Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
File: yrk2s1-SzexekN8zvcUIZhwntFU.mft (raw, json)
Hash identifier: JvhNxv7RTd7Tip3rGRGdrIZvFtPTD87WN8eIHXzaY5U=
Subject key identifier: 0E:9A:08:BA:91:8A:18:87:F5:E7:A7:5B:1A:42:DC:1E:83:6F:A8:D7
Authority key identifier: CA:B9:36:B3:5F:92:CD:EC:5E:90:DF:33:BD:C5:08:66:1C:27:B4:55
Certificate issuer: /CN=cab936b35f92cdec5e90df33bdc508661c27b455
Certificate serial: 01974B568A44302D31AEF7EE7242CD832C96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
Manifest number: 0CAF
Signing time: Sat 07 Jun 2025 17:00:52 +0000
Manifest this update: Sat 07 Jun 2025 17:00:52 +0000
Manifest next update: Sun 08 Jun 2025 17:00:52 +0000
Files and hashes: 1: 1-8_4Eda3WCGuArYXM2BfRVK04Rk.roa (hash: M6cbeyDGcJvscRU15s7VhDF3WDNbwlO0vnGAsXXGGrQ=)
2: N6I7GkRnTLkodakf220Jx4FEOJ8.roa (hash: 5pNB3KiUL7LD9fJaUhiHJ+4Sn0d2T6l1b/8wj0M4PyI=)
3: yrk2s1-SzexekN8zvcUIZhwntFU.crl (hash: onXmJxKrbbUBpPzuDhK4+9ydRljFQbqAN5k+ZS9RM40=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4b:56:8a:44:30:2d:31:ae:f7:ee:72:42:cd:83:2c:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cab936b35f92cdec5e90df33bdc508661c27b455
Validity
Not Before: Jun 7 17:00:52 2025 GMT
Not After : Jun 8 17:00:52 2025 GMT
Subject: CN=0e9a08ba918a1887f5e7a75b1a42dc1e836fa8d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:03:7b:aa:41:a9:85:f9:af:36:ff:75:57:4a:
12:19:12:c7:dc:51:e8:8f:77:12:fb:39:d4:ac:b9:
6c:50:08:60:fd:54:f5:7b:77:7f:c0:55:5a:72:66:
d8:29:fd:ff:d0:0e:e5:e0:44:b2:45:9e:30:31:2f:
92:be:9b:5c:58:36:23:4f:9f:8e:63:b0:3a:b6:da:
2c:7c:e0:84:c7:3a:b1:47:0e:17:b4:fa:a5:82:f3:
00:54:73:df:cf:9b:17:08:ad:80:d9:fa:f4:25:95:
c2:5a:32:60:72:6b:e2:68:92:c2:90:ed:2c:e5:38:
2f:00:04:26:ac:dd:76:50:be:e1:dc:45:0b:3f:0e:
91:e2:44:aa:e2:8d:70:89:b4:69:c1:5c:7c:3f:60:
1b:8f:a0:13:62:2e:d8:21:ca:ad:0a:97:14:49:a8:
4f:71:ce:44:19:5a:6c:d6:ff:86:09:2e:0d:27:fa:
58:8a:2c:37:cb:df:98:10:26:de:31:eb:2d:44:bf:
51:d2:dd:12:fc:ee:e3:93:b5:3c:b1:43:c3:d6:39:
da:ab:79:c8:cf:41:ff:41:7b:e2:62:65:32:94:64:
80:17:87:8e:82:4f:43:bf:9b:c9:6f:d0:f5:eb:a6:
7e:68:e9:c6:e2:6f:f0:0d:38:6e:29:8a:d9:a2:bd:
db:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:9A:08:BA:91:8A:18:87:F5:E7:A7:5B:1A:42:DC:1E:83:6F:A8:D7
X509v3 Authority Key Identifier:
keyid:CA:B9:36:B3:5F:92:CD:EC:5E:90:DF:33:BD:C5:08:66:1C:27:B4:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:2f:05:cf:37:11:ec:1d:22:44:3d:91:34:d2:24:29:6b:ca:
dd:c5:85:f8:08:89:9f:1f:66:ca:ee:9d:d4:c6:5f:e6:45:90:
c4:c3:a4:fa:fb:af:48:32:b7:e7:e2:0a:8b:51:f8:6e:c3:ed:
4a:76:ae:91:8f:a1:71:78:a6:cc:60:31:a8:76:7e:ff:2a:93:
42:b4:91:38:6f:fd:bc:f4:50:cf:44:a5:53:a0:58:0e:ef:30:
e6:5f:20:b7:9f:59:c3:c2:ed:1c:00:96:7b:66:94:e8:c8:28:
63:f6:30:1a:da:0e:b7:cd:5a:77:9a:a2:37:bc:29:3a:37:64:
93:4d:27:3b:80:6b:78:e7:9f:74:5d:4c:03:3a:cc:e7:02:50:
67:8b:f6:a2:6e:3e:ed:17:c2:12:c3:db:07:73:e1:46:36:c7:
d6:7f:d9:13:20:0f:50:d4:97:f5:87:23:4e:31:0e:5a:a7:a3:
f8:e2:96:f9:5b:a3:b2:f7:d0:0d:55:84:a2:ba:c7:37:ee:c5:
16:28:74:57:d9:ad:05:7a:a4:5d:a7:24:40:73:00:a7:ff:b7:
8c:60:cb:57:f7:3c:4c:38:1c:b2:46:09:44:81:8b:7e:80:65:
ce:a0:9e:89:fd:67:06:b6:27:18:84:76:37:a3:fd:47:95:18:
cc:68:2b:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLVopEMC0xrvfuckLNgyyWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYjkzNmIzNWY5MmNkZWM1ZTkwZGYzM2JkYzUwODY2MWMy
N2I0NTUwHhcNMjUwNjA3MTcwMDUyWhcNMjUwNjA4MTcwMDUyWjAzMTEwLwYDVQQD
EygwZTlhMDhiYTkxOGExODg3ZjVlN2E3NWIxYTQyZGMxZTgzNmZhOGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgN7qkGphfmvNv91V0oSGRLH3FHo
j3cS+znUrLlsUAhg/VT1e3d/wFVacmbYKf3/0A7l4ESyRZ4wMS+SvptcWDYjT5+O
Y7A6ttosfOCExzqxRw4XtPqlgvMAVHPfz5sXCK2A2fr0JZXCWjJgcmviaJLCkO0s
5TgvAAQmrN12UL7h3EULPw6R4kSq4o1wibRpwVx8P2Abj6ATYi7YIcqtCpcUSahP
cc5EGVps1v+GCS4NJ/pYiiw3y9+YECbeMestRL9R0t0S/O7jk7U8sUPD1jnaq3nI
z0H/QXviYmUylGSAF4eOgk9Dv5vJb9D166Z+aOnG4m/wDThuKYrZor3b8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA6aCLqRihiH9eenWxpC3B6Db6jXMB8GA1UdIwQY
MBaAFMq5NrNfks3sXpDfM73FCGYcJ7RVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yZjk3N2EtYzBkYi00MzdlLTlmNjAt
NTU5MjM2MGUzZThlLzEveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yZjk3N2EtYzBkYi00MzdlLTlmNjAtNTU5MjM2MGUzZThl
LzEveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiy8FzzcR
7B0iRD2RNNIkKWvK3cWF+AiJnx9myu6d1MZf5kWQxMOk+vuvSDK35+IKi1H4bsPt
SnaukY+hcXimzGAxqHZ+/yqTQrSROG/9vPRQz0SlU6BYDu8w5l8gt59Zw8LtHACW
e2aU6MgoY/YwGtoOt81ad5qiN7wpOjdkk00nO4BreOefdF1MAzrM5wJQZ4v2om4+
7RfCEsPbB3PhRjbH1n/ZEyAPUNSX9YcjTjEOWqej+OKW+VujsvfQDVWEorrHN+7F
Fih0V9mtBXqkXackQHMAp/+3jGDLV/c8TDgcskYJRIGLfoBlzqCeif1nBrYnGIR2
N6P9R5UYzGgrVQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:59:08 2025 by rpki-client