Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.mft
File: y5-GErfxR1ABa4SMQvYN82rYMtk.mft (raw, json)
Hash identifier: 2FWc55xRxB0ItZ1HF76vUnuhB3nPMyeGNMzlx1euj/8=
Subject key identifier: C5:14:A4:0D:82:EB:63:94:D8:39:F4:2B:E8:C4:43:86:DB:FA:30:49
Authority key identifier: CB:9F:86:12:B7:F1:47:50:01:6B:84:8C:42:F6:0D:F3:6A:D8:32:D9
Certificate issuer: /CN=cb9f8612b7f14750016b848c42f60df36ad832d9
Certificate serial: 0198D65FC6910B02168D10226CA685BAE6D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y5-GErfxR1ABa4SMQvYN82rYMtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.mft
Manifest number: 164A
Signing time: Sat 23 Aug 2025 10:00:57 +0000
Manifest this update: Sat 23 Aug 2025 10:00:57 +0000
Manifest next update: Sun 24 Aug 2025 10:00:57 +0000
Files and hashes: 1: 35Hkh6WGB56LhQUZWJy4fWu8adc.roa (hash: N+zjw78vBIKP/bKJa3b5qGQ6N/RlG9tWFNOT+GZrtRA=)
2: y5-GErfxR1ABa4SMQvYN82rYMtk.crl (hash: losj7B6aNNDSdlYmul7k85Abz5h2D3QjFY0MaHyepAE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.mft
rsync://rpki.ripe.net/repository/DEFAULT/y5-GErfxR1ABa4SMQvYN82rYMtk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:5f:c6:91:0b:02:16:8d:10:22:6c:a6:85:ba:e6:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb9f8612b7f14750016b848c42f60df36ad832d9
Validity
Not Before: Aug 23 10:00:57 2025 GMT
Not After : Aug 24 10:00:57 2025 GMT
Subject: CN=c514a40d82eb6394d839f42be8c44386dbfa3049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ca:39:84:94:5d:e0:62:f9:d6:bf:72:79:c1:
df:06:4d:06:48:7b:2b:50:64:74:ea:2a:a6:7f:d6:
06:21:7a:98:fb:a3:27:aa:a3:05:5a:01:52:0a:75:
ab:ed:6e:e5:91:4c:8d:02:d4:c6:c1:69:05:94:80:
7b:6c:4e:93:7f:19:fa:62:c4:03:f7:b5:53:6c:05:
c6:72:de:63:88:c4:91:ec:1f:be:28:89:16:68:1b:
ab:43:df:ee:6c:28:5f:22:87:e2:3b:28:0f:aa:22:
e1:2b:95:7c:ab:56:9f:0d:a0:d2:89:ba:75:00:2d:
66:e5:39:15:6e:b8:09:43:fc:31:bf:cb:85:53:f7:
91:a3:ab:9a:da:09:6d:ce:41:aa:9d:bb:a3:1a:fb:
81:97:15:89:04:4e:66:88:4c:3c:ec:1f:bd:54:84:
dc:b0:91:00:88:05:f4:dc:bf:40:a1:75:b2:26:42:
97:48:a0:73:61:1f:18:28:9b:da:40:df:67:57:7d:
95:5d:0b:4f:69:4a:ec:04:b9:1f:5e:15:30:0a:13:
bc:06:18:8a:48:ec:71:88:f5:1d:b0:24:28:6b:78:
92:8c:e2:c8:99:4f:25:57:2c:de:12:63:88:dc:95:
93:21:40:d8:5d:f3:69:40:a7:ca:70:79:9c:3e:df:
62:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:14:A4:0D:82:EB:63:94:D8:39:F4:2B:E8:C4:43:86:DB:FA:30:49
X509v3 Authority Key Identifier:
