Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/11d1e5-3cc7-4972-a07a-785e3e8768f9/1/OCZCPrAZVSJObBHRnG05OB6L4h0.mft
File: OCZCPrAZVSJObBHRnG05OB6L4h0.mft (raw, json)
Hash identifier: ayGmmMEo/yWooXIjXCkXb0bGNirmixtYGQZrxurcMSI=
Subject key identifier: E5:42:42:C9:5F:F8:39:6F:F7:FA:D0:7F:9C:70:15:DE:07:86:DC:04
Authority key identifier: 38:26:42:3E:B0:19:55:22:4E:6C:11:D1:9C:6D:39:38:1E:8B:E2:1D
Certificate issuer: /CN=3826423eb01955224e6c11d19c6d39381e8be21d
Certificate serial: 01958B4DBDA0018DB19430F6F56668DDF486
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCZCPrAZVSJObBHRnG05OB6L4h0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/11d1e5-3cc7-4972-a07a-785e3e8768f9/1/OCZCPrAZVSJObBHRnG05OB6L4h0.mft
Manifest number: 08CA
Signing time: Wed 12 Mar 2025 17:01:22 +0000
Manifest this update: Wed 12 Mar 2025 17:01:22 +0000
Manifest next update: Thu 13 Mar 2025 17:01:22 +0000
Files and hashes: 1: OCZCPrAZVSJObBHRnG05OB6L4h0.crl (hash: hUsT3VPhocJlxQX88q9RL64+kvhZiNfmL1RCkYTm0SA=)
2: uEaPXwIvt3nd0ncZqWTmGRgN2Co.roa (hash: V/FrvYjkhAUQhpjTMGaHfRf+RO486rwY6D+JJKx9Z6U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/11d1e5-3cc7-4972-a07a-785e3e8768f9/1/OCZCPrAZVSJObBHRnG05OB6L4h0.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/11d1e5-3cc7-4972-a07a-785e3e8768f9/1/OCZCPrAZVSJObBHRnG05OB6L4h0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OCZCPrAZVSJObBHRnG05OB6L4h0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 17:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8b:4d:bd:a0:01:8d:b1:94:30:f6:f5:66:68:dd:f4:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3826423eb01955224e6c11d19c6d39381e8be21d
Validity
Not Before: Mar 12 17:01:22 2025 GMT
Not After : Mar 13 17:01:22 2025 GMT
Subject: CN=e54242c95ff8396ff7fad07f9c7015de0786dc04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a8:e2:0c:9c:91:97:35:a3:6f:cf:bb:df:0d:
ef:41:57:00:ed:a1:3c:b9:24:a4:c0:a6:c3:a9:3f:
c2:cb:62:fd:51:4d:58:b9:22:58:85:94:c0:2a:78:
ec:0c:ae:19:c1:b6:44:fc:49:c1:dc:c1:14:36:01:
d7:2c:f2:31:78:13:d3:12:be:3f:ac:1e:c8:83:ed:
6e:9a:62:d4:b8:51:1c:db:c1:31:7d:7a:e3:08:dd:
e2:af:ff:02:4b:15:cd:cc:e7:4d:4c:f4:40:ec:c7:
b6:8e:8d:81:eb:f0:87:10:c0:78:f2:c4:02:8d:56:
4a:86:67:27:be:41:7b:ab:50:a5:03:80:35:3e:5f:
9f:87:08:5f:03:2e:0b:a6:59:80:15:36:eb:1e:30:
b9:96:1b:9a:8e:12:c9:0c:a0:67:25:b0:53:82:0a:
86:5c:b0:48:4a:ee:2c:27:8f:4f:87:b2:56:23:ff:
a7:07:67:8a:f0:11:07:bc:a0:7d:34:a3:f3:bd:f1:
ef:c2:e4:0c:ef:d5:d4:a7:00:13:17:34:1f:5b:e9:
22:0b:25:91:6d:e4:02:d6:c3:3b:2d:e2:48:20:9f:
a5:a4:2d:20:a0:ce:5a:5a:aa:a7:1d:f7:e0:3e:43:
49:2d:36:8e:0e:88:d0:d2:03:5c:bc:23:90:2f:39:
65:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:42:42:C9:5F:F8:39:6F:F7:FA:D0:7F:9C:70:15:DE:07:86:DC:04
X509v3 Authority Key Identifier:
keyid:38:26:42:3E:B0:19:55:22:4E:6C:11:D1:9C:6D:39:38:1E:8B:E2:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCZCPrAZVSJObBHRnG05OB6L4h0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/11d1e5-3cc7-4972-a07a-785e3e8768f9/1/OCZCPrAZVSJObBHRnG05OB6L4h0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/11d1e5-3cc7-4972-a07a-785e3e8768f9/1/OCZCPrAZVSJObBHRnG05OB6L4h0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:00:23:fc:c4:86:9d:81:63:27:03:be:2b:16:33:86:8a:eb:
45:97:e5:5c:a9:0b:cb:74:c0:da:4a:e0:3d:b9:2e:46:66:e7:
69:70:57:71:ab:53:60:82:3a:a8:ee:0d:31:02:21:ca:27:9f:
74:d3:a6:22:9c:59:21:3d:ca:ee:24:18:0f:64:0b:c5:5a:d4:
bf:fc:fa:08:18:f1:ad:f1:88:49:f5:bc:c9:12:d8:35:b2:3e:
f8:02:5f:e0:4e:52:7a:de:74:3f:e7:70:d0:12:84:20:21:aa:
d9:8f:96:88:f4:c8:32:d7:5e:67:c4:39:38:f4:80:a0:10:2f:
38:bf:48:8e:67:06:9d:93:c2:70:58:b4:9e:f0:3f:e9:b1:23:
dd:d2:66:99:9c:94:46:11:3f:56:52:b8:20:5e:2c:29:a5:b7:
21:69:e7:61:63:fe:d7:64:52:a1:11:07:ba:b8:38:70:5a:57:
6a:94:d7:4c:a0:ec:d2:9c:9c:7b:a8:98:61:b1:fd:62:83:2c:
d0:73:c0:87:e3:8c:4d:a8:58:2f:5a:1b:5a:a0:51:01:ea:11:
f5:d2:d1:96:b0:f1:2f:31:4b:be:81:58:31:fb:12:a5:58:db:
43:09:df:4b:f1:ee:94:64:f5:b5:ae:3c:6c:c3:a5:24:50:1d:
76:78:84:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLTb2gAY2xlDD29WZo3fSGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjY0MjNlYjAxOTU1MjI0ZTZjMTFkMTljNmQzOTM4MWU4
YmUyMWQwHhcNMjUwMzEyMTcwMTIyWhcNMjUwMzEzMTcwMTIyWjAzMTEwLwYDVQQD
EyhlNTQyNDJjOTVmZjgzOTZmZjdmYWQwN2Y5YzcwMTVkZTA3ODZkYzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqajiDJyRlzWjb8+73w3vQVcA7aE8
uSSkwKbDqT/Cy2L9UU1YuSJYhZTAKnjsDK4ZwbZE/EnB3MEUNgHXLPIxeBPTEr4/
rB7Ig+1ummLUuFEc28ExfXrjCN3ir/8CSxXNzOdNTPRA7Me2jo2B6/CHEMB48sQC
jVZKhmcnvkF7q1ClA4A1Pl+fhwhfAy4LplmAFTbrHjC5lhuajhLJDKBnJbBTggqG
XLBISu4sJ49Ph7JWI/+nB2eK8BEHvKB9NKPzvfHvwuQM79XUpwATFzQfW+kiCyWR
beQC1sM7LeJIIJ+lpC0goM5aWqqnHffgPkNJLTaODojQ0gNcvCOQLzllzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOVCQslf+Dlv9/rQf5xwFd4HhtwEMB8GA1UdIwQY
MBaAFDgmQj6wGVUiTmwR0ZxtOTgei+IdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NaQ1ByQVpWU0pPYkJIUm5HMDVPQjZMNGgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8xMWQxZTUtM2NjNy00OTcyLWEwN2Et
Nzg1ZTNlODc2OGY5LzEvT0NaQ1ByQVpWU0pPYkJIUm5HMDVPQjZMNGgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8xMWQxZTUtM2NjNy00OTcyLWEwN2EtNzg1ZTNlODc2OGY5
LzEvT0NaQ1ByQVpWU0pPYkJIUm5HMDVPQjZMNGgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADQAj/MSG
nYFjJwO+KxYzhorrRZflXKkLy3TA2krgPbkuRmbnaXBXcatTYII6qO4NMQIhyief
dNOmIpxZIT3K7iQYD2QLxVrUv/z6CBjxrfGISfW8yRLYNbI++AJf4E5Set50P+dw
0BKEICGq2Y+WiPTIMtdeZ8Q5OPSAoBAvOL9IjmcGnZPCcFi0nvA/6bEj3dJmmZyU
RhE/VlK4IF4sKaW3IWnnYWP+12RSoREHurg4cFpXapTXTKDs0pyce6iYYbH9YoMs
0HPAh+OMTahYL1obWqBRAeoR9dLRlrDxLzFLvoFYMfsSpVjbQwnfS/HulGT1ta48
bMOlJFAddniEEg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:24 2025 by rpki-client