Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: 6nMdSv101AjroNCLZS+n70U5kugCDkLs7Oy02S+vUXk=
Subject key identifier: 33:0F:8F:2C:07:E3:F5:D7:F6:EA:FF:C6:4F:53:3C:78:1D:C9:0A:91
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 01964CA25F7FF083FDAD9B62444C36BCF7C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0A40
Signing time: Sat 19 Apr 2025 06:00:31 +0000
Manifest this update: Sat 19 Apr 2025 06:00:31 +0000
Manifest next update: Sun 20 Apr 2025 06:00:31 +0000
Files and hashes: 1: QxhZicwGUVQxP9IW9_Bs3YT2TWA.roa (hash: BTcN4T7DZ6v6RQWA7fyITvrdQwjA1FWvrUllA9/iU9g=)
2: _CJ0ryZ88cYP589Qq2Z03nLVv7o.roa (hash: d5daN2lzwzk4YGoTznQDsoSXMlAa1gaQph+9wl7kXiM=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: 1fz42y2+j6MYHNaQltd06/mqm+CFra+Zw5ePHgXO8cE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4c:a2:5f:7f:f0:83:fd:ad:9b:62:44:4c:36:bc:f7:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Apr 19 06:00:31 2025 GMT
Not After : Apr 20 06:00:31 2025 GMT
Subject: CN=330f8f2c07e3f5d7f6eaffc64f533c781dc90a91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:52:a7:db:2e:21:84:a2:87:a5:38:c1:68:d9:
56:a0:f5:5e:79:c1:2f:e7:8c:90:22:d8:77:08:08:
cb:57:a8:9c:51:ec:04:d5:57:9e:1d:dd:33:bb:26:
60:87:91:ff:15:3d:87:a9:0c:78:dc:93:bb:37:ca:
c4:f0:9a:d0:ac:23:0c:28:d7:70:5c:ff:ad:7a:fb:
15:1f:91:29:2d:b3:b0:c2:2d:8b:8a:df:37:21:03:
ee:dc:05:18:ab:c8:0e:38:52:dd:02:71:07:14:fa:
70:8b:40:f2:c5:38:db:6b:9a:cb:67:29:da:f2:73:
9e:5b:b8:ae:9d:02:4e:b7:a4:88:64:0c:f0:85:44:
84:16:cf:3c:59:62:4a:1c:92:8e:18:5b:4b:70:c1:
05:ce:46:96:2b:f6:ca:43:fd:01:4f:a4:5a:10:fa:
81:28:03:b9:47:42:37:da:f5:4a:fb:69:f0:13:32:
e0:02:01:23:3c:cb:19:96:6a:63:87:2f:19:bb:ef:
36:59:05:df:c8:75:7d:b2:97:b7:bc:e5:9c:62:b5:
8a:06:54:8f:58:dd:78:44:f5:a1:dd:11:07:98:b3:
73:e7:ae:be:8b:ef:10:c6:90:54:f0:82:7a:7f:db:
28:bb:69:d1:9b:e2:0e:7d:55:58:ce:49:8e:18:20:
d3:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:0F:8F:2C:07:E3:F5:D7:F6:EA:FF:C6:4F:53:3C:78:1D:C9:0A:91
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:55:51:88:7a:e8:fe:57:7f:cb:f9:e2:d1:01:ed:5b:71:0d:
8f:fc:5f:de:01:f3:fb:dc:9e:ea:1e:44:d7:66:af:fa:2e:19:
0d:85:ae:38:93:9e:53:69:d9:da:84:e1:a4:f1:1e:29:c3:b6:
e7:30:04:39:09:e9:09:29:2e:22:cd:21:fe:bd:66:89:70:03:
7c:f5:f6:5e:d5:3e:22:fa:d6:97:2a:a6:03:fc:8e:ba:0d:ec:
67:1d:87:02:2d:9f:02:fa:64:e7:2f:50:11:96:4a:b9:8f:7d:
84:72:15:ae:56:84:33:e0:23:3e:b9:f4:98:64:e7:78:66:71:
13:53:de:0c:82:bf:a2:13:0e:1d:72:d5:af:9d:8d:73:28:be:
80:54:06:86:27:73:20:71:77:97:f2:ab:b3:84:a5:d1:86:65:
dd:e7:a8:82:46:13:1d:64:41:28:9a:ea:0d:14:7f:67:9b:68:
26:c5:45:b0:37:ed:bf:82:22:40:f3:14:9d:0f:95:3f:b2:c9:
17:64:48:17:6a:bd:fc:e5:4d:eb:c9:86:78:c0:b4:f6:be:c1:
38:81:c8:fa:49:b1:9d:bb:bf:41:69:d6:9f:8e:9b:a4:75:41:
cd:1f:9e:6b:93:5c:0d:53:06:7d:d7:db:64:fc:6c:05:e7:04:
b0:8e:cd:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZMol9/8IP9rZtiREw2vPfCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjUwNDE5MDYwMDMxWhcNMjUwNDIwMDYwMDMxWjAzMTEwLwYDVQQD
EygzMzBmOGYyYzA3ZTNmNWQ3ZjZlYWZmYzY0ZjUzM2M3ODFkYzkwYTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVKn2y4hhKKHpTjBaNlWoPVeecEv
54yQIth3CAjLV6icUewE1VeeHd0zuyZgh5H/FT2HqQx43JO7N8rE8JrQrCMMKNdw
XP+tevsVH5EpLbOwwi2Lit83IQPu3AUYq8gOOFLdAnEHFPpwi0DyxTjba5rLZyna
8nOeW7iunQJOt6SIZAzwhUSEFs88WWJKHJKOGFtLcMEFzkaWK/bKQ/0BT6RaEPqB
KAO5R0I32vVK+2nwEzLgAgEjPMsZlmpjhy8Zu+82WQXfyHV9spe3vOWcYrWKBlSP
WN14RPWh3REHmLNz566+i+8QxpBU8IJ6f9sou2nRm+IOfVVYzkmOGCDTXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDMPjywH4/XX9ur/xk9TPHgdyQqRMB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE1VRiHro
/ld/y/ni0QHtW3ENj/xf3gHz+9ye6h5E12av+i4ZDYWuOJOeU2nZ2oThpPEeKcO2
5zAEOQnpCSkuIs0h/r1miXADfPX2XtU+IvrWlyqmA/yOug3sZx2HAi2fAvpk5y9Q
EZZKuY99hHIVrlaEM+AjPrn0mGTneGZxE1PeDIK/ohMOHXLVr52Ncyi+gFQGhidz
IHF3l/Krs4Sl0YZl3eeogkYTHWRBKJrqDRR/Z5toJsVFsDftv4IiQPMUnQ+VP7LJ
F2RIF2q9/OVN68mGeMC09r7BOIHI+kmxnbu/QWnWn46bpHVBzR+ea5NcDVMGfdfb
ZPxsBecEsI7Nyg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:27:55 2025 by rpki-client