Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.mft
File: yHX3bo-JQkeSPA4nYjTZikw-xcI.mft (raw, json)
Hash identifier: 6zch6UQAyn44Nhxxfo7klRRt7SjDxEuSibxHju8dMdg=
Subject key identifier: 38:24:C2:3E:BA:AE:40:D4:0F:3C:B1:00:35:7E:34:84:57:15:A3:A9
Authority key identifier: C8:75:F7:6E:8F:89:42:47:92:3C:0E:27:62:34:D9:8A:4C:3E:C5:C2
Certificate issuer: /CN=c875f76e8f894247923c0e276234d98a4c3ec5c2
Certificate serial: 0196ABB12058961234B42560E77C5E6261DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHX3bo-JQkeSPA4nYjTZikw-xcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.mft
Manifest number: 152A
Signing time: Wed 07 May 2025 17:00:34 +0000
Manifest this update: Wed 07 May 2025 17:00:34 +0000
Manifest next update: Thu 08 May 2025 17:00:34 +0000
Files and hashes: 1: FGsyv-avFXn_iimzPOzOCwcPyYs.roa (hash: x+nbArqL7XpMEWFfS8pufHXCc23im3EMURx/7GPfFLI=)
2: I709bbaWjjvBjycgl5Y9TKJLvE0.roa (hash: XtOSTkSn/jS5PlGEkzSWe5jgilvzImx3IY3GpNZBgXs=)
3: yHX3bo-JQkeSPA4nYjTZikw-xcI.crl (hash: QLtDdE1DkBHvO5Mn3cAr+5bQcpATS8X+sA24+88jrX4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.mft
rsync://rpki.ripe.net/repository/DEFAULT/yHX3bo-JQkeSPA4nYjTZikw-xcI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 13:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ab:b1:20:58:96:12:34:b4:25:60:e7:7c:5e:62:61:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c875f76e8f894247923c0e276234d98a4c3ec5c2
Validity
Not Before: May 7 17:00:34 2025 GMT
Not After : May 8 17:00:34 2025 GMT
Subject: CN=3824c23ebaae40d40f3cb100357e34845715a3a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8a:b4:18:04:36:5f:14:34:e1:7d:e3:53:b9:
c7:51:34:a8:98:cd:8a:45:3e:07:c8:82:b3:53:4a:
07:d4:d3:6f:6e:44:b7:3d:23:9c:fc:fe:e9:6c:4a:
47:65:fb:58:27:e4:1c:1b:c0:61:a4:bd:ad:87:4b:
cb:be:0f:53:fb:ca:40:d2:58:4b:9f:5f:dd:b8:ea:
03:c4:70:8f:b4:a8:b1:c4:44:f0:e6:b9:2a:82:69:
2d:c4:fc:46:c0:cc:4a:7d:da:04:ab:63:32:bc:ab:
40:ba:9e:ca:f4:72:a9:19:79:79:55:1c:ac:91:ef:
17:40:95:fd:f4:72:cf:6d:4d:4d:16:12:d4:29:73:
bb:fb:b2:1f:be:c4:e3:0b:6e:a9:90:e0:df:a3:ed:
c3:89:c1:25:13:72:38:f4:4e:07:68:8d:63:41:ef:
f6:ad:a7:b4:12:36:d2:bc:e5:a7:17:87:86:6a:14:
f5:bf:ba:de:51:7a:33:5b:1c:a3:25:2f:b0:7a:db:
95:12:80:0c:e5:57:f4:7b:f8:91:51:0a:6e:94:65:
e7:49:3e:ed:45:64:1b:f9:6c:aa:a4:09:59:e8:31:
64:44:8f:95:c5:5c:2a:64:65:62:f2:d5:ba:ff:e9:
62:44:c3:dd:30:1e:21:d3:c8:78:3d:9f:62:ec:f1:
f2:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:24:C2:3E:BA:AE:40:D4:0F:3C:B1:00:35:7E:34:84:57:15:A3:A9
X509v3 Authority Key Identifier:
