Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
File: OpL12TZ1K68tDfcTKZSZzs-p9I0.mft (raw, json)
Hash identifier: dlO7Ai9Fk1OiiUYgFvlKwibheEobeFreY3DDnVqz+Ig=
Subject key identifier: 26:EE:27:9A:B3:8B:11:41:7B:63:07:4C:B8:78:AF:AF:BA:51:10:01
Authority key identifier: 3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
Certificate issuer: /CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Certificate serial: 01967ED8DFB2A0911F23A5BF4034186E5E40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
Manifest number: 1519
Signing time: Tue 29 Apr 2025 00:01:04 +0000
Manifest this update: Tue 29 Apr 2025 00:01:04 +0000
Manifest next update: Wed 30 Apr 2025 00:01:04 +0000
Files and hashes: 1: OpL12TZ1K68tDfcTKZSZzs-p9I0.crl (hash: OWcu27aRe14vae/aqdVIE+o65r97gutlqDUbqhkW0d4=)
2: QMe1cQvSWWyTmlxs7mg5bNBSDlw.roa (hash: iejToeWDmgQDOWHcoY74bMQ91/UDUCJzy2kftI9HQTs=)
3: abyvfDmy4Q3zVDJIfxfSkrtZdLo.roa (hash: IZm94vPLNr133XeI56Dl5DQUBKwgG1pbFRgf8ws+6Pw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 22:36:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7e:d8:df:b2:a0:91:1f:23:a5:bf:40:34:18:6e:5e:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Validity
Not Before: Apr 29 00:01:04 2025 GMT
Not After : Apr 30 00:01:04 2025 GMT
Subject: CN=26ee279ab38b11417b63074cb878afafba511001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:29:ed:07:50:c0:34:37:9a:12:ce:b0:0c:6a:
71:d9:da:e6:48:b9:bf:4d:a9:57:0d:63:4b:82:0f:
d2:af:06:5f:1b:a2:62:c2:93:91:38:2e:ce:d5:97:
5e:32:88:47:06:6b:14:3c:9c:4d:6e:2b:59:c7:36:
f8:94:fc:d9:7b:9b:fa:04:bd:c4:39:0f:c6:31:34:
2d:bc:46:1e:93:5b:f4:dd:ec:b8:00:e0:97:71:bf:
9d:b4:ba:cf:80:5d:d3:87:60:e1:32:fb:3d:49:0e:
d0:1c:a5:cf:ee:fe:8c:56:b0:83:ab:fb:ee:74:fe:
50:17:92:a9:06:bb:5e:be:4f:c9:29:aa:f4:6a:b9:
1b:9a:57:13:9f:f2:0f:0b:3f:84:20:68:7f:eb:2c:
91:74:a7:90:2c:27:34:57:f4:cf:0f:38:0c:cb:84:
bf:fb:ce:c3:af:95:38:28:41:43:2d:3c:7a:d4:2e:
20:19:7f:8c:73:3f:50:ff:ee:cd:fa:d0:0a:59:4b:
bc:eb:f6:db:02:79:cc:6f:7d:4f:52:2b:63:a6:e9:
e2:cc:c9:9d:3d:fb:ec:6a:a5:b0:53:41:96:a5:6a:
1e:46:0a:77:74:d8:af:f2:ba:46:5e:b4:eb:42:ff:
dc:41:78:bf:55:28:45:19:57:89:b0:90:39:47:69:
9f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:EE:27:9A:B3:8B:11:41:7B:63:07:4C:B8:78:AF:AF:BA:51:10:01
X509v3 Authority Key Identifier:
keyid:3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:25:ba:8b:ad:cd:16:ce:b9:34:58:dc:d4:76:71:95:0b:9b:
7a:8c:74:a4:c3:6d:0c:ba:34:34:5b:4a:b5:b8:26:82:d7:78:
fb:05:ab:b6:73:55:e0:34:98:d8:ba:44:0e:23:e3:08:ca:ba:
14:e0:ff:78:b7:e5:da:76:cd:b0:20:bf:66:e9:c0:bd:f7:d9:
b0:ed:ba:1c:74:c4:f8:12:99:8b:69:a6:0d:46:39:43:f7:4c:
41:c9:b0:46:91:9b:7a:f0:35:07:f4:7d:72:1d:9d:21:9c:cd:
06:f1:36:a6:cc:4e:cd:c9:d3:7e:97:6a:5f:4c:58:4c:20:3c:
6d:06:27:d8:70:05:b4:c0:09:7b:97:60:c4:2a:14:49:8f:38:
a1:27:75:05:d4:a6:a0:33:5d:e7:9c:a6:96:83:ac:ba:44:3d:
6e:5d:c6:90:6e:1a:2a:90:47:f0:8c:50:f2:bd:c7:ab:b0:6d:
af:62:95:e7:55:a3:a6:f1:cc:9e:4d:60:dd:eb:7a:6e:68:c6:
e3:c0:2d:37:5e:f4:aa:85:57:89:5e:bb:0e:ad:e3:9b:6a:28:
27:b6:65:49:a7:46:d7:85:e2:ff:e9:bf:f6:43:3b:0c:2f:96:
53:07:f0:29:31:c6:dc:41:7b:e8:b5:e1:38:36:fa:0d:c4:35:
c0:9d:28:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+2N+yoJEfI6W/QDQYbl5AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOTJmNWQ5MzY3NTJiYWYyZDBkZjcxMzI5OTQ5OWNlY2Zh
OWY0OGQwHhcNMjUwNDI5MDAwMTA0WhcNMjUwNDMwMDAwMTA0WjAzMTEwLwYDVQQD
EygyNmVlMjc5YWIzOGIxMTQxN2I2MzA3NGNiODc4YWZhZmJhNTExMDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyntB1DANDeaEs6wDGpx2drmSLm/
TalXDWNLgg/SrwZfG6JiwpOROC7O1ZdeMohHBmsUPJxNbitZxzb4lPzZe5v6BL3E
OQ/GMTQtvEYek1v03ey4AOCXcb+dtLrPgF3Th2DhMvs9SQ7QHKXP7v6MVrCDq/vu
dP5QF5KpBrtevk/JKar0arkbmlcTn/IPCz+EIGh/6yyRdKeQLCc0V/TPDzgMy4S/
+87Dr5U4KEFDLTx61C4gGX+Mcz9Q/+7N+tAKWUu86/bbAnnMb31PUitjpunizMmd
PfvsaqWwU0GWpWoeRgp3dNiv8rpGXrTrQv/cQXi/VShFGVeJsJA5R2mf4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCbuJ5qzixFBe2MHTLh4r6+6URABMB8GA1UdIwQY
MBaAFDqS9dk2dSuvLQ33EymUmc7PqfSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTIt
MTY5NmIyNDZjZDUwLzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTItMTY5NmIyNDZjZDUw
LzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaSW6i63N
Fs65NFjc1HZxlQubeox0pMNtDLo0NFtKtbgmgtd4+wWrtnNV4DSY2LpEDiPjCMq6
FOD/eLfl2nbNsCC/ZunAvffZsO26HHTE+BKZi2mmDUY5Q/dMQcmwRpGbevA1B/R9
ch2dIZzNBvE2psxOzcnTfpdqX0xYTCA8bQYn2HAFtMAJe5dgxCoUSY84oSd1BdSm
oDNd55ymloOsukQ9bl3GkG4aKpBH8IxQ8r3Hq7Btr2KV51WjpvHMnk1g3et6bmjG
48AtN170qoVXiV67Dq3jm2ooJ7ZlSadG14Xi/+m/9kM7DC+WUwfwKTHG3EF76LXh
ODb6DcQ1wJ0oSw==
-----END CERTIFICATE-----
Generated at Tue Apr 29 04:51:27 2025 by rpki-client