Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.mft
File: ySi2NBei54heM4gakkqsnUCqymA.mft (raw, json)
Hash identifier: oiXtY3FrVCgu1WBM7r8bdSWHOD6FogOh5v4XWYt0xXs=
Subject key identifier: E2:F5:8A:6B:01:F7:7D:03:B0:23:0F:D6:3A:60:6E:39:F8:8E:59:C5
Authority key identifier: C9:28:B6:34:17:A2:E7:88:5E:33:88:1A:92:4A:AC:9D:40:AA:CA:60
Certificate issuer: /CN=c928b63417a2e7885e33881a924aac9d40aaca60
Certificate serial: 019656813F57C9906C561143985A93CC53C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ySi2NBei54heM4gakkqsnUCqymA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.mft
Manifest number: 035C
Signing time: Mon 21 Apr 2025 04:00:33 +0000
Manifest this update: Mon 21 Apr 2025 04:00:33 +0000
Manifest next update: Tue 22 Apr 2025 04:00:33 +0000
Files and hashes: 1: 6MMtZ0p0S3UErh0fFksqehnDVrk.roa (hash: aSANX+R++VciglglpvxzYCwuVSwi4gwoCdbTa6Ro3gg=)
2: ySi2NBei54heM4gakkqsnUCqymA.crl (hash: Jv0F8qDslVHKW3FkcqknD0xfhc8P11IULP7Y98RgZZ8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ySi2NBei54heM4gakkqsnUCqymA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:56:81:3f:57:c9:90:6c:56:11:43:98:5a:93:cc:53:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c928b63417a2e7885e33881a924aac9d40aaca60
Validity
Not Before: Apr 21 04:00:33 2025 GMT
Not After : Apr 22 04:00:33 2025 GMT
Subject: CN=e2f58a6b01f77d03b0230fd63a606e39f88e59c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a7:de:dd:6e:52:a1:7c:ee:bd:66:86:f9:59:
11:a6:2d:ca:72:5c:5e:03:a1:74:d8:2e:74:02:bc:
79:88:27:96:56:63:02:ff:dd:3c:93:5f:10:0e:c7:
50:c8:e4:1a:02:28:e6:a9:a0:73:01:e7:31:d5:d3:
3e:e2:07:7c:bc:f3:44:51:99:13:b7:30:f0:66:53:
79:c8:a3:2c:6e:34:19:5c:e5:b0:08:53:ef:32:ab:
d8:09:63:b2:15:84:c0:10:bd:62:0d:17:b2:05:93:
3e:ae:4f:c0:72:7b:38:c0:ce:cd:f5:76:f8:98:92:
ba:42:10:05:f7:73:f4:a9:9f:42:7f:0e:6a:c7:d8:
e7:1c:04:83:0b:54:44:27:75:c1:50:8e:67:0d:4a:
96:66:dc:01:09:86:e2:b9:02:c6:16:03:20:c2:24:
8b:62:c0:74:7b:e5:6d:65:f6:85:63:cc:f1:34:21:
8b:df:2a:32:3c:9b:f1:f0:ae:15:27:33:72:b3:7a:
4a:8b:6e:10:6e:f7:f2:d7:6a:1f:7e:54:af:50:ef:
32:9d:95:00:7d:2c:41:0c:5b:48:48:55:1e:d4:6e:
61:c4:0c:fc:b7:cc:ac:80:0f:2f:10:33:a4:78:ac:
99:33:8f:95:ea:96:a2:48:b3:a9:db:ad:9b:4e:24:
27:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:F5:8A:6B:01:F7:7D:03:B0:23:0F:D6:3A:60:6E:39:F8:8E:59:C5
X509v3 Authority Key Identifier:
keyid:C9:28:B6:34:17:A2:E7:88:5E:33:88:1A:92:4A:AC:9D:40:AA:CA:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ySi2NBei54heM4gakkqsnUCqymA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d0:02:3a:ac:5c:64:87:bc:d9:62:a7:a1:a5:a4:df:f0:30:b3:
