Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft
File: y1eZ2NBfSgIAEdyoAxdivqASJV0.mft (raw, json)
Hash identifier: ahpDhm/TSvg2CROfXWkoP1Xcc5h8o+9wvR470QE81/g=
Subject key identifier: 11:02:23:7F:24:72:A5:93:9F:52:97:06:59:94:58:56:B5:97:6A:A1
Authority key identifier: CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
Certificate issuer: /CN=cb5799d8d05f4a020011dca8031762bea012255d
Certificate serial: 0196767A97AAC336542724FFC95774DDD351
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft
Manifest number: 0A7B
Signing time: Sun 27 Apr 2025 09:01:07 +0000
Manifest this update: Sun 27 Apr 2025 09:01:07 +0000
Manifest next update: Mon 28 Apr 2025 09:01:07 +0000
Files and hashes: 1: 1FhxmjQY59YAJAMVhG_T6zF5XSA.roa (hash: LhK5E0yQbIvlUPrgw8D5iXHjua3tvso8AKzY9lfo4J0=)
2: RNQvE2oEKPo_zVElIo7XyWY9pN4.roa (hash: cHPYWyTjBN1Ib/KsumMhkuYgXusEijJa/SgckNxXiqc=)
3: y1eZ2NBfSgIAEdyoAxdivqASJV0.crl (hash: CM9wCubsc+Bf2FAtuMg425C/65T8CO4Zh0EfyPbRinw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft
rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:76:7a:97:aa:c3:36:54:27:24:ff:c9:57:74:dd:d3:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb5799d8d05f4a020011dca8031762bea012255d
Validity
Not Before: Apr 27 09:01:07 2025 GMT
Not After : Apr 28 09:01:07 2025 GMT
Subject: CN=1102237f2472a5939f52970659945856b5976aa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:37:51:87:48:e8:4f:6d:8e:93:6a:7e:05:00:
06:7c:cb:67:4a:9d:7e:c2:46:92:fe:1f:59:22:0d:
67:fb:a4:11:02:86:74:d9:f6:c4:4f:bb:67:c4:f1:
8d:c4:5b:91:2b:81:47:1e:fb:76:04:9f:f2:c8:9d:
d2:09:eb:86:ac:16:77:15:fd:3b:28:97:4c:d2:4b:
31:97:2c:e1:e4:ed:b0:58:50:88:3c:c5:c9:ec:02:
6d:be:b7:61:6e:55:29:19:cb:f3:2f:a2:ee:9a:58:
51:1f:26:33:a1:c4:8a:6e:8f:39:79:77:47:58:91:
93:4f:fa:1a:88:84:79:c2:9d:a9:36:e0:03:07:cc:
d3:41:c5:44:2c:c2:38:5c:eb:08:55:ef:3e:3d:16:
98:a8:b6:0b:43:53:55:e4:d0:bc:ec:43:48:f8:eb:
79:94:bd:aa:2b:8f:e9:2f:a8:c9:2c:8e:b1:a7:a1:
18:3a:2e:bb:de:6d:bd:69:17:b8:76:10:69:fb:b9:
4f:4a:e1:3c:8d:01:7b:07:c2:0c:52:0d:01:7b:e6:
33:d5:8b:6d:8a:b7:f3:ed:49:3e:d3:a1:9a:4a:80:
47:6f:9c:71:8c:2b:dd:5b:3a:2f:43:25:b4:a0:d2:
ae:7f:3c:11:27:29:a4:d4:1b:ee:64:08:f7:6e:64:
35:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:02:23:7F:24:72:A5:93:9F:52:97:06:59:94:58:56:B5:97:6A:A1