keyid:CB:9F:86:12:B7:F1:47:50:01:6B:84:8C:42:F6:0D:F3:6A:D8:32:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5-GErfxR1ABa4SMQvYN82rYMtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a7:70:22:de:9b:45:10:30:a3:5e:cf:ea:04:d7:ba:52:74:24:
54:93:b2:58:0b:09:c5:e6:44:56:91:ef:d3:66:dc:5c:77:d6:
21:fb:70:2c:e7:f9:92:8d:b8:5e:89:a4:8a:38:e0:27:a9:b1:
0e:b4:f6:c4:11:b0:98:dd:5a:4b:33:08:4d:25:54:b4:06:10:
02:49:86:a9:19:85:2e:f2:85:4d:23:c7:76:1d:e9:1b:02:81:
d9:e4:31:c3:cd:d2:d2:b9:6c:cb:d1:3b:57:d1:b1:19:41:b3:
e5:ed:5c:30:8f:ca:74:a0:8e:4d:3d:8f:d1:6c:7e:df:03:b1:
57:83:4c:55:c2:17:47:90:f9:ac:6f:36:3b:a0:8b:ee:2e:2f:
f7:f1:94:59:0c:de:eb:91:90:a7:33:86:41:2b:e9:9e:0f:16:
af:9e:e4:29:9b:65:5c:46:39:ab:d7:81:28:48:3e:1f:70:cb:
d7:21:8e:c1:3d:f8:49:6f:a3:45:db:fd:11:99:ce:e7:f2:21:
b2:56:86:30:f1:a3:49:2b:11:56:43:d7:44:d2:6e:98:f7:04:
54:74:46:f5:d8:71:9c:4e:e3:7d:d7:a4:46:ee:e7:86:e6:dc:
2a:b6:b6:2d:5a:e7:80:d3:d2:6f:82:70:13:85:f9:ae:6b:37:
2d:83:aa:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX8aRCwIWjRAibKaFuubZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOWY4NjEyYjdmMTQ3NTAwMTZiODQ4YzQyZjYwZGYzNmFk
ODMyZDkwHhcNMjUwODIzMTAwMDU3WhcNMjUwODI0MTAwMDU3WjAzMTEwLwYDVQQD
EyhjNTE0YTQwZDgyZWI2Mzk0ZDgzOWY0MmJlOGM0NDM4NmRiZmEzMDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMo5hJRd4GL51r9yecHfBk0GSHsr
UGR06iqmf9YGIXqY+6MnqqMFWgFSCnWr7W7lkUyNAtTGwWkFlIB7bE6Tfxn6YsQD
97VTbAXGct5jiMSR7B++KIkWaBurQ9/ubChfIofiOygPqiLhK5V8q1afDaDSibp1
AC1m5TkVbrgJQ/wxv8uFU/eRo6ua2gltzkGqnbujGvuBlxWJBE5miEw87B+9VITc
sJEAiAX03L9AoXWyJkKXSKBzYR8YKJvaQN9nV32VXQtPaUrsBLkfXhUwChO8BhiK
SOxxiPUdsCQoa3iSjOLImU8lVyzeEmOI3JWTIUDYXfNpQKfKcHmcPt9ijQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMUUpA2C62OU2Dn0K+jEQ4bb+jBJMB8GA1UdIwQY
MBaAFMufhhK38UdQAWuEjEL2DfNq2DLZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTUtR0VyZnhSMUFCYTRTTVF2WU44MnJZTXRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iODQ1MDAtZmZkYi00MmQyLTk0NjUt
YTJlYWRlODM5NTVkLzEveTUtR0VyZnhSMUFCYTRTTVF2WU44MnJZTXRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iODQ1MDAtZmZkYi00MmQyLTk0NjUtYTJlYWRlODM5NTVk
LzEveTUtR0VyZnhSMUFCYTRTTVF2WU44MnJZTXRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp3Ai3ptF
EDCjXs/qBNe6UnQkVJOyWAsJxeZEVpHv02bcXHfWIftwLOf5ko24XomkijjgJ6mx
DrT2xBGwmN1aSzMITSVUtAYQAkmGqRmFLvKFTSPHdh3pGwKB2eQxw83S0rlsy9E7
V9GxGUGz5e1cMI/KdKCOTT2P0Wx+3wOxV4NMVcIXR5D5rG82O6CL7i4v9/GUWQze
65GQpzOGQSvpng8Wr57kKZtlXEY5q9eBKEg+H3DL1yGOwT34SW+jRdv9EZnO5/Ih
slaGMPGjSSsRVkPXRNJumPcEVHRG9dhxnE7jfdekRu7nhubcKra2LVrngNPSb4Jw
E4X5rms3LYOqmA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:04:53 2025 by rpki-client