Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
File: oKrlhQo22yiCKmwa_F_6z_AH7vI.mft (raw, json)
Hash identifier: AQNS6qCVRgFr+t5pklubexVIx7LflTUj/knqvJ0OunA=
Subject key identifier: 58:4D:FD:2F:E1:08:6D:80:50:2B:CC:82:D0:96:F3:40:BA:61:8E:AA
Authority key identifier: A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2
Certificate issuer: /CN=a0aae5850a36db28822a6c1afc5ffacff007eef2
Certificate serial: 019654C9E74D925F3396BB2108077511CAF1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
Manifest number: 07F4
Signing time: Sun 20 Apr 2025 20:00:39 +0000
Manifest this update: Sun 20 Apr 2025 20:00:39 +0000
Manifest next update: Mon 21 Apr 2025 20:00:39 +0000
Files and hashes: 1: oKrlhQo22yiCKmwa_F_6z_AH7vI.crl (hash: d5qMF79GKyPJPGQG4UXyLYigXikqtjOujCoPZCigiuo=)
2: vPivcilO-E_vThnuw1Jbeo7vl7Q.roa (hash: ue62obgrVIotq1vJM56av/nq50vzkGkDbEL5zd0kvpg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 20:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:54:c9:e7:4d:92:5f:33:96:bb:21:08:07:75:11:ca:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0aae5850a36db28822a6c1afc5ffacff007eef2
Validity
Not Before: Apr 20 20:00:39 2025 GMT
Not After : Apr 21 20:00:39 2025 GMT
Subject: CN=584dfd2fe1086d80502bcc82d096f340ba618eaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a4:ac:6c:dd:e6:cc:07:18:41:5a:40:bf:67:
a7:e3:58:ac:47:b5:36:23:3e:da:cb:c3:67:6f:5e:
cf:f5:89:31:8b:47:d9:ab:0b:5b:db:a1:6e:58:53:
84:f3:43:14:1f:56:14:3a:6a:6c:42:0a:21:a9:9a:
aa:4c:46:66:dd:6e:1a:24:c4:a5:b7:eb:fa:aa:9e:
c6:0c:47:4b:38:00:fa:71:44:99:01:36:1e:aa:58:
9e:20:23:5a:9e:0a:f9:23:55:c4:b8:d7:e6:62:93:
07:9f:95:de:07:08:5d:1a:26:85:bf:c4:ea:1e:80:
f9:58:b9:39:ce:61:fb:85:c4:50:26:af:1b:12:04:
d5:78:4b:55:85:b5:ba:45:86:87:b6:07:18:83:76:
24:1d:bd:c3:a8:bd:25:d5:19:8c:3b:0b:05:2f:bb:
ff:6e:93:c4:9f:67:81:9a:73:ec:71:bf:1f:bb:fa:
82:de:ab:2b:55:91:69:08:85:85:fe:af:be:5b:cb:
bc:18:20:cb:0f:a3:50:bb:5c:c8:5e:c1:8d:23:70:
45:e0:32:17:02:c5:d5:7d:5a:63:4b:58:85:0e:d5:
9c:57:97:51:2d:d6:f8:af:49:d2:0b:4f:3e:43:1c:
da:7a:0d:78:de:68:32:55:48:62:c9:80:5f:a2:c6:
2c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:4D:FD:2F:E1:08:6D:80:50:2B:CC:82:D0:96:F3:40:BA:61:8E:AA
X509v3 Authority Key Identifier:
keyid:A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b2:88:3f:fd:2a:8e:cc:7b:a0:b8:30:04:36:6b:08:22:d5:53:
84:e0:ee:f8:37:4e:26:03:58:31:04:2e:93:ce:f5:fb:af:ca:
cb:6e:75:25:35:bf:8c:9a:0a:20:b4:3b:47:fc:60:b7:a1:95:
ba:2e:78:43:80:64:e9:d6:88:77:94:19:2f:2e:19:fd:cc:e4:
f3:05:79:31:c8:ff:a3:dd:4b:6d:74:dd:ad:49:06:bd:4a:6b:
af:e5:36:2e:dd:1b:32:c1:c4:51:ab:61:0b:d1:7e:d8:d7:be:
d1:8e:17:ea:9d:5f:f9:1e:40:2e:51:f6:1b:ff:10:e8:a1:38:
c3:fb:1a:07:dc:04:35:d3:b5:9d:4a:75:bc:d0:1d:96:57:51:
43:b7:c4:b9:cf:a0:15:cf:b0:15:8b:26:f5:19:e0:1b:b8:bd:
5a:72:63:e0:49:29:99:66:c6:ac:5f:c4:2b:26:2e:b4:db:5a:
5f:8f:58:d0:56:91:d4:45:0a:60:84:5b:83:35:49:e7:2e:af:
f3:1f:c3:bb:78:db:5a:59:ab:10:28:de:5b:fa:be:8c:ab:1f:
ad:8e:52:9d:53:1c:c0:18:81:ec:a5:7b:38:c4:02:62:d1:b0:
fa:25:5d:64:a5:e2:53:42:0d:11:6a:05:08:d1:3b:49:54:34:
47:e5:41:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUyedNkl8zlrshCAd1EcrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYWFlNTg1MGEzNmRiMjg4MjJhNmMxYWZjNWZmYWNmZjAw
N2VlZjIwHhcNMjUwNDIwMjAwMDM5WhcNMjUwNDIxMjAwMDM5WjAzMTEwLwYDVQQD
Eyg1ODRkZmQyZmUxMDg2ZDgwNTAyYmNjODJkMDk2ZjM0MGJhNjE4ZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqSsbN3mzAcYQVpAv2en41isR7U2
Iz7ay8Nnb17P9Ykxi0fZqwtb26FuWFOE80MUH1YUOmpsQgohqZqqTEZm3W4aJMSl
t+v6qp7GDEdLOAD6cUSZATYeqlieICNangr5I1XEuNfmYpMHn5XeBwhdGiaFv8Tq
HoD5WLk5zmH7hcRQJq8bEgTVeEtVhbW6RYaHtgcYg3YkHb3DqL0l1RmMOwsFL7v/
bpPEn2eBmnPscb8fu/qC3qsrVZFpCIWF/q++W8u8GCDLD6NQu1zIXsGNI3BF4DIX
AsXVfVpjS1iFDtWcV5dRLdb4r0nSC08+Qxzaeg143mgyVUhiyYBfosYs0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFhN/S/hCG2AUCvMgtCW80C6YY6qMB8GA1UdIwQY
MBaAFKCq5YUKNtsogipsGvxf+s/wB+7yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODIt
MjgxOWU0YzVmMTIzLzEvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODItMjgxOWU0YzVmMTIz
LzEvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsog//SqO
zHuguDAENmsIItVThODu+DdOJgNYMQQuk871+6/Ky251JTW/jJoKILQ7R/xgt6GV
ui54Q4Bk6daId5QZLy4Z/czk8wV5Mcj/o91LbXTdrUkGvUprr+U2Lt0bMsHEUath
C9F+2Ne+0Y4X6p1f+R5ALlH2G/8Q6KE4w/saB9wENdO1nUp1vNAdlldRQ7fEuc+g
Fc+wFYsm9RngG7i9WnJj4EkpmWbGrF/EKyYutNtaX49Y0FaR1EUKYIRbgzVJ5y6v
8x/Du3jbWlmrECjeW/q+jKsfrY5SnVMcwBiB7KV7OMQCYtGw+iVdZKXiU0INEWoF
CNE7SVQ0R+VBaw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:41:26 2025 by rpki-client