Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
File: ygHfSTk2pi4uyamAWo-ja4M1vVA.mft (raw, json)
Hash identifier: kCbknJz1zF24DC7MLNloqsyXm8O8ABA285BPUK1ysXE=
Subject key identifier: 73:E9:78:A1:C8:BC:23:E9:62:E9:AB:C8:6B:0A:C1:81:CC:3E:B0:90
Authority key identifier: CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
Certificate issuer: /CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Certificate serial: 019874F4B20413A88DB8B388949D110904FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
Manifest number: 07A5
Signing time: Mon 04 Aug 2025 12:00:50 +0000
Manifest this update: Mon 04 Aug 2025 12:00:50 +0000
Manifest next update: Tue 05 Aug 2025 12:00:50 +0000
Files and hashes: 1: VJejrkbQcGz8ZtoJmN8x1bw4bkc.roa (hash: fTHkpU+4ZrTAo/sH1aFITBDz8Ocuvc9wBymMbgUJLms=)
2: ygHfSTk2pi4uyamAWo-ja4M1vVA.crl (hash: 9Xbs3eGC1P2W13y1QKfljrFcJN8XeJ7qnSSn759lrwQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:f4:b2:04:13:a8:8d:b8:b3:88:94:9d:11:09:04:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Validity
Not Before: Aug 4 12:00:50 2025 GMT
Not After : Aug 5 12:00:50 2025 GMT
Subject: CN=73e978a1c8bc23e962e9abc86b0ac181cc3eb090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f6:61:f9:94:4a:f9:bc:9d:23:ae:33:7f:85:
50:15:a9:03:03:53:84:20:fc:28:4e:3a:4d:60:51:
33:d7:bf:5c:89:94:27:4b:00:f8:3c:4b:29:cd:bb:
86:4f:61:74:b6:84:8e:09:5e:09:f4:2f:87:e4:84:
a1:bf:0b:19:67:92:54:21:df:43:36:ee:08:2f:1f:
52:8e:a5:db:04:6c:a9:a0:74:44:f8:05:8d:51:00:
f0:be:38:e2:65:6b:e3:9c:e1:6f:2e:25:c6:6c:86:
aa:02:8d:5e:1e:9e:ea:c1:6e:81:d4:ac:e6:74:2f:
0b:ea:de:a6:07:eb:23:8c:be:19:f0:72:36:9c:1e:
f9:d6:e7:fd:61:61:a2:6f:c9:59:a1:06:32:4a:e4:
3f:e8:34:53:e3:17:4d:28:f6:f7:6b:08:df:ca:6b:
ed:7e:6a:91:b5:6a:7d:9a:dc:84:43:49:da:6f:69:
a9:33:e1:2d:2e:6d:65:c8:25:60:d5:98:ed:fd:06:
49:25:ee:43:33:84:93:d2:d6:3e:48:a3:e8:03:31:
1e:bd:bc:6d:c9:58:60:dd:e7:ed:a9:51:97:4e:a0:
e4:22:f9:22:a7:35:ac:13:38:0d:ac:d9:4b:c2:5f:
28:e7:a8:be:95:e2:c0:cc:b5:a2:78:34:71:43:53:
84:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E9:78:A1:C8:BC:23:E9:62:E9:AB:C8:6B:0A:C1:81:CC:3E:B0:90
X509v3 Authority Key Identifier:
keyid:CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:8c:73:1a:53:19:f2:c7:6e:38:26:84:5b:55:b3:ab:37:35:
15:0b:28:80:81:ed:07:0d:41:fe:02:fa:2f:63:8c:f6:28:b3:
d7:28:ce:3f:9f:15:18:1b:0b:c7:eb:10:16:45:3e:fb:7b:f0:
e9:fd:d2:9b:f1:62:30:49:43:06:04:ab:bc:de:79:d6:b3:dc:
f1:3f:f0:3a:46:23:c9:41:58:ae:84:bb:ac:59:b5:e2:52:90:
21:2a:7d:bc:43:ce:7f:e1:55:5c:be:1b:91:2f:c9:de:73:fb:
8a:99:4c:b9:b0:2a:a8:f5:68:64:7e:cf:8e:67:b4:12:a2:2e:
62:54:1f:63:94:ad:5d:b9:5d:88:df:39:3d:42:bf:6a:93:66:
b6:97:fe:ee:20:8d:ad:41:1a:89:19:18:7e:8b:72:32:8d:80:
0c:8e:78:0e:a4:ba:25:28:65:f9:b1:95:73:94:72:5d:51:b2:
0f:b1:16:6c:bd:93:e8:87:d8:fe:88:07:8a:c4:eb:f9:ab:56:
12:b3:8a:c2:2a:1c:78:1f:f5:3f:a6:af:fa:e9:3c:f9:c7:c0:
d1:c3:7e:94:1a:8c:8f:cd:ac:f6:88:9e:4f:96:91:5d:aa:58:
09:f0:c4:20:55:8f:15:d2:0f:22:04:80:e0:10:bb:ac:10:08:
36:4b:d2:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh09LIEE6iNuLOIlJ0RCQT/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMDFkZjQ5MzkzNmE2MmUyZWM5YTk4MDVhOGZhMzZiODMz
NWJkNTAwHhcNMjUwODA0MTIwMDUwWhcNMjUwODA1MTIwMDUwWjAzMTEwLwYDVQQD
Eyg3M2U5NzhhMWM4YmMyM2U5NjJlOWFiYzg2YjBhYzE4MWNjM2ViMDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvZh+ZRK+bydI64zf4VQFakDA1OE
IPwoTjpNYFEz179ciZQnSwD4PEspzbuGT2F0toSOCV4J9C+H5IShvwsZZ5JUId9D
Nu4ILx9SjqXbBGypoHRE+AWNUQDwvjjiZWvjnOFvLiXGbIaqAo1eHp7qwW6B1Kzm
dC8L6t6mB+sjjL4Z8HI2nB751uf9YWGib8lZoQYySuQ/6DRT4xdNKPb3awjfymvt
fmqRtWp9mtyEQ0nab2mpM+EtLm1lyCVg1Zjt/QZJJe5DM4ST0tY+SKPoAzEevbxt
yVhg3eftqVGXTqDkIvkipzWsEzgNrNlLwl8o56i+leLAzLWieDRxQ1OEYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHPpeKHIvCPpYumryGsKwYHMPrCQMB8GA1UdIwQY
MBaAFMoB30k5NqYuLsmpgFqPo2uDNb1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUt
OTYyNzU4YTNkNWVhLzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUtOTYyNzU4YTNkNWVh
LzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQIxzGlMZ
8sduOCaEW1Wzqzc1FQsogIHtBw1B/gL6L2OM9iiz1yjOP58VGBsLx+sQFkU++3vw
6f3Sm/FiMElDBgSrvN551rPc8T/wOkYjyUFYroS7rFm14lKQISp9vEPOf+FVXL4b
kS/J3nP7iplMubAqqPVoZH7Pjme0EqIuYlQfY5StXbldiN85PUK/apNmtpf+7iCN
rUEaiRkYfotyMo2ADI54DqS6JShl+bGVc5RyXVGyD7EWbL2T6IfY/ogHisTr+atW
ErOKwioceB/1P6av+uk8+cfA0cN+lBqMj82s9oieT5aRXapYCfDEIFWPFdIPIgSA
4BC7rBAINkvSUQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 18:10:28 2025 by rpki-client