Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.mft
File: ySi2NBei54heM4gakkqsnUCqymA.mft (raw, json)
Hash identifier: 3Z38EwemBK4qaMdbIl8OAbrlC04OcFR0szBgokvaWV0=
Subject key identifier: 45:1A:44:24:0E:C0:0C:C1:D0:AA:07:BD:4B:40:A2:A4:2C:D4:65:0C
Authority key identifier: C9:28:B6:34:17:A2:E7:88:5E:33:88:1A:92:4A:AC:9D:40:AA:CA:60
Certificate issuer: /CN=c928b63417a2e7885e33881a924aac9d40aaca60
Certificate serial: 019749D59DE7BD2F6D3C76A5FFF4B79C39A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ySi2NBei54heM4gakkqsnUCqymA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.mft
Manifest number: 03DA
Signing time: Sat 07 Jun 2025 10:00:25 +0000
Manifest this update: Sat 07 Jun 2025 10:00:25 +0000
Manifest next update: Sun 08 Jun 2025 10:00:25 +0000
Files and hashes: 1: 6MMtZ0p0S3UErh0fFksqehnDVrk.roa (hash: aSANX+R++VciglglpvxzYCwuVSwi4gwoCdbTa6Ro3gg=)
2: ySi2NBei54heM4gakkqsnUCqymA.crl (hash: RVb0EUnt1J3qjZCYN4Zph2kwoWprHFD2QXPTGn1sLGQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ySi2NBei54heM4gakkqsnUCqymA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:49:d5:9d:e7:bd:2f:6d:3c:76:a5:ff:f4:b7:9c:39:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c928b63417a2e7885e33881a924aac9d40aaca60
Validity
Not Before: Jun 7 10:00:25 2025 GMT
Not After : Jun 8 10:00:25 2025 GMT
Subject: CN=451a44240ec00cc1d0aa07bd4b40a2a42cd4650c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:23:bc:cc:41:1a:0f:36:e9:7a:ab:82:91:90:
e8:3e:a0:77:6e:0c:b1:c6:0e:8f:5d:d4:0b:6a:f6:
55:ed:92:6e:fb:7d:5d:55:7b:a9:68:e5:93:e9:1a:
29:81:bc:35:52:0d:42:eb:4c:be:d8:46:09:8a:a3:
1d:27:08:09:89:1b:2d:7e:db:fd:64:11:35:23:48:
ed:7b:4c:ee:6b:e2:ff:97:88:f5:4b:79:b7:76:e6:
69:29:89:45:0e:3f:f5:cc:7d:3b:31:f4:da:90:c3:
4a:34:5e:11:c8:13:04:c4:8e:56:ce:fc:2e:d4:3e:
6b:0a:04:bd:18:29:46:0e:e7:b5:db:eb:d5:ec:df:
f0:66:2c:3b:7b:4c:1d:60:b8:97:f4:d8:52:76:07:
50:17:7d:15:32:97:e9:4b:f2:2d:d4:e3:88:0c:97:
ab:19:7c:45:0d:19:25:86:ef:b3:41:b2:cc:e6:24:
91:88:7b:17:08:98:6e:5a:8a:dc:88:2c:fc:6f:7a:
99:55:08:b0:2d:49:54:f3:2f:28:07:d2:29:49:66:
62:76:c9:b8:d9:79:e8:f8:be:f0:4e:51:6e:8b:b4:
a4:c1:c6:ca:d8:f2:79:5d:4b:05:6f:8d:47:48:f2:
54:fb:be:a7:48:6f:5a:b5:93:fc:f7:8c:33:ae:d3:
0c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:1A:44:24:0E:C0:0C:C1:D0:AA:07:BD:4B:40:A2:A4:2C:D4:65:0C
X509v3 Authority Key Identifier:
keyid:C9:28:B6:34:17:A2:E7:88:5E:33:88:1A:92:4A:AC:9D:40:AA:CA:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ySi2NBei54heM4gakkqsnUCqymA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:72:a0:e9:71:cf:98:be:61:97:9b:60:b6:c1:0e:c6:ff:65:
