Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
File: RyyyiCCZANGvGpmLsDnsdX5JPdU.mft (raw, json)
Hash identifier: uXMzW4oS/KXpHzRCOp5kgs1Oyqru/1lkD6wK7Xmn8TY=
Subject key identifier: F9:E4:4B:A4:50:CA:EB:4E:7E:72:15:49:C3:AA:CA:80:63:28:5E:EB
Authority key identifier: 47:2C:B2:88:20:99:00:D1:AF:1A:99:8B:B0:39:EC:75:7E:49:3D:D5
Certificate issuer: /CN=472cb288209900d1af1a998bb039ec757e493dd5
Certificate serial: 01965838C40EA4C2B9FC6E75BF7823866B20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyyyiCCZANGvGpmLsDnsdX5JPdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
Manifest number: 0728
Signing time: Mon 21 Apr 2025 12:00:37 +0000
Manifest this update: Mon 21 Apr 2025 12:00:37 +0000
Manifest next update: Tue 22 Apr 2025 12:00:37 +0000
Files and hashes: 1: RyyyiCCZANGvGpmLsDnsdX5JPdU.crl (hash: s+mDmbUQ6ANS/ymhPFWty9zFb5TRRNH6DNvJ+mhx71Q=)
2: S3dIMaIh62_y7HmBxhlxOM_ScHc.roa (hash: wYfLcBDYpc1piz/XiUHEld94m4pY4RAv7rF1GCt4/I0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
rsync://rpki.ripe.net/repository/DEFAULT/RyyyiCCZANGvGpmLsDnsdX5JPdU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 12:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:58:38:c4:0e:a4:c2:b9:fc:6e:75:bf:78:23:86:6b:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=472cb288209900d1af1a998bb039ec757e493dd5
Validity
Not Before: Apr 21 12:00:37 2025 GMT
Not After : Apr 22 12:00:37 2025 GMT
Subject: CN=f9e44ba450caeb4e7e721549c3aaca8063285eeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e4:db:63:1d:9a:75:aa:34:2e:49:90:30:68:
1e:df:c9:6a:df:65:3c:5a:ba:a0:df:19:b4:80:c6:
71:6d:98:c0:b1:a7:19:5a:b3:e1:7a:d5:71:62:9a:
1b:40:dc:2c:76:f5:dc:34:a3:1c:e0:a6:0f:ba:93:
dc:05:cd:e1:b2:cc:f0:33:53:37:f4:4e:e3:b2:fa:
9a:0a:4d:88:a4:53:bc:8e:a7:88:90:68:da:bd:03:
1b:68:9a:bb:b2:2f:d0:1c:90:da:f5:9e:ef:67:69:
c8:68:d2:56:6a:c6:8d:c3:74:d1:e2:36:d4:a7:cb:
47:e9:18:a7:f0:b4:be:d4:f9:89:5c:25:04:fb:87:
d1:67:b7:c6:d2:b4:0a:8a:b2:16:61:f3:20:ab:3a:
e1:b6:d1:ae:ad:49:fb:19:59:85:21:28:45:59:fb:
b6:bc:50:11:5b:5b:ea:7d:c2:54:75:87:6c:bf:19:
26:f3:07:02:73:43:30:39:8b:61:71:a9:f4:a8:8c:
7f:40:bf:d1:4d:1d:83:27:ac:f5:e1:ad:00:97:8c:
a1:cc:d8:48:67:61:10:86:f2:72:7e:ee:b1:c2:c6:
c3:41:78:b6:50:f4:7b:83:fd:10:51:6b:bc:28:a8:
9c:d6:42:22:7e:54:a9:b6:59:27:01:50:87:60:db:
1d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:E4:4B:A4:50:CA:EB:4E:7E:72:15:49:C3:AA:CA:80:63:28:5E:EB
X509v3 Authority Key Identifier:
keyid:47:2C:B2:88:20:99:00:D1:AF:1A:99:8B:B0:39:EC:75:7E:49:3D:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyyyiCCZANGvGpmLsDnsdX5JPdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:0c:d8:5b:a5:3a:35:a1:19:c3:1b:c2:91:76:f5:b3:50:ba:
37:a1:25:4b:e0:49:82:87:f8:87:62:40:9b:fa:82:f9:04:d3:
50:a8:87:66:d0:73:a6:19:85:c5:54:87:b2:75:b7:79:23:de:
b4:1f:25:b3:5f:4a:f7:1a:17:68:ae:05:43:a3:8b:96:99:21:
b2:8e:d4:24:3b:20:e2:2b:09:72:c0:b5:07:00:6b:50:54:64:
b2:dd:97:ae:d5:19:e2:2f:09:f9:68:bd:e5:de:e1:d4:fd:3b:
52:c5:74:bb:58:f6:8f:c7:88:36:a6:1a:8d:5b:95:03:56:c8:
d4:ec:d6:cb:1d:aa:e8:d8:5a:c5:80:a4:bc:fd:86:67:5c:14:
2b:e8:40:9e:05:ce:3a:c7:77:c2:4f:bc:bf:01:33:fd:53:d4:
59:4e:8e:42:0b:e0:cf:91:f4:98:b9:18:23:c2:f5:f3:2c:2f:
4c:9a:cc:f1:cd:a5:27:7d:68:26:13:55:0a:44:22:05:2b:02:
c1:ce:8d:b5:a1:be:ea:55:6b:86:31:1c:f3:50:84:87:1f:2c:
94:a8:f2:1a:1e:d9:b7:9b:b0:6d:35:57:ea:c3:fc:8a:76:44:
1c:28:62:40:98:7d:84:19:bd:ea:f2:31:02:b6:6f:55:c8:b8:
f4:48:37:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZYOMQOpMK5/G51v3gjhmsgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MmNiMjg4MjA5OTAwZDFhZjFhOTk4YmIwMzllYzc1N2U0
OTNkZDUwHhcNMjUwNDIxMTIwMDM3WhcNMjUwNDIyMTIwMDM3WjAzMTEwLwYDVQQD
EyhmOWU0NGJhNDUwY2FlYjRlN2U3MjE1NDljM2FhY2E4MDYzMjg1ZWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+TbYx2adao0LkmQMGge38lq32U8
Wrqg3xm0gMZxbZjAsacZWrPhetVxYpobQNwsdvXcNKMc4KYPupPcBc3hsszwM1M3
9E7jsvqaCk2IpFO8jqeIkGjavQMbaJq7si/QHJDa9Z7vZ2nIaNJWasaNw3TR4jbU
p8tH6Rin8LS+1PmJXCUE+4fRZ7fG0rQKirIWYfMgqzrhttGurUn7GVmFIShFWfu2
vFARW1vqfcJUdYdsvxkm8wcCc0MwOYthcan0qIx/QL/RTR2DJ6z14a0Al4yhzNhI
Z2EQhvJyfu6xwsbDQXi2UPR7g/0QUWu8KKic1kIiflSptlknAVCHYNsd1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPnkS6RQyutOfnIVScOqyoBjKF7rMB8GA1UdIwQY
MBaAFEcssoggmQDRrxqZi7A57HV+ST3VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnl5eWlDQ1pBTkd2R3BtTHNEbnNkWDVKUGRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9mOWI2YjktYjc4Ny00ZTI4LWIwYmYt
YWE5MDJkYmFlOTI4LzEvUnl5eWlDQ1pBTkd2R3BtTHNEbnNkWDVKUGRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9mOWI2YjktYjc4Ny00ZTI4LWIwYmYtYWE5MDJkYmFlOTI4
LzEvUnl5eWlDQ1pBTkd2R3BtTHNEbnNkWDVKUGRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALwzYW6U6
NaEZwxvCkXb1s1C6N6ElS+BJgof4h2JAm/qC+QTTUKiHZtBzphmFxVSHsnW3eSPe
tB8ls19K9xoXaK4FQ6OLlpkhso7UJDsg4isJcsC1BwBrUFRkst2XrtUZ4i8J+Wi9
5d7h1P07UsV0u1j2j8eINqYajVuVA1bI1OzWyx2q6NhaxYCkvP2GZ1wUK+hAngXO
Osd3wk+8vwEz/VPUWU6OQgvgz5H0mLkYI8L18ywvTJrM8c2lJ31oJhNVCkQiBSsC
wc6NtaG+6lVrhjEc81CEhx8slKjyGh7Zt5uwbTVX6sP8inZEHChiQJh9hBm96vIx
ArZvVci49Eg3ZQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:23:23 2025 by rpki-client