Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
File: ygHfSTk2pi4uyamAWo-ja4M1vVA.mft (raw, json)
Hash identifier: CshtvcHihP76dpy87CnKyQZTa3HgeYE3LDnFtXz4mBQ=
Subject key identifier: D6:D1:4D:C9:E9:08:E2:06:B1:15:17:F2:2D:62:D1:FA:8C:83:2D:DD
Authority key identifier: CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
Certificate issuer: /CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Certificate serial: 0197B7B305C741AE34CF0B2FBAD995D00C33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
Manifest number: 0743
Signing time: Sat 28 Jun 2025 18:00:52 +0000
Manifest this update: Sat 28 Jun 2025 18:00:52 +0000
Manifest next update: Sun 29 Jun 2025 18:00:52 +0000
Files and hashes: 1: VJejrkbQcGz8ZtoJmN8x1bw4bkc.roa (hash: fTHkpU+4ZrTAo/sH1aFITBDz8Ocuvc9wBymMbgUJLms=)
2: ygHfSTk2pi4uyamAWo-ja4M1vVA.crl (hash: ZgKMYhkqj85+edX8ZRaf6MPcGOutspd3yAiyITqUaW8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:b3:05:c7:41:ae:34:cf:0b:2f:ba:d9:95:d0:0c:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Validity
Not Before: Jun 28 18:00:52 2025 GMT
Not After : Jun 29 18:00:52 2025 GMT
Subject: CN=d6d14dc9e908e206b11517f22d62d1fa8c832ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a9:b3:d6:d9:94:2f:7c:eb:11:b7:be:dc:ae:
9e:eb:05:ff:6e:42:16:35:88:e8:fa:de:6c:9e:46:
03:08:82:9d:64:6e:15:a9:c0:95:f5:b8:e4:46:c2:
ba:72:65:79:11:fd:40:b8:3e:ab:9d:95:b5:ca:59:
fb:be:ea:35:bc:3b:7e:45:24:c3:1a:99:4a:17:3e:
d3:10:33:50:f9:53:97:33:3b:8f:23:3c:e2:54:89:
85:7b:72:d0:59:05:6a:39:03:90:c2:26:91:29:e9:
29:7e:e6:47:44:4a:15:dd:b2:b1:ee:4e:48:dc:3a:
c1:e0:3b:76:d0:3f:b3:b7:43:4c:e8:82:dc:61:82:
18:f0:fc:7b:3d:e9:37:78:0d:56:3f:b4:8f:37:55:
6e:e0:cb:c4:6e:a9:03:65:00:64:68:63:6f:a6:b1:
f9:3f:62:f1:94:35:f3:e8:7e:ff:23:f4:1c:a1:23:
1b:bc:95:28:a1:d9:26:87:77:95:3b:b9:2e:36:a4:
a8:59:ef:4d:b8:f3:59:36:bd:73:5e:a4:91:31:fe:
eb:5d:ed:67:0a:55:f6:9d:6c:e5:09:07:97:ef:bf:
49:8b:ea:8f:52:d6:78:8f:85:25:ef:5c:56:b8:36:
cc:40:1e:ff:c6:45:73:73:22:7f:f7:76:c5:e2:7a:
57:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D1:4D:C9:E9:08:E2:06:B1:15:17:F2:2D:62:D1:FA:8C:83:2D:DD
X509v3 Authority Key Identifier:
keyid:CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:29:1c:48:a7:49:f5:e2:da:bd:1e:28:8b:5e:5f:95:8a:a2:
d2:dc:76:27:ed:38:e5:bf:a8:3d:c1:0b:24:41:fa:6d:aa:18:
a7:8e:81:90:dc:fb:76:dc:26:24:58:b0:e4:c1:f8:18:dd:d6:
90:bd:b4:ea:05:db:32:bc:82:58:00:f1:a0:18:ca:1f:fb:60:
58:26:ea:54:11:cd:d4:d4:93:4f:0f:74:0c:83:e4:4a:cc:e7:
15:a3:e0:56:9c:e8:cc:ea:50:71:5a:a0:81:11:f0:12:1c:8e:
a9:6d:91:7f:85:10:10:11:ae:fd:43:8f:d2:3c:35:cb:65:8b:
42:e7:d7:ab:ee:e3:7c:f8:a6:28:84:74:38:9d:46:df:d4:13:
25:9a:1f:20:63:24:03:7c:25:02:04:7d:6b:0a:a3:51:87:80:
c5:dc:c0:15:7f:aa:4e:1f:eb:e4:97:39:ed:86:73:18:00:be:
d6:9e:8d:f1:d2:66:49:dc:c5:df:e5:2e:df:6a:72:b7:cf:18:
95:56:23:2d:33:a7:bc:7b:40:f0:43:88:8a:ab:24:e4:a2:f3:
aa:64:25:04:7b:94:16:7f:fa:ea:27:3e:2e:47:29:a4:8a:2e:
43:93:c2:84:dc:b9:e9:b2:d2:8f:ee:b1:5f:93:d4:2d:c0:cb:
8a:f0:48:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3swXHQa40zwsvutmV0AwzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMDFkZjQ5MzkzNmE2MmUyZWM5YTk4MDVhOGZhMzZiODMz
NWJkNTAwHhcNMjUwNjI4MTgwMDUyWhcNMjUwNjI5MTgwMDUyWjAzMTEwLwYDVQQD
EyhkNmQxNGRjOWU5MDhlMjA2YjExNTE3ZjIyZDYyZDFmYThjODMyZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6mz1tmUL3zrEbe+3K6e6wX/bkIW
NYjo+t5snkYDCIKdZG4VqcCV9bjkRsK6cmV5Ef1AuD6rnZW1yln7vuo1vDt+RSTD
GplKFz7TEDNQ+VOXMzuPIzziVImFe3LQWQVqOQOQwiaRKekpfuZHREoV3bKx7k5I
3DrB4Dt20D+zt0NM6ILcYYIY8Px7Pek3eA1WP7SPN1Vu4MvEbqkDZQBkaGNvprH5
P2LxlDXz6H7/I/QcoSMbvJUoodkmh3eVO7kuNqSoWe9NuPNZNr1zXqSRMf7rXe1n
ClX2nWzlCQeX779Ji+qPUtZ4j4Ul71xWuDbMQB7/xkVzcyJ/93bF4npXwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNbRTcnpCOIGsRUX8i1i0fqMgy3dMB8GA1UdIwQY
MBaAFMoB30k5NqYuLsmpgFqPo2uDNb1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUt
OTYyNzU4YTNkNWVhLzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUtOTYyNzU4YTNkNWVh
LzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdykcSKdJ
9eLavR4oi15flYqi0tx2J+045b+oPcELJEH6baoYp46BkNz7dtwmJFiw5MH4GN3W
kL206gXbMryCWADxoBjKH/tgWCbqVBHN1NSTTw90DIPkSsznFaPgVpzozOpQcVqg
gRHwEhyOqW2Rf4UQEBGu/UOP0jw1y2WLQufXq+7jfPimKIR0OJ1G39QTJZofIGMk
A3wlAgR9awqjUYeAxdzAFX+qTh/r5Jc57YZzGAC+1p6N8dJmSdzF3+Uu32pyt88Y
lVYjLTOnvHtA8EOIiqsk5KLzqmQlBHuUFn/66ic+LkcppIouQ5PChNy56bLSj+6x
X5PULcDLivBITA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 21:17:24 2025 by rpki-client