Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
File: y78j_5hnaDYlSUYv4JLGMV6sykA.mft (raw, json)
Hash identifier: AnESuZxcwyQoDH01ylUlL4WxDdGwjxOPXIS1klIu/iU=
Subject key identifier: 8E:CB:04:85:72:72:D8:45:0A:F7:C7:E0:15:83:AC:D0:78:EC:5D:5B
Authority key identifier: CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40
Certificate issuer: /CN=cbbf23ff986768362549462fe092c6315eacca40
Certificate serial: 0198963729FF0DCE67F7B35A8E59B3A761A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
Manifest number: 1628
Signing time: Sun 10 Aug 2025 23:00:54 +0000
Manifest this update: Sun 10 Aug 2025 23:00:54 +0000
Manifest next update: Mon 11 Aug 2025 23:00:54 +0000
Files and hashes: 1: a0gi81K4PU-mZZPSh82aNeLjsVI.roa (hash: Id1bqvDurbpWKdNvf29qBzclAu3m5HKcR5Kg3lRHGKE=)
2: y78j_5hnaDYlSUYv4JLGMV6sykA.crl (hash: VeIME9tOAL77jVCqiZzfySaDHMDQM53oLdwTLoJK6Ro=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:96:37:29:ff:0d:ce:67:f7:b3:5a:8e:59:b3:a7:61:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbbf23ff986768362549462fe092c6315eacca40
Validity
Not Before: Aug 10 23:00:54 2025 GMT
Not After : Aug 11 23:00:54 2025 GMT
Subject: CN=8ecb04857272d8450af7c7e01583acd078ec5d5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6a:c6:7a:38:a5:e1:10:49:51:2b:2c:5c:6e:
17:9e:9e:b8:4e:c3:a4:64:f8:63:b7:92:7e:48:b1:
ec:36:38:79:25:3f:ac:2f:50:9b:b7:8c:e0:83:b8:
c6:50:c4:a3:9d:28:4b:c8:1a:e9:fd:66:12:c2:f3:
a8:79:5a:3e:7e:9a:92:30:41:ae:7b:be:3c:6f:c4:
26:d0:80:a5:e2:27:ec:78:ad:85:a3:62:26:ce:6b:
f8:73:d0:9c:3a:04:f4:17:5e:9f:20:9f:7e:b2:d2:
a7:51:68:d3:42:6d:5e:db:60:ee:f3:69:dc:05:88:
f3:16:80:c3:f1:4e:63:91:51:e4:e6:2e:79:98:e1:
55:6c:e7:a5:5e:57:2b:5d:56:9e:af:45:2f:0d:b9:
8f:6b:f6:0c:a7:ff:9e:ff:6e:14:f5:e4:42:1d:f8:
fa:84:02:04:cb:03:9f:ce:55:36:da:38:25:4d:5d:
f9:6b:3d:9d:25:1e:47:fb:37:a3:2d:14:a5:50:a4:
00:be:bb:06:37:05:fb:1b:40:a7:50:63:ab:22:d3:
dc:04:75:10:4d:5d:c1:ee:c0:50:ab:13:05:e7:cd:
67:7d:0e:53:aa:19:c8:22:45:ea:40:58:89:d9:63:
0e:65:b3:5c:ad:db:b5:e9:b2:6e:a1:b3:a8:13:d0:
6f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:CB:04:85:72:72:D8:45:0A:F7:C7:E0:15:83:AC:D0:78:EC:5D:5B
X509v3 Authority Key Identifier:
keyid:CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:33:62:4c:10:ba:01:ea:0b:84:0b:8d:7c:6c:36:ed:bf:8a:
ed:89:86:07:6d:80:22:37:4f:04:9e:36:d7:79:b8:b0:d4:f2:
29:1b:a3:49:de:d1:37:52:fc:11:4b:16:56:0b:45:8f:50:24:
5a:7c:53:0f:d0:cc:67:e2:d8:ae:da:50:53:ed:99:67:11:5d:
77:a0:f0:f7:41:26:56:2a:bf:4d:85:ce:3b:f8:3c:44:bd:02:
a2:aa:5f:f1:1a:02:c1:e7:2d:8a:bf:d2:ed:32:5e:c6:ad:53:
9f:e2:fe:0a:30:d0:72:49:89:61:ac:5b:04:e4:10:9b:7b:14:
17:33:c3:89:dc:49:5f:b5:62:58:03:81:91:4a:27:ae:c5:d5:
74:28:36:5e:23:d5:c6:07:35:a6:c0:d2:2f:cc:7e:36:e8:be:
93:02:25:dc:19:3c:47:36:73:78:07:b8:c2:d6:fd:b9:6c:b0:
04:c6:c5:a3:25:b5:7a:d1:29:20:77:09:c8:29:29:36:f1:f6:
d2:45:07:7a:34:9c:b3:f1:76:95:2f:0b:cf:9c:8b:db:ea:30:
07:cd:ff:8d:5b:cd:30:af:b8:d9:fa:a8:60:d7:56:03:2d:8e:
25:15:c2:36:12:19:55:00:9a:07:f4:38:1b:bc:ea:ba:bf:41:
18:ad:36:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWNyn/Dc5n97Najlmzp2GiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYmYyM2ZmOTg2NzY4MzYyNTQ5NDYyZmUwOTJjNjMxNWVh
Y2NhNDAwHhcNMjUwODEwMjMwMDU0WhcNMjUwODExMjMwMDU0WjAzMTEwLwYDVQQD
Eyg4ZWNiMDQ4NTcyNzJkODQ1MGFmN2M3ZTAxNTgzYWNkMDc4ZWM1ZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2rGejil4RBJUSssXG4Xnp64TsOk
ZPhjt5J+SLHsNjh5JT+sL1Cbt4zgg7jGUMSjnShLyBrp/WYSwvOoeVo+fpqSMEGu
e748b8Qm0ICl4ifseK2Fo2Imzmv4c9CcOgT0F16fIJ9+stKnUWjTQm1e22Du82nc
BYjzFoDD8U5jkVHk5i55mOFVbOelXlcrXVaer0UvDbmPa/YMp/+e/24U9eRCHfj6
hAIEywOfzlU22jglTV35az2dJR5H+zejLRSlUKQAvrsGNwX7G0CnUGOrItPcBHUQ
TV3B7sBQqxMF581nfQ5TqhnIIkXqQFiJ2WMOZbNcrdu16bJuobOoE9BvwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI7LBIVycthFCvfH4BWDrNB47F1bMB8GA1UdIwQY
MBaAFMu/I/+YZ2g2JUlGL+CSxjFerMpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjct
ODU0MTgyZjA5ZWY1LzEveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjctODU0MTgyZjA5ZWY1
LzEveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjTNiTBC6
AeoLhAuNfGw27b+K7YmGB22AIjdPBJ4213m4sNTyKRujSd7RN1L8EUsWVgtFj1Ak
WnxTD9DMZ+LYrtpQU+2ZZxFdd6Dw90EmViq/TYXOO/g8RL0Coqpf8RoCwectir/S
7TJexq1Tn+L+CjDQckmJYaxbBOQQm3sUFzPDidxJX7ViWAOBkUonrsXVdCg2XiPV
xgc1psDSL8x+Nui+kwIl3Bk8RzZzeAe4wtb9uWywBMbFoyW1etEpIHcJyCkpNvH2
0kUHejScs/F2lS8Lz5yL2+owB83/jVvNMK+42fqoYNdWAy2OJRXCNhIZVQCaB/Q4
G7zqur9BGK025g==
-----END CERTIFICATE-----
Generated at Mon Aug 11 07:23:38 2025 by rpki-client