Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.mft
File: yHX3bo-JQkeSPA4nYjTZikw-xcI.mft (raw, json)
Hash identifier: CADmnCkvbLCTPGEQJ2430X1VHW+77+G5dPFg6tcbhL0=
Subject key identifier: 88:71:B9:7E:77:BB:21:04:6D:E4:BE:CB:06:AC:84:BA:97:A0:AB:6F
Authority key identifier: C8:75:F7:6E:8F:89:42:47:92:3C:0E:27:62:34:D9:8A:4C:3E:C5:C2
Certificate issuer: /CN=c875f76e8f894247923c0e276234d98a4c3ec5c2
Certificate serial: 0198925A49CF71305A53D59419B0271852EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHX3bo-JQkeSPA4nYjTZikw-xcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.mft
Manifest number: 1626
Signing time: Sun 10 Aug 2025 05:00:47 +0000
Manifest this update: Sun 10 Aug 2025 05:00:47 +0000
Manifest next update: Mon 11 Aug 2025 05:00:47 +0000
Files and hashes: 1: FGsyv-avFXn_iimzPOzOCwcPyYs.roa (hash: x+nbArqL7XpMEWFfS8pufHXCc23im3EMURx/7GPfFLI=)
2: I709bbaWjjvBjycgl5Y9TKJLvE0.roa (hash: XtOSTkSn/jS5PlGEkzSWe5jgilvzImx3IY3GpNZBgXs=)
3: yHX3bo-JQkeSPA4nYjTZikw-xcI.crl (hash: gTKowym0lgz+oRGZliV4F5qYeS+to/WyooEJS22c7J0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.mft
rsync://rpki.ripe.net/repository/DEFAULT/yHX3bo-JQkeSPA4nYjTZikw-xcI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:92:5a:49:cf:71:30:5a:53:d5:94:19:b0:27:18:52:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c875f76e8f894247923c0e276234d98a4c3ec5c2
Validity
Not Before: Aug 10 05:00:47 2025 GMT
Not After : Aug 11 05:00:47 2025 GMT
Subject: CN=8871b97e77bb21046de4becb06ac84ba97a0ab6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1d:75:06:10:20:57:b2:2d:b1:20:ad:a0:22:
5d:40:26:73:92:54:90:06:92:20:1b:d2:cb:cd:a4:
81:00:be:4a:0d:d0:ec:4e:7a:5a:04:d2:dc:03:db:
6f:9f:4a:fe:fd:55:cd:74:a8:2e:c8:2c:31:59:3f:
3b:86:31:f6:9d:2d:28:b0:cb:cf:a8:61:2a:87:8c:
67:95:64:94:1c:b3:b2:3b:d0:4b:00:bf:9a:43:11:
00:e5:63:42:e1:d5:cd:a2:35:57:59:44:e3:01:38:
ea:19:f2:84:8e:98:10:07:f9:a2:03:37:2f:ab:0a:
48:90:41:d5:1c:32:49:f1:2a:4a:5a:b1:68:72:5b:
07:86:32:b6:b1:71:5d:14:36:52:70:c2:db:b9:e0:
4b:37:35:2c:16:16:1b:d4:7e:c6:f2:3c:e1:4f:78:
d8:d4:df:13:9b:7d:44:e3:04:fa:be:a1:28:a1:89:
65:2f:9e:a0:58:ca:54:26:6d:80:da:05:6c:3c:a4:
ea:4e:a9:5e:90:f1:6a:7e:90:67:a7:1a:c5:33:d1:
49:7f:fd:64:d6:da:1b:13:ab:5e:b8:ec:51:67:fd:
e8:fd:74:34:3b:19:5a:b1:ca:66:66:a0:af:de:94:
81:81:fd:96:11:cf:49:48:1c:79:05:97:0c:64:8f:
41:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:71:B9:7E:77:BB:21:04:6D:E4:BE:CB:06:AC:84:BA:97:A0:AB:6F
X509v3 Authority Key Identifier:
