Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/137002-e75f-4201-9988-991a1c714f95/1/OTzIt9LccKJ9QPpFnk5WwAXMxjo.mft
File: OTzIt9LccKJ9QPpFnk5WwAXMxjo.mft (raw, json)
Hash identifier: UCS4Td+OzKmxpliKSa3PQXzkyZe/zpeSmW3TOSZ9Zlk=
Subject key identifier: 55:18:F3:08:3B:DD:40:A8:1D:4F:20:63:39:61:3D:C3:C7:06:F1:BD
Authority key identifier: 39:3C:C8:B7:D2:DC:70:A2:7D:40:FA:45:9E:4E:56:C0:05:CC:C6:3A
Certificate issuer: /CN=393cc8b7d2dc70a27d40fa459e4e56c005ccc63a
Certificate serial: 019655384F84A5BF790DADEF90C82EA21690
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTzIt9LccKJ9QPpFnk5WwAXMxjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/137002-e75f-4201-9988-991a1c714f95/1/OTzIt9LccKJ9QPpFnk5WwAXMxjo.mft
Manifest number: 14FF
Signing time: Sun 20 Apr 2025 22:01:15 +0000
Manifest this update: Sun 20 Apr 2025 22:01:15 +0000
Manifest next update: Mon 21 Apr 2025 22:01:15 +0000
Files and hashes: 1: M4l3Cf3_669djsGWrF7n0AJt83M.roa (hash: MY4UMlUb6Y1AsO5cCAn8IrigWcCAqjlArLI2bOv+PX8=)
2: OTzIt9LccKJ9QPpFnk5WwAXMxjo.crl (hash: DWUHEgWO97t1dAjMYAFGWtaJEKDGAIPmwexqS5KNfDc=)
3: TXoJbYdgwtSRoMICf6BpMrQmJMs.roa (hash: Ede1kltXJewHDWyl80pDm1qv2UWiny8U21Nq2Z6l0i4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/137002-e75f-4201-9988-991a1c714f95/1/OTzIt9LccKJ9QPpFnk5WwAXMxjo.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/137002-e75f-4201-9988-991a1c714f95/1/OTzIt9LccKJ9QPpFnk5WwAXMxjo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OTzIt9LccKJ9QPpFnk5WwAXMxjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:38:4f:84:a5:bf:79:0d:ad:ef:90:c8:2e:a2:16:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=393cc8b7d2dc70a27d40fa459e4e56c005ccc63a
Validity
Not Before: Apr 20 22:01:15 2025 GMT
Not After : Apr 21 22:01:15 2025 GMT
Subject: CN=5518f3083bdd40a81d4f206339613dc3c706f1bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:93:e8:2d:c6:97:fd:1a:49:b4:df:d5:c0:bc:
60:ec:99:89:0f:d6:ad:d8:07:a4:5a:99:c1:0e:cf:
d7:30:13:d1:c1:2b:04:da:55:23:91:5d:54:ab:8a:
d5:ca:e2:e3:d5:16:d4:5e:ba:2e:ee:44:6b:e5:f6:
45:e6:23:ef:d0:91:39:99:ee:59:96:fc:b0:89:5b:
95:07:ba:e2:63:1d:8f:80:a9:58:43:f4:24:d2:53:
7c:d0:00:46:81:b9:cc:8c:03:f1:52:11:44:ca:50:
ad:c8:2d:e4:5b:ae:fc:7f:84:50:b1:c5:d0:b2:9c:
d4:69:ea:ce:34:54:03:25:0b:12:4b:38:d6:55:af:
7e:c5:4e:ae:64:e9:88:8c:a9:1f:b1:03:8d:2f:80:
17:87:fd:0d:1e:77:47:52:e7:c8:fb:86:8e:0c:f8:
27:c2:fc:52:d9:5e:54:3c:2d:66:12:96:05:ef:22:
59:dc:c2:9e:1f:53:a6:dc:f6:04:30:f2:83:2b:7b:
a6:59:cf:97:e7:ea:23:ce:c5:69:1c:b5:5c:cf:15:
0c:86:8f:b4:e5:a1:4a:3f:80:0c:98:f8:f7:5f:7d:
4d:77:88:80:01:70:09:8f:7e:1f:f9:9a:e1:70:aa:
69:d5:be:a8:ae:77:e6:5a:43:20:6d:fa:2e:3e:c0:
4c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:18:F3:08:3B:DD:40:A8:1D:4F:20:63:39:61:3D:C3:C7:06:F1:BD
X509v3 Authority Key Identifier:
