Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: DfT4lK4yweDLpLpjKEn2efj9LfWZ4wG/bU5tGbc1oPc=
Subject key identifier: 10:9F:EB:4B:DE:0C:E4:EB:09:03:09:0C:61:F8:F2:B6:75:10:EC:C9
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 019680C6D4323EDB16A4DD42D23014F0C5DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0A5B
Signing time: Tue 29 Apr 2025 09:00:36 +0000
Manifest this update: Tue 29 Apr 2025 09:00:36 +0000
Manifest next update: Wed 30 Apr 2025 09:00:36 +0000
Files and hashes: 1: QxhZicwGUVQxP9IW9_Bs3YT2TWA.roa (hash: BTcN4T7DZ6v6RQWA7fyITvrdQwjA1FWvrUllA9/iU9g=)
2: _CJ0ryZ88cYP589Qq2Z03nLVv7o.roa (hash: d5daN2lzwzk4YGoTznQDsoSXMlAa1gaQph+9wl7kXiM=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: Qbs/ess2buKYt2rtiipmQ+uArdALRTBM/HbMSAOTjj8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:c6:d4:32:3e:db:16:a4:dd:42:d2:30:14:f0:c5:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Apr 29 09:00:36 2025 GMT
Not After : Apr 30 09:00:36 2025 GMT
Subject: CN=109feb4bde0ce4eb0903090c61f8f2b67510ecc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:51:bc:07:ea:30:17:ff:81:b5:ff:d3:93:ef:
45:41:dd:0a:58:28:5a:ef:b1:f9:88:1e:2f:cc:18:
7b:55:aa:ee:c7:06:72:21:e0:00:f7:a9:9e:af:74:
e0:f2:e9:0d:74:96:09:1d:4a:5a:a1:e6:08:81:3a:
0b:fe:06:04:e8:95:af:ee:a1:37:43:15:60:67:1f:
50:13:7b:1e:46:50:fb:f4:9f:8e:cd:dc:d6:48:0d:
26:04:47:e6:90:82:6a:5e:fa:35:42:68:4a:5a:83:
5e:a1:8b:1d:bd:0f:a6:d3:7a:bd:2d:51:d9:06:d1:
1c:0a:4a:6e:d7:54:13:4d:6d:3c:37:92:6f:8d:fb:
d4:10:1a:58:79:2c:68:0b:19:26:32:13:d0:c6:35:
d1:5e:44:dc:f1:6a:7d:ff:62:83:a1:a3:f5:09:7a:
5c:c1:e2:c1:59:b7:61:a6:46:40:43:f0:8c:87:4d:
c7:f0:76:ef:90:e2:34:88:f0:16:62:12:d3:54:1c:
e8:f8:d5:38:0f:e9:e5:5f:2f:0f:34:89:de:48:37:
34:de:95:b6:46:5c:42:1c:4d:ba:59:a4:90:60:a2:
2c:f3:f7:83:b9:96:3f:21:2c:84:1a:3e:95:bd:76:
1c:3b:cb:b3:f9:01:b0:57:1f:dd:97:fb:53:91:1a:
37:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:9F:EB:4B:DE:0C:E4:EB:09:03:09:0C:61:F8:F2:B6:75:10:EC:C9
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:6d:d9:65:97:a8:fb:e9:0e:4c:da:1e:5d:72:b4:37:6d:b0:
ad:fc:ca:94:0f:51:92:aa:98:fc:75:33:22:47:7f:94:a3:19:
0d:f7:9e:b6:74:ef:82:f4:df:39:8a:5b:99:1e:e0:bd:f3:83:
93:26:16:03:da:04:83:f3:f5:75:3e:9f:63:d4:a4:2e:06:c5:
06:b6:36:c1:d0:49:34:fd:99:03:a2:6b:9c:0b:25:42:77:bd:
aa:5e:f8:93:bd:a9:ed:b9:63:9f:ad:ab:1f:86:b8:1c:1d:9e:
c0:e5:6a:48:1c:86:dc:a9:73:99:46:d4:28:e5:e3:11:d7:c1:
4f:4b:d2:29:01:da:5a:43:dd:0b:97:38:83:6f:34:b4:13:a3:
ad:1f:bc:1f:b2:af:1f:78:55:48:31:1a:ce:75:06:5c:8e:b1:
f1:14:21:b2:95:51:fd:b8:a2:d4:0c:a5:a0:30:b3:e1:3f:33:
fa:7e:f8:b1:46:5a:e2:4d:ef:d6:ff:42:35:9b:6d:36:26:6d:
71:48:bc:14:dd:b1:ef:e5:33:bd:ad:25:9d:f8:8b:ff:70:c1:
b6:2b:4f:95:2d:5c:66:29:fb:64:9e:76:ee:4a:03:c7:6d:d7:
59:e7:b5:0a:7f:e1:c5:0c:ba:88:74:40:a4:b3:94:8c:af:7f:
be:10:da:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAxtQyPtsWpN1C0jAU8MXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjUwNDI5MDkwMDM2WhcNMjUwNDMwMDkwMDM2WjAzMTEwLwYDVQQD
EygxMDlmZWI0YmRlMGNlNGViMDkwMzA5MGM2MWY4ZjJiNjc1MTBlY2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1G8B+owF/+Btf/Tk+9FQd0KWCha
77H5iB4vzBh7VaruxwZyIeAA96mer3Tg8ukNdJYJHUpaoeYIgToL/gYE6JWv7qE3
QxVgZx9QE3seRlD79J+OzdzWSA0mBEfmkIJqXvo1QmhKWoNeoYsdvQ+m03q9LVHZ
BtEcCkpu11QTTW08N5JvjfvUEBpYeSxoCxkmMhPQxjXRXkTc8Wp9/2KDoaP1CXpc
weLBWbdhpkZAQ/CMh03H8HbvkOI0iPAWYhLTVBzo+NU4D+nlXy8PNIneSDc03pW2
RlxCHE26WaSQYKIs8/eDuZY/ISyEGj6VvXYcO8uz+QGwVx/dl/tTkRo36QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBCf60veDOTrCQMJDGH48rZ1EOzJMB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhW3ZZZeo
++kOTNoeXXK0N22wrfzKlA9RkqqY/HUzIkd/lKMZDfeetnTvgvTfOYpbmR7gvfOD
kyYWA9oEg/P1dT6fY9SkLgbFBrY2wdBJNP2ZA6JrnAslQne9ql74k72p7bljn62r
H4a4HB2ewOVqSByG3KlzmUbUKOXjEdfBT0vSKQHaWkPdC5c4g280tBOjrR+8H7Kv
H3hVSDEaznUGXI6x8RQhspVR/bii1AyloDCz4T8z+n74sUZa4k3v1v9CNZttNiZt
cUi8FN2x7+Uzva0lnfiL/3DBtitPlS1cZin7ZJ527koDx23XWee1Cn/hxQy6iHRA
pLOUjK9/vhDaHg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 13:16:54 2025 by rpki-client