Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/OcpQZQQ9KKKtw2ODod99O-yBzo0.mft
File: OcpQZQQ9KKKtw2ODod99O-yBzo0.mft (raw, json)
Hash identifier: tKSaEQytx6ebu91ygAHwGtS1bw6KwqfJbxkPVY97SXU=
Subject key identifier: 5F:FE:1E:E9:A6:6B:62:1B:0E:76:B9:A8:D7:15:F9:17:9E:57:B7:1B
Authority key identifier: 39:CA:50:65:04:3D:28:A2:AD:C3:63:83:A1:DF:7D:3B:EC:81:CE:8D
Certificate issuer: /CN=39ca5065043d28a2adc36383a1df7d3bec81ce8d
Certificate serial: 01965A26E1C8BD47DF16205B42FC7D2722CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OcpQZQQ9KKKtw2ODod99O-yBzo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/OcpQZQQ9KKKtw2ODod99O-yBzo0.mft
Manifest number: 10FA
Signing time: Mon 21 Apr 2025 21:00:19 +0000
Manifest this update: Mon 21 Apr 2025 21:00:19 +0000
Manifest next update: Tue 22 Apr 2025 21:00:19 +0000
Files and hashes: 1: EZv_Oz18_ep5ks2EcgzgLDMuntA.roa (hash: lBizg0TLw4IiTc/RnpBc57fyU2N8mObQpuT7b6/poBM=)
2: OcpQZQQ9KKKtw2ODod99O-yBzo0.crl (hash: NhLPMOp8BbvTmdy9KFZOz560IneXbOF8SPEuK3R2y9Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/OcpQZQQ9KKKtw2ODod99O-yBzo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/OcpQZQQ9KKKtw2ODod99O-yBzo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OcpQZQQ9KKKtw2ODod99O-yBzo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5a:26:e1:c8:bd:47:df:16:20:5b:42:fc:7d:27:22:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39ca5065043d28a2adc36383a1df7d3bec81ce8d
Validity
Not Before: Apr 21 21:00:19 2025 GMT
Not After : Apr 22 21:00:19 2025 GMT
Subject: CN=5ffe1ee9a66b621b0e76b9a8d715f9179e57b71b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:b6:05:6d:ee:e9:65:04:cf:e2:76:35:eb:c6:
ef:46:5b:5d:1a:c6:13:42:a8:d9:a1:1f:4d:3e:6d:
c2:bf:9c:06:9b:59:d7:09:87:ad:ea:7b:d1:c7:5d:
8f:ba:2c:a7:ab:3f:90:ba:42:b9:a6:3e:4e:47:5a:
25:b0:c9:ea:d9:2c:34:ce:a6:4a:c9:f2:0a:b1:a9:
1c:5a:21:74:bf:99:6c:ce:aa:2a:38:1f:06:67:47:
25:50:c5:6d:83:09:07:30:b8:b1:2f:a6:0c:42:e3:
60:22:28:9a:9b:ec:7d:92:5c:21:82:85:c3:0b:58:
7e:94:9e:fb:0f:48:65:9f:28:f8:59:76:2e:eb:7e:
f3:66:db:17:01:23:3c:28:13:6f:3d:c6:23:f0:22:
6d:92:d0:89:01:4a:36:6b:60:f0:4e:b4:dd:74:92:
37:bb:86:39:f5:da:31:30:f2:97:6e:97:c6:d3:4a:
44:da:52:68:c4:d8:c7:20:a1:cf:90:91:30:bf:06:
98:b6:bc:d5:46:1d:38:b5:d2:17:44:12:a9:76:28:
ea:3e:ce:a1:64:b1:d4:88:e1:01:0b:15:26:4c:33:
5c:fd:f6:e0:7a:89:5f:b6:76:ed:d3:f1:e0:02:95:
b6:08:6c:9d:54:fc:db:31:1a:b1:fb:eb:41:2f:c4:
b2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:FE:1E:E9:A6:6B:62:1B:0E:76:B9:A8:D7:15:F9:17:9E:57:B7:1B
X509v3 Authority Key Identifier:
keyid:39:CA:50:65:04:3D:28:A2:AD:C3:63:83:A1:DF:7D:3B:EC:81:CE:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OcpQZQQ9KKKtw2ODod99O-yBzo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/OcpQZQQ9KKKtw2ODod99O-yBzo0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/OcpQZQQ9KKKtw2ODod99O-yBzo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:bb:76:c4:f0:46:e1:1d:fd:12:e5:c2:52:ee:3f:35:f1:21:
06:f4:39:45:1b:4a:ab:31:43:f9:64:0a:73:cd:a8:57:4b:4f:
99:e8:72:2b:e2:d7:75:e5:19:6b:27:5f:70:b3:93:de:3f:48:
37:1e:7b:7e:15:65:93:e0:ae:30:6d:ff:9e:f2:53:19:e0:87:
31:63:4f:c7:72:dc:9f:f7:0e:9b:b3:4b:41:a6:89:ed:47:7d:
d0:52:3c:9e:87:76:46:c4:58:20:cb:8f:90:3a:40:3d:91:59:
aa:50:93:52:5c:4f:ad:28:cc:d2:8f:36:da:c2:2d:b7:63:22:
72:29:d7:bd:59:2d:d5:25:95:5b:b1:99:22:8b:8b:95:3b:2b:
96:fd:b7:d4:f6:84:8c:79:96:22:a6:c5:02:f7:6b:b5:cc:a0:
89:ef:81:0b:fa:73:98:a4:db:99:ca:74:ef:46:56:fe:0b:dd:
70:13:6f:7f:f6:43:20:36:17:15:f3:70:0e:9c:b1:f8:86:ec:
7f:93:51:3a:de:8f:34:00:ef:d6:61:e5:86:85:37:c2:5c:e1:
a1:7a:78:4d:f6:45:82:79:53:85:ed:92:98:4e:98:e2:70:ec:
15:67:e8:03:bd:ee:b1:7d:8f:24:ac:9f:8e:c8:00:7b:f3:cf:
7c:c8:77:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZaJuHIvUffFiBbQvx9JyLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Y2E1MDY1MDQzZDI4YTJhZGMzNjM4M2ExZGY3ZDNiZWM4
MWNlOGQwHhcNMjUwNDIxMjEwMDE5WhcNMjUwNDIyMjEwMDE5WjAzMTEwLwYDVQQD
Eyg1ZmZlMWVlOWE2NmI2MjFiMGU3NmI5YThkNzE1ZjkxNzllNTdiNzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5LYFbe7pZQTP4nY168bvRltdGsYT
QqjZoR9NPm3Cv5wGm1nXCYet6nvRx12Puiynqz+QukK5pj5OR1olsMnq2Sw0zqZK
yfIKsakcWiF0v5lszqoqOB8GZ0clUMVtgwkHMLixL6YMQuNgIiiam+x9klwhgoXD
C1h+lJ77D0hlnyj4WXYu637zZtsXASM8KBNvPcYj8CJtktCJAUo2a2DwTrTddJI3
u4Y59doxMPKXbpfG00pE2lJoxNjHIKHPkJEwvwaYtrzVRh04tdIXRBKpdijqPs6h
ZLHUiOEBCxUmTDNc/fbgeolftnbt0/HgApW2CGydVPzbMRqx++tBL8Sy7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF/+Humma2IbDna5qNcV+ReeV7cbMB8GA1UdIwQY
MBaAFDnKUGUEPSiircNjg6HffTvsgc6NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2NwUVpRUTlLS0t0dzJPRG9kOTlPLXlCem8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zNDdjMzQtOTZkOC00MTg0LWE2Njgt
ODcwYWNmZWNiY2RmLzEvT2NwUVpRUTlLS0t0dzJPRG9kOTlPLXlCem8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zNDdjMzQtOTZkOC00MTg0LWE2NjgtODcwYWNmZWNiY2Rm
LzEvT2NwUVpRUTlLS0t0dzJPRG9kOTlPLXlCem8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW7t2xPBG
4R39EuXCUu4/NfEhBvQ5RRtKqzFD+WQKc82oV0tPmehyK+LXdeUZaydfcLOT3j9I
Nx57fhVlk+CuMG3/nvJTGeCHMWNPx3Lcn/cOm7NLQaaJ7Ud90FI8nod2RsRYIMuP
kDpAPZFZqlCTUlxPrSjM0o822sItt2MicinXvVkt1SWVW7GZIouLlTsrlv231PaE
jHmWIqbFAvdrtcygie+BC/pzmKTbmcp070ZW/gvdcBNvf/ZDIDYXFfNwDpyx+Ibs
f5NROt6PNADv1mHlhoU3wlzhoXp4TfZFgnlThe2SmE6Y4nDsFWfoA73usX2PJKyf
jsgAe/PPfMh3+A==
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:04:33 2025 by rpki-client