Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
File: YcaCaHQ-gj4OHIcAYMChQiPxUes.mft (raw, json)
Hash identifier: e3svhAht6b75Mb1aKWajbZYUdx7yVcaujAObVYLmawE=
Subject key identifier: 22:67:2D:59:E9:4D:47:47:DD:1B:CB:65:6C:E8:9D:7D:01:3D:26:13
Authority key identifier: 61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
Certificate issuer: /CN=61c68268743e823e0e1c870060c0a14223f151eb
Certificate serial: 0197B88F9BDC49DFE4977CBB79ABB1634471
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
Manifest number: 15B5
Signing time: Sat 28 Jun 2025 22:01:48 +0000
Manifest this update: Sat 28 Jun 2025 22:01:48 +0000
Manifest next update: Sun 29 Jun 2025 22:01:48 +0000
Files and hashes: 1: KXik7lH7rXobKNDojQJvsYz5RkY.roa (hash: OmHOyyMTUBadMMSlHfFTN/cjiEKBhDbZve1q3aoF8Wg=)
2: YcaCaHQ-gj4OHIcAYMChQiPxUes.crl (hash: M+YNPggQfxPQZ1x5V260kkw7BmKLsSxFJLxStjXOQyU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:8f:9b:dc:49:df:e4:97:7c:bb:79:ab:b1:63:44:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61c68268743e823e0e1c870060c0a14223f151eb
Validity
Not Before: Jun 28 22:01:48 2025 GMT
Not After : Jun 29 22:01:48 2025 GMT
Subject: CN=22672d59e94d4747dd1bcb656ce89d7d013d2613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:de:ab:1b:7f:17:37:d9:11:5a:fe:dc:c9:88:
7e:ff:8e:11:47:a4:43:d2:7d:5d:c7:be:26:5d:72:
9c:71:8b:f8:05:5a:89:50:39:d9:61:9b:06:24:24:
7f:63:ad:17:a9:e7:ee:54:c4:35:4d:40:5d:6f:22:
15:cd:fc:b9:75:ca:45:f4:23:84:30:03:b3:63:68:
07:9f:60:83:2b:09:1a:fd:86:55:b9:d5:e5:92:a2:
37:9d:1c:2c:57:80:67:ed:be:4b:b0:68:2e:2e:81:
fb:36:78:5d:4d:8f:b7:13:81:23:0c:5f:e2:6b:93:
a9:c8:41:0a:63:9a:df:84:fa:50:70:31:b0:ab:70:
fa:f8:e9:51:ff:92:1a:e7:ab:ce:b6:a8:2f:6c:aa:
86:10:c9:98:aa:69:5f:af:78:e7:3b:6b:69:78:0c:
90:cd:bc:b2:8e:c5:d1:47:98:60:ab:06:7c:b0:ac:
1b:0f:04:0b:26:e8:b4:cb:9d:74:67:4e:4b:c3:3b:
8b:45:84:d9:f9:85:3f:ce:77:4f:93:5d:66:9a:b8:
02:cc:f2:fb:aa:d9:2f:75:d6:61:99:1d:96:30:6a:
6a:d1:4b:96:18:67:8c:86:dd:0d:01:5c:f7:30:06:
1b:86:d6:b9:ae:4f:98:21:c5:95:a0:f5:72:ff:77:
0e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:67:2D:59:E9:4D:47:47:DD:1B:CB:65:6C:E8:9D:7D:01:3D:26:13
X509v3 Authority Key Identifier:
keyid:61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:68:a0:f4:c9:8e:8d:54:3a:f2:56:86:4d:21:84:85:90:f2:
1c:03:2d:81:31:54:f1:2e:16:ad:a9:be:8f:b4:88:0c:ce:6a:
aa:e5:02:38:66:78:70:d5:ae:6d:39:65:8e:4b:c0:8c:0a:84:
d2:33:f2:6f:91:87:95:74:0a:b1:e3:9d:50:64:6c:dd:cf:14:
3a:f4:c4:10:56:9f:21:76:a7:28:ec:74:d9:96:70:d1:08:ad:
e5:05:cd:03:23:cc:75:44:87:13:33:c6:a7:26:97:41:5a:98:
0e:cd:5a:c4:4e:59:fb:56:b4:ae:63:6d:4c:ed:8b:da:84:8d:
6a:63:78:56:48:75:0d:81:2c:8a:be:1c:e3:05:b5:b0:3a:39:
36:5f:7b:51:8b:8d:a4:dc:05:bc:e0:c7:e3:2f:ea:c0:8a:9b:
92:b3:e9:6c:64:55:59:46:b7:d3:70:1c:b3:b1:f0:b7:4c:8c:
de:8e:26:7d:87:00:aa:7f:c8:fb:b4:74:61:4a:bb:e2:fc:36:
59:d6:e1:3c:32:9e:6a:27:fe:c0:60:1d:87:1b:26:54:76:a7:
6f:79:00:34:f9:bd:8f:51:6d:cf:00:1a:b1:85:a7:b8:11:ac:
db:95:c9:81:f8:d7:58:60:a3:cf:a7:30:70:5c:6f:01:24:8e:
3b:4f:55:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j5vcSd/kl3y7eauxY0RxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzY4MjY4NzQzZTgyM2UwZTFjODcwMDYwYzBhMTQyMjNm
MTUxZWIwHhcNMjUwNjI4MjIwMTQ4WhcNMjUwNjI5MjIwMTQ4WjAzMTEwLwYDVQQD
EygyMjY3MmQ1OWU5NGQ0NzQ3ZGQxYmNiNjU2Y2U4OWQ3ZDAxM2QyNjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd6rG38XN9kRWv7cyYh+/44RR6RD
0n1dx74mXXKccYv4BVqJUDnZYZsGJCR/Y60XqefuVMQ1TUBdbyIVzfy5dcpF9COE
MAOzY2gHn2CDKwka/YZVudXlkqI3nRwsV4Bn7b5LsGguLoH7NnhdTY+3E4EjDF/i
a5OpyEEKY5rfhPpQcDGwq3D6+OlR/5Ia56vOtqgvbKqGEMmYqmlfr3jnO2tpeAyQ
zbyyjsXRR5hgqwZ8sKwbDwQLJui0y510Z05LwzuLRYTZ+YU/zndPk11mmrgCzPL7
qtkvddZhmR2WMGpq0UuWGGeMht0NAVz3MAYbhta5rk+YIcWVoPVy/3cOhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJnLVnpTUdH3RvLZWzonX0BPSYTMB8GA1UdIwQY
MBaAFGHGgmh0PoI+DhyHAGDAoUIj8VHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEt
NmQwNWMwZDBkYTZmLzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEtNmQwNWMwZDBkYTZm
LzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiWig9MmO
jVQ68laGTSGEhZDyHAMtgTFU8S4Wram+j7SIDM5qquUCOGZ4cNWubTlljkvAjAqE
0jPyb5GHlXQKseOdUGRs3c8UOvTEEFafIXanKOx02ZZw0Qit5QXNAyPMdUSHEzPG
pyaXQVqYDs1axE5Z+1a0rmNtTO2L2oSNamN4Vkh1DYEsir4c4wW1sDo5Nl97UYuN
pNwFvODH4y/qwIqbkrPpbGRVWUa303Acs7Hwt0yM3o4mfYcAqn/I+7R0YUq74vw2
WdbhPDKeaif+wGAdhxsmVHanb3kANPm9j1FtzwAasYWnuBGs25XJgfjXWGCjz6cw
cFxvASSOO09VbQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:16:38 2025 by rpki-client