Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft
File: y-lwmA1WXMdK2ylKpox7BvUTKJA.mft (raw, json)
Hash identifier: HA+p0UpDgyGsG1EDwjtQopSsEyMVIp9noQ1guAnotCs=
Subject key identifier: EE:43:7B:D2:83:60:E0:F8:44:FF:F8:32:D5:84:A9:FE:45:56:BE:EA
Authority key identifier: CB:E9:70:98:0D:56:5C:C7:4A:DB:29:4A:A6:8C:7B:06:F5:13:28:90
Certificate issuer: /CN=cbe970980d565cc74adb294aa68c7b06f5132890
Certificate serial: 01987374709D6A0799080D2A0B3AC10BFC51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y-lwmA1WXMdK2ylKpox7BvUTKJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft
Manifest number: 0922
Signing time: Mon 04 Aug 2025 05:01:07 +0000
Manifest this update: Mon 04 Aug 2025 05:01:07 +0000
Manifest next update: Tue 05 Aug 2025 05:01:07 +0000
Files and hashes: 1: w3_nPHf7a07mKfqvAI84MjCWgdc.roa (hash: zETLR/82/cCeh7r1wtGHL+Bc+UNE2hnrIZTGYx5oKPQ=)
2: y-lwmA1WXMdK2ylKpox7BvUTKJA.crl (hash: Ggi9aTmFcxHoO2JxrotA6+vFlabWYjR2Af2whtu2Zw0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/y-lwmA1WXMdK2ylKpox7BvUTKJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:73:74:70:9d:6a:07:99:08:0d:2a:0b:3a:c1:0b:fc:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbe970980d565cc74adb294aa68c7b06f5132890
Validity
Not Before: Aug 4 05:01:07 2025 GMT
Not After : Aug 5 05:01:07 2025 GMT
Subject: CN=ee437bd28360e0f844fff832d584a9fe4556beea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fb:3c:41:4a:8d:dd:8b:5d:1b:18:29:ce:b8:
71:03:ee:2c:cb:94:5c:52:aa:a6:27:50:34:90:45:
c1:c9:5b:3d:fe:5c:40:e4:b5:cb:49:76:2a:6b:62:
fb:39:82:f9:16:44:a2:4b:85:a3:5b:f7:fe:f3:4d:
d5:cf:69:eb:b5:a2:10:ed:d3:53:a2:40:81:8f:19:
8a:9d:8d:72:27:e7:1d:fb:1f:1e:d4:72:67:47:54:
53:86:74:b0:06:42:f6:28:7b:c8:3d:4a:64:e5:d0:
73:b0:a4:40:16:55:d8:00:ac:62:f4:fa:be:d2:f5:
0f:ba:1b:12:39:2e:4d:70:5f:24:7d:9c:12:84:ea:
1d:a3:16:81:3d:dc:38:ef:a3:9e:70:11:5d:90:51:
b8:8c:47:c5:6d:a1:0b:59:04:6a:42:ba:b4:b2:69:
3e:e3:b0:9b:fc:9a:bb:d1:a0:27:26:76:c0:ba:a1:
0d:e2:d7:e6:2d:9f:ee:ad:24:81:5d:b9:2f:5f:73:
36:ba:74:1d:58:72:3d:57:83:55:8f:b6:06:bb:d0:
8c:65:21:e3:76:cc:3a:27:57:58:4e:c2:5d:7d:d8:
84:4c:cc:5a:b4:e3:9e:3a:c0:54:3c:1e:c0:eb:ca:
71:dd:1f:c0:d7:f2:29:89:fb:96:03:5b:b9:ce:d5:
dc:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:43:7B:D2:83:60:E0:F8:44:FF:F8:32:D5:84:A9:FE:45:56:BE:EA
X509v3 Authority Key Identifier:
keyid:CB:E9:70:98:0D:56:5C:C7:4A:DB:29:4A:A6:8C:7B:06:F5:13:28:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y-lwmA1WXMdK2ylKpox7BvUTKJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:03:0f:94:db:ad:41:3c:b4:5b:09:e8:bb:40:82:cc:48:70:
a7:34:4d:7f:e0:92:68:83:2d:4a:ab:25:95:93:03:a1:a1:46:
11:c1:09:e9:b0:2d:bd:f8:3d:a7:31:81:d1:b7:66:a3:c2:a7:
67:07:44:67:bb:3f:50:c7:6c:46:50:88:d2:25:be:ae:52:0d:
c6:14:9e:54:d2:28:05:0e:d3:e4:55:69:e2:84:36:ab:3c:1e:
14:96:70:6c:26:16:78:53:bb:6c:23:7b:97:c5:f9:d6:47:eb:
36:e7:f2:d8:1a:ad:05:da:ed:84:60:07:9b:5b:ab:00:a1:93:
88:78:17:c4:2f:f4:3a:3f:45:60:13:13:3f:62:19:a6:95:dd:
ae:4f:b4:d1:6f:31:29:49:5d:1e:2a:09:60:15:be:8c:ec:a3:
fa:a8:e5:7a:f2:ad:11:d4:2c:47:65:3a:30:03:11:84:ca:27:
3e:a9:83:60:f7:65:10:4c:c2:67:05:bf:7c:0e:a4:8e:d7:5c:
ee:25:52:a1:f6:00:ee:2c:bb:8a:0f:de:45:e7:2a:1c:bd:01:
3a:75:ab:31:17:f1:3a:6f:73:14:53:bf:47:24:98:e2:eb:b4:
73:b3:61:d0:d9:28:ea:a1:03:cc:b3:73:22:9a:81:13:8e:b8:
b3:3e:ec:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzdHCdageZCA0qCzrBC/xRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZTk3MDk4MGQ1NjVjYzc0YWRiMjk0YWE2OGM3YjA2ZjUx
MzI4OTAwHhcNMjUwODA0MDUwMTA3WhcNMjUwODA1MDUwMTA3WjAzMTEwLwYDVQQD
EyhlZTQzN2JkMjgzNjBlMGY4NDRmZmY4MzJkNTg0YTlmZTQ1NTZiZWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPs8QUqN3YtdGxgpzrhxA+4sy5Rc
UqqmJ1A0kEXByVs9/lxA5LXLSXYqa2L7OYL5FkSiS4WjW/f+803Vz2nrtaIQ7dNT
okCBjxmKnY1yJ+cd+x8e1HJnR1RThnSwBkL2KHvIPUpk5dBzsKRAFlXYAKxi9Pq+
0vUPuhsSOS5NcF8kfZwShOodoxaBPdw476OecBFdkFG4jEfFbaELWQRqQrq0smk+
47Cb/Jq70aAnJnbAuqEN4tfmLZ/urSSBXbkvX3M2unQdWHI9V4NVj7YGu9CMZSHj
dsw6J1dYTsJdfdiETMxatOOeOsBUPB7A68px3R/A1/IpifuWA1u5ztXcDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO5De9KDYOD4RP/4MtWEqf5FVr7qMB8GA1UdIwQY
MBaAFMvpcJgNVlzHStspSqaMewb1EyiQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveS1sd21BMVdYTWRLMnlsS3BveDdCdlVUS0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zZGNmN2ItMTcwMy00NTlmLWFjMGIt
NzU2YTA4YTRhZGRhLzEveS1sd21BMVdYTWRLMnlsS3BveDdCdlVUS0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8zZGNmN2ItMTcwMy00NTlmLWFjMGItNzU2YTA4YTRhZGRh
LzEveS1sd21BMVdYTWRLMnlsS3BveDdCdlVUS0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMgMPlNut
QTy0Wwnou0CCzEhwpzRNf+CSaIMtSqsllZMDoaFGEcEJ6bAtvfg9pzGB0bdmo8Kn
ZwdEZ7s/UMdsRlCI0iW+rlINxhSeVNIoBQ7T5FVp4oQ2qzweFJZwbCYWeFO7bCN7
l8X51kfrNufy2BqtBdrthGAHm1urAKGTiHgXxC/0Oj9FYBMTP2IZppXdrk+00W8x
KUldHioJYBW+jOyj+qjlevKtEdQsR2U6MAMRhMonPqmDYPdlEEzCZwW/fA6kjtdc
7iVSofYA7iy7ig/eRecqHL0BOnWrMRfxOm9zFFO/RySY4uu0c7Nh0Nko6qEDzLNz
IpqBE464sz7scw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:23:14 2025 by rpki-client