Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
File: ygHfSTk2pi4uyamAWo-ja4M1vVA.mft (raw, json)
Hash identifier: 6RvcBmdaX6aq7K/jrtCY8L1sjO5t4aHjYeYWqgRxhoE=
Subject key identifier: 04:CD:9C:3D:9F:7D:3E:E2:0C:67:C7:B4:08:F1:3A:C0:7F:F0:02:71
Authority key identifier: CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
Certificate issuer: /CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Certificate serial: 0196526D693F75D31C24ACDFE3A5A789D941
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
Manifest number: 068A
Signing time: Sun 20 Apr 2025 09:00:24 +0000
Manifest this update: Sun 20 Apr 2025 09:00:24 +0000
Manifest next update: Mon 21 Apr 2025 09:00:24 +0000
Files and hashes: 1: VJejrkbQcGz8ZtoJmN8x1bw4bkc.roa (hash: fTHkpU+4ZrTAo/sH1aFITBDz8Ocuvc9wBymMbgUJLms=)
2: ygHfSTk2pi4uyamAWo-ja4M1vVA.crl (hash: OnftQnO93oSvDcV7MzUOBe7O7kcnSO+t37WGAONteic=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:52:6d:69:3f:75:d3:1c:24:ac:df:e3:a5:a7:89:d9:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Validity
Not Before: Apr 20 09:00:24 2025 GMT
Not After : Apr 21 09:00:24 2025 GMT
Subject: CN=04cd9c3d9f7d3ee20c67c7b408f13ac07ff00271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:35:9c:88:0f:26:3a:ff:f1:2c:ec:66:6d:82:
d2:6e:24:a0:56:f3:81:ce:02:a7:5f:b9:c0:7a:0b:
ab:24:f6:8b:1a:30:ec:92:91:ca:f7:4d:61:e6:12:
00:84:18:a0:27:a0:d2:d3:a7:5a:5f:01:cb:14:24:
e3:52:4a:13:90:aa:f3:51:6c:8a:c5:de:eb:54:d3:
3e:72:a9:69:0f:7f:87:28:ca:22:53:4d:c3:69:02:
a7:0d:ce:15:08:66:56:95:55:a5:dc:c1:aa:96:8e:
0d:5e:1b:16:0b:55:91:0f:67:4d:db:36:ed:e9:2f:
39:ac:e9:15:bb:fe:0b:dd:1a:96:43:f5:91:04:a2:
26:d2:fa:8d:05:3c:5d:ce:d8:4d:ec:fc:63:ae:57:
c1:5c:43:b4:a8:01:ec:af:80:08:2b:87:9a:0e:ca:
7f:19:f4:b1:14:d1:9d:65:8f:1f:75:a7:37:c8:a0:
e2:2d:bc:86:18:b4:d5:6d:c0:ce:71:cb:a5:fb:a4:
8e:b4:09:8f:07:bc:f0:61:d0:70:41:4d:82:98:3b:
93:88:d6:30:90:1a:aa:b6:6a:96:99:df:fb:8a:19:
06:56:26:3d:3b:f3:9d:09:48:4b:27:a9:5c:2f:c1:
ca:2d:ec:74:8a:64:e8:ed:5a:5f:2d:4b:92:32:95:
10:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:CD:9C:3D:9F:7D:3E:E2:0C:67:C7:B4:08:F1:3A:C0:7F:F0:02:71
X509v3 Authority Key Identifier:
keyid:CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:58:8b:b0:2f:8c:c9:23:8c:57:e1:d7:27:0b:48:2d:be:73:
00:8b:9e:a7:bf:bf:34:3b:57:12:db:a8:86:fe:00:db:1c:d1:
71:d6:67:97:88:3d:52:0f:7a:41:93:d6:02:5b:13:c1:81:8d:
f6:0f:03:2d:d4:38:b1:55:7b:10:a1:10:6a:4d:e2:f6:c9:6d:
44:b8:63:0f:db:0d:0e:5d:50:c4:4a:7f:d4:1c:58:a3:e2:79:
e6:22:e5:b9:41:b3:17:2b:00:b0:8f:2c:eb:06:7b:1e:ff:5b:
d2:05:fb:8e:d8:51:11:5a:4f:53:53:26:b4:10:71:87:98:5f:
27:27:33:51:94:a7:5b:73:cf:b8:17:f6:8f:27:d2:4f:e9:c1:
dd:b0:92:8e:4d:2c:51:55:87:1f:ad:4a:3a:3b:e4:c4:ec:0b:
fb:ab:c1:d6:a6:9b:18:45:dd:5e:54:7b:d7:4f:5e:05:a6:55:
75:bd:b0:6f:2d:ff:11:31:ee:e8:51:fc:82:6e:b9:06:cf:a8:
bb:34:1e:6b:e1:c3:27:b1:36:c8:0c:7d:30:a4:46:cd:38:6d:
e4:76:1a:e0:5d:ab:00:27:82:fe:aa:16:7e:25:12:57:12:9c:
49:56:fb:14:54:a5:7b:42:1b:52:79:46:50:46:60:9c:30:d7:
5a:ae:c9:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSbWk/ddMcJKzf46WnidlBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMDFkZjQ5MzkzNmE2MmUyZWM5YTk4MDVhOGZhMzZiODMz
NWJkNTAwHhcNMjUwNDIwMDkwMDI0WhcNMjUwNDIxMDkwMDI0WjAzMTEwLwYDVQQD
EygwNGNkOWMzZDlmN2QzZWUyMGM2N2M3YjQwOGYxM2FjMDdmZjAwMjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzWciA8mOv/xLOxmbYLSbiSgVvOB
zgKnX7nAegurJPaLGjDskpHK901h5hIAhBigJ6DS06daXwHLFCTjUkoTkKrzUWyK
xd7rVNM+cqlpD3+HKMoiU03DaQKnDc4VCGZWlVWl3MGqlo4NXhsWC1WRD2dN2zbt
6S85rOkVu/4L3RqWQ/WRBKIm0vqNBTxdzthN7PxjrlfBXEO0qAHsr4AIK4eaDsp/
GfSxFNGdZY8fdac3yKDiLbyGGLTVbcDOccul+6SOtAmPB7zwYdBwQU2CmDuTiNYw
kBqqtmqWmd/7ihkGViY9O/OdCUhLJ6lcL8HKLex0imTo7VpfLUuSMpUQvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFATNnD2ffT7iDGfHtAjxOsB/8AJxMB8GA1UdIwQY
MBaAFMoB30k5NqYuLsmpgFqPo2uDNb1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUt
OTYyNzU4YTNkNWVhLzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUtOTYyNzU4YTNkNWVh
LzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADliLsC+M
ySOMV+HXJwtILb5zAIuep7+/NDtXEtuohv4A2xzRcdZnl4g9Ug96QZPWAlsTwYGN
9g8DLdQ4sVV7EKEQak3i9sltRLhjD9sNDl1QxEp/1BxYo+J55iLluUGzFysAsI8s
6wZ7Hv9b0gX7jthREVpPU1MmtBBxh5hfJyczUZSnW3PPuBf2jyfST+nB3bCSjk0s
UVWHH61KOjvkxOwL+6vB1qabGEXdXlR7109eBaZVdb2wby3/ETHu6FH8gm65Bs+o
uzQea+HDJ7E2yAx9MKRGzTht5HYa4F2rACeC/qoWfiUSVxKcSVb7FFSle0IbUnlG
UEZgnDDXWq7J6w==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:10:47 2025 by rpki-client