Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
File: yQDj7qi7474R-IxoK9E4wmUH99w.mft (raw, json)
Hash identifier: YsxJ8edVIdJ35O6+9W9wAePZBu11NJmSO4+M6Empts8=
Subject key identifier: DD:94:0A:B6:C1:72:19:9F:69:D4:D6:DC:99:CD:F2:93:1A:41:37:CA
Authority key identifier: C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC
Certificate issuer: /CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
Certificate serial: 0198D472AF95A90D607BE0406560F7065354
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
Manifest number: 0D2E
Signing time: Sat 23 Aug 2025 01:02:22 +0000
Manifest this update: Sat 23 Aug 2025 01:02:22 +0000
Manifest next update: Sun 24 Aug 2025 01:02:22 +0000
Files and hashes: 1: yQDj7qi7474R-IxoK9E4wmUH99w.crl (hash: 8shQAUs0T/5PUiKHsSlydtnpmIrXwprSHY0c1Vg9OM0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 01:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:72:af:95:a9:0d:60:7b:e0:40:65:60:f7:06:53:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
Validity
Not Before: Aug 23 01:02:22 2025 GMT
Not After : Aug 24 01:02:22 2025 GMT
Subject: CN=dd940ab6c172199f69d4d6dc99cdf2931a4137ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:df:1f:30:59:6f:7a:b8:f2:23:28:cc:f4:b2:
be:e3:aa:c4:28:bc:a3:3e:05:17:c5:7e:6f:82:c3:
29:ef:a4:d5:c7:06:27:27:96:6b:95:4d:4c:ef:9c:
86:ea:c6:c3:a7:1d:cc:c8:a3:8e:69:e1:c2:26:18:
de:02:28:14:c8:53:e8:29:87:7b:6b:1b:2d:56:25:
92:d5:65:f7:6b:9b:e2:49:30:cb:45:7d:32:dc:c3:
10:9f:7a:2c:55:40:38:96:2f:e5:5e:a8:db:bb:2e:
1b:f2:22:73:a6:3f:47:b1:69:98:e3:6e:93:01:99:
d8:78:02:24:45:3f:7f:6f:fe:01:40:f8:be:47:01:
39:5a:f1:1e:d0:f5:b2:06:31:55:6d:87:d7:cd:75:
58:1c:1c:a9:f3:0a:31:65:2e:a7:6f:fd:86:61:74:
7c:8c:a3:1e:a2:76:e9:00:2e:3f:52:c2:1a:8b:32:
a5:c9:f0:51:4e:38:0b:f4:25:56:d9:63:e0:b6:ff:
20:8e:3c:c9:de:c2:a3:6f:09:5d:27:f4:0c:4a:2e:
e8:9b:a3:ff:44:dc:04:15:6a:84:07:f2:19:f6:c4:
b9:d1:40:87:f8:f0:1a:83:0f:44:ba:2a:49:b5:bb:
dd:d0:3a:04:b0:e0:3e:7e:f7:37:ac:a3:ea:91:74:
e7:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:94:0A:B6:C1:72:19:9F:69:D4:D6:DC:99:CD:F2:93:1A:41:37:CA
X509v3 Authority Key Identifier:
keyid:C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:f1:87:0a:03:61:a6:9d:58:5a:94:2b:eb:b5:58:98:e4:a0:
71:c6:ee:ba:c4:93:36:a7:2e:ea:96:57:70:1a:8b:44:f8:87:
95:1b:e4:a0:fe:f8:ef:d0:b4:d0:7a:f9:5f:20:c9:ed:35:01:
70:65:3c:cf:bf:48:6b:70:3d:92:d7:c9:6a:98:92:fb:22:b0:
4c:1d:59:f2:2b:d3:6b:d7:5d:0a:6d:f1:78:88:89:df:7f:a0:
be:22:54:52:8b:68:8e:37:d7:12:fe:31:94:58:f5:ae:22:dc:
0e:53:57:19:88:b0:19:d6:59:fd:bf:36:47:26:4b:bc:e2:b3:
62:e7:24:37:f4:da:7a:81:5d:a7:6a:e5:8d:29:07:18:f3:bb:
f6:f9:e2:16:c3:b3:9c:dd:3e:28:c4:4f:23:97:64:55:91:eb:
ca:a8:ec:ed:6d:d5:3f:33:92:e8:b6:fc:92:0e:fd:49:d5:92:
59:c8:4f:f1:94:f9:7c:2d:c2:a5:24:49:8f:4a:c4:57:bb:f0:
c5:e5:ee:c3:ef:f9:3d:f0:67:dd:66:38:19:3b:9f:e0:3b:92:
35:8f:27:57:72:ea:3d:4d:e4:04:6b:41:01:24:4f:fe:ff:e8:
6c:9f:63:16:84:85:f7:48:02:85:32:6a:e8:b1:4d:d0:a8:03:
3e:30:81:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcq+VqQ1ge+BAZWD3BlNUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MDBlM2VlYThiYmUzYmUxMWY4OGM2ODJiZDEzOGMyNjUw
N2Y3ZGMwHhcNMjUwODIzMDEwMjIyWhcNMjUwODI0MDEwMjIyWjAzMTEwLwYDVQQD
EyhkZDk0MGFiNmMxNzIxOTlmNjlkNGQ2ZGM5OWNkZjI5MzFhNDEzN2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN8fMFlverjyIyjM9LK+46rEKLyj
PgUXxX5vgsMp76TVxwYnJ5ZrlU1M75yG6sbDpx3MyKOOaeHCJhjeAigUyFPoKYd7
axstViWS1WX3a5viSTDLRX0y3MMQn3osVUA4li/lXqjbuy4b8iJzpj9HsWmY426T
AZnYeAIkRT9/b/4BQPi+RwE5WvEe0PWyBjFVbYfXzXVYHByp8woxZS6nb/2GYXR8
jKMeonbpAC4/UsIaizKlyfBRTjgL9CVW2WPgtv8gjjzJ3sKjbwldJ/QMSi7om6P/
RNwEFWqEB/IZ9sS50UCH+PAagw9EuipJtbvd0DoEsOA+fvc3rKPqkXTnJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN2UCrbBchmfadTW3JnN8pMaQTfKMB8GA1UdIwQY
MBaAFMkA4+6ou+O+EfiMaCvROMJlB/fcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMt
NDE2MjA0YTAyNzM3LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMtNDE2MjA0YTAyNzM3
LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM/GHCgNh
pp1YWpQr67VYmOSgccbuusSTNqcu6pZXcBqLRPiHlRvkoP7479C00Hr5XyDJ7TUB
cGU8z79Ia3A9ktfJapiS+yKwTB1Z8ivTa9ddCm3xeIiJ33+gviJUUotojjfXEv4x
lFj1riLcDlNXGYiwGdZZ/b82RyZLvOKzYuckN/TaeoFdp2rljSkHGPO79vniFsOz
nN0+KMRPI5dkVZHryqjs7W3VPzOS6Lb8kg79SdWSWchP8ZT5fC3CpSRJj0rEV7vw
xeXuw+/5PfBn3WY4GTuf4DuSNY8nV3LqPU3kBGtBASRP/v/obJ9jFoSF90gChTJq
6LFN0KgDPjCB+w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:41:25 2025 by rpki-client