Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft
File: OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft (raw, json)
Hash identifier: OqMei2TjKKV6TEpCo5eVu3fdTXlpjek2y2svpcfoX1s=
Subject key identifier: 35:27:6E:4C:2B:7C:8E:09:96:15:E7:04:B9:CC:9D:77:62:79:B5:C7
Authority key identifier: 38:97:55:42:3F:83:2A:52:8C:93:13:61:10:F0:FE:4B:10:45:35:82
Certificate issuer: /CN=389755423f832a528c93136110f0fe4b10453582
Certificate serial: 01969ABDACE5048611980F13FDF6A194D721
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJdVQj-DKlKMkxNhEPD-SxBFNYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft
Manifest number: 0BB8
Signing time: Sun 04 May 2025 10:00:43 +0000
Manifest this update: Sun 04 May 2025 10:00:43 +0000
Manifest next update: Mon 05 May 2025 10:00:43 +0000
Files and hashes: 1: Gn-kDrXRDHHv43q56kRDHjj8q1w.roa (hash: Tu0d5Ny8jllovtj2b3OGyqwDSE7dzSUuYk4aE5120L8=)
2: OJdVQj-DKlKMkxNhEPD-SxBFNYI.crl (hash: nfO5DPb/KR+tsqTYNgBR6vxfFBHLABV8C8FctpuArys=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/OJdVQj-DKlKMkxNhEPD-SxBFNYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 10:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9a:bd:ac:e5:04:86:11:98:0f:13:fd:f6:a1:94:d7:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=389755423f832a528c93136110f0fe4b10453582
Validity
Not Before: May 4 10:00:43 2025 GMT
Not After : May 5 10:00:43 2025 GMT
Subject: CN=35276e4c2b7c8e099615e704b9cc9d776279b5c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:75:70:7e:28:13:75:f4:b0:90:50:6b:f5:37:
f3:c7:1d:95:55:7b:8e:f7:74:bb:1f:c2:d7:88:09:
bd:b8:36:7e:ec:9c:da:a9:c7:78:45:1d:25:14:0d:
f7:9a:88:70:06:a0:ec:62:81:9e:b5:68:c6:7e:9d:
17:dc:e3:8d:38:25:36:e1:12:eb:da:fd:c8:b9:97:
1e:a1:7d:b9:80:f9:f6:e4:53:be:4a:02:75:56:cf:
5a:b0:da:65:1b:6d:82:64:44:59:10:3f:ec:fe:4b:
30:bf:a4:83:60:a6:85:f7:33:8b:d0:3a:79:29:f1:
d6:f1:e6:60:8b:bf:56:e0:d6:7d:8b:53:92:b6:c4:
bb:de:c8:2e:14:41:f7:2c:3b:ef:c4:92:9b:2a:a8:
dd:e7:c8:d7:37:2c:5a:2d:c2:c9:c7:99:63:6c:35:
b1:fb:d0:9b:c4:9a:6c:e6:17:aa:59:0e:92:13:ab:
24:e3:21:6d:75:7f:a2:77:f4:34:21:d3:1d:ab:d6:
7b:7f:42:af:37:e9:c4:35:d2:64:49:1e:e0:45:cf:
07:f5:44:d0:c7:14:ad:0b:19:d0:05:43:7b:64:24:
59:1b:14:26:a3:01:e6:b1:1c:0d:07:c6:63:a6:2a:
4f:e6:67:f0:45:ab:e7:fa:5b:53:b2:01:93:3d:2f:
b4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:27:6E:4C:2B:7C:8E:09:96:15:E7:04:B9:CC:9D:77:62:79:B5:C7
X509v3 Authority Key Identifier:
keyid:38:97:55:42:3F:83:2A:52:8C:93:13:61:10:F0:FE:4B:10:45:35:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJdVQj-DKlKMkxNhEPD-SxBFNYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:4c:ab:e9:c1:2a:ac:dd:00:eb:dd:7c:a0:44:d5:f7:e5:44:
e1:e3:cc:bc:90:93:7c:c6:2f:a3:6d:07:8b:73:6a:2d:93:f8:
2b:d9:67:76:d4:d3:ee:49:e9:c0:ad:e2:5a:f7:80:2d:0b:1d:
dc:a1:45:b4:d7:34:32:8e:71:08:36:41:8a:24:39:35:12:6d:
64:d9:51:5b:7e:0e:13:4f:70:31:5c:d5:cb:d7:56:3d:99:fe:
8e:67:67:88:66:24:30:ca:96:41:05:97:e7:ee:cf:10:ee:09:
f9:27:61:07:f7:0a:db:40:ee:fe:6e:db:7d:89:7b:39:ae:e5:
64:89:88:d2:4a:73:b0:90:5e:68:58:25:3b:8e:b9:15:bb:6b:
01:fc:0c:fe:84:a0:3d:d9:d9:50:36:42:53:65:66:9c:42:da:
0d:e5:b6:9d:e4:36:b5:a0:34:86:b5:8a:69:9d:90:bc:94:dc:
50:2f:0d:34:61:b6:d5:49:b6:6c:94:cd:58:d6:3e:9b:a8:97:
96:2f:5a:53:13:93:ca:01:f0:97:88:a2:96:8b:1c:41:ec:df:
a3:66:e9:d4:af:3e:4a:bf:8a:aa:78:95:e7:bc:f8:ca:4c:57:
8c:aa:d6:f0:13:04:29:ba:42:be:79:8a:ba:b7:36:20:c3:ac:
bc:c0:be:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaavazlBIYRmA8T/fahlNchMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OTc1NTQyM2Y4MzJhNTI4YzkzMTM2MTEwZjBmZTRiMTA0
NTM1ODIwHhcNMjUwNTA0MTAwMDQzWhcNMjUwNTA1MTAwMDQzWjAzMTEwLwYDVQQD
EygzNTI3NmU0YzJiN2M4ZTA5OTYxNWU3MDRiOWNjOWQ3NzYyNzliNWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXVwfigTdfSwkFBr9Tfzxx2VVXuO
93S7H8LXiAm9uDZ+7Jzaqcd4RR0lFA33mohwBqDsYoGetWjGfp0X3OONOCU24RLr
2v3IuZceoX25gPn25FO+SgJ1Vs9asNplG22CZERZED/s/kswv6SDYKaF9zOL0Dp5
KfHW8eZgi79W4NZ9i1OStsS73sguFEH3LDvvxJKbKqjd58jXNyxaLcLJx5ljbDWx
+9CbxJps5heqWQ6SE6sk4yFtdX+id/Q0IdMdq9Z7f0KvN+nENdJkSR7gRc8H9UTQ
xxStCxnQBUN7ZCRZGxQmowHmsRwNB8ZjpipP5mfwRavn+ltTsgGTPS+0QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDUnbkwrfI4JlhXnBLnMnXdiebXHMB8GA1UdIwQY
MBaAFDiXVUI/gypSjJMTYRDw/ksQRTWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0pkVlFqLURLbEtNa3hOaEVQRC1TeEJGTllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9kOWI1OTYtNjAxZS00NDI2LWE0Mjgt
NDY5NTdiZDg4NjBkLzEvT0pkVlFqLURLbEtNa3hOaEVQRC1TeEJGTllJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9kOWI1OTYtNjAxZS00NDI2LWE0MjgtNDY5NTdiZDg4NjBk
LzEvT0pkVlFqLURLbEtNa3hOaEVQRC1TeEJGTllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAkyr6cEq
rN0A6918oETV9+VE4ePMvJCTfMYvo20Hi3NqLZP4K9lndtTT7knpwK3iWveALQsd
3KFFtNc0Mo5xCDZBiiQ5NRJtZNlRW34OE09wMVzVy9dWPZn+jmdniGYkMMqWQQWX
5+7PEO4J+SdhB/cK20Du/m7bfYl7Oa7lZImI0kpzsJBeaFglO465FbtrAfwM/oSg
PdnZUDZCU2VmnELaDeW2neQ2taA0hrWKaZ2QvJTcUC8NNGG21Um2bJTNWNY+m6iX
li9aUxOTygHwl4iiloscQezfo2bp1K8+Sr+KqniV57z4ykxXjKrW8BMEKbpCvnmK
urc2IMOsvMC+qQ==
-----END CERTIFICATE-----
Generated at Sun May 4 20:23:36 2025 by rpki-client