Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
File: yalITKcIq3cesduQuvyKEUwsPXk.mft (raw, json)
Hash identifier: lLaqlNMu4cS+uaMauamJbcRABusGMzNXagKV0yAKQ/s=
Subject key identifier: 3E:94:CF:14:9E:A0:E8:E9:8D:99:B4:AE:66:44:5D:53:F7:6C:A7:10
Authority key identifier: C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
Certificate issuer: /CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Certificate serial: 0197470BBDB0B622F453E3B39FAF94274777
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
Manifest number: 157C
Signing time: Fri 06 Jun 2025 21:00:41 +0000
Manifest this update: Fri 06 Jun 2025 21:00:41 +0000
Manifest next update: Sat 07 Jun 2025 21:00:41 +0000
Files and hashes: 1: __KLjvjgMO1LuKrx6zZXZJBcRtk.roa (hash: kZSjdOtgx956Q9WcOxsnl5QBMbkPJAPdg2gED1ZbQy4=)
2: xmOvbRNpbfTNvGRi0NGmoChwF8k.roa (hash: 7oU4y3FJaTZ6zlZMUwxbLqzJR9lqEVzJSwfHVW5xI4s=)
3: yalITKcIq3cesduQuvyKEUwsPXk.crl (hash: XhT2+petySgC9+IXM4/BZXaNj6DQ0tH3iK9s5E87z8Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 21:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:47:0b:bd:b0:b6:22:f4:53:e3:b3:9f:af:94:27:47:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Validity
Not Before: Jun 6 21:00:41 2025 GMT
Not After : Jun 7 21:00:41 2025 GMT
Subject: CN=3e94cf149ea0e8e98d99b4ae66445d53f76ca710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:86:6e:2d:50:3b:f1:85:f6:93:27:7e:20:2e:
1e:ca:f2:09:79:95:88:b3:88:0c:10:fb:be:a3:ac:
23:ce:39:11:25:2b:dd:a8:f1:67:ae:e2:92:59:47:
77:f5:40:a9:83:d0:49:bd:3e:e2:af:c9:7e:21:d1:
8e:db:a8:e1:ec:fa:7e:ae:49:2e:35:5b:02:23:36:
d8:59:6d:df:b0:a0:4d:21:76:fa:dd:41:c4:70:da:
9a:7d:e5:3f:73:c1:99:cc:c3:61:69:f8:77:1d:f2:
3b:12:7b:00:3a:49:c7:4d:c5:c1:83:f0:bd:c0:58:
ef:ea:30:61:22:e3:58:2f:3b:c4:52:18:31:7f:1a:
40:ee:fb:2d:34:04:c7:4d:c4:4b:74:e6:65:5b:84:
90:e8:f1:c6:b9:43:40:f1:ca:66:9e:a2:9f:82:8f:
a5:cb:e5:61:42:cb:95:42:18:69:f9:2e:bf:7e:4a:
a9:a0:6d:9b:e8:da:33:5c:a7:b2:53:05:84:6a:d2:
4c:fb:4e:82:e8:e6:1e:71:6c:dc:e3:d1:7d:fa:8d:
fb:ad:00:21:58:8a:89:50:7f:f4:58:db:0b:04:69:
50:76:bb:d2:82:da:c8:83:08:51:0e:2b:95:24:ce:
21:c1:e5:ba:e1:3b:5d:4a:90:b3:8e:7f:cb:69:0d:
95:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:94:CF:14:9E:A0:E8:E9:8D:99:B4:AE:66:44:5D:53:F7:6C:A7:10
X509v3 Authority Key Identifier:
keyid:C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:2a:ce:4f:13:b5:04:6b:b8:67:0d:6d:f0:25:d9:61:aa:10:
fb:e1:83:5f:d2:4b:52:a9:9c:01:65:7d:13:6e:cc:90:cc:33:
70:1d:fb:28:b7:76:ef:85:7e:16:0d:9f:6e:6a:04:cd:5f:7a:
bc:57:8d:7e:fd:ab:c7:60:cf:5e:f3:61:24:c7:81:30:5c:8d:
05:38:a2:dd:48:7f:08:3f:90:f6:ba:3f:7e:cf:ce:f0:4e:a8:
c5:25:5a:8e:49:22:7b:30:8f:a8:a3:a6:69:f0:72:55:f5:90:
35:cb:07:d4:ad:b3:30:75:24:76:f9:a1:c3:dc:59:ed:8c:b9:
6f:39:06:13:f4:1d:b3:25:63:36:e7:2e:93:61:30:ab:ea:72:
7e:cd:fe:a2:a7:9b:d7:b7:b8:df:46:48:60:8f:4c:8d:4a:6d:
97:87:e9:5c:70:41:17:d8:50:eb:e3:fe:0e:3f:22:bf:aa:66:
85:e5:81:4e:eb:fe:e6:93:e7:89:35:1f:72:1c:6f:c6:ed:ae:
c8:a1:d1:48:c4:19:33:ff:ef:ab:1a:6c:9d:96:b9:01:44:d2:
8e:57:37:9d:37:e8:68:4d:2b:ee:b2:b0:60:c6:a1:29:d6:26:
89:95:13:41:ff:93:82:84:c1:c4:23:4e:f8:c9:86:9d:c9:ad:
c4:e3:d0:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHC72wtiL0U+Ozn6+UJ0d3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YTk0ODRjYTcwOGFiNzcxZWIxZGI5MGJhZmM4YTExNGMy
YzNkNzkwHhcNMjUwNjA2MjEwMDQxWhcNMjUwNjA3MjEwMDQxWjAzMTEwLwYDVQQD
EygzZTk0Y2YxNDllYTBlOGU5OGQ5OWI0YWU2NjQ0NWQ1M2Y3NmNhNzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIZuLVA78YX2kyd+IC4eyvIJeZWI
s4gMEPu+o6wjzjkRJSvdqPFnruKSWUd39UCpg9BJvT7ir8l+IdGO26jh7Pp+rkku
NVsCIzbYWW3fsKBNIXb63UHEcNqafeU/c8GZzMNhafh3HfI7EnsAOknHTcXBg/C9
wFjv6jBhIuNYLzvEUhgxfxpA7vstNATHTcRLdOZlW4SQ6PHGuUNA8cpmnqKfgo+l
y+VhQsuVQhhp+S6/fkqpoG2b6NozXKeyUwWEatJM+06C6OYecWzc49F9+o37rQAh
WIqJUH/0WNsLBGlQdrvSgtrIgwhRDiuVJM4hweW64TtdSpCzjn/LaQ2VpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD6UzxSeoOjpjZm0rmZEXVP3bKcQMB8GA1UdIwQY
MBaAFMmpSEynCKt3HrHbkLr8ihFMLD15MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAt
ZDA1MTdkYjI2ZGFkLzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAtZDA1MTdkYjI2ZGFk
LzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkCrOTxO1
BGu4Zw1t8CXZYaoQ++GDX9JLUqmcAWV9E27MkMwzcB37KLd274V+Fg2fbmoEzV96
vFeNfv2rx2DPXvNhJMeBMFyNBTii3Uh/CD+Q9ro/fs/O8E6oxSVajkkiezCPqKOm
afByVfWQNcsH1K2zMHUkdvmhw9xZ7Yy5bzkGE/QdsyVjNucuk2Ewq+pyfs3+oqeb
17e430ZIYI9MjUptl4fpXHBBF9hQ6+P+Dj8iv6pmheWBTuv+5pPniTUfchxvxu2u
yKHRSMQZM//vqxpsnZa5AUTSjlc3nTfoaE0r7rKwYMahKdYmiZUTQf+TgoTBxCNO
+MmGncmtxOPQpA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:44:48 2025 by rpki-client