Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft
File: ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft (raw, json)
Hash identifier: m/mro14c+J17LXAJmpk6xlSu596+muklvTiiguhjHxs=
Subject key identifier: DF:48:BE:8C:7A:B9:AB:60:64:12:DB:CA:B9:B6:B4:36:5C:E7:1A:50
Authority key identifier: A2:0C:C6:71:54:B4:03:14:5D:13:94:69:88:61:27:AB:62:9E:B9:28
Certificate issuer: /CN=a20cc67154b403145d139469886127ab629eb928
Certificate serial: 01967BA02EB1F85B56FDA14C99A2367735B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogzGcVS0AxRdE5RpiGEnq2KeuSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft
Manifest number: 0F84
Signing time: Mon 28 Apr 2025 09:00:17 +0000
Manifest this update: Mon 28 Apr 2025 09:00:17 +0000
Manifest next update: Tue 29 Apr 2025 09:00:17 +0000
Files and hashes: 1: 13rU8nhg31f282Ufq4fY9epK_mk.roa (hash: 71Un032C55jpwedQZGjeiCXgaYcH9RkzCt+gCgI2Wak=)
2: DDq525mddfr-xwBo8-T-YcAlqlM.roa (hash: vbBu7r+JS7z7+nPsGEJDbq+t4cp8fYea0z6mgr+ClXE=)
3: ogzGcVS0AxRdE5RpiGEnq2KeuSg.crl (hash: aJMfRdAm6JyjOWmVGlrDUtp1F4fqCh7GPateoe4rn/Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogzGcVS0AxRdE5RpiGEnq2KeuSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:a0:2e:b1:f8:5b:56:fd:a1:4c:99:a2:36:77:35:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a20cc67154b403145d139469886127ab629eb928
Validity
Not Before: Apr 28 09:00:17 2025 GMT
Not After : Apr 29 09:00:17 2025 GMT
Subject: CN=df48be8c7ab9ab606412dbcab9b6b4365ce71a50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:56:b7:b4:0c:0a:1a:dc:8e:45:a1:64:7b:df:
df:9b:be:2c:07:11:0c:01:23:33:bf:de:94:07:04:
12:89:f1:16:d0:e9:ea:e0:82:df:6a:19:37:38:8d:
a6:22:b7:4b:32:43:72:23:0e:2b:62:da:25:5a:48:
3c:e0:cc:4c:63:d2:6b:c0:92:47:f2:b7:6c:9d:97:
00:92:c3:99:d5:88:d6:aa:19:d2:47:84:b4:0a:1f:
0d:b1:01:bc:8e:f3:3c:22:88:4c:be:d3:36:a5:a0:
4d:c5:c0:09:1b:5b:2d:df:9c:b4:9c:29:fb:41:af:
54:91:ed:04:69:3a:fd:00:48:c7:ad:5a:91:59:eb:
a6:3e:8b:38:e6:c0:db:27:ed:f8:0a:e6:30:e0:c8:
98:01:83:e9:c1:cd:2f:00:b1:d8:b2:84:92:6f:1a:
e6:1a:63:ff:28:a8:64:0e:92:85:a6:6c:d2:af:3d:
2f:81:f4:94:f1:9e:43:39:fd:cf:d1:6f:00:3b:1b:
64:56:09:af:ca:c9:34:10:b5:8e:13:d0:6a:88:0c:
af:2a:0a:bd:34:17:65:e9:f6:f1:3a:ba:40:1d:b2:
08:ec:4a:ba:d9:a0:89:82:c7:a0:11:55:e1:49:e4:
c3:56:72:13:03:d4:68:09:3c:b3:54:10:9d:e1:33:
61:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:48:BE:8C:7A:B9:AB:60:64:12:DB:CA:B9:B6:B4:36:5C:E7:1A:50
X509v3 Authority Key Identifier:
