Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/c01f90-d0fa-4976-b1c0-d1ff75a7a35c/1/oNxs0zNOAmkDIjc8O1BuQYT67H8.mft
File: oNxs0zNOAmkDIjc8O1BuQYT67H8.mft (raw, json)
Hash identifier: UchzdWrdZTe506z0xNnelvfRU7VCTd1m4G4f8GU5C1o=
Subject key identifier: D3:11:09:40:91:60:EC:AE:52:A8:DD:1E:B6:A9:0F:76:9C:23:85:7B
Authority key identifier: A0:DC:6C:D3:33:4E:02:69:03:22:37:3C:3B:50:6E:41:84:FA:EC:7F
Certificate issuer: /CN=a0dc6cd3334e02690322373c3b506e4184faec7f
Certificate serial: 019678D638A5F473E67CE524DBAA46F7F021
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNxs0zNOAmkDIjc8O1BuQYT67H8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/c01f90-d0fa-4976-b1c0-d1ff75a7a35c/1/oNxs0zNOAmkDIjc8O1BuQYT67H8.mft
Manifest number: 033D
Signing time: Sun 27 Apr 2025 20:00:27 +0000
Manifest this update: Sun 27 Apr 2025 20:00:27 +0000
Manifest next update: Mon 28 Apr 2025 20:00:27 +0000
Files and hashes: 1: L2QPsEXXxjypDuteGOkuNir3lUA.roa (hash: mcJaTh3VxTTNDuoHtoju+OCGdo4jk9ztR2/hlQRPaNY=)
2: oNxs0zNOAmkDIjc8O1BuQYT67H8.crl (hash: CJJmnggl2K2QvqpeB7NcY7RmIfxTm7Q9oT4hI8WdJP0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/c01f90-d0fa-4976-b1c0-d1ff75a7a35c/1/oNxs0zNOAmkDIjc8O1BuQYT67H8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/c01f90-d0fa-4976-b1c0-d1ff75a7a35c/1/oNxs0zNOAmkDIjc8O1BuQYT67H8.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNxs0zNOAmkDIjc8O1BuQYT67H8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:78:d6:38:a5:f4:73:e6:7c:e5:24:db:aa:46:f7:f0:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0dc6cd3334e02690322373c3b506e4184faec7f
Validity
Not Before: Apr 27 20:00:27 2025 GMT
Not After : Apr 28 20:00:27 2025 GMT
Subject: CN=d31109409160ecae52a8dd1eb6a90f769c23857b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a2:31:b7:e2:15:a9:e3:fd:ca:83:c3:db:63:
1b:c4:11:aa:ec:99:57:15:e8:ae:c7:aa:d3:05:11:
b6:e1:1d:a3:89:dd:88:72:45:19:9b:44:84:29:c2:
c7:1e:7f:e4:5f:bb:c3:8a:0e:8d:14:34:86:ec:6a:
7d:c1:a3:93:ea:37:8c:77:ae:98:f5:18:c6:5d:7d:
2e:57:30:9d:ec:b9:97:7b:86:63:55:7b:e1:fb:f8:
70:c9:9c:c8:e6:74:24:2d:6c:17:7f:3a:e3:3e:53:
bf:79:6a:59:3e:19:99:19:0e:1d:ee:27:72:4c:5d:
22:0a:1a:88:80:71:1c:24:2b:26:9b:1b:d3:40:0d:
d2:e7:f6:9e:c3:30:c9:9e:27:f6:9a:69:b1:3d:04:
ce:53:d6:f0:47:d9:07:e9:cf:46:6a:2d:00:96:04:
28:7e:9b:c7:fb:39:b1:02:be:b8:c1:55:b9:e3:d3:
9e:26:a0:c2:fb:03:6f:5b:87:f8:69:6b:c6:35:29:
79:3f:ca:d3:68:37:8c:ec:09:f3:17:5f:9c:40:a5:
62:1b:39:de:e0:d5:c0:79:71:a1:d8:c9:99:0b:8a:
97:52:4a:0e:21:f9:9d:d5:5f:b7:37:a3:8a:4a:ad:
55:34:9d:5c:15:bf:c9:20:6b:d9:d0:49:1d:38:7a:
4d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:11:09:40:91:60:EC:AE:52:A8:DD:1E:B6:A9:0F:76:9C:23:85:7B
X509v3 Authority Key Identifier:
keyid:A0:DC:6C:D3:33:4E:02:69:03:22:37:3C:3B:50:6E:41:84:FA:EC:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNxs0zNOAmkDIjc8O1BuQYT67H8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c01f90-d0fa-4976-b1c0-d1ff75a7a35c/1/oNxs0zNOAmkDIjc8O1BuQYT67H8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c01f90-d0fa-4976-b1c0-d1ff75a7a35c/1/oNxs0zNOAmkDIjc8O1BuQYT67H8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:d2:fb:dd:4d:65:5c:ca:1b:90:8e:c7:bc:2a:dc:55:eb:5a:
b8:23:95:77:3e:d5:4b:81:12:7f:b3:85:82:68:d3:53:6d:4f:
69:93:fc:96:c1:36:2a:0e:c1:7d:5b:c7:07:5c:92:0d:c4:2e:
6c:c8:73:7e:cf:b3:b8:78:af:db:da:b3:30:1a:ac:00:b3:0a:
8a:0e:31:f5:1e:b3:57:55:7c:43:82:27:86:4c:e4:42:62:b9:
da:a1:aa:93:a3:af:fc:ee:14:cc:eb:f4:69:8f:6e:7d:33:41:
95:9f:7c:39:07:f0:fe:51:58:fc:91:6b:c5:fa:27:70:0a:3b:
7a:e2:01:91:e4:dc:3c:4f:e1:00:d3:52:17:46:08:5d:1e:4f:
30:ac:68:80:c1:cf:aa:b9:83:ee:72:98:7d:e0:d9:62:7a:64:
00:42:44:8b:49:a3:1c:be:fc:08:74:56:68:6b:20:89:16:c9:
12:7a:e9:21:7e:89:81:1d:5b:f6:5f:e6:67:79:88:79:5a:cd:
be:2c:f7:9c:e2:61:89:c3:a7:0a:44:70:fd:5d:55:a8:e9:ad:
f2:12:68:cd:b0:42:c8:c1:97:13:27:37:63:ed:1c:5f:fa:03:
e3:f1:f8:02:d9:fb:4d:64:5b:23:ce:3a:08:30:05:d4:00:a4:
fe:65:6e:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ41jil9HPmfOUk26pG9/AhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZGM2Y2QzMzM0ZTAyNjkwMzIyMzczYzNiNTA2ZTQxODRm
YWVjN2YwHhcNMjUwNDI3MjAwMDI3WhcNMjUwNDI4MjAwMDI3WjAzMTEwLwYDVQQD
EyhkMzExMDk0MDkxNjBlY2FlNTJhOGRkMWViNmE5MGY3NjljMjM4NTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKIxt+IVqeP9yoPD22MbxBGq7JlX
Feiux6rTBRG24R2jid2IckUZm0SEKcLHHn/kX7vDig6NFDSG7Gp9waOT6jeMd66Y
9RjGXX0uVzCd7LmXe4ZjVXvh+/hwyZzI5nQkLWwXfzrjPlO/eWpZPhmZGQ4d7idy
TF0iChqIgHEcJCsmmxvTQA3S5/aewzDJnif2mmmxPQTOU9bwR9kH6c9Gai0AlgQo
fpvH+zmxAr64wVW549OeJqDC+wNvW4f4aWvGNSl5P8rTaDeM7AnzF1+cQKViGzne
4NXAeXGh2MmZC4qXUkoOIfmd1V+3N6OKSq1VNJ1cFb/JIGvZ0EkdOHpN8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNMRCUCRYOyuUqjdHrapD3acI4V7MB8GA1UdIwQY
MBaAFKDcbNMzTgJpAyI3PDtQbkGE+ux/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb054czB6Tk9BbWtESWpjOE8xQnVRWVQ2N0g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jMDFmOTAtZDBmYS00OTc2LWIxYzAt
ZDFmZjc1YTdhMzVjLzEvb054czB6Tk9BbWtESWpjOE8xQnVRWVQ2N0g4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jMDFmOTAtZDBmYS00OTc2LWIxYzAtZDFmZjc1YTdhMzVj
LzEvb054czB6Tk9BbWtESWpjOE8xQnVRWVQ2N0g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbtL73U1l
XMobkI7HvCrcVetauCOVdz7VS4ESf7OFgmjTU21PaZP8lsE2Kg7BfVvHB1ySDcQu
bMhzfs+zuHiv29qzMBqsALMKig4x9R6zV1V8Q4InhkzkQmK52qGqk6Ov/O4UzOv0
aY9ufTNBlZ98OQfw/lFY/JFrxfoncAo7euIBkeTcPE/hANNSF0YIXR5PMKxogMHP
qrmD7nKYfeDZYnpkAEJEi0mjHL78CHRWaGsgiRbJEnrpIX6JgR1b9l/mZ3mIeVrN
viz3nOJhicOnCkRw/V1VqOmt8hJozbBCyMGXEyc3Y+0cX/oD4/H4Atn7TWRbI846
CDAF1ACk/mVuDg==
-----END CERTIFICATE-----
Generated at Mon Apr 28 02:16:25 2025 by rpki-client