Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
File: yalITKcIq3cesduQuvyKEUwsPXk.mft (raw, json)
Hash identifier: tVX85BD0nFgpH3Smft/W3771WRxuAinwSJ3HlsTJbtM=
Subject key identifier: 78:29:4F:F5:D2:D3:5F:BE:6F:C8:A5:9C:77:38:94:98:7A:4A:09:00
Authority key identifier: C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
Certificate issuer: /CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Certificate serial: 01987DF7E8B753BBB62FCB47765B72511679
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
Manifest number: 161D
Signing time: Wed 06 Aug 2025 06:00:55 +0000
Manifest this update: Wed 06 Aug 2025 06:00:55 +0000
Manifest next update: Thu 07 Aug 2025 06:00:55 +0000
Files and hashes: 1: __KLjvjgMO1LuKrx6zZXZJBcRtk.roa (hash: kZSjdOtgx956Q9WcOxsnl5QBMbkPJAPdg2gED1ZbQy4=)
2: xmOvbRNpbfTNvGRi0NGmoChwF8k.roa (hash: 7oU4y3FJaTZ6zlZMUwxbLqzJR9lqEVzJSwfHVW5xI4s=)
3: yalITKcIq3cesduQuvyKEUwsPXk.crl (hash: ZOzgOyow6CWY8NWAUT/70yg3MMXTZltI/kByELnBdeY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 06:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7d:f7:e8:b7:53:bb:b6:2f:cb:47:76:5b:72:51:16:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Validity
Not Before: Aug 6 06:00:55 2025 GMT
Not After : Aug 7 06:00:55 2025 GMT
Subject: CN=78294ff5d2d35fbe6fc8a59c773894987a4a0900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b6:9d:75:4c:2d:e3:f9:e6:75:93:0a:2a:df:
f2:62:39:93:f6:6a:f7:94:81:ba:b3:d7:3a:67:00:
05:bb:c3:c7:76:31:2e:26:05:ff:fd:c3:27:4e:6d:
b7:d8:f7:98:16:a2:6a:d8:a6:43:5b:02:07:50:0c:
64:b1:2f:4b:5f:b6:12:f3:dd:f3:1e:88:17:af:fb:
b8:ea:c8:7e:3e:51:77:cc:17:11:85:94:aa:dd:a0:
0d:49:a1:4a:72:7b:9d:9e:dc:b9:0d:a7:aa:95:55:
c3:e7:42:b6:a2:6c:1f:07:21:4e:1f:77:47:16:a5:
4e:77:bf:89:aa:c7:c8:65:55:aa:41:b4:d4:e5:6e:
e2:60:80:91:82:d0:de:b7:ff:78:7f:1d:d8:8e:e7:
6c:18:55:d6:80:7e:5c:c1:91:e7:cf:c2:0d:96:e4:
99:52:fb:35:8c:55:b0:e4:97:55:1f:bf:b9:dc:fd:
5d:8d:41:cc:a0:e7:f7:0d:21:df:4c:9f:68:bd:bb:
67:22:9e:74:66:36:b6:3e:5c:a8:96:83:95:ab:ed:
f2:df:42:75:ba:60:f4:6c:f9:40:29:69:fa:09:a0:
dc:a6:83:58:bd:74:77:5c:86:09:e3:44:c2:ee:93:
a9:be:cb:c3:bd:83:be:e8:dc:6a:56:0b:9f:6e:f1:
3f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:29:4F:F5:D2:D3:5F:BE:6F:C8:A5:9C:77:38:94:98:7A:4A:09:00
X509v3 Authority Key Identifier:
keyid:C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:33:f7:e3:73:6e:7d:f4:c1:f5:bd:2a:fe:fa:57:34:a9:33:
a2:5d:6d:86:16:59:a1:c5:5f:bf:3f:54:a7:f3:26:b6:b4:13:
53:a6:1d:b7:84:82:d9:ce:07:23:1d:8b:2f:86:53:e0:d0:d8:
9f:e3:27:f5:13:0b:2a:24:aa:92:a8:43:fe:5f:de:88:8d:26:
3b:25:7b:f4:d6:05:57:0c:43:45:cc:0a:8a:4b:0b:41:fc:80:
43:ab:c5:c7:3e:36:05:04:5c:8f:fc:a4:4d:dc:76:c2:94:21:
ac:58:8d:35:54:d8:0a:b6:37:40:71:bf:98:c6:08:1b:8e:5b:
a3:ff:b1:76:32:5f:80:f1:85:25:25:32:e4:81:c3:97:3b:d8:
62:29:8b:25:16:8f:17:bb:5c:bb:c6:6a:52:5e:c0:c7:85:e6:
a2:50:ad:ee:ca:e7:69:38:7c:00:e7:1b:60:2f:ea:84:31:ad:
c2:93:c0:74:e4:08:58:f0:d9:dd:cf:3d:1f:fb:d1:d0:d4:db:
49:91:9a:f4:9e:2e:97:ad:ca:0a:15:7a:5c:c2:3e:1f:18:e3:
83:57:34:96:6e:65:fe:bf:32:b8:86:bc:a6:d6:50:12:38:f4:
cd:54:7a:ff:2f:db:43:40:5f:37:69:c5:d3:2a:ff:c6:de:0c:
82:85:68:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh99+i3U7u2L8tHdltyURZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YTk0ODRjYTcwOGFiNzcxZWIxZGI5MGJhZmM4YTExNGMy
YzNkNzkwHhcNMjUwODA2MDYwMDU1WhcNMjUwODA3MDYwMDU1WjAzMTEwLwYDVQQD
Eyg3ODI5NGZmNWQyZDM1ZmJlNmZjOGE1OWM3NzM4OTQ5ODdhNGEwOTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLaddUwt4/nmdZMKKt/yYjmT9mr3
lIG6s9c6ZwAFu8PHdjEuJgX//cMnTm232PeYFqJq2KZDWwIHUAxksS9LX7YS893z
HogXr/u46sh+PlF3zBcRhZSq3aANSaFKcnudnty5DaeqlVXD50K2omwfByFOH3dH
FqVOd7+JqsfIZVWqQbTU5W7iYICRgtDet/94fx3YjudsGFXWgH5cwZHnz8INluSZ
Uvs1jFWw5JdVH7+53P1djUHMoOf3DSHfTJ9ovbtnIp50Zja2PlyoloOVq+3y30J1
umD0bPlAKWn6CaDcpoNYvXR3XIYJ40TC7pOpvsvDvYO+6NxqVgufbvE/GwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHgpT/XS01++b8ilnHc4lJh6SgkAMB8GA1UdIwQY
MBaAFMmpSEynCKt3HrHbkLr8ihFMLD15MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAt
ZDA1MTdkYjI2ZGFkLzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAtZDA1MTdkYjI2ZGFk
LzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjjP343Nu
ffTB9b0q/vpXNKkzol1thhZZocVfvz9Up/MmtrQTU6Ydt4SC2c4HIx2LL4ZT4NDY
n+Mn9RMLKiSqkqhD/l/eiI0mOyV79NYFVwxDRcwKiksLQfyAQ6vFxz42BQRcj/yk
Tdx2wpQhrFiNNVTYCrY3QHG/mMYIG45bo/+xdjJfgPGFJSUy5IHDlzvYYimLJRaP
F7tcu8ZqUl7Ax4XmolCt7srnaTh8AOcbYC/qhDGtwpPAdOQIWPDZ3c89H/vR0NTb
SZGa9J4ul63KChV6XMI+Hxjjg1c0lm5l/r8yuIa8ptZQEjj0zVR6/y/bQ0BfN2nF
0yr/xt4MgoVoJw==
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:06:22 2025 by rpki-client