Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
File: yalITKcIq3cesduQuvyKEUwsPXk.mft (raw, json)
Hash identifier: lXfDvzRLTUdEPNGk4+gSWGzmHPGItlyPcWdyBSrdsys=
Subject key identifier: 85:D2:C2:7E:7D:6C:5F:86:24:47:45:21:00:0E:89:DC:B8:71:69:E3
Authority key identifier: C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
Certificate issuer: /CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Certificate serial: 019777536CD754D0A06C154EF2B868B79859
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
Manifest number: 1595
Signing time: Mon 16 Jun 2025 06:00:45 +0000
Manifest this update: Mon 16 Jun 2025 06:00:45 +0000
Manifest next update: Tue 17 Jun 2025 06:00:45 +0000
Files and hashes: 1: __KLjvjgMO1LuKrx6zZXZJBcRtk.roa (hash: kZSjdOtgx956Q9WcOxsnl5QBMbkPJAPdg2gED1ZbQy4=)
2: xmOvbRNpbfTNvGRi0NGmoChwF8k.roa (hash: 7oU4y3FJaTZ6zlZMUwxbLqzJR9lqEVzJSwfHVW5xI4s=)
3: yalITKcIq3cesduQuvyKEUwsPXk.crl (hash: K7/+LgPb/WicVQN8EYlEOLhw3taBkXoePfvCWCrZ+oI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 06:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:77:53:6c:d7:54:d0:a0:6c:15:4e:f2:b8:68:b7:98:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Validity
Not Before: Jun 16 06:00:45 2025 GMT
Not After : Jun 17 06:00:45 2025 GMT
Subject: CN=85d2c27e7d6c5f8624474521000e89dcb87169e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:17:fd:56:b9:29:e2:3c:a7:a6:52:57:ab:3a:
73:1b:bd:b7:17:fd:79:b5:a8:5b:33:ff:37:43:d6:
62:6b:a4:da:f4:2d:0d:f8:71:28:05:42:f8:99:18:
34:aa:38:0d:86:b0:b4:76:8f:f2:34:1a:9b:4f:12:
2b:90:59:8b:a9:3d:5b:ed:db:ba:5c:c5:b6:0f:1e:
3f:6a:9e:bd:62:39:de:71:28:6a:a6:d3:d5:93:d3:
26:72:6b:14:7d:a4:2c:3c:54:fb:e2:c0:cb:cf:96:
69:65:b8:4d:0d:5b:c3:c5:db:1d:93:75:ab:a4:b9:
06:2e:c5:54:86:c9:6e:16:36:74:1e:cf:21:66:03:
69:99:23:90:38:8b:e8:e7:e2:1b:be:96:f3:78:52:
47:dd:88:a2:b5:b8:28:da:9b:eb:74:a5:81:81:47:
33:a3:08:e1:fb:8a:55:9a:56:21:01:28:5b:75:33:
f0:70:06:d2:63:4a:94:18:d7:f7:ca:5b:e3:8a:31:
58:e1:c1:d1:33:ab:73:6a:00:c2:ef:47:0b:ae:1b:
f6:ef:b8:02:34:a8:92:77:1b:3e:66:1f:83:36:32:
0c:a5:62:64:ac:a0:12:d8:a1:4a:7c:1f:a8:87:94:
5a:24:1f:3f:3b:81:f0:b2:64:67:f5:76:15:13:94:
10:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D2:C2:7E:7D:6C:5F:86:24:47:45:21:00:0E:89:DC:B8:71:69:E3
X509v3 Authority Key Identifier:
keyid:C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:ed:9a:1c:2a:71:66:98:24:29:80:49:9d:da:5c:6c:3f:b1:
9e:69:05:89:19:54:e7:45:b7:34:87:c8:4e:ef:8e:36:3e:ec:
46:b4:7c:98:37:ef:0c:9b:1d:bb:ec:a2:a1:7b:00:64:ea:c9:
5d:71:c7:21:13:24:cc:55:26:4d:2c:b5:c8:79:e4:55:c0:45:
5d:b7:b0:53:82:18:0b:e6:0e:cb:0b:1f:d3:54:84:5b:eb:53:
43:40:41:0a:e1:69:27:75:2b:89:03:69:75:79:1c:20:de:2d:
2b:85:c1:65:7b:92:9d:40:1a:d6:90:fb:89:57:3b:69:b2:9f:
48:8d:a5:54:2d:73:2a:c8:d8:16:f5:18:c2:20:af:21:76:42:
e3:d1:6a:ec:da:9c:b2:a8:07:d5:03:8d:8f:2e:45:67:1e:4e:
82:90:4d:9c:74:9c:2d:2a:c0:2c:cd:7e:23:59:7f:59:80:a2:
17:e9:26:2e:52:7b:38:d3:b5:59:64:28:50:ab:37:f4:c9:2f:
15:dc:4a:31:89:6a:00:73:52:7c:ef:21:51:a7:04:8d:58:71:
2c:de:40:cb:0d:f8:a0:16:ad:a2:e2:d4:55:62:ba:58:de:a9:
33:1c:98:01:4e:12:06:ca:5e:1b:0d:2a:17:17:88:10:82:0f:
c9:dc:f8:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd3U2zXVNCgbBVO8rhot5hZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YTk0ODRjYTcwOGFiNzcxZWIxZGI5MGJhZmM4YTExNGMy
YzNkNzkwHhcNMjUwNjE2MDYwMDQ1WhcNMjUwNjE3MDYwMDQ1WjAzMTEwLwYDVQQD
Eyg4NWQyYzI3ZTdkNmM1Zjg2MjQ0NzQ1MjEwMDBlODlkY2I4NzE2OWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Bf9Vrkp4jynplJXqzpzG723F/15
tahbM/83Q9Zia6Ta9C0N+HEoBUL4mRg0qjgNhrC0do/yNBqbTxIrkFmLqT1b7du6
XMW2Dx4/ap69YjnecShqptPVk9MmcmsUfaQsPFT74sDLz5ZpZbhNDVvDxdsdk3Wr
pLkGLsVUhsluFjZ0Hs8hZgNpmSOQOIvo5+IbvpbzeFJH3Yiitbgo2pvrdKWBgUcz
owjh+4pVmlYhAShbdTPwcAbSY0qUGNf3ylvjijFY4cHRM6tzagDC70cLrhv277gC
NKiSdxs+Zh+DNjIMpWJkrKAS2KFKfB+oh5RaJB8/O4HwsmRn9XYVE5QQnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIXSwn59bF+GJEdFIQAOidy4cWnjMB8GA1UdIwQY
MBaAFMmpSEynCKt3HrHbkLr8ihFMLD15MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAt
ZDA1MTdkYjI2ZGFkLzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAtZDA1MTdkYjI2ZGFk
LzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiu2aHCpx
ZpgkKYBJndpcbD+xnmkFiRlU50W3NIfITu+ONj7sRrR8mDfvDJsdu+yioXsAZOrJ
XXHHIRMkzFUmTSy1yHnkVcBFXbewU4IYC+YOywsf01SEW+tTQ0BBCuFpJ3UriQNp
dXkcIN4tK4XBZXuSnUAa1pD7iVc7abKfSI2lVC1zKsjYFvUYwiCvIXZC49Fq7Nqc
sqgH1QONjy5FZx5OgpBNnHScLSrALM1+I1l/WYCiF+kmLlJ7ONO1WWQoUKs39Mkv
FdxKMYlqAHNSfO8hUacEjVhxLN5Ayw34oBatouLUVWK6WN6pMxyYAU4SBspeGw0q
FxeIEIIPydz49Q==
-----END CERTIFICATE-----
Generated at Mon Jun 16 09:13:10 2025 by rpki-client