Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: /XTUY5rNJh2Cs0n8vT081bToTid5YfPRY2zT1P8Isg0=
Subject key identifier: 9F:0E:53:40:1A:0A:69:A2:5E:42:36:BF:F4:A9:5A:09:24:F8:42:34
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 019511D9C3621C902C04047934BC5D23314C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 099D
Signing time: Mon 17 Feb 2025 03:00:38 +0000
Manifest this update: Mon 17 Feb 2025 03:00:38 +0000
Manifest next update: Tue 18 Feb 2025 03:00:38 +0000
Files and hashes: 1: QxhZicwGUVQxP9IW9_Bs3YT2TWA.roa (hash: BTcN4T7DZ6v6RQWA7fyITvrdQwjA1FWvrUllA9/iU9g=)
2: _CJ0ryZ88cYP589Qq2Z03nLVv7o.roa (hash: d5daN2lzwzk4YGoTznQDsoSXMlAa1gaQph+9wl7kXiM=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: Jm+ZDkQ1OxWSCvzLOhGijhKSfnf+tSNm/snSk9VDae4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:d9:c3:62:1c:90:2c:04:04:79:34:bc:5d:23:31:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Feb 17 03:00:38 2025 GMT
Not After : Feb 18 03:00:38 2025 GMT
Subject: CN=9f0e53401a0a69a25e4236bff4a95a0924f84234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bd:c2:95:4d:7b:7f:75:44:01:aa:bf:dd:e2:
79:e1:ce:48:59:47:8f:59:a3:2d:59:29:9b:4f:76:
59:3b:e9:31:f5:93:95:99:db:aa:64:91:01:08:69:
5c:93:77:14:50:e5:5f:47:21:d8:f4:a8:18:2a:15:
85:95:bb:7d:96:ae:b8:e1:d6:19:cb:f5:b6:6d:35:
7d:02:b9:8e:2f:02:55:27:2d:53:da:9c:78:53:13:
ee:82:89:69:79:07:bf:e3:f7:d3:39:df:fd:ce:38:
9e:68:67:b3:c8:ba:0e:1a:62:8e:25:23:50:ef:5c:
3e:e5:47:83:c3:ed:1d:20:9f:bf:4f:78:35:17:71:
fd:0b:74:6a:a8:b6:3d:00:6f:5f:02:e1:de:dc:9c:
95:80:37:09:98:e6:3e:23:b2:89:8e:f3:14:0b:0a:
39:f4:31:8b:0a:92:19:7e:81:58:88:1e:9e:56:45:
1f:7a:3f:81:ad:0a:8c:01:c1:f9:44:d2:70:22:0f:
6f:27:02:25:16:ab:ba:8e:7a:1f:5e:a0:7d:1e:dd:
cf:80:6e:ff:12:3f:d3:54:f7:2b:6c:d0:74:9e:01:
94:17:b0:f0:06:9b:a1:14:f9:2b:e3:15:86:be:0e:
24:cd:0e:83:d1:d9:b4:29:21:74:57:cc:80:ab:52:
3c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:0E:53:40:1A:0A:69:A2:5E:42:36:BF:F4:A9:5A:09:24:F8:42:34
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:20:0d:f3:62:11:2f:fe:19:64:42:ce:b6:5d:33:d4:04:80:
51:e1:6a:6f:5b:53:19:4e:9d:8b:5a:45:88:d1:45:90:1b:96:
dd:0e:88:20:f3:3d:25:a0:cf:68:7b:07:db:52:b3:51:b8:d3:
47:6c:2d:d7:10:42:6c:47:8b:28:77:52:99:9a:c4:de:af:ae:
66:da:03:2d:fc:1d:2b:c1:ca:4f:b3:92:47:78:82:66:a2:f4:
b6:d2:67:f7:9d:ed:f2:08:3a:2f:c0:62:9d:a7:3f:31:dc:f2:
bc:37:a8:c3:b6:67:a3:fa:08:37:7f:ec:29:7b:e3:b0:dd:b8:
2b:15:8b:e5:14:cf:b9:36:5d:5e:57:64:a6:49:fc:15:fb:98:
77:1e:fd:aa:09:91:b9:f0:94:eb:51:6d:4e:9b:e9:0c:ae:4d:
11:8f:bf:77:f7:d1:c5:21:1b:47:04:f7:82:e1:5d:97:8d:8d:
64:17:6f:32:4b:fd:6b:39:f0:44:96:ba:e4:30:0c:eb:3a:a8:
95:51:cd:fc:e4:94:76:f1:39:a4:77:67:f9:7c:8f:9e:c4:f3:
71:13:8c:85:f6:fe:9e:f7:b1:d6:01:08:a1:70:0b:d2:54:92:
2c:3a:da:9d:b2:04:00:77:4f:92:6c:10:44:07:90:12:80:92:
c4:e9:89:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUR2cNiHJAsBAR5NLxdIzFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjUwMjE3MDMwMDM4WhcNMjUwMjE4MDMwMDM4WjAzMTEwLwYDVQQD
Eyg5ZjBlNTM0MDFhMGE2OWEyNWU0MjM2YmZmNGE5NWEwOTI0Zjg0MjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu73ClU17f3VEAaq/3eJ54c5IWUeP
WaMtWSmbT3ZZO+kx9ZOVmduqZJEBCGlck3cUUOVfRyHY9KgYKhWFlbt9lq644dYZ
y/W2bTV9ArmOLwJVJy1T2px4UxPugolpeQe/4/fTOd/9zjieaGezyLoOGmKOJSNQ
71w+5UeDw+0dIJ+/T3g1F3H9C3RqqLY9AG9fAuHe3JyVgDcJmOY+I7KJjvMUCwo5
9DGLCpIZfoFYiB6eVkUfej+BrQqMAcH5RNJwIg9vJwIlFqu6jnofXqB9Ht3PgG7/
Ej/TVPcrbNB0ngGUF7DwBpuhFPkr4xWGvg4kzQ6D0dm0KSF0V8yAq1I8CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8OU0AaCmmiXkI2v/SpWgkk+EI0MB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdSAN82IR
L/4ZZELOtl0z1ASAUeFqb1tTGU6di1pFiNFFkBuW3Q6IIPM9JaDPaHsH21KzUbjT
R2wt1xBCbEeLKHdSmZrE3q+uZtoDLfwdK8HKT7OSR3iCZqL0ttJn953t8gg6L8Bi
nac/MdzyvDeow7Zno/oIN3/sKXvjsN24KxWL5RTPuTZdXldkpkn8FfuYdx79qgmR
ufCU61FtTpvpDK5NEY+/d/fRxSEbRwT3guFdl42NZBdvMkv9aznwRJa65DAM6zqo
lVHN/OSUdvE5pHdn+XyPnsTzcROMhfb+nvex1gEIoXAL0lSSLDranbIEAHdPkmwQ
RAeQEoCSxOmJLg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:29 2025 by rpki-client