Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
File: Okj-BwTkrJXjpw6VvrhEJcMWua0.mft (raw, json)
Hash identifier: Ml/vOd/ImukvCCqlJp99cfmJN0eNV9x4WCzoLIUfaoc=
Subject key identifier: F8:D6:5C:09:F6:A5:DB:48:A6:76:E0:F4:B4:CB:F1:74:46:E5:45:D0
Authority key identifier: 3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
Certificate issuer: /CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Certificate serial: 01968BEF4777BCCAFDC07F48FE3064F1EA12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
Manifest number: 1034
Signing time: Thu 01 May 2025 13:00:36 +0000
Manifest this update: Thu 01 May 2025 13:00:36 +0000
Manifest next update: Fri 02 May 2025 13:00:36 +0000
Files and hashes: 1: Okj-BwTkrJXjpw6VvrhEJcMWua0.crl (hash: /neqvJkeQqd/SE1k/yg4x2bOMvGbvv8QIK8fN3YWh0s=)
2: jBg4c1TddaMZ79OO2ACO6rgKQkE.roa (hash: vxMjeBuQHvoGxQ3EbvzgsnvZ7fj/adVRxxvAS0tcfsE=)
3: yN3-coe-yJTzFymhuWAPFUYAkF4.roa (hash: IPNSpgYWxN2jcOf0NhOGeg6e+K9d2+ZzIVVpZsFLZDI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 02 May 2025 13:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8b:ef:47:77:bc:ca:fd:c0:7f:48:fe:30:64:f1:ea:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Validity
Not Before: May 1 13:00:36 2025 GMT
Not After : May 2 13:00:36 2025 GMT
Subject: CN=f8d65c09f6a5db48a676e0f4b4cbf17446e545d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8a:f1:c7:94:9a:53:ac:3c:79:2e:ce:cd:5d:
7d:a4:a5:5f:3d:e1:1d:59:f5:03:69:17:b8:ba:cb:
20:6a:2b:ce:0e:78:80:93:aa:c0:b4:ed:21:eb:1a:
c0:7e:ce:83:27:44:6d:3a:2e:68:24:4f:a8:de:99:
ef:59:cf:c0:20:67:30:14:0f:18:0e:85:37:31:3d:
8d:95:36:d1:cc:72:76:bc:08:4f:73:23:b7:7e:54:
8b:b2:6e:71:28:bb:06:c9:20:fa:93:ba:ba:2f:84:
52:cc:82:54:fa:99:a7:8a:dc:96:61:bd:4b:11:31:
01:8f:82:b8:21:69:d0:29:85:89:43:ae:9f:c2:ca:
d3:d0:2a:5a:63:86:a5:06:c9:81:b6:4b:1a:aa:f2:
0f:54:b1:e3:52:de:18:67:4e:c7:70:81:f1:50:1b:
2a:2c:5d:b4:92:c1:cf:1e:ae:d7:5c:a5:c6:97:d2:
81:d8:4b:7c:49:b8:df:8f:9c:8a:10:45:dc:55:17:
a1:2f:1c:23:81:43:56:3a:52:a4:5c:28:28:dd:43:
be:0b:0f:5a:95:46:e2:9c:71:7f:0f:55:76:68:ec:
27:85:31:89:47:d8:be:3c:b5:84:96:a2:03:c7:70:
5d:6a:39:fd:47:71:a2:44:e1:ac:0e:a3:62:d0:6b:
96:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:D6:5C:09:F6:A5:DB:48:A6:76:E0:F4:B4:CB:F1:74:46:E5:45:D0
X509v3 Authority Key Identifier:
keyid:3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:e1:8a:d3:1f:61:35:7d:59:a8:b7:2b:f0:8a:64:d0:d2:1b:
ab:dd:6a:2d:67:ab:92:d9:93:d3:1a:65:f2:90:3e:94:85:c3:
1a:09:24:80:77:b4:aa:67:ee:80:c5:11:42:b9:83:85:b8:ef:
6c:6c:e6:a4:5d:39:6b:7b:49:53:1d:33:f2:66:a7:36:a9:f2:
bc:7c:f1:4d:b1:df:9f:55:63:fc:07:d8:97:9d:0d:ca:c9:ee:
af:5e:4c:be:7a:94:14:66:fb:1a:97:f3:9a:89:67:59:e1:7a:
77:b4:60:07:07:48:0d:c5:0e:0e:0d:66:80:e2:e2:70:a3:c6:
bb:94:61:27:10:89:a3:5a:79:26:97:15:3a:aa:cd:b6:31:25:
d5:3d:5f:4a:4a:9e:5e:fb:9e:89:91:b2:e8:d3:5c:60:7c:a0:
7f:62:ca:39:5a:95:f2:fb:24:37:53:51:7d:13:bd:72:15:c5:
63:0e:ef:ae:fc:4f:69:a5:26:0a:e5:ea:b7:68:f8:4d:be:65:
5b:90:59:10:5a:9a:17:53:b0:8a:fc:d6:8a:6d:cd:02:90:f4:
f1:35:e4:fc:3a:f1:0e:64:b5:aa:9e:be:43:ce:ef:30:e8:74:
2c:2c:40:c2:cb:98:51:fb:13:ac:c7:a5:70:88:fc:39:e5:1d:
8c:2f:98:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaL70d3vMr9wH9I/jBk8eoSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhmZTA3MDRlNGFjOTVlM2E3MGU5NWJlYjg0NDI1YzMx
NmI5YWQwHhcNMjUwNTAxMTMwMDM2WhcNMjUwNTAyMTMwMDM2WjAzMTEwLwYDVQQD
EyhmOGQ2NWMwOWY2YTVkYjQ4YTY3NmUwZjRiNGNiZjE3NDQ2ZTU0NWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4rxx5SaU6w8eS7OzV19pKVfPeEd
WfUDaRe4ussgaivODniAk6rAtO0h6xrAfs6DJ0RtOi5oJE+o3pnvWc/AIGcwFA8Y
DoU3MT2NlTbRzHJ2vAhPcyO3flSLsm5xKLsGySD6k7q6L4RSzIJU+pmnityWYb1L
ETEBj4K4IWnQKYWJQ66fwsrT0CpaY4alBsmBtksaqvIPVLHjUt4YZ07HcIHxUBsq
LF20ksHPHq7XXKXGl9KB2Et8Sbjfj5yKEEXcVRehLxwjgUNWOlKkXCgo3UO+Cw9a
lUbinHF/D1V2aOwnhTGJR9i+PLWElqIDx3Bdajn9R3GiROGsDqNi0GuWyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPjWXAn2pdtIpnbg9LTL8XRG5UXQMB8GA1UdIwQY
MBaAFDpI/gcE5KyV46cOlb64RCXDFrmtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEt
ZTEyM2U0ZTMwM2UxLzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEtZTEyM2U0ZTMwM2Ux
LzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUeGK0x9h
NX1ZqLcr8Ipk0NIbq91qLWerktmT0xpl8pA+lIXDGgkkgHe0qmfugMURQrmDhbjv
bGzmpF05a3tJUx0z8manNqnyvHzxTbHfn1Vj/AfYl50Nysnur15MvnqUFGb7Gpfz
molnWeF6d7RgBwdIDcUODg1mgOLicKPGu5RhJxCJo1p5JpcVOqrNtjEl1T1fSkqe
XvueiZGy6NNcYHygf2LKOVqV8vskN1NRfRO9chXFYw7vrvxPaaUmCuXqt2j4Tb5l
W5BZEFqaF1OwivzWim3NApD08TXk/DrxDmS1qp6+Q87vMOh0LCxAwsuYUfsTrMel
cIj8OeUdjC+YDA==
-----END CERTIFICATE-----
Generated at Thu May 1 20:24:49 2025 by rpki-client