Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
File: ygHfSTk2pi4uyamAWo-ja4M1vVA.mft (raw, json)
Hash identifier: qS0D2oZ62hgecUQwbVLvuLfACPvXQ5QY09PqvoD/ID8=
Subject key identifier: D5:B1:4F:2B:39:44:7C:47:46:36:14:0B:C2:21:08:0E:ED:C8:B8:A3
Authority key identifier: CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
Certificate issuer: /CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Certificate serial: 019D27A8DFCAB66668637E00122354C32F09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
Manifest number: 0A14
Signing time: Thu 26 Mar 2026 01:01:11 +0000
Manifest this update: Thu 26 Mar 2026 01:01:11 +0000
Manifest next update: Fri 27 Mar 2026 01:01:11 +0000
Files and hashes: 1: 3GkC4alpDAvrmyyfcuXDAMj59Ng.roa (hash: m2jng52J8d+SYelIcZHf8/G6o3/K/EOSsyHZ2TT8VOM=)
2: ygHfSTk2pi4uyamAWo-ja4M1vVA.crl (hash: RSdrb1daPXuwDzE250sLrYZ6K2ynt5sYN2RyAuVqIo8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:a8:df:ca:b6:66:68:63:7e:00:12:23:54:c3:2f:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Validity
Not Before: Mar 26 01:01:11 2026 GMT
Not After : Mar 27 01:01:11 2026 GMT
Subject: CN=d5b14f2b39447c474636140bc221080eedc8b8a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3b:87:04:f2:51:d0:a0:89:c9:42:1e:4d:8c:
fd:24:81:b2:17:3f:34:b9:f2:47:f8:b4:46:b0:bb:
47:6c:ca:14:a2:85:e1:63:cd:ad:c5:f5:eb:0a:6d:
58:bd:89:64:21:33:d7:b3:ee:8f:8a:7b:79:e0:67:
42:d0:87:68:e0:1b:2c:25:2c:c1:0f:58:93:43:25:
54:ff:23:09:27:44:ab:c8:07:7f:23:53:60:6d:03:
da:56:66:67:17:a5:b7:94:e7:35:93:fa:ee:22:95:
47:88:04:e0:f3:36:bb:a3:d0:5c:07:06:ee:4c:44:
ec:70:8e:6d:34:7a:e6:47:db:84:99:b7:f4:7a:26:
7a:62:36:32:c3:a3:e0:5d:62:18:8e:b1:d5:18:38:
7b:f3:02:87:b3:66:ce:9f:a0:17:c7:0a:69:e5:99:
74:57:7d:05:d6:8f:3b:cf:de:98:a4:5d:10:f9:74:
e4:fe:07:9e:09:e6:05:f9:8d:b0:0c:77:3b:ae:5a:
fa:8b:71:7b:8e:b8:99:84:4b:44:2e:e1:ab:2d:3b:
69:37:80:7a:bb:1f:6e:eb:c9:34:44:6a:02:d6:82:
90:d3:b9:3a:57:68:75:f3:20:97:3d:44:dc:3c:e5:
96:7a:aa:2e:33:21:26:62:5c:ae:6f:01:3b:91:03:
80:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:B1:4F:2B:39:44:7C:47:46:36:14:0B:C2:21:08:0E:ED:C8:B8:A3
X509v3 Authority Key Identifier:
keyid:CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b9:14:51:e2:58:32:1f:02:2e:23:52:5e:d5:26:b5:ba:73:ea:
d7:59:e1:7b:b0:c0:15:41:c7:53:f8:a8:7c:d7:0f:08:b2:24:
51:e9:d3:bd:77:bb:00:fe:99:50:3e:02:3d:3d:8c:d8:3f:b7:
1a:5b:af:fa:d0:cd:f5:17:51:35:f9:c8:ba:c9:a2:c5:35:64:
b8:f5:ce:8b:11:a1:97:2f:75:92:9e:bd:86:c0:44:c5:34:8c:
e1:27:c0:12:92:d5:e5:db:2f:a1:02:42:9c:59:9d:ea:97:78:
4e:5c:de:a2:48:2a:53:29:db:61:3f:17:01:25:48:20:24:69:
91:44:90:7d:b6:24:73:30:de:0a:a0:f9:89:bf:7f:e4:7d:4d:
7e:e1:5b:79:04:59:33:96:7b:36:57:0b:42:52:2b:5b:cf:b4:
05:cf:73:56:14:26:88:bd:77:0e:0c:4c:fd:8c:6b:63:36:b8:
fa:ef:4f:d0:c8:45:fd:10:7d:97:69:25:59:4f:21:e3:07:ef:
47:80:11:93:6c:5e:80:47:52:d8:0a:dd:d5:7e:dd:1f:d8:f1:
21:d7:5a:eb:08:75:83:a6:b4:54:ea:11:10:33:43:65:5d:79:
e7:2e:55:a1:b4:7e:09:7f:78:34:bc:2a:80:2c:4b:72:ef:98:
f5:d8:59:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqN/KtmZoY34AEiNUwy8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMDFkZjQ5MzkzNmE2MmUyZWM5YTk4MDVhOGZhMzZiODMz
NWJkNTAwHhcNMjYwMzI2MDEwMTExWhcNMjYwMzI3MDEwMTExWjAzMTEwLwYDVQQD
EyhkNWIxNGYyYjM5NDQ3YzQ3NDYzNjE0MGJjMjIxMDgwZWVkYzhiOGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTuHBPJR0KCJyUIeTYz9JIGyFz80
ufJH+LRGsLtHbMoUooXhY82txfXrCm1YvYlkITPXs+6Pint54GdC0Ido4BssJSzB
D1iTQyVU/yMJJ0SryAd/I1NgbQPaVmZnF6W3lOc1k/ruIpVHiATg8za7o9BcBwbu
TETscI5tNHrmR9uEmbf0eiZ6YjYyw6PgXWIYjrHVGDh78wKHs2bOn6AXxwpp5Zl0
V30F1o87z96YpF0Q+XTk/geeCeYF+Y2wDHc7rlr6i3F7jriZhEtELuGrLTtpN4B6
ux9u68k0RGoC1oKQ07k6V2h18yCXPUTcPOWWeqouMyEmYlyubwE7kQOAtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNWxTys5RHxHRjYUC8IhCA7tyLijMB8GA1UdIwQY
MBaAFMoB30k5NqYuLsmpgFqPo2uDNb1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUt
OTYyNzU4YTNkNWVhLzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUtOTYyNzU4YTNkNWVh
LzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuRRR4lgy
HwIuI1Je1Sa1unPq11nhe7DAFUHHU/iofNcPCLIkUenTvXe7AP6ZUD4CPT2M2D+3
Gluv+tDN9RdRNfnIusmixTVkuPXOixGhly91kp69hsBExTSM4SfAEpLV5dsvoQJC
nFmd6pd4TlzeokgqUynbYT8XASVIICRpkUSQfbYkczDeCqD5ib9/5H1NfuFbeQRZ
M5Z7NlcLQlIrW8+0Bc9zVhQmiL13DgxM/YxrYza4+u9P0MhF/RB9l2klWU8h4wfv
R4ARk2xegEdS2Ard1X7dH9jxIdda6wh1g6a0VOoREDNDZV155y5VobR+CX94NLwq
gCxLcu+Y9dhZcg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:18:08 2026 by rpki-client