keyid:C8:75:F7:6E:8F:89:42:47:92:3C:0E:27:62:34:D9:8A:4C:3E:C5:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHX3bo-JQkeSPA4nYjTZikw-xcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:68:13:0b:7c:f8:7b:56:7c:2c:66:ad:b2:ff:38:6a:10:f2:
8b:e7:8b:cd:2b:0f:4d:49:8f:ca:17:16:68:4c:ea:14:8d:5c:
25:89:90:f5:3f:14:23:30:a9:bd:d5:4c:66:78:52:e1:cd:18:
c2:e8:68:71:08:80:74:cd:df:ca:8a:90:ea:e8:82:99:40:ff:
be:fd:5e:20:59:43:8e:b1:64:55:ff:5c:4b:20:14:84:ac:c5:
fd:02:60:75:d3:cc:df:6b:da:16:71:bb:60:72:8a:d0:6f:fa:
9f:4e:64:65:a0:19:4d:80:4f:10:c2:94:f6:e0:20:6c:f0:5f:
e3:c5:57:97:c8:e7:bf:09:c7:38:f3:49:22:f3:3c:e5:59:b4:
bd:06:0f:0c:96:0f:bc:2e:63:80:7e:cb:08:68:d0:6e:f2:a3:
3e:cd:03:cf:e6:66:22:00:65:d4:82:d3:6c:6d:a7:21:99:ed:
28:41:f0:93:da:98:e7:79:b9:84:6e:d1:bf:c8:26:c7:41:1e:
e4:c0:e9:4b:da:7b:d1:ea:0a:18:c7:d7:87:ae:e9:a3:aa:3c:
32:51:be:7a:a2:a5:6c:39:74:74:81:12:c2:a5:4b:dd:79:70:
4c:e2:86:86:c7:4b:d7:7d:4f:1a:8c:d1:3b:b7:d8:3d:26:93:
cd:15:81:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZarsSBYlhI0tCVg53xeYmHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NzVmNzZlOGY4OTQyNDc5MjNjMGUyNzYyMzRkOThhNGMz
ZWM1YzIwHhcNMjUwNTA3MTcwMDM0WhcNMjUwNTA4MTcwMDM0WjAzMTEwLwYDVQQD
EygzODI0YzIzZWJhYWU0MGQ0MGYzY2IxMDAzNTdlMzQ4NDU3MTVhM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYq0GAQ2XxQ04X3jU7nHUTSomM2K
RT4HyIKzU0oH1NNvbkS3PSOc/P7pbEpHZftYJ+QcG8BhpL2th0vLvg9T+8pA0lhL
n1/duOoDxHCPtKixxETw5rkqgmktxPxGwMxKfdoEq2MyvKtAup7K9HKpGXl5VRys
ke8XQJX99HLPbU1NFhLUKXO7+7IfvsTjC26pkODfo+3DicElE3I49E4HaI1jQe/2
rae0EjbSvOWnF4eGahT1v7reUXozWxyjJS+wetuVEoAM5Vf0e/iRUQpulGXnST7t
RWQb+WyqpAlZ6DFkRI+VxVwqZGVi8tW6/+liRMPdMB4h08h4PZ9i7PHyKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDgkwj66rkDUDzyxADV+NIRXFaOpMB8GA1UdIwQY
MBaAFMh1926PiUJHkjwOJ2I02YpMPsXCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUhYM2JvLUpRa2VTUEE0bllqVFppa3cteGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lOWU3OTgtNGVmMy00YWE4LTgxZjAt
MzA1NjU4ZjkxNjM1LzEveUhYM2JvLUpRa2VTUEE0bllqVFppa3cteGNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lOWU3OTgtNGVmMy00YWE4LTgxZjAtMzA1NjU4ZjkxNjM1
LzEveUhYM2JvLUpRa2VTUEE0bllqVFppa3cteGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcGgTC3z4
e1Z8LGatsv84ahDyi+eLzSsPTUmPyhcWaEzqFI1cJYmQ9T8UIzCpvdVMZnhS4c0Y
wuhocQiAdM3fyoqQ6uiCmUD/vv1eIFlDjrFkVf9cSyAUhKzF/QJgddPM32vaFnG7
YHKK0G/6n05kZaAZTYBPEMKU9uAgbPBf48VXl8jnvwnHOPNJIvM85Vm0vQYPDJYP
vC5jgH7LCGjQbvKjPs0Dz+ZmIgBl1ILTbG2nIZntKEHwk9qY53m5hG7Rv8gmx0Ee
5MDpS9p70eoKGMfXh67po6o8MlG+eqKlbDl0dIESwqVL3XlwTOKGhsdL131PGozR
O7fYPSaTzRWBhg==
-----END CERTIFICATE-----
Generated at Wed May 7 19:04:08 2025 by rpki-client