Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json)
Hash identifier: xWU3Zvp2oJRCAwlpdiX5mT9BC+xQDOCwLs2+R3Wlebc=
Subject key identifier: FF:A0:5D:BA:B9:7C:F5:AB:87:96:56:D4:CE:70:68:4A:C8:67:6B:E0
Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Certificate serial: 01951134A7ECB0AE0993B29541D0632C37B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
Manifest number: 0B3D
Signing time: Mon 17 Feb 2025 00:00:18 +0000
Manifest this update: Mon 17 Feb 2025 00:00:18 +0000
Manifest next update: Tue 18 Feb 2025 00:00:18 +0000
Files and hashes: 1: 5FA6usbApR1_cX5AgsEzHiEcMB4.roa (hash: 7OuczURaJl5BP/q53z8kXUiqcwX3Z4OY7NVnaBx1Pg0=)
2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: bjUWIGSc8nL14WYsF5/EdmIE7kZhTy1298RNmOVn20U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:34:a7:ec:b0:ae:09:93:b2:95:41:d0:63:2c:37:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Validity
Not Before: Feb 17 00:00:18 2025 GMT
Not After : Feb 18 00:00:18 2025 GMT
Subject: CN=ffa05dbab97cf5ab879656d4ce70684ac8676be0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7d:39:ad:95:61:fe:35:3f:1f:68:90:3a:96:
c4:c5:6b:82:17:cf:f0:e1:3c:3d:96:d5:b2:5a:8e:
bb:91:e2:4f:5d:18:b9:f7:41:84:29:89:b1:80:13:
24:09:f8:63:34:43:b5:88:dc:cb:d4:0f:6e:81:3e:
1e:ea:a9:87:bb:fa:19:bb:9e:b6:35:a1:17:f1:bc:
19:31:af:a3:4d:e6:95:49:03:8b:f7:b3:f8:78:fd:
79:31:a5:97:0d:75:29:92:a0:77:7e:37:1d:20:40:
8e:7d:1c:66:67:db:b9:bc:b3:18:c7:4b:77:ec:3d:
39:a1:96:79:24:c4:b3:bd:a8:a4:b2:20:a9:e4:ce:
c8:1b:48:02:2a:c7:ad:4a:b1:8b:e8:17:0c:76:8e:
03:8b:81:5d:2b:20:eb:3a:00:c2:d6:56:1d:bf:64:
b7:b7:52:9a:9e:4c:6e:0d:7e:55:1f:76:af:ba:05:
fa:83:37:73:98:7d:20:f6:1a:c8:6e:9b:1c:41:b3:
74:0d:df:80:8f:75:6e:ac:a0:f8:4e:4e:33:8f:11:
ee:99:1f:ed:30:39:3b:71:18:6c:7c:b1:c1:b7:2a:
18:7c:ed:4f:57:da:bf:14:b5:e8:fa:d2:3a:1c:01:
8c:e0:5b:36:44:74:f1:cb:a6:30:65:3e:da:6b:8e:
55:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:A0:5D:BA:B9:7C:F5:AB:87:96:56:D4:CE:70:68:4A:C8:67:6B:E0
X509v3 Authority Key Identifier:
keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:e5:fb:4f:b6:bd:73:5b:4a:90:6a:78:d6:95:93:b6:f8:b9:
7a:96:5f:eb:01:12:7e:26:2e:c8:32:ce:14:1b:c2:d7:20:82:
19:92:9e:86:0b:22:85:55:b5:db:1a:a1:71:b8:2e:aa:df:1a:
e0:41:73:76:7d:f1:05:b7:e1:4a:4a:d2:3b:8e:03:91:1d:e1:
8d:a3:d2:84:bb:c7:22:43:bf:03:0e:5a:2f:28:77:7f:5d:5c:
c1:d4:20:23:e3:00:20:05:a6:71:84:45:d7:27:42:4b:12:04:
e6:3b:c4:9c:af:3e:db:29:3f:b1:4c:77:fe:be:6b:5e:16:25:
17:a4:f0:74:0c:f7:d5:9d:0f:93:cf:50:90:81:cc:20:2b:16:
3f:7f:0f:e6:4d:dc:9f:e3:57:4e:69:2a:e0:aa:30:6d:6c:93:
06:93:7c:6a:ca:c8:a0:08:d8:7a:d0:a7:c7:42:03:a1:58:4c:
89:94:4e:44:fa:dd:a9:95:37:19:de:ae:02:47:47:fe:b8:97:
06:59:c6:a9:88:6d:ba:b0:7e:05:09:02:43:4d:42:26:93:be:
e1:28:ed:db:23:ff:7e:47:30:1e:c5:bd:50:44:24:8b:d6:3e:
f0:db:28:f5:eb:5e:46:f6:af:f7:f8:28:6a:e5:e2:87:5d:2b:
d7:c8:57:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNKfssK4Jk7KVQdBjLDe5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3
MDU0NzEwHhcNMjUwMjE3MDAwMDE4WhcNMjUwMjE4MDAwMDE4WjAzMTEwLwYDVQQD
EyhmZmEwNWRiYWI5N2NmNWFiODc5NjU2ZDRjZTcwNjg0YWM4Njc2YmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtn05rZVh/jU/H2iQOpbExWuCF8/w
4Tw9ltWyWo67keJPXRi590GEKYmxgBMkCfhjNEO1iNzL1A9ugT4e6qmHu/oZu562
NaEX8bwZMa+jTeaVSQOL97P4eP15MaWXDXUpkqB3fjcdIECOfRxmZ9u5vLMYx0t3
7D05oZZ5JMSzvaiksiCp5M7IG0gCKsetSrGL6BcMdo4Di4FdKyDrOgDC1lYdv2S3
t1KankxuDX5VH3avugX6gzdzmH0g9hrIbpscQbN0Dd+Aj3VurKD4Tk4zjxHumR/t
MDk7cRhsfLHBtyoYfO1PV9q/FLXo+tI6HAGM4Fs2RHTxy6YwZT7aa45VvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+gXbq5fPWrh5ZW1M5waErIZ2vgMB8GA1UdIwQY
MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt
M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5
LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUuX7T7a9
c1tKkGp41pWTtvi5epZf6wESfiYuyDLOFBvC1yCCGZKehgsihVW12xqhcbguqt8a
4EFzdn3xBbfhSkrSO44DkR3hjaPShLvHIkO/Aw5aLyh3f11cwdQgI+MAIAWmcYRF
1ydCSxIE5jvEnK8+2yk/sUx3/r5rXhYlF6TwdAz31Z0Pk89QkIHMICsWP38P5k3c
n+NXTmkq4KowbWyTBpN8asrIoAjYetCnx0IDoVhMiZRORPrdqZU3Gd6uAkdH/riX
BlnGqYhturB+BQkCQ01CJpO+4Sjt2yP/fkcwHsW9UEQki9Y+8Nso9eteRvav9/go
auXih10r18hXdQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:33:10 2025 by rpki-client