Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.mft
File: oLalsaFMhtTPtGxOhuzUBmgEzJA.mft (raw, json)
Hash identifier: 3is8gYpuYZAL2tUFT9kpY0wfwrsLAvH6lRIXqY8/Rr8=
Subject key identifier: 16:C6:78:C4:FA:AE:21:15:71:CE:B9:91:8D:F4:B5:28:56:3E:38:83
Authority key identifier: A0:B6:A5:B1:A1:4C:86:D4:CF:B4:6C:4E:86:EC:D4:06:68:04:CC:90
Certificate issuer: /CN=a0b6a5b1a14c86d4cfb46c4e86ecd4066804cc90
Certificate serial: 019655DD1EDD04C6D3D33956DAAF5D2C3741
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oLalsaFMhtTPtGxOhuzUBmgEzJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.mft
Manifest number: 051A
Signing time: Mon 21 Apr 2025 01:01:16 +0000
Manifest this update: Mon 21 Apr 2025 01:01:16 +0000
Manifest next update: Tue 22 Apr 2025 01:01:16 +0000
Files and hashes: 1: MCk_wjcNWplBl8XuQ-Q-tXaOPdg.roa (hash: FrFfJHN2MqG7rUNbBMB2RUeLHgQ0eftZ7IS2VaSzx58=)
2: oLalsaFMhtTPtGxOhuzUBmgEzJA.crl (hash: BBHApBhhYSjwMMa+osY8M2kLRxLDVCDxxlc4feirn3o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/oLalsaFMhtTPtGxOhuzUBmgEzJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:dd:1e:dd:04:c6:d3:d3:39:56:da:af:5d:2c:37:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0b6a5b1a14c86d4cfb46c4e86ecd4066804cc90
Validity
Not Before: Apr 21 01:01:16 2025 GMT
Not After : Apr 22 01:01:16 2025 GMT
Subject: CN=16c678c4faae211571ceb9918df4b528563e3883
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:10:f0:fa:2b:25:32:a5:78:d9:f1:ab:19:a5:
ef:77:db:54:48:a8:95:1d:23:c0:a0:22:e9:fc:40:
28:2e:d5:e4:72:2a:6f:58:c3:fe:30:36:7d:46:02:
6e:b3:94:2e:28:0b:16:8e:40:0b:5b:b2:0a:c4:5f:
c9:8f:ac:c1:5b:6d:46:51:00:d7:db:73:79:62:19:
15:9e:f0:5a:c5:b9:5d:97:f6:d9:a5:4f:f4:a6:be:
85:c8:2f:4a:f3:35:64:7f:69:e5:7b:85:c1:44:71:
98:16:16:c1:40:82:d2:a4:a3:c8:58:af:06:ca:e0:
1c:69:5a:dd:f7:42:78:0a:3e:12:4c:c8:43:af:80:
0c:02:75:ce:08:e7:2a:4a:37:cd:df:0b:8a:d0:a4:
31:4c:bd:63:86:6e:68:86:06:a3:8d:c6:f0:7b:06:
5c:80:13:cd:d7:81:4e:cb:31:9e:08:94:d9:c9:da:
4c:93:c7:da:5d:fe:f9:53:d8:01:8b:e9:cd:e3:7b:
cc:5a:22:23:2a:ef:e1:a1:15:a1:d1:ab:5e:ae:90:
36:c7:23:bf:c2:2f:5a:1d:79:11:3b:b1:02:6c:9f:
21:12:9a:60:f0:c5:ca:61:57:a0:ec:cb:8a:bc:d8:
32:39:ca:ab:5a:66:f1:9a:50:f8:ab:9d:02:99:fb:
10:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:C6:78:C4:FA:AE:21:15:71:CE:B9:91:8D:F4:B5:28:56:3E:38:83
X509v3 Authority Key Identifier:
keyid:A0:B6:A5:B1:A1:4C:86:D4:CF:B4:6C:4E:86:EC:D4:06:68:04:CC:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oLalsaFMhtTPtGxOhuzUBmgEzJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:bc:f1:0f:c9:75:26:23:c2:9b:7a:84:b3:5c:d4:79:4f:d8:
