Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
File: Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft (raw, json)
Hash identifier: pR2qr4bO6RUo7MvPeYVIJN8fBjdzxXDr6/hw8SxI2TM=
Subject key identifier: EB:F1:C5:A0:85:26:29:7B:13:FB:38:84:76:42:BD:9F:0C:B0:9F:2C
Authority key identifier: 3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20
Certificate issuer: /CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20
Certificate serial: 01958FCEE48A2D03FF39C6CAC16B6D4055BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
Manifest number: 05DE
Signing time: Thu 13 Mar 2025 14:00:55 +0000
Manifest this update: Thu 13 Mar 2025 14:00:55 +0000
Manifest next update: Fri 14 Mar 2025 14:00:55 +0000
Files and hashes: 1: M82sfYNUsyqK13nZZfstvwDd7Fs.roa (hash: Pwd9phO+f2VaYBcGPbgT8icjGcqdGdD4Q6fe+fixav0=)
2: Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl (hash: 7x6HVNOy1BW02YaX2Pny+/aNVgMo9tsRnynnaz8iEyA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 09:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8f:ce:e4:8a:2d:03:ff:39:c6:ca:c1:6b:6d:40:55:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20
Validity
Not Before: Mar 13 14:00:55 2025 GMT
Not After : Mar 14 14:00:55 2025 GMT
Subject: CN=ebf1c5a08526297b13fb38847642bd9f0cb09f2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:72:fe:84:59:2a:ec:33:a6:d3:95:86:16:a6:
38:fe:c6:a3:5f:c9:5c:d4:4d:8a:eb:5d:42:91:52:
11:3c:ef:5d:61:40:7b:d4:89:51:f4:b9:74:fc:b1:
e1:57:6f:e4:b7:45:f0:27:ea:86:c0:62:7b:11:80:
a8:bc:de:bd:d1:76:3d:d1:10:fb:14:57:8f:2b:06:
85:f6:13:62:cf:75:83:43:84:62:61:d2:0f:b2:e2:
6c:e9:ef:64:af:bd:49:a5:ca:96:26:5f:e4:f7:95:
1c:d5:b4:17:9d:4f:0d:50:72:71:5a:79:b1:70:a6:
cc:ff:68:6c:2b:f5:83:52:e3:91:3f:a6:7a:ac:b0:
a6:02:80:4d:3e:ab:08:89:f6:a6:ba:c0:03:c7:27:
1a:32:38:80:0f:37:62:91:00:68:4d:b4:c2:b2:1d:
2d:6a:4b:38:fc:37:72:35:d3:99:cc:45:fe:6e:94:
51:59:7a:e3:88:77:c3:22:36:3c:c4:e6:b0:95:11:
d7:9b:f5:c6:5b:92:67:54:f0:3b:e7:85:3c:cd:26:
c6:03:7b:93:4a:d4:a0:29:69:5a:40:87:1f:da:fe:
f1:6b:51:dd:da:8e:d8:be:1e:b3:ce:ec:fe:ec:7b:
2f:76:47:c9:45:cb:21:23:7c:7f:d5:53:0f:45:4c:
b5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:F1:C5:A0:85:26:29:7B:13:FB:38:84:76:42:BD:9F:0C:B0:9F:2C
X509v3 Authority Key Identifier:
keyid:3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ac:84:7c:8e:45:8f:f2:47:dd:64:5e:fd:e0:84:05:7a:82:d5:
32:fd:33:9b:09:68:c7:60:70:00:7b:00:82:fc:d3:3d:66:ae:
e6:aa:4a:75:42:d3:9e:8f:fd:1f:78:31:e8:a7:31:3a:99:ac:
e3:19:83:1a:70:fd:eb:c6:58:8f:9d:1e:32:3c:0d:85:3e:29:
b4:0c:23:5a:86:b7:8a:d4:4a:38:a3:a9:c5:25:39:7d:c1:4d:
b2:87:c7:9f:62:c8:b0:55:dd:e6:21:24:ec:1b:90:07:0f:14:
81:40:73:13:2d:43:3e:2b:70:67:fe:52:42:51:cc:35:05:ef:
30:d8:fd:00:69:79:ec:88:fd:ec:b2:3b:05:5f:6a:6b:68:d5:
35:50:73:e3:f4:98:bd:3a:93:04:a5:4a:a3:33:b1:77:ca:75:
5e:3a:70:8a:1c:38:c9:d6:9c:38:49:7d:0d:eb:99:d0:9b:f3:
f2:8b:69:ab:b1:45:4c:31:99:a0:10:0e:12:dd:44:38:09:5d:
2e:b2:08:6e:73:94:a9:3d:82:db:80:b5:ea:f2:21:84:56:e7:
1c:2f:42:7a:5a:67:0f:69:20:ef:05:d8:73:24:cb:f7:34:85:
47:ff:5c:d6:71:06:81:fe:5a:c3:99:6b:fd:20:67:85:c1:17:
4f:e3:ff:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWPzuSKLQP/OcbKwWttQFW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMTkzNWIzY2JjMjUyN2VhZjE2N2Q2OWIyMDc4ZDMzZTRj
NGRhMjAwHhcNMjUwMzEzMTQwMDU1WhcNMjUwMzE0MTQwMDU1WjAzMTEwLwYDVQQD
EyhlYmYxYzVhMDg1MjYyOTdiMTNmYjM4ODQ3NjQyYmQ5ZjBjYjA5ZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3L+hFkq7DOm05WGFqY4/sajX8lc
1E2K611CkVIRPO9dYUB71IlR9Ll0/LHhV2/kt0XwJ+qGwGJ7EYCovN690XY90RD7
FFePKwaF9hNiz3WDQ4RiYdIPsuJs6e9kr71JpcqWJl/k95Uc1bQXnU8NUHJxWnmx
cKbM/2hsK/WDUuORP6Z6rLCmAoBNPqsIifamusADxycaMjiADzdikQBoTbTCsh0t
aks4/DdyNdOZzEX+bpRRWXrjiHfDIjY8xOawlRHXm/XGW5JnVPA754U8zSbGA3uT
StSgKWlaQIcf2v7xa1Hd2o7Yvh6zzuz+7HsvdkfJRcshI3x/1VMPRUy1BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOvxxaCFJil7E/s4hHZCvZ8MsJ8sMB8GA1UdIwQY
MBaAFDoZNbPLwlJ+rxZ9abIHjTPkxNogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYt
YWJmODM3YWNlOGU0LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYtYWJmODM3YWNlOGU0
LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArIR8jkWP
8kfdZF794IQFeoLVMv0zmwlox2BwAHsAgvzTPWau5qpKdULTno/9H3gx6KcxOpms
4xmDGnD968ZYj50eMjwNhT4ptAwjWoa3itRKOKOpxSU5fcFNsofHn2LIsFXd5iEk
7BuQBw8UgUBzEy1DPitwZ/5SQlHMNQXvMNj9AGl57Ij97LI7BV9qa2jVNVBz4/SY
vTqTBKVKozOxd8p1Xjpwihw4ydacOEl9DeuZ0Jvz8otpq7FFTDGZoBAOEt1EOAld
LrIIbnOUqT2C24C16vIhhFbnHC9CelpnD2kg7wXYcyTL9zSFR/9c1nEGgf5aw5lr
/SBnhcEXT+P/ug==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:02:43 2025 by rpki-client