Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft
File: yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft (raw, json)
Hash identifier: h2nztHdkmjJSS9FYuRzp52NFDk9QUV/KJrHvM5SctX8=
Subject key identifier: 21:9C:52:97:22:65:EA:FD:F4:98:D5:52:D2:B0:E7:EE:42:69:A4:47
Authority key identifier: CA:23:1A:43:62:BC:1E:C0:FD:B4:34:99:01:B6:1C:CF:9D:67:9D:65
Certificate issuer: /CN=ca231a4362bc1ec0fdb4349901b61ccf9d679d65
Certificate serial: 019923A0F0CD3DDAA6871BE5859F31400218
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yiMaQ2K8HsD9tDSZAbYcz51nnWU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft
Manifest number: 03F7
Signing time: Sun 07 Sep 2025 10:02:53 +0000
Manifest this update: Sun 07 Sep 2025 10:02:53 +0000
Manifest next update: Mon 08 Sep 2025 10:02:53 +0000
Files and hashes: 1: eVWj75QB5-NY5cip7EaAMqsD3_Q.roa (hash: R8SYABsszbTf/c1Z91aXqCMR7hgNS09va3LcQa+6Zyg=)
2: yiMaQ2K8HsD9tDSZAbYcz51nnWU.crl (hash: MlPID+5bUPuI/73tuQa9Ut93rvvNJ1sDUXCrLsOJ7C4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yiMaQ2K8HsD9tDSZAbYcz51nnWU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:a0:f0:cd:3d:da:a6:87:1b:e5:85:9f:31:40:02:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca231a4362bc1ec0fdb4349901b61ccf9d679d65
Validity
Not Before: Sep 7 10:02:53 2025 GMT
Not After : Sep 8 10:02:53 2025 GMT
Subject: CN=219c52972265eafdf498d552d2b0e7ee4269a447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:db:8c:28:53:00:6d:90:3e:7a:f3:27:fe:86:
d3:8c:55:e8:f6:e5:1f:ca:9d:ec:cc:71:ea:78:d1:
59:f5:e4:0b:e9:b0:53:cd:a4:3a:3c:6a:cc:c9:5a:
4e:36:1e:71:28:d2:2a:7c:85:6c:7f:5c:6e:83:aa:
c1:7d:96:69:22:ce:4b:5d:f2:14:f7:33:59:59:d8:
c1:10:c9:21:91:38:ec:d7:13:f5:e1:db:3f:ff:74:
eb:59:af:86:12:36:0c:dc:c5:00:fb:bd:8f:a0:84:
cc:e9:0a:ba:ee:60:ca:14:dc:ad:4b:e4:29:2b:af:
cb:65:a8:70:1d:5a:76:0d:17:db:9c:61:bc:db:e6:
5c:d8:76:12:70:4b:c2:a8:d8:dc:4a:70:2d:75:33:
91:d2:bf:5a:aa:c5:c3:db:99:94:ed:57:0e:d4:cf:
b8:0b:c4:3c:c2:44:8c:95:4c:22:4a:64:83:8b:f9:
d7:8a:6c:83:e6:73:ca:ca:cd:7d:c9:fe:63:13:f5:
c2:31:ba:80:4d:40:55:51:28:49:d3:a3:b3:49:f0:
19:96:5f:45:e2:1a:e3:8f:de:72:f0:d2:71:e6:ac:
27:78:87:44:7d:fb:99:3c:ed:0d:aa:d2:b5:aa:14:
b3:91:76:20:f0:84:fd:12:d4:f0:47:f7:7c:fc:43:
c9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:9C:52:97:22:65:EA:FD:F4:98:D5:52:D2:B0:E7:EE:42:69:A4:47
X509v3 Authority Key Identifier:
keyid:CA:23:1A:43:62:BC:1E:C0:FD:B4:34:99:01:B6:1C:CF:9D:67:9D:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yiMaQ2K8HsD9tDSZAbYcz51nnWU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:5c:f1:7f:6b:d1:6d:2c:54:5b:bc:0f:3d:3a:ef:41:77:7d:
