Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft
File: yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft (raw, json)
Hash identifier: vAVwYlKG+xHtOJHMDnJJFcY9GERKRc+IUIfU3V41pt8=
Subject key identifier: 88:B2:CB:03:86:52:75:46:89:AD:3E:32:BF:BE:57:94:D4:D5:BA:52
Authority key identifier: CA:23:1A:43:62:BC:1E:C0:FD:B4:34:99:01:B6:1C:CF:9D:67:9D:65
Certificate issuer: /CN=ca231a4362bc1ec0fdb4349901b61ccf9d679d65
Certificate serial: 0196C34C6B6FD1D45646DEBBB85F8C2366A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yiMaQ2K8HsD9tDSZAbYcz51nnWU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft
Manifest number: 02BC
Signing time: Mon 12 May 2025 07:01:27 +0000
Manifest this update: Mon 12 May 2025 07:01:27 +0000
Manifest next update: Tue 13 May 2025 07:01:27 +0000
Files and hashes: 1: eVWj75QB5-NY5cip7EaAMqsD3_Q.roa (hash: R8SYABsszbTf/c1Z91aXqCMR7hgNS09va3LcQa+6Zyg=)
2: yiMaQ2K8HsD9tDSZAbYcz51nnWU.crl (hash: N6y2OJSyE5uVWgeoi8BN8DHRXaD+Kwzso6JV8ZuNW/E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yiMaQ2K8HsD9tDSZAbYcz51nnWU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c3:4c:6b:6f:d1:d4:56:46:de:bb:b8:5f:8c:23:66:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca231a4362bc1ec0fdb4349901b61ccf9d679d65
Validity
Not Before: May 12 07:01:27 2025 GMT
Not After : May 13 07:01:27 2025 GMT
Subject: CN=88b2cb038652754689ad3e32bfbe5794d4d5ba52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0d:8e:57:3d:92:3c:fa:a2:52:6a:ca:cf:b3:
4e:08:a0:67:93:b6:d1:b2:32:8c:01:b7:48:c4:a8:
76:2c:1f:95:a2:a5:15:10:08:a1:52:e0:5c:4e:b2:
ce:23:66:2e:08:af:99:df:24:df:d2:26:05:ac:9c:
8a:79:3c:ef:c1:5a:a6:f8:89:6e:86:2d:23:ee:57:
08:24:36:68:4a:ac:39:33:e9:bc:8c:d9:d1:4f:7d:
6a:39:e7:bf:de:25:27:a8:13:0f:d6:41:fc:fb:0c:
8b:9a:36:09:d8:5c:36:59:e1:7e:f8:3f:2f:22:e8:
89:c6:fc:be:df:12:a2:d7:7e:ef:d2:cb:a6:24:61:
63:07:2e:ff:2c:d8:70:b1:38:81:64:1f:21:ac:de:
b3:ea:0c:d8:d0:ff:22:83:a2:21:26:ca:86:1c:7b:
01:f8:78:b3:df:5a:c2:14:7f:b6:c7:6d:d1:4e:0f:
f4:dd:c9:96:67:83:2d:c2:55:57:43:28:fc:f8:a6:
92:50:eb:a6:56:4e:13:7f:b1:7e:9a:3d:c7:37:9e:
68:ca:5c:9d:a0:72:bb:f8:6c:77:6f:37:f2:59:f0:
3a:93:70:c4:93:56:f4:02:1a:4c:01:b3:3e:8e:e5:
fe:c2:63:d5:e0:7f:15:f7:03:43:16:07:d7:81:d5:
9f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:B2:CB:03:86:52:75:46:89:AD:3E:32:BF:BE:57:94:D4:D5:BA:52
X509v3 Authority Key Identifier:
keyid:CA:23:1A:43:62:BC:1E:C0:FD:B4:34:99:01:B6:1C:CF:9D:67:9D:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yiMaQ2K8HsD9tDSZAbYcz51nnWU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ac:d0:35:75:96:5d:02:36:b3:72:83:a6:6f:3c:c1:4b:f1:a2:
d8:f3:90:6f:00:6c:3d:ad:41:d5:7b:e8:e2:fe:9e:e0:4c:23:
7e:a0:9f:3e:a5:d5:e6:2d:a4:3c:0f:3e:f5:cf:5e:39:49:64:
21:8c:17:dc:99:eb:8b:d9:6a:f9:59:f3:8d:a3:4b:6c:aa:60:
05:01:af:5e:b6:ff:ef:89:1a:80:a1:63:a5:a7:5a:79:c9:d6:
b9:f6:a5:33:62:e0:86:57:b5:3e:e1:97:3b:4f:94:4e:cd:a3:
1c:f8:ee:1c:10:69:89:40:b9:cc:11:dc:7a:7b:13:f1:32:3a:
0d:bf:52:b7:01:0e:08:a7:e3:6d:44:c8:16:46:eb:0c:20:6a:
b8:6b:06:6d:88:77:3b:63:a6:56:ff:fc:b6:c0:c0:d9:f5:ef:
93:ff:2f:f0:8d:eb:d8:24:e9:d2:e6:ff:93:d9:40:49:d7:e0:
7a:2c:e0:5e:5a:86:e6:70:be:6c:f8:80:fe:4e:00:5e:a6:8c:
0c:12:b1:8f:da:9d:e3:02:6e:69:b6:96:83:6b:11:b1:6c:4b:
3e:f2:2c:58:a5:89:11:f4:a5:5b:a9:47:9a:6c:55:74:73:42:
d7:75:57:f1:cd:67:2d:be:e2:a9:6b:23:4a:26:27:b0:de:1a:
39:7c:39:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDTGtv0dRWRt67uF+MI2agMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjMxYTQzNjJiYzFlYzBmZGI0MzQ5OTAxYjYxY2NmOWQ2
NzlkNjUwHhcNMjUwNTEyMDcwMTI3WhcNMjUwNTEzMDcwMTI3WjAzMTEwLwYDVQQD
Eyg4OGIyY2IwMzg2NTI3NTQ2ODlhZDNlMzJiZmJlNTc5NGQ0ZDViYTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxA2OVz2SPPqiUmrKz7NOCKBnk7bR
sjKMAbdIxKh2LB+VoqUVEAihUuBcTrLOI2YuCK+Z3yTf0iYFrJyKeTzvwVqm+Ilu
hi0j7lcIJDZoSqw5M+m8jNnRT31qOee/3iUnqBMP1kH8+wyLmjYJ2Fw2WeF++D8v
IuiJxvy+3xKi137v0sumJGFjBy7/LNhwsTiBZB8hrN6z6gzY0P8ig6IhJsqGHHsB
+Hiz31rCFH+2x23RTg/03cmWZ4MtwlVXQyj8+KaSUOumVk4Tf7F+mj3HN55oylyd
oHK7+Gx3bzfyWfA6k3DEk1b0AhpMAbM+juX+wmPV4H8V9wNDFgfXgdWf4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIiyywOGUnVGia0+Mr++V5TU1bpSMB8GA1UdIwQY
MBaAFMojGkNivB7A/bQ0mQG2HM+dZ51lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlNYVEySzhIc0Q5dERTWkFiWWN6NTFubldVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84NTZjMDUtZDdiMi00OTlhLWFmMzkt
MzlkZmE0OGVhNmI5LzEveWlNYVEySzhIc0Q5dERTWkFiWWN6NTFubldVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84NTZjMDUtZDdiMi00OTlhLWFmMzktMzlkZmE0OGVhNmI5
LzEveWlNYVEySzhIc0Q5dERTWkFiWWN6NTFubldVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArNA1dZZd
AjazcoOmbzzBS/Gi2POQbwBsPa1B1Xvo4v6e4EwjfqCfPqXV5i2kPA8+9c9eOUlk
IYwX3Jnri9lq+VnzjaNLbKpgBQGvXrb/74kagKFjpadaecnWufalM2Lghle1PuGX
O0+UTs2jHPjuHBBpiUC5zBHcensT8TI6Db9StwEOCKfjbUTIFkbrDCBquGsGbYh3
O2OmVv/8tsDA2fXvk/8v8I3r2CTp0ub/k9lASdfgeizgXlqG5nC+bPiA/k4AXqaM
DBKxj9qd4wJuabaWg2sRsWxLPvIsWKWJEfSlW6lHmmxVdHNC13VX8c1nLb7iqWsj
SiYnsN4aOXw57w==
-----END CERTIFICATE-----
Generated at Mon May 12 11:03:29 2025 by rpki-client