Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
File: ygHfSTk2pi4uyamAWo-ja4M1vVA.mft (raw, json)
Hash identifier: Bpc2EJlzsTXymm6R0J/pia00rlNb/GTKZRk7rGwC2Ac=
Subject key identifier: 24:8F:56:E7:4C:C2:20:D9:07:58:30:7D:F4:2E:2F:DF:C7:9B:19:25
Authority key identifier: CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
Certificate issuer: /CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Certificate serial: 0199FEEBFE533889ED07AB5D8C85855DE7D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
Manifest number: 0871
Signing time: Mon 20 Oct 2025 00:01:42 +0000
Manifest this update: Mon 20 Oct 2025 00:01:42 +0000
Manifest next update: Tue 21 Oct 2025 00:01:42 +0000
Files and hashes: 1: VJejrkbQcGz8ZtoJmN8x1bw4bkc.roa (hash: fTHkpU+4ZrTAo/sH1aFITBDz8Ocuvc9wBymMbgUJLms=)
2: ygHfSTk2pi4uyamAWo-ja4M1vVA.crl (hash: DOmFQ/rn8nx98Oo5CZcLquHsexFtFDJtAvENaMJeN/M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:eb:fe:53:38:89:ed:07:ab:5d:8c:85:85:5d:e7:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Validity
Not Before: Oct 20 00:01:42 2025 GMT
Not After : Oct 21 00:01:42 2025 GMT
Subject: CN=248f56e74cc220d90758307df42e2fdfc79b1925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:8f:e9:32:20:39:31:9e:79:12:f8:0b:98:42:
59:2d:ed:e3:54:3c:40:37:af:90:98:3e:5d:7d:4e:
27:9a:f5:d6:18:cf:79:e6:8b:6a:44:62:17:5e:12:
75:08:56:5f:30:54:bb:67:df:a0:11:e3:6f:52:f7:
b3:9d:08:e3:61:46:91:9a:82:6f:9e:8f:1e:b4:d7:
24:56:d8:73:5b:b3:0c:9e:f0:a4:15:4f:22:2b:3d:
3e:34:8a:b7:1b:0e:a6:cd:31:09:ad:17:e1:8e:93:
6e:f2:76:34:e6:03:37:65:b8:40:b2:bd:81:1e:80:
81:ad:8b:7c:f5:12:f3:38:6e:16:38:ce:9f:53:01:
29:ac:d6:08:cd:84:81:b5:ae:36:21:a4:a4:b2:6e:
19:1f:8f:a1:37:40:b9:0c:26:34:90:78:da:6b:3a:
fb:05:5b:b7:09:e3:3e:1c:dd:06:62:ce:97:2a:ee:
b0:3c:a2:be:c4:20:70:74:b8:05:01:60:dc:a3:23:
7f:43:2e:4d:2d:71:ff:0b:95:59:70:cd:2b:2c:11:
aa:9f:df:7b:23:2e:71:2e:93:a9:0c:0b:84:9c:72:
30:03:a6:79:60:7c:78:76:43:ed:1f:e0:8b:9c:64:
a4:9b:f4:3b:68:0b:d9:d7:c5:cc:22:d4:cc:e6:23:
63:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8F:56:E7:4C:C2:20:D9:07:58:30:7D:F4:2E:2F:DF:C7:9B:19:25
X509v3 Authority Key Identifier:
keyid:CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:74:34:69:1d:13:50:3a:08:50:03:cb:72:42:08:84:43:e6:
d0:ff:45:32:8d:2b:96:b6:b9:b1:56:f5:eb:50:e6:d9:dd:f9:
a7:56:25:36:ba:26:84:61:c9:eb:e5:55:62:cf:c7:e1:0d:22:
ce:3a:1c:18:fd:2d:17:14:25:5a:48:19:7b:72:83:7e:9f:d8:
46:a3:00:cb:fc:0c:95:15:92:05:28:0e:bc:89:04:61:c8:d3:
4c:3f:4c:9d:73:0f:b7:5f:ad:6d:e9:4b:17:28:74:5a:71:7a:
d2:66:63:cb:57:25:a4:53:b7:8d:ea:42:08:71:7e:6d:46:4c:
d3:a8:0a:aa:83:d2:b9:41:80:a2:f1:4e:7e:48:8a:1d:ff:4b:
f3:d6:0e:a0:58:2a:2d:19:42:b6:4a:61:5f:78:58:50:17:43:
7e:34:63:01:fa:95:1c:23:05:e7:bd:64:0a:16:e8:6d:e9:a5:
4b:8a:55:a5:af:99:29:22:a6:48:51:80:c8:0f:39:f4:16:0b:
9e:68:b8:10:c0:49:38:80:01:ab:9a:ee:86:4e:fd:d8:27:86:
01:90:14:88:1f:db:54:65:df:d6:e4:01:79:24:4b:6f:0c:f1:
16:65:96:74:8d:99:b5:3e:89:a2:c9:8a:2c:87:0a:c6:36:8f:
0d:39:16:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+6/5TOIntB6tdjIWFXefYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMDFkZjQ5MzkzNmE2MmUyZWM5YTk4MDVhOGZhMzZiODMz
NWJkNTAwHhcNMjUxMDIwMDAwMTQyWhcNMjUxMDIxMDAwMTQyWjAzMTEwLwYDVQQD
EygyNDhmNTZlNzRjYzIyMGQ5MDc1ODMwN2RmNDJlMmZkZmM3OWIxOTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Y/pMiA5MZ55EvgLmEJZLe3jVDxA
N6+QmD5dfU4nmvXWGM955otqRGIXXhJ1CFZfMFS7Z9+gEeNvUveznQjjYUaRmoJv
no8etNckVthzW7MMnvCkFU8iKz0+NIq3Gw6mzTEJrRfhjpNu8nY05gM3ZbhAsr2B
HoCBrYt89RLzOG4WOM6fUwEprNYIzYSBta42IaSksm4ZH4+hN0C5DCY0kHjaazr7
BVu3CeM+HN0GYs6XKu6wPKK+xCBwdLgFAWDcoyN/Qy5NLXH/C5VZcM0rLBGqn997
Iy5xLpOpDAuEnHIwA6Z5YHx4dkPtH+CLnGSkm/Q7aAvZ18XMItTM5iNj9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCSPVudMwiDZB1gwffQuL9/HmxklMB8GA1UdIwQY
MBaAFMoB30k5NqYuLsmpgFqPo2uDNb1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUt
OTYyNzU4YTNkNWVhLzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUtOTYyNzU4YTNkNWVh
LzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnXQ0aR0T
UDoIUAPLckIIhEPm0P9FMo0rlra5sVb161Dm2d35p1YlNromhGHJ6+VVYs/H4Q0i
zjocGP0tFxQlWkgZe3KDfp/YRqMAy/wMlRWSBSgOvIkEYcjTTD9MnXMPt1+tbelL
Fyh0WnF60mZjy1clpFO3jepCCHF+bUZM06gKqoPSuUGAovFOfkiKHf9L89YOoFgq
LRlCtkphX3hYUBdDfjRjAfqVHCMF571kChbobemlS4pVpa+ZKSKmSFGAyA859BYL
nmi4EMBJOIABq5ruhk792CeGAZAUiB/bVGXf1uQBeSRLbwzxFmWWdI2ZtT6JosmK
LIcKxjaPDTkWCw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:43:06 2025 by rpki-client