Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
File: YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft (raw, json)
Hash identifier: 5tQtukngKrLyYF6t+ggBoWgFYfSKbPa/UWomZpWQO64=
Subject key identifier: 84:DB:4D:E0:37:AB:53:5C:28:B2:D3:28:22:45:B0:C9:71:CD:88:C3
Authority key identifier: 61:17:D6:15:80:43:15:0B:0A:D2:24:A0:64:8D:F0:18:57:06:01:9C
Certificate issuer: /CN=6117d6158043150b0ad224a0648df0185706019c
Certificate serial: 0196C53A355DA023FFD3C5B4069A6694A478
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YRfWFYBDFQsK0iSgZI3wGFcGAZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
Manifest number: 0FC6
Signing time: Mon 12 May 2025 16:00:48 +0000
Manifest this update: Mon 12 May 2025 16:00:48 +0000
Manifest next update: Tue 13 May 2025 16:00:48 +0000
Files and hashes: 1: YRfWFYBDFQsK0iSgZI3wGFcGAZw.crl (hash: cUKaTxrpiU1fiZoOzo+0h+ZxAR9LnAZhPDicEG5srg4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
rsync://rpki.ripe.net/repository/DEFAULT/YRfWFYBDFQsK0iSgZI3wGFcGAZw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 14:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:3a:35:5d:a0:23:ff:d3:c5:b4:06:9a:66:94:a4:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6117d6158043150b0ad224a0648df0185706019c
Validity
Not Before: May 12 16:00:48 2025 GMT
Not After : May 13 16:00:48 2025 GMT
Subject: CN=84db4de037ab535c28b2d3282245b0c971cd88c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f6:12:3f:6d:42:d4:8b:c3:8e:82:4e:95:f9:
ea:da:44:e7:f6:a2:a8:6b:59:69:47:30:82:c2:0c:
91:31:98:f7:e4:1f:30:ad:67:ac:09:54:56:9d:c9:
1f:85:39:76:10:48:b3:a1:9d:55:d2:3c:11:e6:8f:
32:b4:b5:ab:1c:04:dd:19:7e:2e:d2:63:3e:1a:19:
7a:1e:75:b6:c8:cf:a0:1c:a0:21:9b:bf:b2:76:34:
95:76:c1:44:c0:dc:74:f7:82:9e:8a:f2:5c:01:af:
c9:a9:db:04:19:c8:25:b9:57:0c:56:b3:0e:91:73:
2e:65:11:d9:db:91:89:37:ac:43:74:a8:9b:4c:92:
1d:5b:6e:65:24:c4:d1:e8:85:c3:65:72:1a:80:b3:
43:ad:1f:99:8b:62:17:77:92:45:78:af:5f:98:4d:
06:4c:08:43:a8:48:6f:07:0f:74:1e:3d:ac:d7:c2:
d9:2d:52:76:ac:74:e5:ff:62:13:a2:96:6e:4d:12:
74:75:a9:88:65:e8:62:d1:a1:0d:76:b7:19:ee:b4:
85:d3:45:3b:81:f9:a1:0c:7b:0d:91:cd:f1:dd:4f:
c8:5a:ac:f5:c9:89:8f:5a:48:a1:70:e0:6f:41:3c:
51:5c:4a:88:41:01:4f:5b:6a:10:ea:bb:7b:53:61:
b4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:DB:4D:E0:37:AB:53:5C:28:B2:D3:28:22:45:B0:C9:71:CD:88:C3
X509v3 Authority Key Identifier:
keyid:61:17:D6:15:80:43:15:0B:0A:D2:24:A0:64:8D:F0:18:57:06:01:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YRfWFYBDFQsK0iSgZI3wGFcGAZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:b0:2c:36:51:59:40:0b:9a:cb:f4:fc:08:e2:3f:a4:be:e3:
a5:11:ad:5c:86:2a:68:4c:74:b8:9b:ae:7a:a6:34:0f:ed:02:
a9:3e:8f:0d:12:53:fa:a5:ce:e5:79:cf:16:1e:0c:a6:29:16:
cb:f5:7c:48:21:85:16:c7:10:25:d8:49:b7:48:05:20:94:be:
d5:36:c3:7a:6f:41:43:a7:a4:93:2b:c1:7b:b5:f8:75:c0:46:
48:75:e7:d0:41:eb:c4:03:de:e5:46:a7:63:3d:ad:04:df:28:
53:a9:87:ad:24:7b:44:1f:b3:a7:a2:77:a4:1b:0a:a3:e6:e6:
a7:55:5e:34:69:85:79:b9:a7:a5:b4:92:64:d6:e2:83:5a:fc:
42:9c:b9:1e:f4:37:f3:10:df:45:53:e8:89:90:c7:4c:35:a1:
0a:89:92:a8:84:d2:94:7a:b8:fe:ba:ba:fd:cc:0e:5c:b6:54:
6a:83:2f:95:e9:71:cd:4a:68:5f:f7:ce:d6:d2:3d:48:21:e8:
4e:ec:e5:c4:96:cb:5b:41:ca:24:1c:4e:b7:a7:83:ec:bb:9d:
62:d4:29:58:14:3c:bc:ea:b6:5f:54:66:36:14:0c:c4:17:b3:
ff:a8:56:64:ab:b1:a2:a5:77:03:5d:e1:53:d7:38:b8:4a:c6:
96:a4:dd:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFOjVdoCP/08W0BppmlKR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMTdkNjE1ODA0MzE1MGIwYWQyMjRhMDY0OGRmMDE4NTcw
NjAxOWMwHhcNMjUwNTEyMTYwMDQ4WhcNMjUwNTEzMTYwMDQ4WjAzMTEwLwYDVQQD
Eyg4NGRiNGRlMDM3YWI1MzVjMjhiMmQzMjgyMjQ1YjBjOTcxY2Q4OGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPYSP21C1IvDjoJOlfnq2kTn9qKo
a1lpRzCCwgyRMZj35B8wrWesCVRWnckfhTl2EEizoZ1V0jwR5o8ytLWrHATdGX4u
0mM+Ghl6HnW2yM+gHKAhm7+ydjSVdsFEwNx094KeivJcAa/JqdsEGcgluVcMVrMO
kXMuZRHZ25GJN6xDdKibTJIdW25lJMTR6IXDZXIagLNDrR+Zi2IXd5JFeK9fmE0G
TAhDqEhvBw90Hj2s18LZLVJ2rHTl/2ITopZuTRJ0damIZehi0aENdrcZ7rSF00U7
gfmhDHsNkc3x3U/IWqz1yYmPWkihcOBvQTxRXEqIQQFPW2oQ6rt7U2G0vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFITbTeA3q1NcKLLTKCJFsMlxzYjDMB8GA1UdIwQY
MBaAFGEX1hWAQxULCtIkoGSN8BhXBgGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVJmV0ZZQkRGUXNLMGlTZ1pJM3dHRmNHQVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jOTY0MjYtNDgzYS00Y2JmLTlhYTMt
OTQ3MzU4MGJjODUwLzEvWVJmV0ZZQkRGUXNLMGlTZ1pJM3dHRmNHQVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9jOTY0MjYtNDgzYS00Y2JmLTlhYTMtOTQ3MzU4MGJjODUw
LzEvWVJmV0ZZQkRGUXNLMGlTZ1pJM3dHRmNHQVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWrAsNlFZ
QAuay/T8COI/pL7jpRGtXIYqaEx0uJuueqY0D+0CqT6PDRJT+qXO5XnPFh4MpikW
y/V8SCGFFscQJdhJt0gFIJS+1TbDem9BQ6ekkyvBe7X4dcBGSHXn0EHrxAPe5Uan
Yz2tBN8oU6mHrSR7RB+zp6J3pBsKo+bmp1VeNGmFebmnpbSSZNbig1r8Qpy5HvQ3
8xDfRVPoiZDHTDWhComSqITSlHq4/rq6/cwOXLZUaoMvlelxzUpoX/fO1tI9SCHo
TuzlxJbLW0HKJBxOt6eD7LudYtQpWBQ8vOq2X1RmNhQMxBez/6hWZKuxoqV3A13h
U9c4uErGlqTdhw==
-----END CERTIFICATE-----
Generated at Mon May 12 22:10:25 2025 by rpki-client