Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
File: RyyyiCCZANGvGpmLsDnsdX5JPdU.mft (raw, json)
Hash identifier: 1fiMKmEFCpbjE+3mZnuBCE5oSt1ihFfkUwtYkxCQugU=
Subject key identifier: 0F:76:67:1B:BB:AD:AB:0D:A1:DC:B7:94:3A:58:48:FC:80:74:FA:24
Authority key identifier: 47:2C:B2:88:20:99:00:D1:AF:1A:99:8B:B0:39:EC:75:7E:49:3D:D5
Certificate issuer: /CN=472cb288209900d1af1a998bb039ec757e493dd5
Certificate serial: 0197B5C4D0F4891255800CDFF97911F230BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyyyiCCZANGvGpmLsDnsdX5JPdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
Manifest number: 07DD
Signing time: Sat 28 Jun 2025 09:01:03 +0000
Manifest this update: Sat 28 Jun 2025 09:01:03 +0000
Manifest next update: Sun 29 Jun 2025 09:01:03 +0000
Files and hashes: 1: RyyyiCCZANGvGpmLsDnsdX5JPdU.crl (hash: sxRz3NpXFqmD/QZS4AeZOIOKb4uZfOFDl0YTRYrvMjM=)
2: S3dIMaIh62_y7HmBxhlxOM_ScHc.roa (hash: wYfLcBDYpc1piz/XiUHEld94m4pY4RAv7rF1GCt4/I0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
rsync://rpki.ripe.net/repository/DEFAULT/RyyyiCCZANGvGpmLsDnsdX5JPdU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 09:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b5:c4:d0:f4:89:12:55:80:0c:df:f9:79:11:f2:30:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=472cb288209900d1af1a998bb039ec757e493dd5
Validity
Not Before: Jun 28 09:01:03 2025 GMT
Not After : Jun 29 09:01:03 2025 GMT
Subject: CN=0f76671bbbadab0da1dcb7943a5848fc8074fa24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:20:47:69:bc:63:df:94:08:0e:33:55:4c:66:
0f:2c:1a:bd:18:16:f2:a3:f1:57:9b:82:ea:ce:91:
4a:86:42:2b:f7:d7:fe:6c:2d:79:5d:bc:50:e1:25:
f8:5c:df:7a:13:cf:92:77:29:9b:f3:25:dc:1c:fe:
4c:1e:c2:69:4a:31:3f:bc:82:c7:f5:4c:3b:1d:2f:
74:7c:68:7f:c5:02:4e:08:90:30:37:88:72:32:e0:
da:81:8b:79:82:ab:47:26:75:e7:30:b5:c7:79:02:
27:d1:e2:c4:22:33:93:4f:8b:a0:c2:92:b1:b1:4a:
4b:03:39:be:62:83:69:16:10:f1:16:d8:35:1a:01:
27:fe:24:03:22:85:ed:08:db:ea:b8:eb:9e:9b:77:
9d:6d:5a:f0:2d:c1:aa:12:75:98:dd:9e:e3:32:5d:
44:a9:f2:86:5b:ef:0d:bd:a9:34:06:0c:1d:36:f3:
7b:81:2b:ee:1e:d9:b0:70:e6:5d:67:f7:48:f3:33:
1e:3b:6d:ad:87:43:e0:f5:25:75:a2:fd:13:e5:9b:
92:28:c9:23:a9:b7:b3:be:9c:95:29:88:0c:d1:b9:
7d:41:da:7a:50:a9:12:51:aa:50:78:09:ff:2b:f3:
ca:ad:14:06:6f:21:a7:1e:00:29:b4:51:39:cb:97:
48:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:76:67:1B:BB:AD:AB:0D:A1:DC:B7:94:3A:58:48:FC:80:74:FA:24
X509v3 Authority Key Identifier:
keyid:47:2C:B2:88:20:99:00:D1:AF:1A:99:8B:B0:39:EC:75:7E:49:3D:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyyyiCCZANGvGpmLsDnsdX5JPdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:5c:b4:99:d4:6d:6f:2b:db:7d:c6:b2:11:5f:f7:c8:37:d3:
d3:35:30:35:cd:28:97:61:88:45:f6:33:a8:4c:8f:3e:31:8c:
6c:42:31:64:0a:08:f4:0b:89:b2:c3:39:62:08:da:49:2b:68:
e3:4a:5f:80:9b:90:3e:75:90:13:1d:c7:10:3c:45:a6:53:d9:
5f:77:56:6d:26:4e:e8:ed:2e:05:42:f7:67:41:00:cb:1b:a0:
29:a1:88:c2:81:ea:5d:07:84:8f:93:a3:cd:22:6f:83:09:f2:
8f:b1:94:9f:77:75:45:11:d2:b3:d3:58:b7:44:2b:ae:e7:fd:
96:47:b8:b8:90:33:c3:2a:13:c2:48:22:ca:8c:94:2e:4b:dd:
88:ee:f7:cf:95:1e:ff:0e:c1:b8:34:61:23:f6:15:ec:9b:fc:
d6:4c:92:4f:af:81:a5:4b:60:75:24:6d:71:13:38:f0:8f:09:
ab:c6:1d:87:1c:c2:bb:a4:5b:40:09:22:ee:22:c0:dc:a2:fb:
cf:d6:0c:00:3b:1d:99:3e:5c:d6:0f:7e:13:01:04:f4:89:f3:
c9:45:d3:23:8a:c4:1b:27:09:b2:a6:df:f2:10:70:3c:e0:0a:
17:a5:d2:90:e4:24:5d:31:b0:ab:51:91:1b:f1:83:2a:a9:bc:
e9:94:ff:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1xND0iRJVgAzf+XkR8jC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MmNiMjg4MjA5OTAwZDFhZjFhOTk4YmIwMzllYzc1N2U0
OTNkZDUwHhcNMjUwNjI4MDkwMTAzWhcNMjUwNjI5MDkwMTAzWjAzMTEwLwYDVQQD
EygwZjc2NjcxYmJiYWRhYjBkYTFkY2I3OTQzYTU4NDhmYzgwNzRmYTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyBHabxj35QIDjNVTGYPLBq9GBby
o/FXm4LqzpFKhkIr99f+bC15XbxQ4SX4XN96E8+Sdymb8yXcHP5MHsJpSjE/vILH
9Uw7HS90fGh/xQJOCJAwN4hyMuDagYt5gqtHJnXnMLXHeQIn0eLEIjOTT4ugwpKx
sUpLAzm+YoNpFhDxFtg1GgEn/iQDIoXtCNvquOuem3edbVrwLcGqEnWY3Z7jMl1E
qfKGW+8Nvak0BgwdNvN7gSvuHtmwcOZdZ/dI8zMeO22th0Pg9SV1ov0T5ZuSKMkj
qbezvpyVKYgM0bl9Qdp6UKkSUapQeAn/K/PKrRQGbyGnHgAptFE5y5dIxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA92Zxu7rasNody3lDpYSPyAdPokMB8GA1UdIwQY
MBaAFEcssoggmQDRrxqZi7A57HV+ST3VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnl5eWlDQ1pBTkd2R3BtTHNEbnNkWDVKUGRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9mOWI2YjktYjc4Ny00ZTI4LWIwYmYt
YWE5MDJkYmFlOTI4LzEvUnl5eWlDQ1pBTkd2R3BtTHNEbnNkWDVKUGRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9mOWI2YjktYjc4Ny00ZTI4LWIwYmYtYWE5MDJkYmFlOTI4
LzEvUnl5eWlDQ1pBTkd2R3BtTHNEbnNkWDVKUGRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM1y0mdRt
byvbfcayEV/3yDfT0zUwNc0ol2GIRfYzqEyPPjGMbEIxZAoI9AuJssM5YgjaSSto
40pfgJuQPnWQEx3HEDxFplPZX3dWbSZO6O0uBUL3Z0EAyxugKaGIwoHqXQeEj5Oj
zSJvgwnyj7GUn3d1RRHSs9NYt0Qrruf9lke4uJAzwyoTwkgiyoyULkvdiO73z5Ue
/w7BuDRhI/YV7Jv81kyST6+BpUtgdSRtcRM48I8Jq8YdhxzCu6RbQAki7iLA3KL7
z9YMADsdmT5c1g9+EwEE9InzyUXTI4rEGycJsqbf8hBwPOAKF6XSkOQkXTGwq1GR
G/GDKqm86ZT/HQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 19:53:40 2025 by rpki-client