Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
File: onIAVE-TpnX8jHhBhWmA44o1Kcs.mft (raw, json)
Hash identifier: kt5gNT87j5QoZubQDFfhhW8CHxarz7TblFpbEu/Jv68=
Subject key identifier: 22:15:56:CB:80:B9:FA:53:E5:C0:38:69:4D:F4:6B:A7:38:77:F6:A6
Authority key identifier: A2:72:00:54:4F:93:A6:75:FC:8C:78:41:85:69:80:E3:8A:35:29:CB
Certificate issuer: /CN=a27200544f93a675fc8c7841856980e38a3529cb
Certificate serial: 019679B2097BC8002DCCCA6B65858EEE2AD3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
Manifest number: 0FAC
Signing time: Mon 28 Apr 2025 00:00:33 +0000
Manifest this update: Mon 28 Apr 2025 00:00:33 +0000
Manifest next update: Tue 29 Apr 2025 00:00:33 +0000
Files and hashes: 1: WsJxTcqQMdNcfxDwYxL96RxQkLE.roa (hash: AzUS2a/hUE19ESDc/skGDA/ldB6bGDxX9L5RO7/taEk=)
2: onIAVE-TpnX8jHhBhWmA44o1Kcs.crl (hash: 8yvg9KGtvphRTZZU9pMfvTIIyvAdmtsL3z2lM0tV8Cs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:79:b2:09:7b:c8:00:2d:cc:ca:6b:65:85:8e:ee:2a:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27200544f93a675fc8c7841856980e38a3529cb
Validity
Not Before: Apr 28 00:00:33 2025 GMT
Not After : Apr 29 00:00:33 2025 GMT
Subject: CN=221556cb80b9fa53e5c038694df46ba73877f6a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:83:e2:ea:71:f5:80:ae:77:a7:7e:14:14:7d:
98:95:82:f4:6c:0b:ae:9c:4c:10:7e:00:2f:c0:d9:
4f:66:24:98:09:e5:bd:3c:85:60:c8:74:2b:2d:d6:
2a:29:60:bc:7b:59:e3:a8:ec:32:43:04:dd:43:23:
28:c1:0b:ee:8c:c5:b3:68:38:c4:68:07:0c:a9:84:
4b:01:55:3d:93:2a:2d:ce:6e:69:b4:90:10:d8:46:
8d:9c:1b:1d:cd:fd:35:f9:9b:49:dc:4b:24:7d:8a:
f9:79:c6:80:c2:59:de:20:b1:c3:9e:54:27:62:45:
93:f3:51:f7:0e:7a:97:5e:65:8b:21:e1:53:d9:37:
c3:19:4c:3b:5b:e2:cd:48:f1:2c:19:61:be:0a:f5:
b7:b4:1e:12:b5:95:89:20:33:cf:69:85:20:2b:6d:
a9:8e:e5:0f:22:d6:fb:af:aa:a6:ac:2e:88:1d:97:
e7:2c:3c:6f:a3:b2:0a:5b:14:0f:80:b9:03:21:ed:
65:e2:ee:f0:6a:fc:2c:07:2f:21:a7:bb:e2:b1:29:
37:eb:db:24:5d:27:2c:43:bc:aa:9f:e5:6a:59:5c:
b3:4f:dc:1f:c9:c8:3c:3f:c8:47:40:51:bc:02:dd:
50:52:eb:09:9c:72:5d:a7:16:f5:03:9f:a9:c1:c8:
90:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:15:56:CB:80:B9:FA:53:E5:C0:38:69:4D:F4:6B:A7:38:77:F6:A6
X509v3 Authority Key Identifier:
keyid:A2:72:00:54:4F:93:A6:75:FC:8C:78:41:85:69:80:E3:8A:35:29:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:ba:08:62:85:ef:40:1f:24:95:a9:6b:75:08:f7:26:dd:dc:
0f:7b:98:7c:a9:60:8e:72:aa:86:d9:e8:40:37:fc:77:bb:d6:
8e:c5:18:9a:fc:a9:ca:d3:f8:c0:07:28:4c:ea:5b:2d:62:1a:
e3:c3:d8:4c:b3:37:c8:f1:cf:c2:54:ff:7c:95:40:cf:d2:95:
2e:7f:fc:b5:11:1d:f2:b8:e1:2f:4b:6e:0b:5c:9c:de:6e:36:
d8:cd:6d:3e:f3:71:f6:2a:23:3c:4e:db:5c:0c:50:de:81:ec:
3f:13:e8:f1:2d:df:0e:2e:54:e9:09:68:5c:fa:f3:b3:b8:a0:
80:03:5f:0b:dc:ec:f1:14:bf:31:e4:4c:2b:64:3c:1a:73:f6:
d4:68:88:47:10:80:49:61:2c:6d:c0:45:77:88:5e:87:af:46:
93:91:52:f6:bd:09:16:93:cc:3b:24:db:90:0a:38:48:2f:c2:
25:a3:c3:9d:5b:7b:12:94:71:49:82:77:f0:9a:1d:25:51:2e:
36:6a:75:f2:ce:6b:12:fd:5b:4b:f4:07:27:d0:ed:6f:93:12:
e6:90:a4:2d:96:a5:01:eb:d1:c5:a7:12:2c:e5:e8:07:a6:19:
6a:1e:57:29:27:19:85:0e:a4:a2:8b:37:91:cd:b9:fc:6a:40:
65:ac:53:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ5sgl7yAAtzMprZYWO7irTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNzIwMDU0NGY5M2E2NzVmYzhjNzg0MTg1Njk4MGUzOGEz
NTI5Y2IwHhcNMjUwNDI4MDAwMDMzWhcNMjUwNDI5MDAwMDMzWjAzMTEwLwYDVQQD
EygyMjE1NTZjYjgwYjlmYTUzZTVjMDM4Njk0ZGY0NmJhNzM4NzdmNmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIPi6nH1gK53p34UFH2YlYL0bAuu
nEwQfgAvwNlPZiSYCeW9PIVgyHQrLdYqKWC8e1njqOwyQwTdQyMowQvujMWzaDjE
aAcMqYRLAVU9kyotzm5ptJAQ2EaNnBsdzf01+ZtJ3EskfYr5ecaAwlneILHDnlQn
YkWT81H3DnqXXmWLIeFT2TfDGUw7W+LNSPEsGWG+CvW3tB4StZWJIDPPaYUgK22p
juUPItb7r6qmrC6IHZfnLDxvo7IKWxQPgLkDIe1l4u7wavwsBy8hp7visSk369sk
XScsQ7yqn+VqWVyzT9wfycg8P8hHQFG8At1QUusJnHJdpxb1A5+pwciQ5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCIVVsuAufpT5cA4aU30a6c4d/amMB8GA1UdIwQY
MBaAFKJyAFRPk6Z1/Ix4QYVpgOOKNSnLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iYzFjNzQtMWUwYS00MDU1LTgwYjgt
ZWZhN2Y4OWJkMGI5LzEvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iYzFjNzQtMWUwYS00MDU1LTgwYjgtZWZhN2Y4OWJkMGI5
LzEvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI7oIYoXv
QB8klalrdQj3Jt3cD3uYfKlgjnKqhtnoQDf8d7vWjsUYmvypytP4wAcoTOpbLWIa
48PYTLM3yPHPwlT/fJVAz9KVLn/8tREd8rjhL0tuC1yc3m422M1tPvNx9iojPE7b
XAxQ3oHsPxPo8S3fDi5U6QloXPrzs7iggANfC9zs8RS/MeRMK2Q8GnP21GiIRxCA
SWEsbcBFd4heh69Gk5FS9r0JFpPMOyTbkAo4SC/CJaPDnVt7EpRxSYJ38JodJVEu
Nmp18s5rEv1bS/QHJ9Dtb5MS5pCkLZalAevRxacSLOXoB6YZah5XKScZhQ6koos3
kc25/GpAZaxTog==
-----END CERTIFICATE-----
Generated at Mon Apr 28 09:28:27 2025 by rpki-client