Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft
File: OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft (raw, json)
Hash identifier: JJSkN2fZ6uz8xiUTxDO1E2iyV8BIb4baGFJAyD6sL2k=
Subject key identifier: A6:6B:86:BF:65:15:21:17:11:42:08:C8:BF:71:94:4B:68:59:47:A2
Authority key identifier: 39:9D:C1:36:19:AA:BA:7F:22:2C:EA:CB:05:F1:BB:AC:59:BD:3A:9A
Certificate issuer: /CN=399dc13619aaba7f222ceacb05f1bbac59bd3a9a
Certificate serial: 01967AFBDD8147D4EC02A3DD519D5A35C1C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft
Manifest number: 0C94
Signing time: Mon 28 Apr 2025 06:00:48 +0000
Manifest this update: Mon 28 Apr 2025 06:00:48 +0000
Manifest next update: Tue 29 Apr 2025 06:00:48 +0000
Files and hashes: 1: OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl (hash: oiQJP6wOMc0VzN+Xqx27seJUYS1RxX/bMfZHMcSJJB0=)
2: m3UPJQ_Zh7wapyw5537rzzPo3os.roa (hash: EUy+4/7WXUAZtQJhe/6fh4vD4Ks9aUtYKkwAIbRuQrA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 06:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7a:fb:dd:81:47:d4:ec:02:a3:dd:51:9d:5a:35:c1:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=399dc13619aaba7f222ceacb05f1bbac59bd3a9a
Validity
Not Before: Apr 28 06:00:48 2025 GMT
Not After : Apr 29 06:00:48 2025 GMT
Subject: CN=a66b86bf65152117114208c8bf71944b685947a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e6:bd:21:38:1d:e9:24:27:78:56:ec:ff:c8:
a7:24:09:d9:e8:04:17:f7:ac:b6:8b:fd:c8:71:34:
be:6b:6a:f6:a8:8d:f1:4b:be:e4:54:9c:6e:71:c9:
db:b4:1c:7c:6c:dd:cc:c3:74:1c:96:d5:7c:f3:37:
ee:f4:f6:96:a6:81:9a:88:61:5e:9f:28:40:d5:b2:
ed:de:e6:20:c1:11:cb:98:4d:5a:42:6b:aa:89:67:
2d:55:44:54:c9:1c:6b:10:5f:80:f5:e4:6b:a1:92:
cd:e7:4e:9f:e4:d5:26:55:10:0e:79:82:7c:58:3b:
4b:e0:48:24:b0:85:25:3c:ed:a2:69:51:e9:8b:9c:
8d:05:bd:28:a4:01:dd:55:bd:ad:bf:18:d7:ea:10:
f1:e4:c3:1f:dd:5a:e1:d6:f5:79:63:04:d6:98:f2:
b7:de:7f:62:42:5a:14:ac:98:f0:44:74:3c:05:ca:
e3:d8:bd:59:22:c4:6b:53:cf:62:90:c2:52:e9:8c:
1c:a0:aa:49:fb:84:dd:47:48:29:ff:40:9e:67:cc:
e3:c4:39:d9:af:68:07:22:66:2d:06:e0:a2:3b:ac:
88:3a:a2:ad:78:be:ec:ef:38:5a:72:f9:b4:fc:06:
1f:cf:e1:f6:50:9a:21:9e:2e:48:16:91:bd:16:96:
90:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:6B:86:BF:65:15:21:17:11:42:08:C8:BF:71:94:4B:68:59:47:A2
X509v3 Authority Key Identifier:
keyid:39:9D:C1:36:19:AA:BA:7F:22:2C:EA:CB:05:F1:BB:AC:59:BD:3A:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b1:2a:01:e0:2a:75:8d:11:22:db:f7:f2:e2:4d:de:99:f4:9b:
c6:48:db:3f:be:56:a2:6e:93:45:a9:61:9d:e6:4d:27:2f:a6:
8a:93:01:37:3d:96:b7:de:12:75:36:91:c8:ba:c9:b0:71:d7:
d2:93:c6:aa:e2:57:50:f1:0d:fa:2f:82:37:68:79:a6:4a:c1:
fc:3c:10:b7:ea:5a:fb:aa:e2:74:f4:05:d4:11:1c:19:e0:e7:
a0:39:34:57:a5:fc:4a:f7:77:a4:2e:b8:a1:89:e7:8b:4c:f2:
12:22:1b:bf:f7:e1:32:71:2d:98:5b:34:ab:59:0c:ca:f1:a5:
38:bf:a7:59:f5:b9:9d:f4:c7:d7:ee:c0:08:fe:9e:82:1c:d7:
db:20:94:ea:c6:92:ea:c4:54:8d:97:2e:25:7b:e6:d8:01:a3:
84:fc:9c:04:ca:1b:9f:2e:39:d6:18:b0:76:3d:3d:7c:e4:7f:
ba:b3:2c:d3:86:c1:cb:7a:48:bd:98:27:d5:71:26:82:3b:1c:
7b:1b:a8:63:c8:47:0b:ee:ec:c9:8e:2b:28:d6:2f:85:60:f8:
56:dd:8b:58:05:ab:5f:8f:d2:cf:9c:ee:3b:28:6e:2e:5f:cd:
74:e1:1b:62:73:04:f4:e8:d2:65:c3:2a:9f:0f:06:3b:e6:a4:
58:9b:81:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ6+92BR9TsAqPdUZ1aNcHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OWRjMTM2MTlhYWJhN2YyMjJjZWFjYjA1ZjFiYmFjNTli
ZDNhOWEwHhcNMjUwNDI4MDYwMDQ4WhcNMjUwNDI5MDYwMDQ4WjAzMTEwLwYDVQQD
EyhhNjZiODZiZjY1MTUyMTE3MTE0MjA4YzhiZjcxOTQ0YjY4NTk0N2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuua9ITgd6SQneFbs/8inJAnZ6AQX
96y2i/3IcTS+a2r2qI3xS77kVJxuccnbtBx8bN3Mw3QcltV88zfu9PaWpoGaiGFe
nyhA1bLt3uYgwRHLmE1aQmuqiWctVURUyRxrEF+A9eRroZLN506f5NUmVRAOeYJ8
WDtL4EgksIUlPO2iaVHpi5yNBb0opAHdVb2tvxjX6hDx5MMf3Vrh1vV5YwTWmPK3
3n9iQloUrJjwRHQ8Bcrj2L1ZIsRrU89ikMJS6YwcoKpJ+4TdR0gp/0CeZ8zjxDnZ
r2gHImYtBuCiO6yIOqKteL7s7zhacvm0/AYfz+H2UJohni5IFpG9FpaQ/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKZrhr9lFSEXEUIIyL9xlEtoWUeiMB8GA1UdIwQY
MBaAFDmdwTYZqrp/IizqywXxu6xZvTqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9lZmEyMjUtMTZkYy00ZjQzLWFhZTkt
MDAzMmZkYzU0NTBiLzEvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9lZmEyMjUtMTZkYy00ZjQzLWFhZTktMDAzMmZkYzU0NTBi
LzEvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsSoB4Cp1
jREi2/fy4k3emfSbxkjbP75Wom6TRalhneZNJy+mipMBNz2Wt94SdTaRyLrJsHHX
0pPGquJXUPEN+i+CN2h5pkrB/DwQt+pa+6ridPQF1BEcGeDnoDk0V6X8Svd3pC64
oYnni0zyEiIbv/fhMnEtmFs0q1kMyvGlOL+nWfW5nfTH1+7ACP6eghzX2yCU6saS
6sRUjZcuJXvm2AGjhPycBMobny451hiwdj09fOR/urMs04bBy3pIvZgn1XEmgjsc
exuoY8hHC+7syY4rKNYvhWD4Vt2LWAWrX4/Sz5zuOyhuLl/NdOEbYnME9OjSZcMq
nw8GO+akWJuBSg==
-----END CERTIFICATE-----
Generated at Mon Apr 28 16:21:08 2025 by rpki-client