a9:b3:40:d9:e9:5a:08:d3:fd:76:04:e6:d9:e2:7d:2a:02:2b:
2c:5d:a4:d7:74:36:9f:33:1d:2a:c5:fb:14:00:02:79:6a:54:
a0:e6:a4:c9:8b:36:e0:b8:44:dc:a6:c0:a1:7e:f2:a2:86:5e:
fd:ed:d1:d9:6f:3a:16:9c:54:66:a2:00:bc:e5:ee:15:70:91:
b0:36:f3:63:31:66:4d:c5:6c:a5:7c:e3:f8:a4:78:80:f5:8d:
3a:c8:2c:be:3f:88:15:93:e5:1f:8d:e0:ff:4d:9e:43:6f:a7:
d5:c5:9f:1f:d1:50:f2:28:69:76:a6:67:1c:83:b4:a0:b5:cf:
a0:a1:02:ce:f8:d5:71:04:db:ce:83:2e:7b:9d:e4:79:19:4a:
a9:1f:e7:0e:34:41:61:5e:d4:44:55:24:11:b5:33:65:27:1a:
39:00:2a:ea:ba:10:8d:e4:47:d4:56:aa:62:a3:71:a2:ce:24:
93:3c:36:d7:34:63:d0:b0:b1:80:75:5b:f3:7a:a6:5e:0e:01:
1e:01:64:ff:df:44:25:49:44:b3:70:e4:bf:98:8d:d7:31:23:
99:7d:6b:14:bf:a2:b3:31:25:4b:43:ca:c4:a8:f1:b5:db:3e:
8b:e0:3f:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWgT9XyZBsVhFDmFqTzFPBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MjhiNjM0MTdhMmU3ODg1ZTMzODgxYTkyNGFhYzlkNDBh
YWNhNjAwHhcNMjUwNDIxMDQwMDMzWhcNMjUwNDIyMDQwMDMzWjAzMTEwLwYDVQQD
EyhlMmY1OGE2YjAxZjc3ZDAzYjAyMzBmZDYzYTYwNmUzOWY4OGU1OWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwafe3W5SoXzuvWaG+VkRpi3Kclxe
A6F02C50Arx5iCeWVmMC/908k18QDsdQyOQaAijmqaBzAecx1dM+4gd8vPNEUZkT
tzDwZlN5yKMsbjQZXOWwCFPvMqvYCWOyFYTAEL1iDReyBZM+rk/Acns4wM7N9Xb4
mJK6QhAF93P0qZ9Cfw5qx9jnHASDC1REJ3XBUI5nDUqWZtwBCYbiuQLGFgMgwiSL
YsB0e+VtZfaFY8zxNCGL3yoyPJvx8K4VJzNys3pKi24Qbvfy12offlSvUO8ynZUA
fSxBDFtISFUe1G5hxAz8t8ysgA8vEDOkeKyZM4+V6paiSLOp262bTiQn+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOL1imsB930DsCMP1jpgbjn4jlnFMB8GA1UdIwQY
MBaAFMkotjQXoueIXjOIGpJKrJ1AqspgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVNpMk5CZWk1NGhlTTRnYWtrcXNuVUNxeW1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi85ZDdlNmEtMGVhZS00MzRmLTlhMzUt
OGM5NzE2MWUwNjJmLzEveVNpMk5CZWk1NGhlTTRnYWtrcXNuVUNxeW1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi85ZDdlNmEtMGVhZS00MzRmLTlhMzUtOGM5NzE2MWUwNjJm
LzEveVNpMk5CZWk1NGhlTTRnYWtrcXNuVUNxeW1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0AI6rFxk
h7zZYqehpaTf8DCzqbNA2elaCNP9dgTm2eJ9KgIrLF2k13Q2nzMdKsX7FAACeWpU
oOakyYs24LhE3KbAoX7yooZe/e3R2W86FpxUZqIAvOXuFXCRsDbzYzFmTcVspXzj
+KR4gPWNOsgsvj+IFZPlH43g/02eQ2+n1cWfH9FQ8ihpdqZnHIO0oLXPoKECzvjV
cQTbzoMue53keRlKqR/nDjRBYV7URFUkEbUzZScaOQAq6roQjeRH1FaqYqNxos4k
kzw21zRj0LCxgHVb83qmXg4BHgFk/99EJUlEs3Dkv5iN1zEjmX1rFL+iszElS0PK
xKjxtds+i+A/wA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:59:45 2025 by rpki-client