keyid:39:3C:C8:B7:D2:DC:70:A2:7D:40:FA:45:9E:4E:56:C0:05:CC:C6:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTzIt9LccKJ9QPpFnk5WwAXMxjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/137002-e75f-4201-9988-991a1c714f95/1/OTzIt9LccKJ9QPpFnk5WwAXMxjo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/137002-e75f-4201-9988-991a1c714f95/1/OTzIt9LccKJ9QPpFnk5WwAXMxjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:7b:a3:34:33:8a:8e:c1:69:43:10:f7:d4:4a:8c:41:b7:c7:
74:6a:4e:b9:6e:98:42:ae:b2:bd:42:ca:04:97:f2:d6:76:d1:
b8:ca:2a:fc:06:31:5f:fc:9a:87:6b:6d:67:28:c9:43:f1:fe:
c2:31:82:ab:cf:66:2b:17:25:7c:0e:bf:0d:40:5e:b7:91:78:
18:9e:d5:4c:f2:80:89:f8:02:83:4c:ba:8d:12:6c:bb:7c:67:
b2:47:7a:82:9e:20:3c:ee:e1:9e:30:90:59:a0:d0:9a:37:09:
74:e3:8f:66:33:03:95:c3:74:69:c6:df:30:c8:64:31:11:b7:
de:57:79:75:94:5a:58:09:97:66:2d:bc:ed:49:f3:06:32:4c:
b2:32:71:1e:a3:d8:71:33:97:24:d6:b2:59:69:94:ff:ba:c7:
9a:ae:1b:c4:93:09:66:ac:b7:b9:e0:c9:72:6e:c3:a3:5c:c6:
65:64:f6:f7:83:bc:b3:aa:a8:75:a4:db:20:4a:59:c6:c0:49:
3c:f4:96:9b:fe:0c:1c:74:ea:d1:58:e4:22:d0:49:a7:dc:83:
ee:7c:a6:5b:d3:e5:57:ca:49:c0:4b:b6:b5:73:9c:b5:d0:c7:
d9:82:a5:e7:f2:67:df:97:f1:36:ac:88:f5:1e:f3:28:6b:f3:
7a:c1:2b:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVOE+Epb95Da3vkMguohaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5M2NjOGI3ZDJkYzcwYTI3ZDQwZmE0NTllNGU1NmMwMDVj
Y2M2M2EwHhcNMjUwNDIwMjIwMTE1WhcNMjUwNDIxMjIwMTE1WjAzMTEwLwYDVQQD
Eyg1NTE4ZjMwODNiZGQ0MGE4MWQ0ZjIwNjMzOTYxM2RjM2M3MDZmMWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJPoLcaX/RpJtN/VwLxg7JmJD9at
2AekWpnBDs/XMBPRwSsE2lUjkV1Uq4rVyuLj1RbUXrou7kRr5fZF5iPv0JE5me5Z
lvywiVuVB7riYx2PgKlYQ/Qk0lN80ABGgbnMjAPxUhFEylCtyC3kW678f4RQscXQ
spzUaerONFQDJQsSSzjWVa9+xU6uZOmIjKkfsQONL4AXh/0NHndHUufI+4aODPgn
wvxS2V5UPC1mEpYF7yJZ3MKeH1Om3PYEMPKDK3umWc+X5+ojzsVpHLVczxUMho+0
5aFKP4AMmPj3X31Nd4iAAXAJj34f+ZrhcKpp1b6ornfmWkMgbfouPsBMvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFUY8wg73UCoHU8gYzlhPcPHBvG9MB8GA1UdIwQY
MBaAFDk8yLfS3HCifUD6RZ5OVsAFzMY6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1R6SXQ5TGNjS0o5UVBwRm5rNVd3QVhNeGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8xMzcwMDItZTc1Zi00MjAxLTk5ODgt
OTkxYTFjNzE0Zjk1LzEvT1R6SXQ5TGNjS0o5UVBwRm5rNVd3QVhNeGpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8xMzcwMDItZTc1Zi00MjAxLTk5ODgtOTkxYTFjNzE0Zjk1
LzEvT1R6SXQ5TGNjS0o5UVBwRm5rNVd3QVhNeGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbnujNDOK
jsFpQxD31EqMQbfHdGpOuW6YQq6yvULKBJfy1nbRuMoq/AYxX/yah2ttZyjJQ/H+
wjGCq89mKxclfA6/DUBet5F4GJ7VTPKAifgCg0y6jRJsu3xnskd6gp4gPO7hnjCQ
WaDQmjcJdOOPZjMDlcN0acbfMMhkMRG33ld5dZRaWAmXZi287UnzBjJMsjJxHqPY
cTOXJNayWWmU/7rHmq4bxJMJZqy3ueDJcm7Do1zGZWT294O8s6qodaTbIEpZxsBJ
PPSWm/4MHHTq0VjkItBJp9yD7nymW9PlV8pJwEu2tXOctdDH2YKl5/Jn35fxNqyI
9R7zKGvzesEriw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:28:01 2025 by rpki-client