Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b09fec-d85d-4b64-a612-11eeca266d6c/1/YZp5QeDCyGEyL4Me0G8H-3CFo7s.mft
File: YZp5QeDCyGEyL4Me0G8H-3CFo7s.mft (raw, json)
Hash identifier: D6+gvhMwMn9Qb/MwGU3PpR+LAj6elIRFIPAtHqvQQts=
Subject key identifier: 7F:AA:3E:B2:38:B5:14:5A:0F:C4:96:79:76:8D:32:59:F7:E8:C8:B3
Authority key identifier: 61:9A:79:41:E0:C2:C8:61:32:2F:83:1E:D0:6F:07:FB:70:85:A3:BB
Certificate issuer: /CN=619a7941e0c2c861322f831ed06f07fb7085a3bb
Certificate serial: 019D284E4D57AE1678234BD4F2AAD90BC745
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YZp5QeDCyGEyL4Me0G8H-3CFo7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b09fec-d85d-4b64-a612-11eeca266d6c/1/YZp5QeDCyGEyL4Me0G8H-3CFo7s.mft
Manifest number: 14A1
Signing time: Thu 26 Mar 2026 04:01:53 +0000
Manifest this update: Thu 26 Mar 2026 04:01:53 +0000
Manifest next update: Fri 27 Mar 2026 04:01:53 +0000
Files and hashes: 1: YZp5QeDCyGEyL4Me0G8H-3CFo7s.crl (hash: rEKWIaHFvQ3VZIa59SScHqzt833lzFaSBxTeADWERXQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/b09fec-d85d-4b64-a612-11eeca266d6c/1/YZp5QeDCyGEyL4Me0G8H-3CFo7s.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/b09fec-d85d-4b64-a612-11eeca266d6c/1/YZp5QeDCyGEyL4Me0G8H-3CFo7s.mft
rsync://rpki.ripe.net/repository/DEFAULT/YZp5QeDCyGEyL4Me0G8H-3CFo7s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:4e:4d:57:ae:16:78:23:4b:d4:f2:aa:d9:0b:c7:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=619a7941e0c2c861322f831ed06f07fb7085a3bb
Validity
Not Before: Mar 26 04:01:53 2026 GMT
Not After : Mar 27 04:01:53 2026 GMT
Subject: CN=7faa3eb238b5145a0fc49679768d3259f7e8c8b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1d:91:2d:21:57:7c:76:cb:2c:82:48:02:15:
4b:a9:b5:14:49:70:13:e9:fc:77:51:54:ea:fc:3e:
6a:27:58:e8:7c:29:f0:43:aa:dd:cf:aa:cb:47:df:
e3:38:0e:a6:6f:66:93:7e:a5:a5:e6:85:c0:d5:ca:
7d:a6:b2:5a:d7:ce:16:bf:34:aa:80:22:f2:f5:e3:
2e:7f:ae:fc:01:32:6f:98:d1:98:0d:c6:07:6d:13:
b7:7d:f9:a0:b4:19:64:d4:fb:5d:4b:74:f4:db:e8:
cf:1d:48:82:47:02:bb:73:71:6c:dd:f4:60:80:80:
73:bf:2e:e4:03:04:61:ad:44:3f:3b:4b:c6:10:0e:
0d:d0:43:0e:f8:25:b4:8d:55:73:b4:e3:9d:e8:c4:
13:63:7e:11:c1:11:4c:95:64:1e:41:ad:c5:b2:07:
7f:3a:16:db:a4:79:cc:8f:6d:62:d9:af:14:6a:3f:
f8:a8:ed:45:19:aa:c9:ae:2c:43:9d:a8:80:c6:98:
16:8d:46:cd:9d:fb:17:43:8e:17:df:4b:ac:53:98:
5a:40:9f:a3:1f:42:4f:f7:77:1d:81:05:43:42:2b:
f3:a2:e3:87:58:17:c6:b5:e9:41:6c:0b:dc:da:99:
87:b5:6e:56:1e:a5:6a:4a:e4:2a:af:65:61:a2:81:
bf:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:AA:3E:B2:38:B5:14:5A:0F:C4:96:79:76:8D:32:59:F7:E8:C8:B3
X509v3 Authority Key Identifier:
keyid:61:9A:79:41:E0:C2:C8:61:32:2F:83:1E:D0:6F:07:FB:70:85:A3:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YZp5QeDCyGEyL4Me0G8H-3CFo7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b09fec-d85d-4b64-a612-11eeca266d6c/1/YZp5QeDCyGEyL4Me0G8H-3CFo7s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b09fec-d85d-4b64-a612-11eeca266d6c/1/YZp5QeDCyGEyL4Me0G8H-3CFo7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:68:da:dc:a6:e1:eb:72:89:8d:76:0e:20:15:86:f1:7f:75:
e6:ef:db:ea:5c:19:74:b4:d7:b2:cf:a5:43:b2:05:96:98:58:
2c:2c:2a:d3:18:84:1a:29:db:13:62:90:dc:01:67:bd:67:c0:
98:9c:9d:4a:dd:98:ae:5d:2e:12:ff:39:af:ce:cc:c8:43:56:
d5:94:c4:9b:71:39:2f:72:54:76:a6:64:e2:03:74:35:80:7a:
84:63:c6:0a:5d:f7:f3:65:00:77:89:d1:b4:69:55:cd:de:47:
26:90:8c:f3:0b:5f:8c:37:3b:58:12:b9:d4:ec:33:58:72:a3:
79:45:29:07:a6:5f:0f:f6:c3:1b:5f:7d:fb:bb:42:fa:75:c9:
86:a1:d1:ce:d6:d8:19:72:a4:25:c2:af:6f:06:5d:c4:58:fa:
e5:60:85:e4:1f:0f:7e:2c:63:ed:04:83:29:1f:3f:81:fd:b2:
a9:13:36:ee:6f:3a:3d:f7:0d:96:47:d6:23:28:8a:25:99:1e:
69:e3:01:17:d1:3d:70:ad:c2:73:58:0a:42:4a:69:51:67:b8:
6c:5d:66:99:61:c9:0f:50:25:fd:aa:35:98:d5:3b:04:95:32:
9e:95:65:d9:76:34:77:ae:7a:ca:e9:1a:98:cb:c3:8e:06:97:
cc:80:61:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTk1XrhZ4I0vU8qrZC8dFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxOWE3OTQxZTBjMmM4NjEzMjJmODMxZWQwNmYwN2ZiNzA4
NWEzYmIwHhcNMjYwMzI2MDQwMTUzWhcNMjYwMzI3MDQwMTUzWjAzMTEwLwYDVQQD
Eyg3ZmFhM2ViMjM4YjUxNDVhMGZjNDk2Nzk3NjhkMzI1OWY3ZThjOGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh2RLSFXfHbLLIJIAhVLqbUUSXAT
6fx3UVTq/D5qJ1jofCnwQ6rdz6rLR9/jOA6mb2aTfqWl5oXA1cp9prJa184WvzSq
gCLy9eMuf678ATJvmNGYDcYHbRO3ffmgtBlk1PtdS3T02+jPHUiCRwK7c3Fs3fRg
gIBzvy7kAwRhrUQ/O0vGEA4N0EMO+CW0jVVztOOd6MQTY34RwRFMlWQeQa3Fsgd/
OhbbpHnMj21i2a8Uaj/4qO1FGarJrixDnaiAxpgWjUbNnfsXQ44X30usU5haQJ+j
H0JP93cdgQVDQivzouOHWBfGtelBbAvc2pmHtW5WHqVqSuQqr2VhooG/cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH+qPrI4tRRaD8SWeXaNMln36MizMB8GA1UdIwQY
MBaAFGGaeUHgwshhMi+DHtBvB/twhaO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVpwNVFlREN5R0V5TDRNZTBHOEgtM0NGbzdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iMDlmZWMtZDg1ZC00YjY0LWE2MTIt
MTFlZWNhMjY2ZDZjLzEvWVpwNVFlREN5R0V5TDRNZTBHOEgtM0NGbzdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iMDlmZWMtZDg1ZC00YjY0LWE2MTItMTFlZWNhMjY2ZDZj
LzEvWVpwNVFlREN5R0V5TDRNZTBHOEgtM0NGbzdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI2ja3Kbh
63KJjXYOIBWG8X915u/b6lwZdLTXss+lQ7IFlphYLCwq0xiEGinbE2KQ3AFnvWfA
mJydSt2Yrl0uEv85r87MyENW1ZTEm3E5L3JUdqZk4gN0NYB6hGPGCl3382UAd4nR
tGlVzd5HJpCM8wtfjDc7WBK51OwzWHKjeUUpB6ZfD/bDG199+7tC+nXJhqHRztbY
GXKkJcKvbwZdxFj65WCF5B8Pfixj7QSDKR8/gf2yqRM27m86PfcNlkfWIyiKJZke
aeMBF9E9cK3Cc1gKQkppUWe4bF1mmWHJD1Al/ao1mNU7BJUynpVl2XY0d656yuka
mMvDjgaXzIBhpQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:16:02 2026 by rpki-client