keyid:A2:0C:C6:71:54:B4:03:14:5D:13:94:69:88:61:27:AB:62:9E:B9:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogzGcVS0AxRdE5RpiGEnq2KeuSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:75:d5:6f:40:d2:40:82:95:0a:37:0d:eb:f7:e2:9a:c5:35:
51:0b:e6:14:1a:c3:7e:d2:26:06:f0:77:ec:72:59:84:dd:45:
93:aa:be:f1:ce:ed:4e:35:76:bb:62:91:c1:78:e2:78:58:8e:
be:6b:bd:d0:8b:30:26:b7:a7:d5:c4:56:0a:21:13:fa:3b:60:
60:66:a6:49:54:38:d2:c3:2d:19:36:1f:4b:27:fa:8f:b5:21:
b0:4d:36:e0:1b:10:ac:f3:66:b1:5c:76:1d:1d:23:b3:02:a9:
d6:c3:b9:40:21:22:58:62:c7:fc:72:74:9e:1a:42:c1:39:52:
44:3c:26:18:52:6e:bb:0b:b8:e6:63:a5:64:f7:04:5e:a1:4a:
f6:ec:bf:fc:92:dd:d1:c2:91:55:8b:09:07:51:bc:c5:5d:3b:
a0:a6:9c:ec:3d:c3:2f:a1:d5:48:78:d8:0c:73:ec:b4:fc:72:
1d:5a:b9:c2:71:8c:44:77:f0:9e:6d:66:64:64:d9:6d:b0:e7:
6e:14:8d:08:e6:e5:55:94:80:fe:cb:49:89:3b:ad:69:d0:22:
4f:44:d5:29:84:b0:9f:99:7b:05:49:33:d4:4d:65:af:12:6f:
ca:1a:ee:ff:cb:5b:f2:f9:e9:5d:74:94:3f:86:82:97:78:ae:
1d:b4:14:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ7oC6x+FtW/aFMmaI2dzW5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMGNjNjcxNTRiNDAzMTQ1ZDEzOTQ2OTg4NjEyN2FiNjI5
ZWI5MjgwHhcNMjUwNDI4MDkwMDE3WhcNMjUwNDI5MDkwMDE3WjAzMTEwLwYDVQQD
EyhkZjQ4YmU4YzdhYjlhYjYwNjQxMmRiY2FiOWI2YjQzNjVjZTcxYTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqla3tAwKGtyORaFke9/fm74sBxEM
ASMzv96UBwQSifEW0Onq4ILfahk3OI2mIrdLMkNyIw4rYtolWkg84MxMY9JrwJJH
8rdsnZcAksOZ1YjWqhnSR4S0Ch8NsQG8jvM8IohMvtM2paBNxcAJG1st35y0nCn7
Qa9Uke0EaTr9AEjHrVqRWeumPos45sDbJ+34CuYw4MiYAYPpwc0vALHYsoSSbxrm
GmP/KKhkDpKFpmzSrz0vgfSU8Z5DOf3P0W8AOxtkVgmvysk0ELWOE9BqiAyvKgq9
NBdl6fbxOrpAHbII7Eq62aCJgsegEVXhSeTDVnITA9RoCTyzVBCd4TNh3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9Ivox6uatgZBLbyrm2tDZc5xpQMB8GA1UdIwQY
MBaAFKIMxnFUtAMUXROUaYhhJ6tinrkoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2d6R2NWUzBBeFJkRTVScGlHRW5xMktldVNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kZDg4NzgtMjk0MS00YzE1LWIyMDQt
OGZjMzM3MzdjZWFiLzEvb2d6R2NWUzBBeFJkRTVScGlHRW5xMktldVNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kZDg4NzgtMjk0MS00YzE1LWIyMDQtOGZjMzM3MzdjZWFi
LzEvb2d6R2NWUzBBeFJkRTVScGlHRW5xMktldVNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQnXVb0DS
QIKVCjcN6/fimsU1UQvmFBrDftImBvB37HJZhN1Fk6q+8c7tTjV2u2KRwXjieFiO
vmu90IswJren1cRWCiET+jtgYGamSVQ40sMtGTYfSyf6j7UhsE024BsQrPNmsVx2
HR0jswKp1sO5QCEiWGLH/HJ0nhpCwTlSRDwmGFJuuwu45mOlZPcEXqFK9uy//JLd
0cKRVYsJB1G8xV07oKac7D3DL6HVSHjYDHPstPxyHVq5wnGMRHfwnm1mZGTZbbDn
bhSNCOblVZSA/stJiTutadAiT0TVKYSwn5l7BUkz1E1lrxJvyhru/8tb8vnpXXSU
P4aCl3iuHbQUHw==
-----END CERTIFICATE-----
Generated at Mon Apr 28 16:18:44 2025 by rpki-client