Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
File: yalITKcIq3cesduQuvyKEUwsPXk.mft (raw, json)
Hash identifier: q/RIKxndy3Ps2AKAXgdJHjq6Fzomcr+3BD4L2z12JEU=
Subject key identifier: 1E:DC:A0:23:F9:EE:94:AB:E6:4C:D8:78:D2:BB:B9:2F:8B:8D:45:E4
Authority key identifier: C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
Certificate issuer: /CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Certificate serial: 0196748C0154AB3C349D7FC9633BFBB6A21F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
Manifest number: 150F
Signing time: Sun 27 Apr 2025 00:00:54 +0000
Manifest this update: Sun 27 Apr 2025 00:00:54 +0000
Manifest next update: Mon 28 Apr 2025 00:00:54 +0000
Files and hashes: 1: __KLjvjgMO1LuKrx6zZXZJBcRtk.roa (hash: kZSjdOtgx956Q9WcOxsnl5QBMbkPJAPdg2gED1ZbQy4=)
2: xmOvbRNpbfTNvGRi0NGmoChwF8k.roa (hash: 7oU4y3FJaTZ6zlZMUwxbLqzJR9lqEVzJSwfHVW5xI4s=)
3: yalITKcIq3cesduQuvyKEUwsPXk.crl (hash: WibWugKtGSj6MpbRvSkLtIdeMonva8U+Aq7+Vzu4ZZ0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 00:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:74:8c:01:54:ab:3c:34:9d:7f:c9:63:3b:fb:b6:a2:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Validity
Not Before: Apr 27 00:00:54 2025 GMT
Not After : Apr 28 00:00:54 2025 GMT
Subject: CN=1edca023f9ee94abe64cd878d2bbb92f8b8d45e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:84:11:3a:c9:d7:b8:0e:6d:f2:68:27:c0:23:
ee:a6:5c:8e:8e:ce:e9:1a:92:d7:77:df:d6:66:10:
0e:d7:f5:49:a6:51:d8:b0:3d:45:00:eb:5c:15:d5:
45:3a:56:eb:29:df:5e:dc:fe:26:9f:6c:b9:54:ec:
95:7f:92:90:29:cf:f4:da:c8:62:5e:42:79:f6:0d:
be:9f:25:6a:1f:2f:f1:cf:66:f6:0b:4e:cf:f6:c5:
c8:68:b5:c5:09:f8:e1:22:59:3a:ad:c9:26:25:82:
c7:46:67:3d:2c:77:22:11:b3:a9:67:65:37:83:f6:
4e:32:dc:7e:20:a8:4a:63:12:8c:06:d4:75:8b:b0:
7b:6f:4d:8c:6e:b5:4f:67:cd:b4:70:b6:5c:2f:9f:
63:cb:28:81:81:a6:9a:95:d9:d5:47:32:d3:d8:47:
ed:bc:62:6b:b1:43:b9:7c:77:3c:11:a9:51:8d:2d:
5a:ac:b4:11:ee:b7:95:7d:16:e2:e5:04:12:9c:2a:
11:89:16:24:2f:25:ef:40:d6:9e:15:18:5e:f1:7d:
fc:2c:6f:c5:58:c2:e5:45:be:af:e1:e7:7c:ae:61:
69:04:86:68:d3:6b:0b:a7:a6:92:59:7e:7d:5a:5b:
79:06:bf:d0:b8:05:07:e0:2f:d2:96:1f:99:c4:8b:
3a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:DC:A0:23:F9:EE:94:AB:E6:4C:D8:78:D2:BB:B9:2F:8B:8D:45:E4
X509v3 Authority Key Identifier:
keyid:C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:74:05:3b:69:81:55:cb:34:ab:b0:44:d5:f5:d3:1c:96:2f:
fe:05:12:52:d2:ba:31:f2:e9:30:49:0d:90:2c:e6:b3:06:8c:
e6:37:94:cc:b7:4b:cf:95:7a:52:f6:7f:89:09:fd:41:1b:1d:
15:7d:46:03:b1:7e:e4:81:5f:4b:4f:34:89:0c:26:1a:a7:6b:
33:57:c3:72:93:7b:48:c6:75:51:e2:4c:e6:a8:17:86:28:4f:
38:33:cc:75:96:73:01:b6:6c:5b:5d:27:ed:d7:71:d9:49:f6:
c2:1f:8a:98:fe:23:61:46:98:b4:a6:ba:16:b4:1c:3c:6b:79:
3f:3c:39:41:76:f5:69:ce:29:5f:bd:b9:48:00:81:88:37:4a:
49:bd:fe:9c:bf:c7:e4:02:db:3c:ca:d0:5b:49:e0:57:ea:ba:
25:e4:48:1b:05:7b:3a:a5:7d:4a:94:cd:9c:3e:bb:e5:fa:43:
6b:26:2f:64:e6:53:e5:67:23:93:23:f1:86:b8:d4:87:3e:26:
8a:d0:bc:1c:d6:e6:d3:8c:dc:9d:60:fd:6f:c7:50:37:0b:07:
3f:f4:0d:00:1a:34:06:9f:c9:86:c6:ce:b4:2b:be:dd:89:7c:
15:3b:b1:6f:fa:75:86:31:82:9e:cb:d0:a0:d5:c8:e9:05:78:
19:f7:27:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0jAFUqzw0nX/JYzv7tqIfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YTk0ODRjYTcwOGFiNzcxZWIxZGI5MGJhZmM4YTExNGMy
YzNkNzkwHhcNMjUwNDI3MDAwMDU0WhcNMjUwNDI4MDAwMDU0WjAzMTEwLwYDVQQD
EygxZWRjYTAyM2Y5ZWU5NGFiZTY0Y2Q4NzhkMmJiYjkyZjhiOGQ0NWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4QROsnXuA5t8mgnwCPuplyOjs7p
GpLXd9/WZhAO1/VJplHYsD1FAOtcFdVFOlbrKd9e3P4mn2y5VOyVf5KQKc/02shi
XkJ59g2+nyVqHy/xz2b2C07P9sXIaLXFCfjhIlk6rckmJYLHRmc9LHciEbOpZ2U3
g/ZOMtx+IKhKYxKMBtR1i7B7b02MbrVPZ820cLZcL59jyyiBgaaaldnVRzLT2Eft
vGJrsUO5fHc8EalRjS1arLQR7reVfRbi5QQSnCoRiRYkLyXvQNaeFRhe8X38LG/F
WMLlRb6v4ed8rmFpBIZo02sLp6aSWX59Wlt5Br/QuAUH4C/Slh+ZxIs6gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB7coCP57pSr5kzYeNK7uS+LjUXkMB8GA1UdIwQY
MBaAFMmpSEynCKt3HrHbkLr8ihFMLD15MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAt
ZDA1MTdkYjI2ZGFkLzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAtZDA1MTdkYjI2ZGFk
LzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr3QFO2mB
Vcs0q7BE1fXTHJYv/gUSUtK6MfLpMEkNkCzmswaM5jeUzLdLz5V6UvZ/iQn9QRsd
FX1GA7F+5IFfS080iQwmGqdrM1fDcpN7SMZ1UeJM5qgXhihPODPMdZZzAbZsW10n
7ddx2Un2wh+KmP4jYUaYtKa6FrQcPGt5Pzw5QXb1ac4pX725SACBiDdKSb3+nL/H
5ALbPMrQW0ngV+q6JeRIGwV7OqV9SpTNnD675fpDayYvZOZT5WcjkyPxhrjUhz4m
itC8HNbm04zcnWD9b8dQNwsHP/QNABo0Bp/JhsbOtCu+3Yl8FTuxb/p1hjGCnsvQ
oNXI6QV4Gfcn2g==
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:52:43 2025 by rpki-client