Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
File: YcaCaHQ-gj4OHIcAYMChQiPxUes.mft (raw, json)
Hash identifier: chJ87Nn4y00ccF2SN627FOjHcI5ITFcI86lovtYTIHc=
Subject key identifier: 28:89:A9:7D:BD:24:DF:9E:B1:B6:53:79:F7:89:72:8D:80:25:AD:A8
Authority key identifier: 61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
Certificate issuer: /CN=61c68268743e823e0e1c870060c0a14223f151eb
Certificate serial: 01967DC6888A37D429382D1389CC13408CB0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
Manifest number: 1512
Signing time: Mon 28 Apr 2025 19:01:25 +0000
Manifest this update: Mon 28 Apr 2025 19:01:25 +0000
Manifest next update: Tue 29 Apr 2025 19:01:25 +0000
Files and hashes: 1: KXik7lH7rXobKNDojQJvsYz5RkY.roa (hash: OmHOyyMTUBadMMSlHfFTN/cjiEKBhDbZve1q3aoF8Wg=)
2: YcaCaHQ-gj4OHIcAYMChQiPxUes.crl (hash: ep1ume2MWctfegLALktUlhYPLzzjz4xltJBSMEMdsRo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 15:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7d:c6:88:8a:37:d4:29:38:2d:13:89:cc:13:40:8c:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61c68268743e823e0e1c870060c0a14223f151eb
Validity
Not Before: Apr 28 19:01:25 2025 GMT
Not After : Apr 29 19:01:25 2025 GMT
Subject: CN=2889a97dbd24df9eb1b65379f789728d8025ada8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c7:5f:2b:52:e1:2b:6a:cd:01:16:0b:92:32:
50:2d:a0:03:5e:00:b3:64:36:c6:70:47:7d:7d:06:
55:29:54:20:d9:6a:ba:62:9e:c3:09:4f:a8:a0:6b:
d7:fb:2d:d0:b5:4c:ac:64:bd:47:17:36:0f:68:d4:
41:40:69:01:bd:1a:73:76:b1:47:e8:cd:b3:2c:ea:
e4:e9:f2:b4:55:0d:e1:e0:eb:c1:f5:72:19:9d:d9:
33:05:80:0d:a8:9c:cb:e2:4a:17:86:17:6a:0e:9e:
9a:61:be:9c:d8:6f:a5:3f:44:a0:72:90:b5:00:7c:
1a:e8:b2:c3:bc:ad:9f:d2:97:1f:8d:e8:47:d8:f0:
5a:2c:1f:f1:16:09:cf:c2:b8:0b:1a:03:84:b1:6d:
e9:1c:2d:b1:42:2e:61:53:05:2f:93:ba:d6:38:74:
f4:64:47:cf:3e:3a:46:c8:92:13:60:59:46:35:3a:
c6:e3:ca:ae:d6:35:0d:5c:a1:90:f3:12:9c:be:cc:
d4:cf:d3:67:e5:0c:cd:f5:fb:05:ba:c8:be:eb:f1:
31:7b:15:ab:cf:6e:86:3b:41:fb:8a:89:31:82:ea:
0d:6a:6c:3b:20:9b:cf:3f:69:49:f1:a1:5e:05:6e:
b9:56:53:a6:2b:2a:d5:bc:78:bb:85:de:1d:5e:4c:
01:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:89:A9:7D:BD:24:DF:9E:B1:B6:53:79:F7:89:72:8D:80:25:AD:A8
X509v3 Authority Key Identifier:
keyid:61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:a8:17:bd:de:37:19:f7:d6:cf:ce:9b:4f:90:f5:c3:05:fe:
98:9c:9f:95:f6:9b:c7:f9:d2:0d:62:64:15:21:f4:f9:d2:8b:
85:7a:99:e9:de:b6:52:ba:83:54:d0:a9:00:61:3f:91:71:55:
4b:0b:e0:74:3b:e5:f1:af:85:6c:d8:80:fe:12:91:a4:94:b9:
7c:19:e2:d0:a4:91:64:ef:2e:7c:c0:55:4b:cb:9a:d6:b2:c4:
23:80:b8:45:90:25:5b:1f:b1:08:c8:e6:9d:3b:45:69:94:d0:
b2:59:ee:8c:ae:04:b5:47:cb:e2:e4:93:bd:23:29:3a:36:65:
10:5c:6a:0c:bc:94:e5:ef:97:09:4c:1a:87:c5:19:77:6d:38:
2e:21:15:8c:c7:2b:80:b4:3d:8e:cd:60:52:c1:ea:15:b7:17:
3f:e7:b6:d7:66:eb:93:44:64:9c:2a:75:a4:26:f7:1d:fa:80:
4e:15:a1:f3:ce:29:7b:43:7f:3e:e7:63:04:3d:f6:f8:08:23:
61:c9:7a:1e:07:3e:a2:ad:37:67:04:79:72:4e:c5:8c:24:83:
09:bb:14:b2:d9:42:1d:d6:3b:d7:f2:8e:d3:28:b9:e3:d0:30:
5c:78:7f:8b:28:cc:8e:72:87:44:0f:54:3a:18:c9:69:62:08:
16:4a:0c:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ9xoiKN9QpOC0TicwTQIywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzY4MjY4NzQzZTgyM2UwZTFjODcwMDYwYzBhMTQyMjNm
MTUxZWIwHhcNMjUwNDI4MTkwMTI1WhcNMjUwNDI5MTkwMTI1WjAzMTEwLwYDVQQD
EygyODg5YTk3ZGJkMjRkZjllYjFiNjUzNzlmNzg5NzI4ZDgwMjVhZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMdfK1LhK2rNARYLkjJQLaADXgCz
ZDbGcEd9fQZVKVQg2Wq6Yp7DCU+ooGvX+y3QtUysZL1HFzYPaNRBQGkBvRpzdrFH
6M2zLOrk6fK0VQ3h4OvB9XIZndkzBYANqJzL4koXhhdqDp6aYb6c2G+lP0SgcpC1
AHwa6LLDvK2f0pcfjehH2PBaLB/xFgnPwrgLGgOEsW3pHC2xQi5hUwUvk7rWOHT0
ZEfPPjpGyJITYFlGNTrG48qu1jUNXKGQ8xKcvszUz9Nn5QzN9fsFusi+6/ExexWr
z26GO0H7iokxguoNamw7IJvPP2lJ8aFeBW65VlOmKyrVvHi7hd4dXkwBxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCiJqX29JN+esbZTefeJco2AJa2oMB8GA1UdIwQY
MBaAFGHGgmh0PoI+DhyHAGDAoUIj8VHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEt
NmQwNWMwZDBkYTZmLzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEtNmQwNWMwZDBkYTZm
LzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiqgXvd43
GffWz86bT5D1wwX+mJyflfabx/nSDWJkFSH0+dKLhXqZ6d62UrqDVNCpAGE/kXFV
SwvgdDvl8a+FbNiA/hKRpJS5fBni0KSRZO8ufMBVS8ua1rLEI4C4RZAlWx+xCMjm
nTtFaZTQslnujK4EtUfL4uSTvSMpOjZlEFxqDLyU5e+XCUwah8UZd204LiEVjMcr
gLQ9js1gUsHqFbcXP+e212brk0RknCp1pCb3HfqAThWh884pe0N/PudjBD32+Agj
Ycl6Hgc+oq03ZwR5ck7FjCSDCbsUstlCHdY71/KO0yi549AwXHh/iyjMjnKHRA9U
OhjJaWIIFkoMVg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 00:34:55 2025 by rpki-client