Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft
File: OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft (raw, json)
Hash identifier: Zv9KJeQg63xPmSj3YRZzKqy+aPcShsnbml+LTkN1TbY=
Subject key identifier: 37:61:61:F9:A6:24:2E:E7:FD:AE:23:74:62:3E:4F:51:3F:DC:E2:C1
Authority key identifier: 38:53:AF:50:14:49:9B:2F:B5:CD:2C:1E:68:A2:4F:F8:25:6D:0D:0D
Certificate issuer: /CN=3853af5014499b2fb5cd2c1e68a24ff8256d0d0d
Certificate serial: 0195124713DBFA9C806B2CDD1AD7328CEF89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFOvUBRJmy-1zSweaKJP-CVtDQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft
Manifest number: 10F3
Signing time: Mon 17 Feb 2025 05:00:02 +0000
Manifest this update: Mon 17 Feb 2025 05:00:02 +0000
Manifest next update: Tue 18 Feb 2025 05:00:02 +0000
Files and hashes: 1: OFOvUBRJmy-1zSweaKJP-CVtDQ0.crl (hash: uMr564Wa6A8yNa93cbl1bFPl2zbMgUF8qzPMDRiwmBs=)
2: PQhWLSkGUa_VMVGVuYBQSUZ_P_A.roa (hash: 3kRwsyvbLLbFqSNU/EJCsmBYkp3oO56TR7kGsRhAuv4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OFOvUBRJmy-1zSweaKJP-CVtDQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:12:47:13:db:fa:9c:80:6b:2c:dd:1a:d7:32:8c:ef:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3853af5014499b2fb5cd2c1e68a24ff8256d0d0d
Validity
Not Before: Feb 17 05:00:02 2025 GMT
Not After : Feb 18 05:00:02 2025 GMT
Subject: CN=376161f9a6242ee7fdae2374623e4f513fdce2c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:bf:b9:9e:d8:53:32:f0:f7:0b:9f:58:b6:bc:
de:2f:e7:f0:3d:7f:79:33:8d:a4:9e:73:d2:50:c3:
8e:56:06:e2:b4:3e:1d:67:1e:75:88:9e:c1:e1:8a:
fa:6e:1e:f7:f7:dd:be:f0:66:84:5b:d7:f3:6b:7d:
5b:5b:30:e3:5e:01:1a:da:c2:54:ae:01:ed:00:02:
72:51:2a:c1:0d:68:b1:55:ee:f6:3c:1b:41:6c:e0:
01:5a:f4:59:1d:f3:80:9b:d4:de:62:26:8a:ff:ee:
d5:15:84:42:af:82:77:08:7d:c1:4f:8d:8e:a1:14:
11:f2:35:4b:74:71:38:40:fb:d8:93:90:3d:96:ed:
8a:1a:3a:9b:e8:8e:1a:69:91:3c:d1:92:29:5c:38:
2e:0f:66:38:39:76:3b:f1:69:f1:e7:f8:cb:92:dd:
72:39:f3:7c:da:17:a0:3d:ea:60:3a:87:df:0a:7b:
eb:b6:14:cc:40:aa:16:59:d6:7f:9b:ef:b5:df:c7:
99:c2:27:01:42:3d:3f:e4:c5:c0:8b:ba:fc:83:46:
2e:ad:29:c0:ae:e7:ad:5c:5d:68:d9:41:1a:d6:e6:
08:6f:bb:04:75:bb:09:72:e6:69:3e:2c:ac:8b:93:
3d:d8:a8:8b:ad:5e:b1:fd:c6:86:b0:e0:16:65:e6:
16:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:61:61:F9:A6:24:2E:E7:FD:AE:23:74:62:3E:4F:51:3F:DC:E2:C1
X509v3 Authority Key Identifier:
keyid:38:53:AF:50:14:49:9B:2F:B5:CD:2C:1E:68:A2:4F:F8:25:6D:0D:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFOvUBRJmy-1zSweaKJP-CVtDQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:3e:bc:02:33:71:e0:4c:65:5b:52:bf:1a:d3:a2:27:f6:24:
8f:0d:98:71:0c:b2:11:89:52:b8:68:c1:df:a8:d8:da:ec:8c:
b9:f3:5b:1f:e3:de:e6:ba:99:9a:09:7f:25:eb:a7:da:c9:ae:
c6:db:0f:3f:e7:9f:df:0e:c2:f5:68:3d:02:73:96:7a:c7:b3:
8f:db:d9:7d:58:39:24:a9:78:a8:54:bd:08:64:95:89:cf:94:
bc:89:87:b1:e6:d5:32:6e:0b:a2:cd:e1:13:40:7d:a4:ea:01:
f5:a8:10:d1:9a:f5:1a:56:20:9a:ec:80:73:d2:3b:4d:44:55:
50:62:6b:86:f1:2c:62:7d:5b:8e:6b:a3:4c:00:68:b7:66:3f:
f4:b7:ee:54:32:ee:12:d9:a3:26:ce:7a:4e:e8:a9:7f:9b:7f:
47:20:25:ce:58:d2:6f:31:f3:aa:d4:6c:0d:80:fe:ea:ae:6c:
07:52:d7:66:b4:df:7d:29:bf:4f:d5:a2:cb:df:a5:1f:fd:32:
91:21:62:99:d0:8a:4f:a9:b2:9e:26:98:6f:86:cb:df:62:89:
8e:10:c5:98:34:95:0c:64:a2:de:f0:d0:89:87:5c:7d:b5:32:
a0:1f:7f:f7:8b:2b:5e:30:98:10:0f:05:1f:27:c8:4f:f6:cf:
0a:c6:3e:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSRxPb+pyAayzdGtcyjO+JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NTNhZjUwMTQ0OTliMmZiNWNkMmMxZTY4YTI0ZmY4MjU2
ZDBkMGQwHhcNMjUwMjE3MDUwMDAyWhcNMjUwMjE4MDUwMDAyWjAzMTEwLwYDVQQD
EygzNzYxNjFmOWE2MjQyZWU3ZmRhZTIzNzQ2MjNlNGY1MTNmZGNlMmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnL+5nthTMvD3C59YtrzeL+fwPX95
M42knnPSUMOOVgbitD4dZx51iJ7B4Yr6bh73992+8GaEW9fza31bWzDjXgEa2sJU
rgHtAAJyUSrBDWixVe72PBtBbOABWvRZHfOAm9TeYiaK/+7VFYRCr4J3CH3BT42O
oRQR8jVLdHE4QPvYk5A9lu2KGjqb6I4aaZE80ZIpXDguD2Y4OXY78Wnx5/jLkt1y
OfN82hegPepgOoffCnvrthTMQKoWWdZ/m++138eZwicBQj0/5MXAi7r8g0YurSnA
ruetXF1o2UEa1uYIb7sEdbsJcuZpPiysi5M92KiLrV6x/caGsOAWZeYWHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDdhYfmmJC7n/a4jdGI+T1E/3OLBMB8GA1UdIwQY
MBaAFDhTr1AUSZsvtc0sHmiiT/glbQ0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ZPdlVCUkpteS0xelN3ZWFLSlAtQ1Z0RFEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zMGNjNDEtOGFhYi00NDYzLTk5Zjgt
ZGNiNTZhY2I3NzdmLzEvT0ZPdlVCUkpteS0xelN3ZWFLSlAtQ1Z0RFEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zMGNjNDEtOGFhYi00NDYzLTk5ZjgtZGNiNTZhY2I3Nzdm
LzEvT0ZPdlVCUkpteS0xelN3ZWFLSlAtQ1Z0RFEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArj68AjNx
4ExlW1K/GtOiJ/Ykjw2YcQyyEYlSuGjB36jY2uyMufNbH+Pe5rqZmgl/Jeun2smu
xtsPP+ef3w7C9Wg9AnOWesezj9vZfVg5JKl4qFS9CGSVic+UvImHsebVMm4Los3h
E0B9pOoB9agQ0Zr1GlYgmuyAc9I7TURVUGJrhvEsYn1bjmujTABot2Y/9LfuVDLu
EtmjJs56Tuipf5t/RyAlzljSbzHzqtRsDYD+6q5sB1LXZrTffSm/T9Wiy9+lH/0y
kSFimdCKT6myniaYb4bL32KJjhDFmDSVDGSi3vDQiYdcfbUyoB9/94srXjCYEA8F
HyfIT/bPCsY+dQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:05 2025 by rpki-client