41:7a:1d:04:a3:71:23:bb:c8:ae:97:71:01:1f:94:db:0f:bb:
be:c7:1e:fe:6b:86:75:fe:5c:1c:aa:19:da:f5:a1:83:63:e7:
11:cc:5d:96:27:6b:38:de:6e:b7:5f:80:a7:ab:bf:60:68:c6:
d1:31:44:c5:8e:03:d1:aa:30:95:71:84:ce:53:22:b3:bd:51:
dd:60:7e:e7:13:3b:dd:b9:9b:46:e4:1f:c1:bc:1b:06:f5:c4:
2a:36:e8:02:ee:f8:79:ef:8a:5e:fb:88:59:1f:54:81:3b:53:
08:12:0b:22:60:a1:6a:af:6a:37:55:fd:86:8e:d1:39:b1:6a:
c7:9d:ab:34:9b:4a:6f:a5:e0:aa:83:02:dd:e7:d1:82:f4:f9:
4f:ea:11:48:b4:0c:49:2d:f2:47:60:0f:c3:78:cd:3a:39:7d:
bd:ab:9b:54:ca:e3:3d:aa:03:ca:dd:55:59:7c:29:0f:26:53:
2b:b9:29:8b:0a:67:86:39:da:12:36:e9:70:e4:3e:b5:ac:3f:
9e:66:de:a5:bd:08:37:8d:d9:2e:28:0e:f5:fb:23:79:2c:e6:
3a:b2:85:6a:9b:16:aa:f9:01:cd:2f:d7:46:29:54:bc:97:3a:
bf:ac:ab:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoPDNPdqmhxvlhZ8xQAIYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjMxYTQzNjJiYzFlYzBmZGI0MzQ5OTAxYjYxY2NmOWQ2
NzlkNjUwHhcNMjUwOTA3MTAwMjUzWhcNMjUwOTA4MTAwMjUzWjAzMTEwLwYDVQQD
EygyMTljNTI5NzIyNjVlYWZkZjQ5OGQ1NTJkMmIwZTdlZTQyNjlhNDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9uMKFMAbZA+evMn/obTjFXo9uUf
yp3szHHqeNFZ9eQL6bBTzaQ6PGrMyVpONh5xKNIqfIVsf1xug6rBfZZpIs5LXfIU
9zNZWdjBEMkhkTjs1xP14ds//3TrWa+GEjYM3MUA+72PoITM6Qq67mDKFNytS+Qp
K6/LZahwHVp2DRfbnGG82+Zc2HYScEvCqNjcSnAtdTOR0r9aqsXD25mU7VcO1M+4
C8Q8wkSMlUwiSmSDi/nXimyD5nPKys19yf5jE/XCMbqATUBVUShJ06OzSfAZll9F
4hrjj95y8NJx5qwneIdEffuZPO0NqtK1qhSzkXYg8IT9EtTwR/d8/EPJbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCGcUpciZer99JjVUtKw5+5CaaRHMB8GA1UdIwQY
MBaAFMojGkNivB7A/bQ0mQG2HM+dZ51lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlNYVEySzhIc0Q5dERTWkFiWWN6NTFubldVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84NTZjMDUtZDdiMi00OTlhLWFmMzkt
MzlkZmE0OGVhNmI5LzEveWlNYVEySzhIc0Q5dERTWkFiWWN6NTFubldVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84NTZjMDUtZDdiMi00OTlhLWFmMzktMzlkZmE0OGVhNmI5
LzEveWlNYVEySzhIc0Q5dERTWkFiWWN6NTFubldVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAclzxf2vR
bSxUW7wPPTrvQXd9QXodBKNxI7vIrpdxAR+U2w+7vsce/muGdf5cHKoZ2vWhg2Pn
EcxdlidrON5ut1+Ap6u/YGjG0TFExY4D0aowlXGEzlMis71R3WB+5xM73bmbRuQf
wbwbBvXEKjboAu74ee+KXvuIWR9UgTtTCBILImChaq9qN1X9ho7RObFqx52rNJtK
b6XgqoMC3efRgvT5T+oRSLQMSS3yR2APw3jNOjl9vaubVMrjPaoDyt1VWXwpDyZT
K7kpiwpnhjnaEjbpcOQ+taw/nmbepb0IN43ZLigO9fsjeSzmOrKFapsWqvkBzS/X
RilUvJc6v6yrHw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:23:00 2025 by rpki-client