Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/BYmfOXZIcDij-mNDlSsUtNBysz0.mft
File: BYmfOXZIcDij-mNDlSsUtNBysz0.mft (raw, json)
Hash identifier: 4RRLZpqmxL0KauR27I74YzF19QW5nt8kdVLb2DSWS/c=
Subject key identifier: 33:41:1C:E4:B3:19:48:F3:00:A0:08:92:F5:7C:CB:D5:FB:3D:D7:45
Authority key identifier: 05:89:9F:39:76:48:70:38:A3:FA:63:43:95:2B:14:B4:D0:72:B3:3D
Certificate issuer: /CN=05899f3976487038a3fa6343952b14b4d072b33d
Certificate serial: 0196C12675B37D926FC9F8461D6741DAC685
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BYmfOXZIcDij-mNDlSsUtNBysz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/BYmfOXZIcDij-mNDlSsUtNBysz0.mft
Manifest number: 126A
Signing time: Sun 11 May 2025 21:00:45 +0000
Manifest this update: Sun 11 May 2025 21:00:45 +0000
Manifest next update: Mon 12 May 2025 21:00:45 +0000
Files and hashes: 1: 0FPPBtsN210U9TcyUOoD4vT2QPY.roa (hash: fG8Q0h59H0I6+//7X6/ScKzAsNXNuiLvMcAt229Ohto=)
2: BYmfOXZIcDij-mNDlSsUtNBysz0.crl (hash: 9QhrIfjBaWIhj0SxjJk2WyltUhZ44MDYI6XcCU3jTDo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/BYmfOXZIcDij-mNDlSsUtNBysz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/BYmfOXZIcDij-mNDlSsUtNBysz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/BYmfOXZIcDij-mNDlSsUtNBysz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 21:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c1:26:75:b3:7d:92:6f:c9:f8:46:1d:67:41:da:c6:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05899f3976487038a3fa6343952b14b4d072b33d
Validity
Not Before: May 11 21:00:45 2025 GMT
Not After : May 12 21:00:45 2025 GMT
Subject: CN=33411ce4b31948f300a00892f57ccbd5fb3dd745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:74:77:60:fd:71:e6:d4:e2:20:1a:b4:39:15:
11:68:96:47:e5:ec:4d:f1:30:d9:93:5c:cc:f5:50:
1a:19:07:1a:65:74:45:ad:c8:ae:f3:c5:ee:30:49:
e2:57:76:0f:ac:36:d6:c4:e4:20:53:17:e1:77:4c:
ed:3b:dd:c3:48:e0:66:2e:58:dc:82:fd:c0:69:02:
a4:2d:2f:59:cc:6b:95:ac:2c:5f:54:01:6c:d9:ef:
b6:6c:a7:a8:3c:6b:2e:8f:1d:24:dd:9a:8c:d5:c8:
ec:b8:95:7a:b9:ff:75:8f:62:08:b9:d2:cb:89:4f:
30:92:e6:8d:67:a7:bf:be:ff:bb:87:eb:ac:c0:0b:
c3:4a:c4:bc:2f:cb:ba:9f:66:83:fb:6f:45:95:a5:
08:7e:67:ec:08:96:f8:95:03:6a:f6:bb:a3:df:52:
fd:d9:ff:5e:c7:f9:71:58:a9:9f:53:fe:80:e4:8a:
e0:bb:40:c4:98:29:98:84:a0:a2:86:f1:91:a0:96:
5d:d6:ce:73:2b:96:14:32:cf:6f:0f:56:4c:d0:de:
6b:03:37:61:36:aa:b8:2f:84:79:d1:ad:0c:08:e6:
ec:19:b5:22:e7:be:8f:d7:f9:37:51:ff:da:71:2f:
10:95:cc:7a:96:73:3e:29:54:ed:ac:d1:bb:3d:bd:
8a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:41:1C:E4:B3:19:48:F3:00:A0:08:92:F5:7C:CB:D5:FB:3D:D7:45
X509v3 Authority Key Identifier:
keyid:05:89:9F:39:76:48:70:38:A3:FA:63:43:95:2B:14:B4:D0:72:B3:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BYmfOXZIcDij-mNDlSsUtNBysz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/BYmfOXZIcDij-mNDlSsUtNBysz0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/BYmfOXZIcDij-mNDlSsUtNBysz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:b9:fa:f7:6c:84:69:c1:b4:65:65:47:9c:fe:0d:d8:fb:d5:
3c:c3:f6:53:4f:e6:a1:47:5f:84:87:01:49:da:68:f0:3d:f4:
09:7d:f2:22:8a:9f:cb:34:61:79:19:8f:43:41:1b:b2:e7:f1:
e9:59:ca:dd:5c:3b:6f:49:ac:2e:a7:7b:58:d2:a3:c6:40:55:
6d:d3:cc:c4:d4:87:92:94:0f:76:98:50:92:64:53:a6:83:b6:
25:6d:4f:b4:b4:e3:67:e6:c3:87:92:9b:0a:02:61:a5:1a:3a:
82:a5:d1:c1:24:55:ec:89:72:98:dc:5e:e7:da:c3:e6:59:90:
81:e6:ae:21:55:59:4c:20:f2:62:6d:05:7f:ec:43:b6:30:1a:
93:c3:e6:e2:b6:ae:4e:9c:78:99:a3:3f:ce:59:17:65:35:b1:
14:12:2e:81:8f:6e:12:99:51:2e:d0:ff:c7:80:71:45:e8:43:
34:94:5f:60:11:c1:88:1f:91:8a:a7:02:ae:db:fc:0b:71:9e:
43:f2:d9:80:9a:3c:aa:93:a5:21:a7:ae:1b:1a:d6:50:3a:35:
19:51:26:8e:dc:6f:a6:76:b1:5f:c3:0d:28:fd:16:31:ec:cd:
d7:a0:c5:2f:45:e7:84:10:35:c4:ef:65:b9:3b:36:4b:0b:c4:
30:c3:42:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbBJnWzfZJvyfhGHWdB2saFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ODk5ZjM5NzY0ODcwMzhhM2ZhNjM0Mzk1MmIxNGI0ZDA3
MmIzM2QwHhcNMjUwNTExMjEwMDQ1WhcNMjUwNTEyMjEwMDQ1WjAzMTEwLwYDVQQD
EygzMzQxMWNlNGIzMTk0OGYzMDBhMDA4OTJmNTdjY2JkNWZiM2RkNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHR3YP1x5tTiIBq0ORURaJZH5exN
8TDZk1zM9VAaGQcaZXRFrciu88XuMEniV3YPrDbWxOQgUxfhd0ztO93DSOBmLljc
gv3AaQKkLS9ZzGuVrCxfVAFs2e+2bKeoPGsujx0k3ZqM1cjsuJV6uf91j2IIudLL
iU8wkuaNZ6e/vv+7h+uswAvDSsS8L8u6n2aD+29FlaUIfmfsCJb4lQNq9ruj31L9
2f9ex/lxWKmfU/6A5Irgu0DEmCmYhKCihvGRoJZd1s5zK5YUMs9vD1ZM0N5rAzdh
Nqq4L4R50a0MCObsGbUi576P1/k3Uf/acS8Qlcx6lnM+KVTtrNG7Pb2KFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDNBHOSzGUjzAKAIkvV8y9X7PddFMB8GA1UdIwQY
MBaAFAWJnzl2SHA4o/pjQ5UrFLTQcrM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlltZk9YWkljRGlqLW1ORGxTc1V0TkJ5c3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8xZmNlOTMtMDJlYS00Zjk5LTk5YzIt
MDhjMjEyMzU4MGVkLzEvQlltZk9YWkljRGlqLW1ORGxTc1V0TkJ5c3owLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8xZmNlOTMtMDJlYS00Zjk5LTk5YzItMDhjMjEyMzU4MGVk
LzEvQlltZk9YWkljRGlqLW1ORGxTc1V0TkJ5c3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXLn692yE
acG0ZWVHnP4N2PvVPMP2U0/moUdfhIcBSdpo8D30CX3yIoqfyzRheRmPQ0Ebsufx
6VnK3Vw7b0msLqd7WNKjxkBVbdPMxNSHkpQPdphQkmRTpoO2JW1PtLTjZ+bDh5Kb
CgJhpRo6gqXRwSRV7IlymNxe59rD5lmQgeauIVVZTCDyYm0Ff+xDtjAak8Pm4rau
Tpx4maM/zlkXZTWxFBIugY9uEplRLtD/x4BxRehDNJRfYBHBiB+RiqcCrtv8C3Ge
Q/LZgJo8qpOlIaeuGxrWUDo1GVEmjtxvpnaxX8MNKP0WMezN16DFL0XnhBA1xO9l
uTs2SwvEMMNCyw==
-----END CERTIFICATE-----
Generated at Mon May 12 05:32:43 2025 by rpki-client