Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft
File: y2bnZjRVc9cVnWeU7a7bc5okH48.mft (raw, json)
Hash identifier: i48bPDGiLGITB68UmS9ElPky+Q6tplgt9lKfqYVqr6g=
Subject key identifier: 8F:5C:85:3A:56:D4:54:76:1E:03:AE:11:AF:74:4F:CC:34:00:CF:FF
Authority key identifier: CB:66:E7:66:34:55:73:D7:15:9D:67:94:ED:AE:DB:73:9A:24:1F:8F
Certificate issuer: /CN=cb66e766345573d7159d6794edaedb739a241f8f
Certificate serial: 0196C2A6EF4EB7139D98E5AD675190B06B6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2bnZjRVc9cVnWeU7a7bc5okH48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft
Manifest number: 0585
Signing time: Mon 12 May 2025 04:00:42 +0000
Manifest this update: Mon 12 May 2025 04:00:42 +0000
Manifest next update: Tue 13 May 2025 04:00:42 +0000
Files and hashes: 1: GP-mcsPVfkxFR6BakAdLWMHzvnk.roa (hash: 46Gy5AnSQQR4RzlnLScg9/HmedHrQU8V47NDaOoaI7E=)
2: y2bnZjRVc9cVnWeU7a7bc5okH48.crl (hash: 91hCmzPHXUEdkOXC0V7A5zSSqdxCUr/x1Hnhqf1lVQ8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft
rsync://rpki.ripe.net/repository/DEFAULT/y2bnZjRVc9cVnWeU7a7bc5okH48.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c2:a6:ef:4e:b7:13:9d:98:e5:ad:67:51:90:b0:6b:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb66e766345573d7159d6794edaedb739a241f8f
Validity
Not Before: May 12 04:00:42 2025 GMT
Not After : May 13 04:00:42 2025 GMT
Subject: CN=8f5c853a56d454761e03ae11af744fcc3400cfff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:af:cf:3a:b4:6a:a1:db:80:ea:f2:18:71:eb:
c8:f5:0f:04:ea:6f:a6:5e:8b:1f:49:fe:36:78:7a:
a5:e6:10:58:1a:ad:51:cf:f4:ce:72:5a:ae:06:a5:
96:02:1c:0b:f6:f7:69:74:23:d3:0c:38:6b:47:2e:
5b:df:d3:49:d8:30:d0:bb:a5:e4:a8:d0:37:20:43:
8c:f2:45:48:d6:e5:47:c2:59:b6:dc:cf:d9:bc:bf:
27:e1:25:be:2b:c4:56:ad:52:1d:9a:92:9a:d1:d9:
c3:88:5d:c7:93:04:0d:8d:23:e2:bd:b7:48:87:56:
bd:d5:25:d7:e5:30:9a:87:af:cb:71:c9:a0:ec:05:
57:f3:13:d7:f4:a7:9f:7d:9b:a8:ce:a7:df:99:20:
35:18:75:b9:dc:bd:43:d4:ea:c3:5c:3f:52:39:fd:
5a:33:f3:e0:9b:12:a7:39:68:6f:72:21:69:e3:58:
fc:63:12:87:e5:b8:32:e8:28:a9:6c:6a:78:4c:14:
16:9f:4f:ce:d2:a7:0f:9a:06:cb:e0:d6:ba:f2:6d:
23:81:45:ab:e1:4c:79:3d:0e:57:10:0b:18:fe:88:
40:de:1f:54:35:ae:4f:36:b7:86:07:ee:f6:a0:63:
0b:86:c7:78:b5:5d:44:e5:6e:61:71:6b:4c:eb:f4:
1d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:5C:85:3A:56:D4:54:76:1E:03:AE:11:AF:74:4F:CC:34:00:CF:FF
X509v3 Authority Key Identifier:
keyid:CB:66:E7:66:34:55:73:D7:15:9D:67:94:ED:AE:DB:73:9A:24:1F:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2bnZjRVc9cVnWeU7a7bc5okH48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:d3:2b:a0:52:2e:e5:9a:a6:74:d0:eb:2e:c2:8a:70:38:0e:
95:89:c3:22:57:b3:04:63:cf:63:b1:4e:98:0e:a2:74:f2:ee:
ab:b0:2f:07:dd:8c:7b:a0:9b:dd:1a:9c:fe:c9:59:d7:dc:d0:
0a:05:b7:3d:5b:70:45:fb:09:fa:7f:68:50:62:0f:66:fa:85:
68:15:81:fb:74:6e:07:68:61:e2:cb:b1:bd:11:d4:05:d7:78:
be:b2:51:dc:c6:26:77:5b:35:51:73:de:f6:e9:83:66:25:a1:
10:57:12:c3:59:02:ee:cb:43:04:9f:59:f9:be:28:09:9a:12:
9c:b6:50:02:3b:a6:55:60:0b:30:d2:28:f2:c9:f0:bb:38:f6:
52:f2:ea:10:ba:8b:c0:31:08:35:ee:b1:d5:7c:56:23:b2:80:
b5:87:38:70:ad:56:de:d6:a9:a8:c2:c0:a6:22:21:39:cd:85:
38:a2:ec:45:33:6e:c7:27:c4:3f:06:e0:52:29:37:ce:19:16:
4f:6d:23:84:e7:82:1a:94:84:48:96:e2:96:c1:a8:5d:99:b5:
1c:7f:46:92:cc:7f:a9:cb:d5:05:e1:56:db:72:d1:8c:4b:03:
65:4c:59:5e:ef:09:67:b8:1f:5d:c3:d3:93:85:50:c5:cf:b6:
8c:26:99:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbCpu9OtxOdmOWtZ1GQsGttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNjZlNzY2MzQ1NTczZDcxNTlkNjc5NGVkYWVkYjczOWEy
NDFmOGYwHhcNMjUwNTEyMDQwMDQyWhcNMjUwNTEzMDQwMDQyWjAzMTEwLwYDVQQD
Eyg4ZjVjODUzYTU2ZDQ1NDc2MWUwM2FlMTFhZjc0NGZjYzM0MDBjZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxq/POrRqoduA6vIYcevI9Q8E6m+m
XosfSf42eHql5hBYGq1Rz/TOclquBqWWAhwL9vdpdCPTDDhrRy5b39NJ2DDQu6Xk
qNA3IEOM8kVI1uVHwlm23M/ZvL8n4SW+K8RWrVIdmpKa0dnDiF3HkwQNjSPivbdI
h1a91SXX5TCah6/Lccmg7AVX8xPX9KeffZuozqffmSA1GHW53L1D1OrDXD9SOf1a
M/PgmxKnOWhvciFp41j8YxKH5bgy6CipbGp4TBQWn0/O0qcPmgbL4Na68m0jgUWr
4Ux5PQ5XEAsY/ohA3h9UNa5PNreGB+72oGMLhsd4tV1E5W5hcWtM6/QdUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI9chTpW1FR2HgOuEa90T8w0AM//MB8GA1UdIwQY
MBaAFMtm52Y0VXPXFZ1nlO2u23OaJB+PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJiblpqUlZjOWNWbldlVTdhN2JjNW9rSDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi80NTg5MGUtNmY3MS00ZDM2LTk4OGEt
NjViZjc5YjBhOTg5LzEveTJiblpqUlZjOWNWbldlVTdhN2JjNW9rSDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi80NTg5MGUtNmY3MS00ZDM2LTk4OGEtNjViZjc5YjBhOTg5
LzEveTJiblpqUlZjOWNWbldlVTdhN2JjNW9rSDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjNMroFIu
5ZqmdNDrLsKKcDgOlYnDIlezBGPPY7FOmA6idPLuq7AvB92Me6Cb3Rqc/slZ19zQ
CgW3PVtwRfsJ+n9oUGIPZvqFaBWB+3RuB2hh4suxvRHUBdd4vrJR3MYmd1s1UXPe
9umDZiWhEFcSw1kC7stDBJ9Z+b4oCZoSnLZQAjumVWALMNIo8snwuzj2UvLqELqL
wDEINe6x1XxWI7KAtYc4cK1W3tapqMLApiIhOc2FOKLsRTNuxyfEPwbgUik3zhkW
T20jhOeCGpSESJbilsGoXZm1HH9Gksx/qcvVBeFW23LRjEsDZUxZXu8JZ7gfXcPT
k4VQxc+2jCaZgw==
-----END CERTIFICATE-----
Generated at Mon May 12 12:34:56 2025 by rpki-client