Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
File: OkjgM962SsQkPHLOiZ1Tgi32mW0.mft (raw, json)
Hash identifier: XqSjaDdHHfMuUMC5uQdzSbGZETWrjt6ohDI6QFFqTX4=
Subject key identifier: 24:AB:A5:95:A2:9F:19:C2:9D:DE:1B:48:3E:19:E3:52:12:67:6B:CB
Authority key identifier: 3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
Certificate issuer: /CN=3a48e033deb64ac4243c72ce899d53822df6996d
Certificate serial: 01968AA638577946D2E5D15473A8D1ED5F7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
Manifest number: 14AB
Signing time: Thu 01 May 2025 07:01:11 +0000
Manifest this update: Thu 01 May 2025 07:01:11 +0000
Manifest next update: Fri 02 May 2025 07:01:11 +0000
Files and hashes: 1: OkjgM962SsQkPHLOiZ1Tgi32mW0.crl (hash: F974QI+wc5IjJZRIui+PkEMY7NyBqHLVTg8r/jlB3XY=)
2: oU-Dh2GrIk6DJo0B3ckZobCZQLg.roa (hash: 3M/n9wvPmKU+uLTP2MTaGav/2cb5GDciUi4YXKv/+G0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 02 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8a:a6:38:57:79:46:d2:e5:d1:54:73:a8:d1:ed:5f:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48e033deb64ac4243c72ce899d53822df6996d
Validity
Not Before: May 1 07:01:11 2025 GMT
Not After : May 2 07:01:11 2025 GMT
Subject: CN=24aba595a29f19c29dde1b483e19e35212676bcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:30:bd:6c:ca:bf:62:0f:33:fd:71:d7:d6:63:
4b:ed:bd:c1:36:1f:e7:a6:30:1e:5c:a0:8a:29:c9:
4d:5d:a1:b3:e9:e9:d2:a4:9c:ed:1d:55:d7:e2:d6:
66:41:b7:3b:12:81:90:90:74:98:4b:dc:81:67:a0:
93:57:bb:97:da:74:b6:c1:49:d5:59:d9:ba:d5:04:
5d:23:e4:48:9e:bf:d0:2f:80:36:a1:fd:9b:3c:8f:
27:30:b7:7a:dd:3f:14:fb:0a:9b:c9:c5:3e:8b:3b:
88:6d:8b:78:65:79:71:c0:fe:1c:94:b0:61:08:0d:
e8:7a:72:6e:f5:89:b3:47:7e:7d:80:24:27:26:cc:
98:6f:15:1a:bb:19:f0:bf:bf:c6:a9:e1:ac:f2:07:
f3:9c:ca:55:bc:35:66:9f:77:ba:0c:66:8f:07:8b:
72:91:23:72:85:f1:ca:6a:bf:f0:1a:8f:a9:df:7e:
11:b7:8f:71:11:76:dc:5a:60:6a:43:a9:b3:85:70:
f1:82:ae:93:73:98:85:bf:8c:b5:ea:b0:3a:1e:61:
2b:a3:f0:db:8f:85:06:87:fe:cd:44:6f:83:2b:3b:
49:c4:96:b3:b6:c4:54:32:32:44:83:4b:aa:74:f4:
cb:98:82:79:3f:88:d8:1a:29:d9:59:87:63:f4:8e:
9d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:AB:A5:95:A2:9F:19:C2:9D:DE:1B:48:3E:19:E3:52:12:67:6B:CB
X509v3 Authority Key Identifier:
keyid:3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:b7:56:be:a9:e4:48:4e:80:86:66:ef:35:ab:8b:3b:c5:1e:
40:7a:8d:74:7d:6e:d6:65:f0:c4:75:4d:67:a7:33:d8:10:a3:
24:0a:f0:92:5c:cd:b9:9e:db:32:be:f0:ed:54:71:a4:54:2d:
2f:93:4d:ba:d2:83:7f:35:47:21:12:02:c7:c3:85:69:b9:67:
6d:7e:e2:78:85:2e:4d:16:45:47:2c:02:24:a4:9e:6d:f1:06:
ce:15:f0:cc:41:dd:c7:6c:1f:85:c8:d6:f6:e3:28:de:bd:f4:
32:30:7c:dd:0c:01:d3:7b:fe:a4:9c:b0:e9:59:f5:18:60:c7:
14:8e:b7:db:1b:4d:58:3f:87:eb:1f:4d:4d:8b:d4:ab:31:62:
20:cd:ab:01:a7:02:bf:f6:05:9b:de:a7:6a:91:5c:2b:66:3e:
e0:3b:1d:03:65:a4:2b:ec:9c:9e:6a:c2:c4:f7:05:2d:e8:d4:
4d:96:70:82:87:da:61:1d:6a:89:a5:48:dd:76:08:1f:81:3d:
78:80:56:3d:da:fb:32:e2:62:9d:db:1b:6c:23:f3:24:d0:2a:
31:5a:0d:93:49:54:7f:7e:ee:c5:02:7c:70:1c:91:33:3c:1a:
82:af:28:c0:4d:83:13:c1:2b:e7:f6:ff:8b:59:fd:5a:49:31:
a9:2b:a7:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaKpjhXeUbS5dFUc6jR7V97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhlMDMzZGViNjRhYzQyNDNjNzJjZTg5OWQ1MzgyMmRm
Njk5NmQwHhcNMjUwNTAxMDcwMTExWhcNMjUwNTAyMDcwMTExWjAzMTEwLwYDVQQD
EygyNGFiYTU5NWEyOWYxOWMyOWRkZTFiNDgzZTE5ZTM1MjEyNjc2YmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzC9bMq/Yg8z/XHX1mNL7b3BNh/n
pjAeXKCKKclNXaGz6enSpJztHVXX4tZmQbc7EoGQkHSYS9yBZ6CTV7uX2nS2wUnV
Wdm61QRdI+RInr/QL4A2of2bPI8nMLd63T8U+wqbycU+izuIbYt4ZXlxwP4clLBh
CA3oenJu9YmzR359gCQnJsyYbxUauxnwv7/GqeGs8gfznMpVvDVmn3e6DGaPB4ty
kSNyhfHKar/wGo+p334Rt49xEXbcWmBqQ6mzhXDxgq6Tc5iFv4y16rA6HmEro/Db
j4UGh/7NRG+DKztJxJaztsRUMjJEg0uqdPTLmIJ5P4jYGinZWYdj9I6dowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCSrpZWinxnCnd4bSD4Z41ISZ2vLMB8GA1UdIwQY
MBaAFDpI4DPetkrEJDxyzomdU4It9pltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEt
YzUzMjFkYzllNjRiLzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEtYzUzMjFkYzllNjRi
LzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfrdWvqnk
SE6AhmbvNauLO8UeQHqNdH1u1mXwxHVNZ6cz2BCjJArwklzNuZ7bMr7w7VRxpFQt
L5NNutKDfzVHIRICx8OFablnbX7ieIUuTRZFRywCJKSebfEGzhXwzEHdx2wfhcjW
9uMo3r30MjB83QwB03v+pJyw6Vn1GGDHFI632xtNWD+H6x9NTYvUqzFiIM2rAacC
v/YFm96napFcK2Y+4DsdA2WkK+ycnmrCxPcFLejUTZZwgofaYR1qiaVI3XYIH4E9
eIBWPdr7MuJindsbbCPzJNAqMVoNk0lUf37uxQJ8cByRMzwagq8owE2DE8Er5/b/
i1n9WkkxqSunYg==
-----END CERTIFICATE-----
Generated at Thu May 1 10:05:17 2025 by rpki-client