Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
File: RyyyiCCZANGvGpmLsDnsdX5JPdU.mft (raw, json)
Hash identifier: /fo+P637Kwwt0zDCSdOutj8Arm9WXnvMZ9B3t0fSPFw=
Subject key identifier: C3:D4:60:24:5A:96:13:F9:ED:4E:E1:A2:8A:4B:6A:31:63:64:3A:B3
Authority key identifier: 47:2C:B2:88:20:99:00:D1:AF:1A:99:8B:B0:39:EC:75:7E:49:3D:D5
Certificate issuer: /CN=472cb288209900d1af1a998bb039ec757e493dd5
Certificate serial: 019922C34EB39373F7051E6BC4361ECB67B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyyyiCCZANGvGpmLsDnsdX5JPdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
Manifest number: 089A
Signing time: Sun 07 Sep 2025 06:00:48 +0000
Manifest this update: Sun 07 Sep 2025 06:00:48 +0000
Manifest next update: Mon 08 Sep 2025 06:00:48 +0000
Files and hashes: 1: RyyyiCCZANGvGpmLsDnsdX5JPdU.crl (hash: uZdysn9QhXVFbYDgD67fCqouzsI/iTEof6PECm7nJx8=)
2: S3dIMaIh62_y7HmBxhlxOM_ScHc.roa (hash: wYfLcBDYpc1piz/XiUHEld94m4pY4RAv7rF1GCt4/I0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
rsync://rpki.ripe.net/repository/DEFAULT/RyyyiCCZANGvGpmLsDnsdX5JPdU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c3:4e:b3:93:73:f7:05:1e:6b:c4:36:1e:cb:67:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=472cb288209900d1af1a998bb039ec757e493dd5
Validity
Not Before: Sep 7 06:00:48 2025 GMT
Not After : Sep 8 06:00:48 2025 GMT
Subject: CN=c3d460245a9613f9ed4ee1a28a4b6a3163643ab3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ab:69:c5:23:dc:a4:41:b5:0f:11:9c:6d:07:
a7:6d:b2:3a:74:b1:b7:a2:f5:8b:9b:f2:56:9c:c4:
6a:5a:61:09:ec:84:21:63:f2:a5:29:86:f0:89:bf:
38:28:68:db:8a:d5:13:66:24:28:ba:f1:ae:32:81:
92:ba:d6:8b:59:b6:9b:47:41:2d:7c:80:0f:0f:63:
5e:c8:f1:da:ad:db:fe:d9:1c:2f:91:5e:d1:18:db:
25:38:0d:b8:63:2a:66:f9:a7:b7:89:07:05:55:74:
19:8d:fc:af:2a:ad:ca:08:fc:c8:01:64:c3:78:50:
d4:8d:9b:71:02:e0:da:4c:be:75:ac:2d:b3:ba:88:
5e:c4:a7:32:b7:0f:4a:d2:f5:2d:a7:c2:fe:06:8a:
01:5c:5b:4a:a5:28:09:49:3b:85:96:5a:1b:e4:01:
54:25:0a:fa:bd:c2:0a:fc:fc:b8:95:e7:a5:5e:eb:
9c:03:0b:a4:71:32:3a:6f:7e:e2:b5:c9:22:64:bc:
c1:34:c3:56:56:9b:13:71:09:24:5a:4c:d5:d9:d1:
44:2d:11:80:68:5e:aa:9d:38:8a:fb:56:7d:84:06:
15:fa:29:4b:6a:c2:a4:be:f4:98:58:7e:be:ed:24:
fc:91:fe:29:2f:fc:76:71:52:67:15:07:cb:ef:62:
dc:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:D4:60:24:5A:96:13:F9:ED:4E:E1:A2:8A:4B:6A:31:63:64:3A:B3
X509v3 Authority Key Identifier:
keyid:47:2C:B2:88:20:99:00:D1:AF:1A:99:8B:B0:39:EC:75:7E:49:3D:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyyyiCCZANGvGpmLsDnsdX5JPdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:03:36:86:40:2d:ab:99:5a:5d:91:0a:ce:e6:31:8e:0c:f5:
c4:75:4c:ba:89:3e:ef:69:71:97:bc:09:18:6e:7c:41:e1:66:
7c:62:6f:59:a1:0e:a0:28:cb:94:c8:46:2a:41:bb:99:cd:de:
20:38:e2:ae:45:63:7c:62:61:19:86:11:10:63:c2:e8:36:29:
a8:86:56:ce:7c:72:93:07:f8:ea:59:4e:ec:bc:90:e9:48:75:
05:3a:1c:0c:5a:60:15:3e:44:aa:b8:72:1a:f1:e1:7c:89:22:
f0:f1:27:31:b1:d0:98:50:01:f1:17:8b:24:ec:59:38:e4:20:
bf:a5:bf:83:2a:67:65:f5:0f:d7:bb:03:bf:66:61:77:2f:11:
d4:b4:14:b2:35:28:49:58:b2:54:f0:e3:7f:30:6e:59:e1:6e:
5d:d6:80:84:5a:29:06:5d:9a:82:5c:ce:ba:7e:d6:55:86:c1:
10:71:7e:67:bb:c5:9c:45:2e:f1:82:7b:20:af:13:5b:7f:20:
0e:41:05:39:66:eb:9a:fc:15:9e:ab:e4:73:43:0f:d0:0f:0a:
ae:1f:fe:82:5c:18:c8:33:26:9d:a7:01:b9:7c:3e:a6:fd:fb:
65:3d:09:24:58:c0:e5:80:69:bc:bb:9c:ab:47:53:40:e5:f6:
d8:cc:c1:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw06zk3P3BR5rxDYey2ewMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MmNiMjg4MjA5OTAwZDFhZjFhOTk4YmIwMzllYzc1N2U0
OTNkZDUwHhcNMjUwOTA3MDYwMDQ4WhcNMjUwOTA4MDYwMDQ4WjAzMTEwLwYDVQQD
EyhjM2Q0NjAyNDVhOTYxM2Y5ZWQ0ZWUxYTI4YTRiNmEzMTYzNjQzYWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqtpxSPcpEG1DxGcbQenbbI6dLG3
ovWLm/JWnMRqWmEJ7IQhY/KlKYbwib84KGjbitUTZiQouvGuMoGSutaLWbabR0Et
fIAPD2NeyPHardv+2RwvkV7RGNslOA24Yypm+ae3iQcFVXQZjfyvKq3KCPzIAWTD
eFDUjZtxAuDaTL51rC2zuohexKcytw9K0vUtp8L+BooBXFtKpSgJSTuFllob5AFU
JQr6vcIK/Py4leelXuucAwukcTI6b37itckiZLzBNMNWVpsTcQkkWkzV2dFELRGA
aF6qnTiK+1Z9hAYV+ilLasKkvvSYWH6+7ST8kf4pL/x2cVJnFQfL72LcKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMPUYCRalhP57U7hoopLajFjZDqzMB8GA1UdIwQY
MBaAFEcssoggmQDRrxqZi7A57HV+ST3VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnl5eWlDQ1pBTkd2R3BtTHNEbnNkWDVKUGRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9mOWI2YjktYjc4Ny00ZTI4LWIwYmYt
YWE5MDJkYmFlOTI4LzEvUnl5eWlDQ1pBTkd2R3BtTHNEbnNkWDVKUGRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9mOWI2YjktYjc4Ny00ZTI4LWIwYmYtYWE5MDJkYmFlOTI4
LzEvUnl5eWlDQ1pBTkd2R3BtTHNEbnNkWDVKUGRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVQM2hkAt
q5laXZEKzuYxjgz1xHVMuok+72lxl7wJGG58QeFmfGJvWaEOoCjLlMhGKkG7mc3e
IDjirkVjfGJhGYYREGPC6DYpqIZWznxykwf46llO7LyQ6Uh1BTocDFpgFT5Eqrhy
GvHhfIki8PEnMbHQmFAB8ReLJOxZOOQgv6W/gypnZfUP17sDv2Zhdy8R1LQUsjUo
SViyVPDjfzBuWeFuXdaAhFopBl2aglzOun7WVYbBEHF+Z7vFnEUu8YJ7IK8TW38g
DkEFOWbrmvwVnqvkc0MP0A8Krh/+glwYyDMmnacBuXw+pv37ZT0JJFjA5YBpvLuc
q0dTQOX22MzBEg==
-----END CERTIFICATE-----
Generated at Sun Sep 7 09:59:46 2025 by rpki-client