJLZ1FoRmJGVjFDV3dxNVlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC82YWVjNmEtMzY4My00MDVhLTllNjEtZGIyMzY4MjcxOTEz
LzEveWtOTk9aMlRvWjJLZ1FoRmJGVjFDV3dxNVlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALK+kK/0B
nYEd/1fSpQ/5DEVgkXkCoLyfBKSUPh8iOY6bTbJx82QEINo1VO4aEkRaDFE4YWh9
liR3Od3RCsI5BQm2sVK6tNvQZFCdthY4L+kmGTG/HUeKogt2fklq5+Ic3gy7pn/q
UI7djjfqnXAy3EPc0mIOIgDi/apzbRg9xv+IMbOMUdr7RYMTEgFyUO0xsp2gEsrE
Nfrp209Ot5MoSVr5O5BdCB53kyiO4bn/0hv2N8RPneETPJssUi3WuMQCKJxeRPYT
/tjN7LGfFqEbL/Fj4cQ9hOFHG5HPUagSYnuMhbMApzY9JY+e5HiHu2PZwx9CLNhq
45uoj/lz+jm/Vw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:57:46 2026 by rpki-client