Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.mft
File: y5-GErfxR1ABa4SMQvYN82rYMtk.mft (raw, json)
Hash identifier: 5aEAysQoD9qWjDNgYtIltXqhPVz6sZXQDHmgc3A3ARw=
Subject key identifier: 90:38:01:D4:EF:5F:FE:03:F8:98:8F:FD:F9:7A:5C:8B:F3:CE:AC:80
Authority key identifier: CB:9F:86:12:B7:F1:47:50:01:6B:84:8C:42:F6:0D:F3:6A:D8:32:D9
Certificate issuer: /CN=cb9f8612b7f14750016b848c42f60df36ad832d9
Certificate serial: 0197B6A1A8BFA0FEF5A2CBA02DA7A7A1467C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y5-GErfxR1ABa4SMQvYN82rYMtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.mft
Manifest number: 15B5
Signing time: Sat 28 Jun 2025 13:02:17 +0000
Manifest this update: Sat 28 Jun 2025 13:02:17 +0000
Manifest next update: Sun 29 Jun 2025 13:02:17 +0000
Files and hashes: 1: 35Hkh6WGB56LhQUZWJy4fWu8adc.roa (hash: N+zjw78vBIKP/bKJa3b5qGQ6N/RlG9tWFNOT+GZrtRA=)
2: y5-GErfxR1ABa4SMQvYN82rYMtk.crl (hash: aPSPobkoOtAKGBXIXeZnGnhPGrCA+Ju0xXIH1y0jIqQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.mft
rsync://rpki.ripe.net/repository/DEFAULT/y5-GErfxR1ABa4SMQvYN82rYMtk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 13:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:a1:a8:bf:a0:fe:f5:a2:cb:a0:2d:a7:a7:a1:46:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb9f8612b7f14750016b848c42f60df36ad832d9
Validity
Not Before: Jun 28 13:02:17 2025 GMT
Not After : Jun 29 13:02:17 2025 GMT
Subject: CN=903801d4ef5ffe03f8988ffdf97a5c8bf3ceac80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:36:8f:d4:88:5a:a7:fb:11:fd:2a:6f:06:b4:
fd:2e:93:31:04:c9:e4:c6:b8:e1:97:9a:87:2c:05:
bf:5f:cf:3f:fc:6a:61:c3:af:f7:5a:fd:fe:79:ae:
e1:95:df:0c:d4:3f:5a:fe:1c:d9:9f:fb:23:7e:ab:
26:be:24:e3:00:63:57:71:56:57:32:e1:5c:44:04:
54:4b:53:70:37:68:f5:e8:9f:ec:2d:36:17:f8:f8:
e1:48:a4:d0:45:55:92:8f:95:a3:62:e2:f9:05:18:
37:0b:9c:c9:31:72:3f:72:cd:be:f9:93:c3:f8:ec:
97:9e:94:b0:8a:bb:8f:b2:95:ce:dd:8b:f7:c8:da:
8f:82:94:8c:15:aa:44:73:80:f0:b8:58:20:1e:75:
8c:9e:3b:f9:4f:66:24:e4:6d:70:aa:00:2f:33:ef:
c4:9e:ae:ff:1e:b1:d1:ca:19:dc:0a:1e:10:79:c8:
89:14:c5:86:20:0e:7a:8d:87:ec:4d:c2:ef:07:62:
7d:a7:30:42:02:c2:a6:2e:65:9a:56:b0:74:4f:72:
e3:57:1e:fe:da:b6:d2:c5:f1:87:7b:4c:2d:d1:a9:
a8:8e:9a:1b:6d:04:07:fa:2b:d9:e9:30:9a:19:87:
f6:2a:2a:22:f2:0b:d6:12:03:66:9c:6a:fc:be:6e:
3c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:38:01:D4:EF:5F:FE:03:F8:98:8F:FD:F9:7A:5C:8B:F3:CE:AC:80
X509v3 Authority Key Identifier:
