Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
File: ydD7lgitlbS_5q4unxPgAv2raA0.mft (raw, json)
Hash identifier: f2F+AoiEzcyy7OPZ5Ac52IRO3FfKeR+rEZVAeVn+Dm8=
Subject key identifier: C6:85:23:C8:00:D1:7E:91:3D:C6:91:0C:E3:E8:CB:E3:79:D4:21:16
Authority key identifier: C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D
Certificate issuer: /CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
Certificate serial: 0197B8213A93710F8CA5947EF3118EF49939
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
Manifest number: 044F
Signing time: Sat 28 Jun 2025 20:01:14 +0000
Manifest this update: Sat 28 Jun 2025 20:01:14 +0000
Manifest next update: Sun 29 Jun 2025 20:01:14 +0000
Files and hashes: 1: ydD7lgitlbS_5q4unxPgAv2raA0.crl (hash: TSRDzbYRq2DibA3N3YnE4RsNhDR+8H52d2k+DjIubXU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:21:3a:93:71:0f:8c:a5:94:7e:f3:11:8e:f4:99:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
Validity
Not Before: Jun 28 20:01:14 2025 GMT
Not After : Jun 29 20:01:14 2025 GMT
Subject: CN=c68523c800d17e913dc6910ce3e8cbe379d42116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9c:fa:51:cc:8c:89:40:5b:15:77:aa:95:78:
f6:e7:02:f2:7a:d2:8e:0a:be:10:b7:9e:7f:e7:5a:
3c:61:ff:11:20:ec:c2:44:f5:8e:c3:11:db:68:c3:
3c:41:70:99:69:8f:39:75:05:96:8e:18:d3:9f:af:
d3:16:83:eb:90:59:ab:de:31:1a:bd:ea:ca:04:f7:
14:ca:f1:10:3b:e9:7c:2f:0e:98:19:62:e6:ee:30:
7b:e5:48:27:aa:4b:e7:24:b3:a2:69:01:f0:2a:d3:
c1:34:ab:b0:f7:10:40:f3:26:d5:04:38:3b:a9:06:
0f:1f:3e:55:1d:a4:27:a6:c1:34:29:c8:b1:b9:c1:
8d:cb:b5:c6:ae:2a:00:32:72:bc:d7:b4:45:cb:66:
38:9d:70:31:ea:10:85:3f:dc:21:b9:fc:ff:42:00:
6d:23:09:46:c0:a2:dc:36:d4:75:38:88:dd:6b:f4:
84:9d:f5:fd:9c:c7:68:fb:5b:3f:bf:4f:38:dd:14:
00:ab:40:0b:14:43:b9:68:82:f3:49:ac:3d:64:b8:
79:8e:40:19:d5:2a:51:88:4b:f6:67:70:b3:45:3d:
9a:d5:26:51:d4:58:00:bd:d2:72:9e:61:11:c7:a2:
be:d3:4f:a2:13:2d:d2:8c:67:46:dd:a1:71:44:94:
31:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:85:23:C8:00:D1:7E:91:3D:C6:91:0C:E3:E8:CB:E3:79:D4:21:16
X509v3 Authority Key Identifier:
keyid:C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a2:46:c2:a8:5f:90:d4:97:aa:d3:4b:f5:d8:25:b4:72:64:eb:
2f:62:9d:e6:c8:9f:fe:85:a9:8a:40:8c:46:00:b3:b4:cd:27:
f9:c4:03:53:4c:84:d6:d7:41:dc:95:f6:47:64:a6:07:25:5e:
36:13:39:d9:f4:72:57:03:4d:cd:5a:79:c6:22:6d:42:62:c7:
b7:75:b6:20:6c:59:4a:6c:10:ab:31:72:f3:fa:59:69:5d:02:
a1:bb:71:64:56:fc:ec:28:9d:85:5c:68:74:a5:17:f7:f3:f8:
50:ae:4d:d4:08:ef:6b:68:fc:e3:5c:67:56:96:a9:e5:37:d5:
27:f5:49:cb:0e:f1:ae:a3:c4:59:73:ce:78:15:eb:5c:14:70:
bd:26:c7:3a:a7:3c:b4:97:74:66:ce:df:ff:82:69:91:30:b5:
02:23:41:7a:dd:62:92:95:5c:b6:3e:ee:7b:38:88:fd:a4:46:
bc:3d:d7:fe:34:e9:4b:8e:51:94:ac:07:87:d7:87:af:1a:85:
00:f0:b2:30:45:6d:b8:48:f4:07:43:81:a7:2e:6c:6e:47:fc:
c8:99:08:05:c5:85:fe:6f:e7:2f:6f:fe:bb:5d:85:e5:62:6a:
fa:4e:c8:49:0f:fb:21:aa:2a:0d:c9:d8:66:cc:91:79:ce:68:
ed:b6:38:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4ITqTcQ+MpZR+8xGO9Jk5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDBmYjk2MDhhZDk1YjRiZmU2YWUyZTlmMTNlMDAyZmRh
YjY4MGQwHhcNMjUwNjI4MjAwMTE0WhcNMjUwNjI5MjAwMTE0WjAzMTEwLwYDVQQD
EyhjNjg1MjNjODAwZDE3ZTkxM2RjNjkxMGNlM2U4Y2JlMzc5ZDQyMTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5z6UcyMiUBbFXeqlXj25wLyetKO
Cr4Qt55/51o8Yf8RIOzCRPWOwxHbaMM8QXCZaY85dQWWjhjTn6/TFoPrkFmr3jEa
verKBPcUyvEQO+l8Lw6YGWLm7jB75UgnqkvnJLOiaQHwKtPBNKuw9xBA8ybVBDg7
qQYPHz5VHaQnpsE0KcixucGNy7XGrioAMnK817RFy2Y4nXAx6hCFP9whufz/QgBt
IwlGwKLcNtR1OIjda/SEnfX9nMdo+1s/v0843RQAq0ALFEO5aILzSaw9ZLh5jkAZ
1SpRiEv2Z3CzRT2a1SZR1FgAvdJynmERx6K+00+iEy3SjGdG3aFxRJQxwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMaFI8gA0X6RPcaRDOPoy+N51CEWMB8GA1UdIwQY
MBaAFMnQ+5YIrZW0v+auLp8T4AL9q2gNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjkt
MDUzNDk1ODc1OWFjLzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjktMDUzNDk1ODc1OWFj
LzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAokbCqF+Q
1Jeq00v12CW0cmTrL2Kd5sif/oWpikCMRgCztM0n+cQDU0yE1tdB3JX2R2SmByVe
NhM52fRyVwNNzVp5xiJtQmLHt3W2IGxZSmwQqzFy8/pZaV0CobtxZFb87CidhVxo
dKUX9/P4UK5N1Ajva2j841xnVpap5TfVJ/VJyw7xrqPEWXPOeBXrXBRwvSbHOqc8
tJd0Zs7f/4JpkTC1AiNBet1ikpVctj7ueziI/aRGvD3X/jTpS45RlKwHh9eHrxqF
APCyMEVtuEj0B0OBpy5sbkf8yJkIBcWF/m/nL2/+u12F5WJq+k7ISQ/7IaoqDcnY
ZsyRec5o7bY4fg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:09:38 2025 by rpki-client