keyid:C8:75:F7:6E:8F:89:42:47:92:3C:0E:27:62:34:D9:8A:4C:3E:C5:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHX3bo-JQkeSPA4nYjTZikw-xcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:e2:e5:6a:8d:30:09:f6:c6:35:0b:10:3c:9f:5a:1b:5d:31:
39:e4:27:2d:bd:00:41:0b:6b:90:2e:2f:18:c5:43:df:df:24:
bd:2c:df:28:09:4b:43:60:49:1b:8f:98:44:b8:43:ec:99:d1:
03:34:3f:74:86:a1:9a:a3:3c:7c:d9:d0:58:91:7c:79:06:be:
5b:d1:ba:5e:ed:09:75:37:7c:e2:41:d4:48:18:c1:f3:6b:2e:
77:d1:5c:8c:fa:a9:2c:4d:3e:9f:8b:35:fa:12:7e:b5:35:7f:
b0:d3:94:b6:b3:14:3d:f3:41:1a:0f:29:80:f2:99:ff:a5:5c:
b8:53:a3:4e:6c:d6:6d:9b:1f:5b:69:3a:1f:47:70:ba:d5:94:
33:f0:6e:d0:74:b7:5b:53:f0:94:41:21:b5:c5:63:f1:a6:6d:
19:56:c6:81:b6:0a:6e:fd:75:56:13:2f:61:ca:f1:75:37:71:
bc:03:f3:7f:90:b5:99:8a:a7:f5:24:68:13:d8:6c:b3:4e:f2:
bd:50:f9:ab:68:05:57:9c:9a:f4:54:ab:56:a6:13:e6:15:a4:
24:ad:19:fe:89:7d:f1:32:9d:b6:48:a3:cd:13:37:ed:c5:92:
c5:68:05:7d:af:df:54:aa:b0:ad:36:ad:05:2a:d2:e2:54:ec:
20:c5:79:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiSWknPcTBaU9WUGbAnGFLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NzVmNzZlOGY4OTQyNDc5MjNjMGUyNzYyMzRkOThhNGMz
ZWM1YzIwHhcNMjUwODEwMDUwMDQ3WhcNMjUwODExMDUwMDQ3WjAzMTEwLwYDVQQD
Eyg4ODcxYjk3ZTc3YmIyMTA0NmRlNGJlY2IwNmFjODRiYTk3YTBhYjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsR11BhAgV7ItsSCtoCJdQCZzklSQ
BpIgG9LLzaSBAL5KDdDsTnpaBNLcA9tvn0r+/VXNdKguyCwxWT87hjH2nS0osMvP
qGEqh4xnlWSUHLOyO9BLAL+aQxEA5WNC4dXNojVXWUTjATjqGfKEjpgQB/miAzcv
qwpIkEHVHDJJ8SpKWrFoclsHhjK2sXFdFDZScMLbueBLNzUsFhYb1H7G8jzhT3jY
1N8Tm31E4wT6vqEooYllL56gWMpUJm2A2gVsPKTqTqlekPFqfpBnpxrFM9FJf/1k
1tobE6teuOxRZ/3o/XQ0OxlascpmZqCv3pSBgf2WEc9JSBx5BZcMZI9BVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIhxuX53uyEEbeS+ywashLqXoKtvMB8GA1UdIwQY
MBaAFMh1926PiUJHkjwOJ2I02YpMPsXCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUhYM2JvLUpRa2VTUEE0bllqVFppa3cteGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lOWU3OTgtNGVmMy00YWE4LTgxZjAt
MzA1NjU4ZjkxNjM1LzEveUhYM2JvLUpRa2VTUEE0bllqVFppa3cteGNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lOWU3OTgtNGVmMy00YWE4LTgxZjAtMzA1NjU4ZjkxNjM1
LzEveUhYM2JvLUpRa2VTUEE0bllqVFppa3cteGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZeLlao0w
CfbGNQsQPJ9aG10xOeQnLb0AQQtrkC4vGMVD398kvSzfKAlLQ2BJG4+YRLhD7JnR
AzQ/dIahmqM8fNnQWJF8eQa+W9G6Xu0JdTd84kHUSBjB82sud9FcjPqpLE0+n4s1
+hJ+tTV/sNOUtrMUPfNBGg8pgPKZ/6VcuFOjTmzWbZsfW2k6H0dwutWUM/Bu0HS3
W1PwlEEhtcVj8aZtGVbGgbYKbv11VhMvYcrxdTdxvAPzf5C1mYqn9SRoE9hss07y
vVD5q2gFV5ya9FSrVqYT5hWkJK0Z/ol98TKdtkijzRM37cWSxWgFfa/fVKqwrTat
BSrS4lTsIMV5dQ==
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:50:41 2025 by rpki-client