Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/ee5e47-4e29-4603-b962-0e0046c8a87b/1/yjNIUNrzcSIFIBmSKevekO8osBg.mft
File: yjNIUNrzcSIFIBmSKevekO8osBg.mft (raw, json)
Hash identifier: 03SHJCmfCOuuIj6RShOX9P3qc08il1PCVD6jx8cXD3U=
Subject key identifier: 4F:12:EA:E9:AF:AC:4B:9F:49:5B:0F:95:EA:D5:03:D6:30:C7:2C:63
Authority key identifier: CA:33:48:50:DA:F3:71:22:05:20:19:92:29:EB:DE:90:EF:28:B0:18
Certificate issuer: /CN=ca334850daf371220520199229ebde90ef28b018
Certificate serial: 019922C31F5E2B94755123DF9B3B08B15537
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjNIUNrzcSIFIBmSKevekO8osBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/ee5e47-4e29-4603-b962-0e0046c8a87b/1/yjNIUNrzcSIFIBmSKevekO8osBg.mft
Manifest number: 06EE
Signing time: Sun 07 Sep 2025 06:00:36 +0000
Manifest this update: Sun 07 Sep 2025 06:00:36 +0000
Manifest next update: Mon 08 Sep 2025 06:00:36 +0000
Files and hashes: 1: 6eOqvZGDKFDuA6yXPPPze8WOsrA.roa (hash: ERZvSVqw/o5/S8YL0KRBFbpGBsSfCd4T3Hhjomrg6eY=)
2: yjNIUNrzcSIFIBmSKevekO8osBg.crl (hash: nNlzRml5/ST+bs2QXOprRoMB9Y6DRwbfUacTC+JHNyY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/ee5e47-4e29-4603-b962-0e0046c8a87b/1/yjNIUNrzcSIFIBmSKevekO8osBg.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/ee5e47-4e29-4603-b962-0e0046c8a87b/1/yjNIUNrzcSIFIBmSKevekO8osBg.mft
rsync://rpki.ripe.net/repository/DEFAULT/yjNIUNrzcSIFIBmSKevekO8osBg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c3:1f:5e:2b:94:75:51:23:df:9b:3b:08:b1:55:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca334850daf371220520199229ebde90ef28b018
Validity
Not Before: Sep 7 06:00:36 2025 GMT
Not After : Sep 8 06:00:36 2025 GMT
Subject: CN=4f12eae9afac4b9f495b0f95ead503d630c72c63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e9:e6:79:9b:5d:5b:e9:c9:20:23:98:ff:7f:
21:f4:2b:64:1d:87:60:02:28:36:a5:29:08:4e:05:
e0:4a:95:79:8c:ae:01:b1:03:84:57:dc:d3:f3:72:
97:42:04:11:a9:5e:ce:aa:b7:27:02:3a:84:0f:cf:
9b:c4:21:da:08:ba:80:c7:51:59:b4:b7:4a:7d:f4:
c2:f2:9d:6d:65:57:97:21:1e:e2:52:ae:51:99:37:
76:9c:06:9f:1e:b5:1e:f4:28:5b:8f:b6:b3:f8:88:
ca:bb:19:cf:c0:59:38:43:0d:9d:a4:d7:5c:e0:9a:
bb:11:83:b7:ab:90:ff:b9:e6:03:11:44:a3:5c:87:
72:6a:56:9d:e2:55:fc:53:a6:78:3f:3f:bf:3c:1c:
15:22:1f:a1:c3:16:41:9e:c4:4b:2d:03:b7:02:f2:
3d:74:79:ab:1a:a8:1b:53:51:7f:2f:42:26:df:6e:
d3:ed:6c:31:3d:81:24:7f:6b:db:a0:f8:6e:99:0a:
96:76:30:26:cb:c2:bf:9c:06:2b:48:e1:64:8f:d3:
e3:98:09:21:b6:8b:88:a5:ac:63:54:34:81:17:fb:
e9:6d:68:3d:77:9e:ef:de:6c:f3:3c:02:64:cb:e0:
18:2c:5a:27:cf:d3:df:ef:b4:fe:84:66:92:26:a4:
aa:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:12:EA:E9:AF:AC:4B:9F:49:5B:0F:95:EA:D5:03:D6:30:C7:2C:63
X509v3 Authority Key Identifier:
keyid:CA:33:48:50:DA:F3:71:22:05:20:19:92:29:EB:DE:90:EF:28:B0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjNIUNrzcSIFIBmSKevekO8osBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/ee5e47-4e29-4603-b962-0e0046c8a87b/1/yjNIUNrzcSIFIBmSKevekO8osBg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/ee5e47-4e29-4603-b962-0e0046c8a87b/1/yjNIUNrzcSIFIBmSKevekO8osBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:1d:5f:eb:9a:41:56:17:85:5a:9e:d8:3e:94:25:f7:35:be:
6d:08:50:0e:b1:f3:2f:0b:99:4c:56:85:4f:61:81:39:30:89:
9e:fc:30:5d:bc:5a:16:2c:df:64:ee:4c:05:8c:59:cd:77:39:
eb:05:6a:3c:2f:06:dd:92:f1:73:28:69:39:9a:aa:d0:f0:08:
f4:8e:1a:c7:db:a6:d3:87:4e:b9:28:30:96:88:cc:3a:89:ea:
60:d7:74:88:24:c2:f5:ab:41:55:64:84:12:18:3d:b5:88:58:
31:d4:e5:6c:02:e5:ca:9a:79:40:7f:b4:9b:e4:a6:31:10:f3:
b8:76:0f:29:ed:05:b6:a2:1b:75:d7:87:6f:97:41:81:34:c8:
a7:de:6e:e6:9d:92:44:81:dc:16:48:48:b9:29:02:28:dc:68:
a1:83:e3:16:2b:c9:0d:85:30:e5:48:4f:03:6e:81:47:ce:94:
98:20:6c:cf:ed:5c:6c:50:c2:fb:09:fa:7d:32:e6:06:49:db:
d0:84:11:ef:1a:87:65:8f:e6:78:51:1e:b3:68:56:f2:f0:4f:
bd:01:ab:ab:07:ac:29:62:be:07:30:f7:0a:9d:7e:4e:a1:6c:
8a:e3:d5:98:f7:b5:37:67:2b:ad:48:63:7c:ac:cb:cb:30:8c:
49:eb:9f:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiwx9eK5R1USPfmzsIsVU3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMzM0ODUwZGFmMzcxMjIwNTIwMTk5MjI5ZWJkZTkwZWYy
OGIwMTgwHhcNMjUwOTA3MDYwMDM2WhcNMjUwOTA4MDYwMDM2WjAzMTEwLwYDVQQD
Eyg0ZjEyZWFlOWFmYWM0YjlmNDk1YjBmOTVlYWQ1MDNkNjMwYzcyYzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOnmeZtdW+nJICOY/38h9CtkHYdg
Aig2pSkITgXgSpV5jK4BsQOEV9zT83KXQgQRqV7OqrcnAjqED8+bxCHaCLqAx1FZ
tLdKffTC8p1tZVeXIR7iUq5RmTd2nAafHrUe9Chbj7az+IjKuxnPwFk4Qw2dpNdc
4Jq7EYO3q5D/ueYDEUSjXIdyalad4lX8U6Z4Pz+/PBwVIh+hwxZBnsRLLQO3AvI9
dHmrGqgbU1F/L0Im327T7WwxPYEkf2vboPhumQqWdjAmy8K/nAYrSOFkj9PjmAkh
touIpaxjVDSBF/vpbWg9d57v3mzzPAJky+AYLFonz9Pf77T+hGaSJqSqxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE8S6umvrEufSVsPlerVA9YwxyxjMB8GA1UdIwQY
MBaAFMozSFDa83EiBSAZkinr3pDvKLAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWpOSVVOcnpjU0lGSUJtU0tldmVrTzhvc0JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lZTVlNDctNGUyOS00NjAzLWI5NjIt
MGUwMDQ2YzhhODdiLzEveWpOSVVOcnpjU0lGSUJtU0tldmVrTzhvc0JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lZTVlNDctNGUyOS00NjAzLWI5NjItMGUwMDQ2YzhhODdi
LzEveWpOSVVOcnpjU0lGSUJtU0tldmVrTzhvc0JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARx1f65pB
VheFWp7YPpQl9zW+bQhQDrHzLwuZTFaFT2GBOTCJnvwwXbxaFizfZO5MBYxZzXc5
6wVqPC8G3ZLxcyhpOZqq0PAI9I4ax9um04dOuSgwlojMOonqYNd0iCTC9atBVWSE
Ehg9tYhYMdTlbALlypp5QH+0m+SmMRDzuHYPKe0FtqIbddeHb5dBgTTIp95u5p2S
RIHcFkhIuSkCKNxooYPjFivJDYUw5UhPA26BR86UmCBsz+1cbFDC+wn6fTLmBknb
0IQR7xqHZY/meFEes2hW8vBPvQGrqwesKWK+BzD3Cp1+TqFsiuPVmPe1N2crrUhj
fKzLyzCMSeuf3g==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:05 2025 by rpki-client