41:45:16:71:30:dd:4c:4c:1b:51:f4:9a:78:a9:a4:9c:2f:83:
90:05:54:a4:e3:af:76:e7:50:f3:bd:8e:c3:2a:13:73:44:de:
7a:5d:36:bd:f2:c3:35:a4:4a:1d:49:16:50:50:da:e3:19:f1:
d6:b4:55:01:00:13:86:6a:6d:76:be:04:be:ce:12:60:52:78:
7f:2e:c1:7c:c0:bb:a2:e7:5e:31:69:e8:8b:b7:71:d4:e7:ff:
3c:28:d2:09:dd:17:93:16:93:71:9b:e5:61:c3:41:f9:13:a0:
c1:8e:5a:03:d3:66:6c:b9:02:db:75:57:e6:bc:8b:25:4f:f2:
e9:20:98:e5:36:9e:d8:48:13:85:84:0b:5f:c1:56:7e:cb:9d:
7e:5c:23:25:ec:e2:9b:4b:a8:1f:24:99:74:23:91:c8:e5:35:
a4:17:05:45:2b:d5:32:28:cd:18:e8:33:fd:36:c0:13:57:ec:
e1:45:58:e7:af:0d:14:fd:7d:f0:3b:2a:f2:8c:54:01:c4:6b:
dd:b0:d7:4e:21:87:6f:c6:67:fa:fc:6a:62:42:d9:db:d5:51:
1f:05:f3:b0:8e:06:34:cc:17:e0:af:9c:a0:15:6a:07:9b:cb:
b2:34:9b:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZV3R7dBMbT0zlW2q9dLDdBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYjZhNWIxYTE0Yzg2ZDRjZmI0NmM0ZTg2ZWNkNDA2Njgw
NGNjOTAwHhcNMjUwNDIxMDEwMTE2WhcNMjUwNDIyMDEwMTE2WjAzMTEwLwYDVQQD
EygxNmM2NzhjNGZhYWUyMTE1NzFjZWI5OTE4ZGY0YjUyODU2M2UzODgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxDw+islMqV42fGrGaXvd9tUSKiV
HSPAoCLp/EAoLtXkcipvWMP+MDZ9RgJus5QuKAsWjkALW7IKxF/Jj6zBW21GUQDX
23N5YhkVnvBaxbldl/bZpU/0pr6FyC9K8zVkf2nle4XBRHGYFhbBQILSpKPIWK8G
yuAcaVrd90J4Cj4STMhDr4AMAnXOCOcqSjfN3wuK0KQxTL1jhm5ohgajjcbwewZc
gBPN14FOyzGeCJTZydpMk8faXf75U9gBi+nN43vMWiIjKu/hoRWh0aterpA2xyO/
wi9aHXkRO7ECbJ8hEppg8MXKYVeg7MuKvNgyOcqrWmbxmlD4q50CmfsQQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBbGeMT6riEVcc65kY30tShWPjiDMB8GA1UdIwQY
MBaAFKC2pbGhTIbUz7RsTobs1AZoBMyQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0xhbHNhRk1odFRQdEd4T2h1elVCbWdFekpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9lMWZiNTItOTc5ZC00NDM2LWJlNTEt
ODU4NGJlZjBiN2Q1LzEvb0xhbHNhRk1odFRQdEd4T2h1elVCbWdFekpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9lMWZiNTItOTc5ZC00NDM2LWJlNTEtODU4NGJlZjBiN2Q1
LzEvb0xhbHNhRk1odFRQdEd4T2h1elVCbWdFekpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARrzxD8l1
JiPCm3qEs1zUeU/YQUUWcTDdTEwbUfSaeKmknC+DkAVUpOOvdudQ872OwyoTc0Te
el02vfLDNaRKHUkWUFDa4xnx1rRVAQAThmptdr4Evs4SYFJ4fy7BfMC7oudeMWno
i7dx1Of/PCjSCd0XkxaTcZvlYcNB+ROgwY5aA9NmbLkC23VX5ryLJU/y6SCY5Tae
2EgThYQLX8FWfsudflwjJezim0uoHySZdCORyOU1pBcFRSvVMijNGOgz/TbAE1fs
4UVY568NFP198Dsq8oxUAcRr3bDXTiGHb8Zn+vxqYkLZ29VRHwXzsI4GNMwX4K+c
oBVqB5vLsjSbsQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:18:13 2025 by rpki-client