keyid:CB:9F:86:12:B7:F1:47:50:01:6B:84:8C:42:F6:0D:F3:6A:D8:32:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5-GErfxR1ABa4SMQvYN82rYMtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:a1:c0:6f:b7:0b:ab:51:75:11:f7:0e:fb:14:5b:d7:59:50:
5a:34:d1:ee:5c:10:fd:61:29:ae:70:cb:1e:e2:e4:9a:b6:e2:
6f:1f:e6:1f:18:1c:16:ba:ed:c8:28:23:a4:42:79:ad:02:3c:
96:04:b8:bc:88:ce:02:49:aa:98:f8:43:01:e5:0e:8e:04:45:
29:5a:96:8f:e6:f4:be:b1:10:c0:42:6d:01:be:29:2c:22:f6:
30:32:63:ce:3e:36:d3:4c:ff:b3:d9:17:57:cf:ef:f1:65:34:
ce:03:52:a6:2e:25:c1:30:54:9a:9a:81:7e:3e:a1:3d:e5:57:
ac:02:e4:2c:69:8c:95:bf:25:d8:e9:35:ab:c9:0a:32:a8:c2:
45:3f:fa:a8:51:86:c5:0e:e9:4a:63:34:9e:0f:10:a7:66:2d:
d8:cd:46:e1:a2:89:0f:80:97:56:36:47:1d:e4:81:6a:4f:50:
66:67:a0:af:f3:c7:85:26:e4:b3:ff:ae:42:e8:d0:d6:f3:26:
c9:cd:36:b1:c4:73:9a:5d:1a:99:09:93:5e:9b:b6:51:15:50:
cd:e4:1a:6a:38:0b:2b:b8:2e:7d:37:94:b5:cc:37:9f:d8:e7:
cf:4c:fc:74:41:b9:48:ef:e4:b8:a7:48:b0:0e:5a:7f:bc:65:
62:ba:60:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oai/oP71osugLaenoUZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOWY4NjEyYjdmMTQ3NTAwMTZiODQ4YzQyZjYwZGYzNmFk
ODMyZDkwHhcNMjUwNjI4MTMwMjE3WhcNMjUwNjI5MTMwMjE3WjAzMTEwLwYDVQQD
Eyg5MDM4MDFkNGVmNWZmZTAzZjg5ODhmZmRmOTdhNWM4YmYzY2VhYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDaP1Ihap/sR/SpvBrT9LpMxBMnk
xrjhl5qHLAW/X88//Gphw6/3Wv3+ea7hld8M1D9a/hzZn/sjfqsmviTjAGNXcVZX
MuFcRARUS1NwN2j16J/sLTYX+PjhSKTQRVWSj5WjYuL5BRg3C5zJMXI/cs2++ZPD
+OyXnpSwiruPspXO3Yv3yNqPgpSMFapEc4DwuFggHnWMnjv5T2Yk5G1wqgAvM+/E
nq7/HrHRyhncCh4QeciJFMWGIA56jYfsTcLvB2J9pzBCAsKmLmWaVrB0T3LjVx7+
2rbSxfGHe0wt0amojpobbQQH+ivZ6TCaGYf2Kioi8gvWEgNmnGr8vm48EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJA4AdTvX/4D+JiP/fl6XIvzzqyAMB8GA1UdIwQY
MBaAFMufhhK38UdQAWuEjEL2DfNq2DLZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTUtR0VyZnhSMUFCYTRTTVF2WU44MnJZTXRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iODQ1MDAtZmZkYi00MmQyLTk0NjUt
YTJlYWRlODM5NTVkLzEveTUtR0VyZnhSMUFCYTRTTVF2WU44MnJZTXRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iODQ1MDAtZmZkYi00MmQyLTk0NjUtYTJlYWRlODM5NTVk
LzEveTUtR0VyZnhSMUFCYTRTTVF2WU44MnJZTXRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApaHAb7cL
q1F1EfcO+xRb11lQWjTR7lwQ/WEprnDLHuLkmrbibx/mHxgcFrrtyCgjpEJ5rQI8
lgS4vIjOAkmqmPhDAeUOjgRFKVqWj+b0vrEQwEJtAb4pLCL2MDJjzj4200z/s9kX
V8/v8WU0zgNSpi4lwTBUmpqBfj6hPeVXrALkLGmMlb8l2Ok1q8kKMqjCRT/6qFGG
xQ7pSmM0ng8Qp2Yt2M1G4aKJD4CXVjZHHeSBak9QZmegr/PHhSbks/+uQujQ1vMm
yc02scRzml0amQmTXpu2URVQzeQaajgLK7gufTeUtcw3n9jnz0z8dEG5SO/kuKdI
sA5af7xlYrpgmQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 21:40:27 2025 by rpki-client