X509v3 Authority Key Identifier:
keyid:CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:ec:71:88:8c:c9:28:3e:3a:ce:75:29:c1:ed:59:83:d8:82:
c1:e8:65:5c:d6:52:a3:9b:9b:bd:68:18:a8:da:70:42:58:e8:
2d:07:39:f4:b2:ff:88:c0:70:8d:7c:ca:fe:5e:02:d6:be:5b:
fc:d8:f0:d0:3c:43:fe:34:07:de:3c:49:80:85:4d:ea:4f:33:
15:0c:c4:94:ea:c2:d8:89:9d:14:97:e5:be:ed:ca:4b:c7:ad:
50:4d:9f:4f:a2:5b:d7:5a:30:50:9f:79:86:ab:8c:3a:95:e0:
6c:67:eb:d6:10:43:8c:16:e6:96:8d:94:0b:c9:6e:1c:ea:7c:
c4:37:c5:bf:dc:5f:1a:6c:cb:a2:4b:12:78:f4:87:10:fd:87:
8c:84:cf:8b:f7:d1:b2:ad:11:a1:df:df:ce:26:fa:cf:38:a3:
91:20:10:c0:02:73:d8:7b:fc:87:75:c2:70:87:e6:69:ea:b5:
d1:94:dd:3f:cb:f0:0f:e2:85:f7:87:bd:fb:45:7c:47:45:64:
6e:49:b5:b7:ac:0c:e4:1b:c9:fa:fb:45:b1:6f:76:99:6b:a0:
0a:fe:4b:21:c4:cc:21:ba:f8:f6:eb:27:7c:e1:54:9f:41:df:
a8:47:14:05:32:4d:2a:24:34:77:a7:41:a0:21:af:2c:4a:d9:
c6:be:02:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2epeqwzZUJyT/yVd03dNRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNTc5OWQ4ZDA1ZjRhMDIwMDExZGNhODAzMTc2MmJlYTAx
MjI1NWQwHhcNMjUwNDI3MDkwMTA3WhcNMjUwNDI4MDkwMTA3WjAzMTEwLwYDVQQD
EygxMTAyMjM3ZjI0NzJhNTkzOWY1Mjk3MDY1OTk0NTg1NmI1OTc2YWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzdRh0joT22Ok2p+BQAGfMtnSp1+
wkaS/h9ZIg1n+6QRAoZ02fbET7tnxPGNxFuRK4FHHvt2BJ/yyJ3SCeuGrBZ3Ff07
KJdM0ksxlyzh5O2wWFCIPMXJ7AJtvrdhblUpGcvzL6LumlhRHyYzocSKbo85eXdH
WJGTT/oaiIR5wp2pNuADB8zTQcVELMI4XOsIVe8+PRaYqLYLQ1NV5NC87ENI+Ot5
lL2qK4/pL6jJLI6xp6EYOi673m29aRe4dhBp+7lPSuE8jQF7B8IMUg0Be+Yz1Ytt
irfz7Uk+06GaSoBHb5xxjCvdWzovQyW0oNKufzwRJymk1BvuZAj3bmQ16wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBECI38kcqWTn1KXBlmUWFa1l2qhMB8GA1UdIwQY
MBaAFMtXmdjQX0oCABHcqAMXYr6gEiVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQt
NWM2MDJmZGU5NjNiLzEveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQtNWM2MDJmZGU5NjNi
LzEveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANexxiIzJ
KD46znUpwe1Zg9iCwehlXNZSo5ubvWgYqNpwQljoLQc59LL/iMBwjXzK/l4C1r5b
/Njw0DxD/jQH3jxJgIVN6k8zFQzElOrC2ImdFJflvu3KS8etUE2fT6Jb11owUJ95
hquMOpXgbGfr1hBDjBbmlo2UC8luHOp8xDfFv9xfGmzLoksSePSHEP2HjITPi/fR
sq0Rod/fzib6zzijkSAQwAJz2Hv8h3XCcIfmaeq10ZTdP8vwD+KF94e9+0V8R0Vk
bkm1t6wM5BvJ+vtFsW92mWugCv5LIcTMIbr49usnfOFUn0HfqEcUBTJNKiQ0d6dB
oCGvLErZxr4Cmg==
-----END CERTIFICATE-----
Generated at Sun Apr 27 12:09:02 2025 by rpki-client