Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
File: 1OKXHl2BaclArwINsCe-2tiZFZA.mft (raw, json)
Hash identifier: 5AOr5S6IhqraFrQmjuBD9wlW+hBcODjnV+MkI8z2+hc=
Subject key identifier: E8:81:68:D9:A2:72:54:6E:C3:DE:3B:9D:89:8B:E1:47:1F:47:44:01
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial: 019674C28CE5BEF0BA757F8D05C4B1ADAC09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
Manifest number: 1512
Signing time: Sun 27 Apr 2025 01:00:29 +0000
Manifest this update: Sun 27 Apr 2025 01:00:29 +0000
Manifest next update: Mon 28 Apr 2025 01:00:29 +0000
Files and hashes: 1: 1OKXHl2BaclArwINsCe-2tiZFZA.crl (hash: kGdZCtUtw696d1ttfb0vP5zJLU4MSVVBu9r7580NtSc=)
2: JSqJ02JsxZMyq1FZ1Ds1WnAXfzM.roa (hash: FrjQUqzgc9bbbA26gpxWpuyB85Zjnu+GzKv9yBO8vww=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 20:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:74:c2:8c:e5:be:f0:ba:75:7f:8d:05:c4:b1:ad:ac:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
Validity
Not Before: Apr 27 01:00:29 2025 GMT
Not After : Apr 28 01:00:29 2025 GMT
Subject: CN=e88168d9a272546ec3de3b9d898be1471f474401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5c:68:a0:1f:6b:0a:a2:4d:69:5e:68:f5:9c:
2d:0c:35:f9:79:c3:d2:3f:ae:74:04:93:0e:5d:d3:
04:cf:bf:44:42:d7:c1:dc:ad:5c:d8:f6:0d:24:b2:
9b:48:5d:f0:af:1d:c3:ad:bb:b1:93:75:79:4f:6d:
f1:67:b5:06:a9:44:27:d0:23:b1:ca:d7:3f:cb:d5:
2d:54:83:b9:0f:6a:6c:e3:60:b5:7d:ed:e9:29:f7:
ad:1a:50:b6:ea:91:90:79:86:6c:8b:3e:9c:87:40:
de:fe:cd:4f:3f:35:2c:9c:3e:6d:6c:a1:f4:1f:82:
4a:15:86:47:4c:cf:c2:ea:e4:b2:20:e2:df:ca:7d:
35:c6:4c:39:af:a7:c1:5d:06:48:a9:9e:26:8b:b6:
e5:43:95:c5:66:3a:75:d8:88:2b:31:f7:c2:e0:ec:
81:bd:e7:09:2b:88:aa:74:1b:c0:a1:33:24:06:d8:
87:9d:ba:74:6b:e9:bd:d7:8c:a0:cd:e9:60:7a:d2:
01:63:0e:6a:e8:15:c3:5b:5a:05:47:d8:01:b7:c8:
a8:7b:f5:eb:a3:ab:7d:89:5d:e5:9c:d5:82:97:51:
0d:fa:e2:68:53:3f:13:e6:46:47:6d:dd:cb:ca:b2:
be:2b:87:d8:51:f5:78:b8:18:e4:53:a5:0e:db:56:
09:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:81:68:D9:A2:72:54:6E:C3:DE:3B:9D:89:8B:E1:47:1F:47:44:01
X509v3 Authority Key Identifier:
keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:c7:c3:f5:5a:8d:b4:38:2a:6f:6c:f3:7f:7b:a9:51:0a:27:
01:b9:87:ae:d6:4d:8a:53:68:38:01:f7:25:32:2c:bd:44:22:
4d:97:b8:be:e8:3e:e2:b6:53:49:e9:35:30:f9:0a:bb:6c:ab:
ef:37:0c:83:a5:d2:45:fa:f1:c5:ed:57:c1:28:2a:5f:48:41:
17:1c:da:d5:78:1c:7d:d9:2c:82:fd:e6:00:9c:b5:80:d0:5d:
e0:b5:96:2b:1e:67:2e:3d:da:ac:fe:0b:40:08:32:4f:37:49:
b8:e0:b0:bc:99:ba:47:10:47:91:f1:e2:7b:7f:41:02:e3:78:
78:09:b4:6f:6d:91:77:dc:ec:14:dd:20:46:ab:09:32:7e:2f:
d0:d7:f5:5e:b5:8b:f2:d8:64:be:57:03:b6:b2:05:5b:48:0f:
34:d3:de:8a:1c:04:28:0b:4f:25:13:47:9d:d4:77:b8:df:f9:
a8:a9:a8:4a:81:fe:28:34:66:84:a0:33:5f:a9:43:27:e7:56:
2e:7f:82:ff:ff:34:fc:19:53:d0:72:c7:bd:cb:a4:2f:d1:7c:
7c:4a:6a:0b:91:05:28:f5:51:94:34:5a:dc:f4:e8:2f:6a:92:
cf:ac:fb:80:f5:c4:3d:21:0b:55:06:58:55:70:d0:8d:69:d6:
fc:dc:25:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0wozlvvC6dX+NBcSxrawJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5
OTE1OTAwHhcNMjUwNDI3MDEwMDI5WhcNMjUwNDI4MDEwMDI5WjAzMTEwLwYDVQQD
EyhlODgxNjhkOWEyNzI1NDZlYzNkZTNiOWQ4OThiZTE0NzFmNDc0NDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1xooB9rCqJNaV5o9ZwtDDX5ecPS
P650BJMOXdMEz79EQtfB3K1c2PYNJLKbSF3wrx3Drbuxk3V5T23xZ7UGqUQn0COx
ytc/y9UtVIO5D2ps42C1fe3pKfetGlC26pGQeYZsiz6ch0De/s1PPzUsnD5tbKH0
H4JKFYZHTM/C6uSyIOLfyn01xkw5r6fBXQZIqZ4mi7blQ5XFZjp12IgrMffC4OyB
vecJK4iqdBvAoTMkBtiHnbp0a+m914ygzelgetIBYw5q6BXDW1oFR9gBt8ioe/Xr
o6t9iV3lnNWCl1EN+uJoUz8T5kZHbd3LyrK+K4fYUfV4uBjkU6UO21YJCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOiBaNmiclRuw947nYmL4UcfR0QBMB8GA1UdIwQY
MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt
MTg5NDkwZDYwZWE2LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2
LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ8fD9VqN
tDgqb2zzf3upUQonAbmHrtZNilNoOAH3JTIsvUQiTZe4vug+4rZTSek1MPkKu2yr
7zcMg6XSRfrxxe1XwSgqX0hBFxza1Xgcfdksgv3mAJy1gNBd4LWWKx5nLj3arP4L
QAgyTzdJuOCwvJm6RxBHkfHie39BAuN4eAm0b22Rd9zsFN0gRqsJMn4v0Nf1XrWL
8thkvlcDtrIFW0gPNNPeihwEKAtPJRNHndR3uN/5qKmoSoH+KDRmhKAzX6lDJ+dW
Ln+C//80/BlT0HLHvcukL9F8fEpqC5EFKPVRlDRa3PToL2qSz6z7gPXEPSELVQZY
VXDQjWnW/NwlgQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:35:02 2025 by rpki-client