Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
File: y78j_5hnaDYlSUYv4JLGMV6sykA.mft (raw, json)
Hash identifier: NuunZy52hMNJ4k6AI4+oKzyV5gM9l54FiKU24H6OPYM=
Subject key identifier: 5B:D0:9F:09:89:22:9C:A9:6B:73:7D:0E:AD:2A:E2:BE:0D:53:B7:00
Authority key identifier: CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40
Certificate issuer: /CN=cbbf23ff986768362549462fe092c6315eacca40
Certificate serial: 01975D5CC381FAC707A130BDD52F69604E5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
Manifest number: 1586
Signing time: Wed 11 Jun 2025 05:00:49 +0000
Manifest this update: Wed 11 Jun 2025 05:00:49 +0000
Manifest next update: Thu 12 Jun 2025 05:00:49 +0000
Files and hashes: 1: a0gi81K4PU-mZZPSh82aNeLjsVI.roa (hash: Id1bqvDurbpWKdNvf29qBzclAu3m5HKcR5Kg3lRHGKE=)
2: y78j_5hnaDYlSUYv4JLGMV6sykA.crl (hash: CrJvMN4BIRZqT300ck6vokE6JsKbXP+Dvv2WSLaABhU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Jun 2025 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:5c:c3:81:fa:c7:07:a1:30:bd:d5:2f:69:60:4e:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbbf23ff986768362549462fe092c6315eacca40
Validity
Not Before: Jun 11 05:00:49 2025 GMT
Not After : Jun 12 05:00:49 2025 GMT
Subject: CN=5bd09f0989229ca96b737d0ead2ae2be0d53b700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0f:a2:ff:b5:ba:c4:d1:c1:7f:3a:9e:12:8b:
31:c3:6a:1f:e7:db:f2:cf:5d:43:3d:d7:6d:3f:77:
6a:20:66:87:2e:a4:cc:08:15:74:73:58:87:83:20:
64:ca:d3:ed:96:ba:ed:e2:e7:e0:99:d8:dc:d2:7e:
02:4f:e3:55:dd:79:0b:41:b3:ef:f3:1d:47:69:d5:
d7:86:82:c5:4a:63:64:96:95:a3:5a:15:0b:11:f5:
a6:90:8a:64:5f:89:e0:ae:3a:4c:6c:32:70:c3:dc:
45:6c:d7:62:e5:6c:92:40:54:e9:42:29:0a:02:65:
4b:9a:0d:5c:92:e7:ea:05:5e:a3:d3:0a:e1:d0:b9:
90:00:dd:08:0b:a2:ea:03:df:84:19:5d:66:47:da:
d7:69:b6:3e:f0:fb:78:40:7a:cb:1a:49:2a:5a:d9:
82:cb:ef:c6:7f:bc:9d:27:ec:e7:97:46:2e:f4:1b:
ef:b5:6c:f2:42:3e:ca:54:42:5a:8a:2c:04:c8:f6:
28:c2:66:b1:ce:cc:2c:a2:05:02:5e:31:a0:cc:f8:
83:3b:33:8b:00:f3:b5:ed:00:2d:a1:b1:b7:9b:22:
65:3a:7c:44:3e:68:7d:1f:36:d3:79:25:a5:59:2a:
8e:b2:84:e8:99:1b:fb:6c:56:3c:2f:f1:75:6d:30:
29:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:D0:9F:09:89:22:9C:A9:6B:73:7D:0E:AD:2A:E2:BE:0D:53:B7:00
X509v3 Authority Key Identifier:
keyid:CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:cb:86:0e:86:6f:85:87:d9:29:d2:91:b6:2c:e7:1c:d3:b3:
2f:f7:ce:e9:da:50:8b:20:b8:20:c1:33:13:4d:ec:02:24:b6:
0b:2b:4b:f8:3e:5a:e6:36:a4:67:d2:29:61:21:ab:9e:d0:55:
1e:14:6f:74:bd:ae:fa:a0:f9:51:de:33:89:cf:51:58:ef:b9:
8d:d1:a7:1e:7b:18:4a:59:5e:19:5f:f5:90:81:d4:3f:ab:4d:
9d:0b:31:1b:e3:89:77:80:25:cc:98:35:d8:c0:96:b2:3f:96:
13:c4:a1:5a:f4:d9:dd:26:a9:9c:c2:6d:97:d4:ee:91:31:d1:
75:ee:df:d2:0e:3f:8c:51:d5:1b:f8:22:1d:0e:4a:8f:7b:0c:
15:23:f3:74:28:17:cd:f7:02:27:7f:d4:6b:76:31:b4:c0:18:
d5:5a:17:b0:02:12:25:83:d1:73:75:0c:f0:f0:09:84:8b:6b:
52:3d:be:e9:0d:30:21:fb:dc:ae:a3:1e:01:45:18:95:a5:4f:
bf:3c:8c:9e:83:7e:7a:a5:b8:42:d3:55:ad:fe:6e:75:44:7e:
7f:fe:f7:93:60:cd:63:b5:e8:d2:20:da:6e:6f:5d:91:9b:3b:
6c:81:2e:ca:6d:b5:f4:7d:c2:16:8e:5a:e4:4a:31:c4:8f:e5:
03:3b:d4:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddXMOB+scHoTC91S9pYE5dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYmYyM2ZmOTg2NzY4MzYyNTQ5NDYyZmUwOTJjNjMxNWVh
Y2NhNDAwHhcNMjUwNjExMDUwMDQ5WhcNMjUwNjEyMDUwMDQ5WjAzMTEwLwYDVQQD
Eyg1YmQwOWYwOTg5MjI5Y2E5NmI3MzdkMGVhZDJhZTJiZTBkNTNiNzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQ+i/7W6xNHBfzqeEosxw2of59vy
z11DPddtP3dqIGaHLqTMCBV0c1iHgyBkytPtlrrt4ufgmdjc0n4CT+NV3XkLQbPv
8x1HadXXhoLFSmNklpWjWhULEfWmkIpkX4ngrjpMbDJww9xFbNdi5WySQFTpQikK
AmVLmg1ckufqBV6j0wrh0LmQAN0IC6LqA9+EGV1mR9rXabY+8Pt4QHrLGkkqWtmC
y+/Gf7ydJ+znl0Yu9BvvtWzyQj7KVEJaiiwEyPYowmaxzswsogUCXjGgzPiDOzOL
APO17QAtobG3myJlOnxEPmh9HzbTeSWlWSqOsoTomRv7bFY8L/F1bTApZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvQnwmJIpypa3N9Dq0q4r4NU7cAMB8GA1UdIwQY
MBaAFMu/I/+YZ2g2JUlGL+CSxjFerMpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjct
ODU0MTgyZjA5ZWY1LzEveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjctODU0MTgyZjA5ZWY1
LzEveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZcuGDoZv
hYfZKdKRtiznHNOzL/fO6dpQiyC4IMEzE03sAiS2CytL+D5a5jakZ9IpYSGrntBV
HhRvdL2u+qD5Ud4zic9RWO+5jdGnHnsYSlleGV/1kIHUP6tNnQsxG+OJd4AlzJg1
2MCWsj+WE8ShWvTZ3SapnMJtl9TukTHRde7f0g4/jFHVG/giHQ5Kj3sMFSPzdCgX
zfcCJ3/Ua3YxtMAY1VoXsAISJYPRc3UM8PAJhItrUj2+6Q0wIfvcrqMeAUUYlaVP
vzyMnoN+eqW4QtNVrf5udUR+f/73k2DNY7Xo0iDabm9dkZs7bIEuym219H3CFo5a
5EoxxI/lAzvUTA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 12:59:24 2025 by rpki-client