77:22:23:56:fa:a9:77:fa:92:f9:75:1d:c5:19:c2:28:54:3a:
79:48:6b:1f:66:be:64:29:17:cf:b4:21:ba:b6:a7:5c:ca:0c:
50:dc:30:81:df:af:9e:12:d8:86:cd:97:b2:73:9e:56:91:f5:
06:d2:60:8d:16:e3:c2:77:7d:c4:25:0e:dc:e9:20:df:10:89:
4a:24:a9:2c:b4:30:c3:a8:5f:d8:40:b3:cd:1c:4f:8b:d1:c1:
09:15:b3:8f:44:79:fd:8f:d5:15:9a:fe:3e:f5:75:73:7b:58:
ff:d2:31:eb:bc:e3:c2:e1:21:14:31:a6:d8:77:4c:62:44:6c:
ac:08:88:e8:ec:c0:13:9e:87:65:52:23:df:3a:19:2d:ac:df:
59:df:ac:36:2e:74:77:eb:d8:72:ae:e3:62:d9:5c:0b:43:ae:
51:8a:66:66:3f:f8:f8:8e:cc:34:73:fc:e4:f3:6d:1d:b6:c3:
45:d9:ee:98:e1:14:17:84:76:3d:04:b3:44:f2:5a:f1:02:dc:
b7:b0:1c:44:28:47:4b:ae:05:61:ae:06:da:bb:c0:aa:91:cf:
f8:8f:89:87:4d:40:c7:71:fa:27:89:0c:b0:f7:f4:9f:cd:e0:
82:ea:a8:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1Z3nvS9tPHal//S3nDmhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MjhiNjM0MTdhMmU3ODg1ZTMzODgxYTkyNGFhYzlkNDBh
YWNhNjAwHhcNMjUwNjA3MTAwMDI1WhcNMjUwNjA4MTAwMDI1WjAzMTEwLwYDVQQD
Eyg0NTFhNDQyNDBlYzAwY2MxZDBhYTA3YmQ0YjQwYTJhNDJjZDQ2NTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCO8zEEaDzbpequCkZDoPqB3bgyx
xg6PXdQLavZV7ZJu+31dVXupaOWT6Ropgbw1Ug1C60y+2EYJiqMdJwgJiRstftv9
ZBE1I0jte0zua+L/l4j1S3m3duZpKYlFDj/1zH07MfTakMNKNF4RyBMExI5Wzvwu
1D5rCgS9GClGDue12+vV7N/wZiw7e0wdYLiX9NhSdgdQF30VMpfpS/It1OOIDJer
GXxFDRklhu+zQbLM5iSRiHsXCJhuWorciCz8b3qZVQiwLUlU8y8oB9IpSWZidsm4
2Xno+L7wTlFui7SkwcbK2PJ5XUsFb41HSPJU+76nSG9atZP894wzrtMMmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEUaRCQOwAzB0KoHvUtAoqQs1GUMMB8GA1UdIwQY
MBaAFMkotjQXoueIXjOIGpJKrJ1AqspgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVNpMk5CZWk1NGhlTTRnYWtrcXNuVUNxeW1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi85ZDdlNmEtMGVhZS00MzRmLTlhMzUt
OGM5NzE2MWUwNjJmLzEveVNpMk5CZWk1NGhlTTRnYWtrcXNuVUNxeW1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi85ZDdlNmEtMGVhZS00MzRmLTlhMzUtOGM5NzE2MWUwNjJm
LzEveVNpMk5CZWk1NGhlTTRnYWtrcXNuVUNxeW1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASnKg6XHP
mL5hl5tgtsEOxv9ldyIjVvqpd/qS+XUdxRnCKFQ6eUhrH2a+ZCkXz7QhuranXMoM
UNwwgd+vnhLYhs2XsnOeVpH1BtJgjRbjwnd9xCUO3Okg3xCJSiSpLLQww6hf2ECz
zRxPi9HBCRWzj0R5/Y/VFZr+PvV1c3tY/9Ix67zjwuEhFDGm2HdMYkRsrAiI6OzA
E56HZVIj3zoZLazfWd+sNi50d+vYcq7jYtlcC0OuUYpmZj/4+I7MNHP85PNtHbbD
RdnumOEUF4R2PQSzRPJa8QLct7AcRChHS64FYa4G2rvAqpHP+I+Jh01Ax3H6J4kM
sPf0n83gguqopA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 18:10:03 2025 by rpki-client