Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
File: ONBDirVthCFxMbwG_jNeTHhD63k.mft (raw, json)
Hash identifier: PdW3xgXQUVU3DBQteulVWwRxaT9sGNwu26dxBSQOVwM=
Subject key identifier: 7B:F9:78:84:A4:3A:C1:22:23:39:E9:16:BA:52:DC:A7:31:69:82:B8
Authority key identifier: 38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
Certificate issuer: /CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Certificate serial: 01967BD73A4665CFD66ECD25FF9905D02535
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
Manifest number: 0217
Signing time: Mon 28 Apr 2025 10:00:24 +0000
Manifest this update: Mon 28 Apr 2025 10:00:24 +0000
Manifest next update: Tue 29 Apr 2025 10:00:24 +0000
Files and hashes: 1: BFrr-Y0U-5iptN2idzPFsrYv6zw.roa (hash: SItZsNwfN8g7OyWNk2li9IKpDbpjiOGNcOTycVK0WwU=)
2: ONBDirVthCFxMbwG_jNeTHhD63k.crl (hash: PMclgedy8MTwwHGMjfpFpYSY/QgyEJc5Mw5vmSEl41c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 10:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:d7:3a:46:65:cf:d6:6e:cd:25:ff:99:05:d0:25:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Validity
Not Before: Apr 28 10:00:24 2025 GMT
Not After : Apr 29 10:00:24 2025 GMT
Subject: CN=7bf97884a43ac1222339e916ba52dca7316982b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fe:d9:65:8a:fd:07:42:8f:ba:72:4d:a1:73:
b8:fe:92:ea:36:9e:5d:af:e7:bc:dc:6e:74:22:5f:
da:fb:b3:62:d5:6a:5d:3c:a9:5a:38:83:52:e1:ff:
fb:b9:20:d3:cc:84:39:07:bd:78:06:4a:73:34:ac:
37:19:dc:35:fa:01:b6:16:6d:8d:a4:3b:02:5c:4b:
fc:8f:9c:67:4d:10:c6:bf:d6:03:bd:73:b1:36:e2:
da:a5:41:8b:ef:b9:f0:1e:86:f5:97:a9:96:41:86:
fa:8a:80:8d:3d:9e:7f:ec:25:93:b4:a9:e1:d3:32:
db:1c:ae:f9:6e:80:ce:88:13:cc:e8:07:cf:15:42:
13:c6:3f:3f:aa:34:51:31:67:f3:c6:47:d2:a9:90:
31:11:dc:78:c1:06:86:47:8d:1a:be:f8:17:07:ce:
66:cf:71:dc:7b:e3:29:9a:13:c9:0f:33:f1:84:97:
89:d1:1b:b8:31:52:81:fa:a3:d6:4c:d9:38:34:d7:
ac:39:5c:55:46:fe:1b:a5:a1:23:d3:76:16:56:fa:
1e:2a:d2:c4:51:1f:c0:e9:f9:5c:fa:c7:06:c0:23:
23:60:30:6e:6d:93:f8:88:6e:fd:36:78:44:d6:a4:
ec:bd:63:57:56:c6:96:f7:5b:82:af:6c:49:2e:ac:
9a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F9:78:84:A4:3A:C1:22:23:39:E9:16:BA:52:DC:A7:31:69:82:B8
X509v3 Authority Key Identifier:
keyid:38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:f2:bb:1f:2a:37:cb:c7:cd:57:6f:f4:20:d4:15:12:13:27:
70:b1:1d:ea:ba:d1:11:80:40:ef:ee:ee:a5:84:2a:0c:b1:52:
91:27:14:e4:e7:fc:3d:88:bb:8f:b5:16:37:20:29:cd:53:57:
7f:c1:e0:22:ba:89:87:72:17:e3:7c:b9:e2:21:3c:a2:5b:a7:
3a:60:36:87:55:2d:4d:61:94:ae:bf:7c:c1:2d:f5:b0:1e:37:
9c:97:d8:73:bd:bd:29:e7:5e:3d:c9:93:3a:e9:e9:ed:aa:54:
8d:a9:51:c1:6a:fe:7f:fb:07:6e:45:0e:10:4e:9b:49:32:aa:
f7:46:b5:15:de:71:c9:4c:e5:f5:d9:ef:ad:39:3a:3e:78:f8:
cd:62:cc:69:65:bf:73:9c:4f:52:6e:e8:76:5e:09:0b:ed:fe:
a7:bf:99:94:b9:d3:7e:ed:81:13:06:53:b7:5f:87:12:57:a0:
0a:c0:01:99:db:97:f5:61:98:fa:78:45:04:51:5a:11:8b:46:
a1:85:26:e7:b7:9e:a1:aa:99:b5:e5:c8:c7:ef:74:e6:6e:37:
8a:3e:89:a5:6e:9f:08:e4:ee:4f:a0:f1:04:d1:48:e2:58:af:
e9:88:70:b1:45:a5:17:0e:71:14:e6:1d:ab:b0:fb:a5:47:7b:
be:5c:c2:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ71zpGZc/Wbs0l/5kF0CU1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDA0MzhhYjU2ZDg0MjE3MTMxYmMwNmZlMzM1ZTRjNzg0
M2ViNzkwHhcNMjUwNDI4MTAwMDI0WhcNMjUwNDI5MTAwMDI0WjAzMTEwLwYDVQQD
Eyg3YmY5Nzg4NGE0M2FjMTIyMjMzOWU5MTZiYTUyZGNhNzMxNjk4MmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwf7ZZYr9B0KPunJNoXO4/pLqNp5d
r+e83G50Il/a+7Ni1WpdPKlaOINS4f/7uSDTzIQ5B714BkpzNKw3Gdw1+gG2Fm2N
pDsCXEv8j5xnTRDGv9YDvXOxNuLapUGL77nwHob1l6mWQYb6ioCNPZ5/7CWTtKnh
0zLbHK75boDOiBPM6AfPFUITxj8/qjRRMWfzxkfSqZAxEdx4wQaGR40avvgXB85m
z3Hce+MpmhPJDzPxhJeJ0Ru4MVKB+qPWTNk4NNesOVxVRv4bpaEj03YWVvoeKtLE
UR/A6flc+scGwCMjYDBubZP4iG79NnhE1qTsvWNXVsaW91uCr2xJLqyaXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHv5eISkOsEiIznpFrpS3KcxaYK4MB8GA1UdIwQY
MBaAFDjQQ4q1bYQhcTG8Bv4zXkx4Q+t5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEt
ZDllNmM1ZjBkMjg4LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEtZDllNmM1ZjBkMjg4
LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgvK7Hyo3
y8fNV2/0INQVEhMncLEd6rrREYBA7+7upYQqDLFSkScU5Of8PYi7j7UWNyApzVNX
f8HgIrqJh3IX43y54iE8olunOmA2h1UtTWGUrr98wS31sB43nJfYc729KedePcmT
Ounp7apUjalRwWr+f/sHbkUOEE6bSTKq90a1Fd5xyUzl9dnvrTk6Pnj4zWLMaWW/
c5xPUm7odl4JC+3+p7+ZlLnTfu2BEwZTt1+HElegCsABmduX9WGY+nhFBFFaEYtG
oYUm57eeoaqZteXIx+905m43ij6JpW6fCOTuT6DxBNFI4liv6YhwsUWlFw5xFOYd
q7D7pUd7vlzCyw==
-----END CERTIFICATE-----
Generated at Mon Apr 28 16:49:56 2025 by rpki-client