Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
File: YcaCaHQ-gj4OHIcAYMChQiPxUes.mft (raw, json)
Hash identifier: jdoPW4t4cSODoWJF+qP8yx5ulreOmA189IRq1V5PL4k=
Subject key identifier: 4B:A2:0B:9A:69:23:32:32:17:E0:8E:19:59:49:3F:5C:8C:05:34:F7
Authority key identifier: 61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
Certificate issuer: /CN=61c68268743e823e0e1c870060c0a14223f151eb
Certificate serial: 01936A46A06A3ED9FCCE747D763358C8CE68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
Manifest number: 137A
Signing time: Tue 26 Nov 2024 21:00:33 +0000
Manifest this update: Tue 26 Nov 2024 21:00:33 +0000
Manifest next update: Wed 27 Nov 2024 21:00:33 +0000
Files and hashes: 1: PNvtjAWcYGneyTNmWk3dJIikmRI.roa (hash: PQ1A15EMRMXXjtaY/IFN7Mc5yBR/fpSi6w/MHp8oydA=)
2: YcaCaHQ-gj4OHIcAYMChQiPxUes.crl (hash: VOjqUBdsyUQ/kWW8ZtygevmEyP/M6x8skP8RoCG7NuI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6a:46:a0:6a:3e:d9:fc:ce:74:7d:76:33:58:c8:ce:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61c68268743e823e0e1c870060c0a14223f151eb
Validity
Not Before: Nov 26 21:00:33 2024 GMT
Not After : Nov 27 21:00:33 2024 GMT
Subject: CN=4ba20b9a6923323217e08e1959493f5c8c0534f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7e:03:48:f2:73:ee:9d:41:4e:b6:32:37:78:
9a:4e:7f:e1:2b:e3:58:8c:00:12:41:77:a1:09:52:
27:62:45:35:a5:9a:61:d9:76:25:85:86:d0:93:44:
eb:60:7f:25:b1:e4:04:68:04:8a:62:37:31:6e:c8:
8f:27:fd:ee:3a:f8:10:93:6e:9e:82:f0:14:40:01:
f0:31:ac:d7:55:bb:32:02:14:9b:78:a8:58:b4:ed:
82:e2:5b:d1:99:fe:51:ee:34:a5:d6:88:f2:38:8c:
34:19:41:24:02:fc:e9:30:9f:9f:2c:96:95:7b:a1:
14:50:04:43:84:85:d9:33:65:e5:28:42:bf:ec:7d:
b4:f2:49:f0:9d:6a:0f:bd:98:f7:18:90:9a:5d:a7:
99:d9:24:71:07:4c:95:3c:c6:22:1d:9d:e5:51:67:
f3:e8:30:2e:c0:a1:27:5b:70:ac:18:a6:5f:89:0e:
ef:1b:40:35:6e:25:e5:2e:46:f4:dd:cf:14:42:02:
db:4a:ae:71:9c:8e:78:10:67:07:95:71:4a:96:78:
4f:d3:a8:9d:e6:ef:dc:0d:bc:79:9e:f9:44:46:57:
83:68:e4:57:f5:83:e6:1b:cb:89:e8:23:81:ae:26:
0c:db:7e:d8:10:18:d9:1b:35:d5:72:b9:e3:de:48:
6d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A2:0B:9A:69:23:32:32:17:E0:8E:19:59:49:3F:5C:8C:05:34:F7
X509v3 Authority Key Identifier:
keyid:61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:da:ca:c8:ea:d8:61:f1:90:46:a1:3b:e8:7a:b2:0d:e9:ac:
a0:25:6d:ad:84:fa:23:80:5e:e2:c2:5d:78:2a:6e:11:af:d9:
11:a9:64:af:ef:7f:61:c3:2d:ad:b2:0f:28:0d:2e:d0:a0:9c:
6b:5a:90:3f:81:35:a9:8f:73:9a:dd:5b:aa:3a:b1:93:0b:de:
d3:8c:ec:b8:1c:46:ea:61:50:d4:49:e1:c3:b0:e6:48:01:b6:
db:20:c1:cb:7a:98:8d:90:a7:b0:2c:3c:ca:88:20:f7:ac:58:
4a:07:39:88:dd:4c:b2:d9:83:a0:2d:e9:82:0a:02:ac:89:74:
31:2c:75:7a:1a:8d:5b:f2:5c:5b:65:b7:5e:3c:7b:4f:13:67:
44:35:c1:6c:6d:ff:ee:c0:7f:0e:f3:a8:03:01:e3:e3:72:22:
1a:c2:32:5e:01:0d:24:20:86:b8:a0:76:36:c6:27:a6:3b:ab:
53:60:9c:24:e3:ed:36:61:7d:d1:ad:ae:1d:23:42:59:6b:ea:
69:fb:51:5f:85:c9:3f:f0:49:51:68:d0:a0:90:99:68:15:c9:
4e:ad:02:6c:52:af:a5:a4:b7:4b:a5:b2:e6:b9:fa:38:0c:fc:
fb:5d:ce:f7:bc:36:88:07:39:ea:ce:c2:a4:28:c8:97:d6:44:
ad:89:b9:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqRqBqPtn8znR9djNYyM5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzY4MjY4NzQzZTgyM2UwZTFjODcwMDYwYzBhMTQyMjNm
MTUxZWIwHhcNMjQxMTI2MjEwMDMzWhcNMjQxMTI3MjEwMDMzWjAzMTEwLwYDVQQD
Eyg0YmEyMGI5YTY5MjMzMjMyMTdlMDhlMTk1OTQ5M2Y1YzhjMDUzNGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn4DSPJz7p1BTrYyN3iaTn/hK+NY
jAASQXehCVInYkU1pZph2XYlhYbQk0TrYH8lseQEaASKYjcxbsiPJ/3uOvgQk26e
gvAUQAHwMazXVbsyAhSbeKhYtO2C4lvRmf5R7jSl1ojyOIw0GUEkAvzpMJ+fLJaV
e6EUUARDhIXZM2XlKEK/7H208knwnWoPvZj3GJCaXaeZ2SRxB0yVPMYiHZ3lUWfz
6DAuwKEnW3CsGKZfiQ7vG0A1biXlLkb03c8UQgLbSq5xnI54EGcHlXFKlnhP06id
5u/cDbx5nvlERleDaORX9YPmG8uJ6COBriYM237YEBjZGzXVcrnj3khtXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEuiC5ppIzIyF+COGVlJP1yMBTT3MB8GA1UdIwQY
MBaAFGHGgmh0PoI+DhyHAGDAoUIj8VHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEt
NmQwNWMwZDBkYTZmLzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEtNmQwNWMwZDBkYTZm
LzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcNrKyOrY
YfGQRqE76HqyDemsoCVtrYT6I4Be4sJdeCpuEa/ZEalkr+9/YcMtrbIPKA0u0KCc
a1qQP4E1qY9zmt1bqjqxkwve04zsuBxG6mFQ1Enhw7DmSAG22yDBy3qYjZCnsCw8
yogg96xYSgc5iN1MstmDoC3pggoCrIl0MSx1ehqNW/JcW2W3Xjx7TxNnRDXBbG3/
7sB/DvOoAwHj43IiGsIyXgENJCCGuKB2NsYnpjurU2CcJOPtNmF90a2uHSNCWWvq
aftRX4XJP/BJUWjQoJCZaBXJTq0CbFKvpaS3S6Wy5rn6OAz8+13O97w2iAc56s7C
pCjIl9ZErYm5Mg==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:57:01 2024 by rpki-client on console-fra.rpki-client.org