Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
File: OC5TMDOzzpXklyvyOC3awpPC3AE.mft (raw, json)
Hash identifier: jfMPMsg/HMxL/69UTBTdHaWmT6SehnZGfXsiV4rt+xY=
Subject key identifier: 07:AB:57:19:A1:31:C7:23:1D:ED:21:C2:37:5A:80:69:AC:81:59:3B
Authority key identifier: 38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
Certificate issuer: /CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Certificate serial: 019656EED4E0E5B539CBD2219B28A5AA50A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
Manifest number: 085E
Signing time: Mon 21 Apr 2025 06:00:14 +0000
Manifest this update: Mon 21 Apr 2025 06:00:14 +0000
Manifest next update: Tue 22 Apr 2025 06:00:14 +0000
Files and hashes: 1: 5Ut0b0NCsET_SBcrRZDGmpxguZ8.roa (hash: yFP/8VV88RGdYS/1gMV2xguqReDrDsPUy9So1+AmUlY=)
2: 5govGzTOoEOkHW5AQQBeXhEslnY.roa (hash: WSesnMfx5MzV8mfpr2Kk+2TovkIoHzCJWKSulEHwHA0=)
3: OC5TMDOzzpXklyvyOC3awpPC3AE.crl (hash: NLqYaq1/ImVlzTFdu34Tk2TAPUjXxttHBzjD+r/VfWc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:56:ee:d4:e0:e5:b5:39:cb:d2:21:9b:28:a5:aa:50:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Validity
Not Before: Apr 21 06:00:14 2025 GMT
Not After : Apr 22 06:00:14 2025 GMT
Subject: CN=07ab5719a131c7231ded21c2375a8069ac81593b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:80:db:e7:dd:0e:01:8f:3b:05:10:cd:96:99:
21:25:67:a6:94:05:5a:c1:a2:34:2b:3e:9f:80:8a:
ff:4d:6a:5b:5c:af:14:05:c2:52:50:a7:0f:79:7d:
9e:d1:83:7b:0e:e1:1d:a1:ef:66:b4:60:81:9f:5c:
c9:b1:df:be:53:59:c0:34:df:20:b7:a7:32:d2:7d:
9d:de:bd:19:9e:53:df:b8:10:57:c6:b3:62:24:8a:
9e:53:92:a1:39:4e:b1:50:c1:8e:bc:1c:70:c3:56:
23:fd:68:2d:7b:ce:70:22:c6:20:c1:86:a7:b8:87:
96:e7:7b:08:33:ed:93:93:ea:72:10:bb:94:b5:8c:
4f:a0:f1:30:03:8d:2d:ce:a1:64:a2:94:d1:67:85:
f8:ed:13:97:d4:06:45:05:1e:e0:11:ba:11:da:1e:
ef:9d:01:4d:ce:d7:6a:14:90:31:e3:07:6d:d4:d4:
7f:ea:2a:64:81:5e:2b:3c:b8:09:d8:bb:93:93:39:
c7:1e:56:d3:fd:cc:91:c8:09:99:40:97:04:b7:87:
9d:b1:f4:33:10:7c:c6:ab:75:c8:1a:01:83:47:10:
d5:77:50:4d:73:b9:31:fb:0f:3b:c0:19:21:27:42:
29:c1:60:c8:be:51:15:3c:21:d1:2e:ca:6f:b4:2e:
d2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:AB:57:19:A1:31:C7:23:1D:ED:21:C2:37:5A:80:69:AC:81:59:3B
X509v3 Authority Key Identifier:
keyid:38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:07:cd:39:07:fb:10:dc:58:78:2b:c2:5d:05:a3:67:4c:eb:
02:22:1f:b4:36:b1:09:42:03:fb:73:30:f6:b6:06:7f:8d:fd:
d8:96:13:93:d9:f4:ec:3e:8b:a6:d0:45:d3:0b:2f:c6:4a:d0:
ae:66:df:cf:fb:71:82:57:91:49:f6:ab:23:63:d7:f2:fa:64:
ce:7d:f4:54:80:34:3e:93:a7:a2:7d:d3:41:b1:6e:41:e3:77:
53:c8:75:70:51:b1:48:40:cf:d7:b2:aa:21:4c:31:6a:ca:e0:
d1:7a:6c:c3:ea:3e:90:37:14:cc:45:da:00:d4:cd:5e:38:ff:
2e:3b:44:c8:36:4b:33:0a:bd:7b:ef:56:6f:f9:21:42:47:79:
e2:ed:c4:a3:60:c9:23:f5:08:f8:d9:5a:17:00:f9:f9:9b:c1:
3f:9a:55:2b:ce:38:65:72:52:95:8d:f0:f2:ab:ff:b6:d9:32:
6b:56:91:68:af:75:33:2f:81:c7:05:1a:57:c4:3c:e6:86:fc:
4f:ee:3b:c6:ff:c4:3e:0b:ce:f8:ea:4d:fd:de:94:1e:3a:dc:
3f:59:37:a2:2f:a8:72:a7:06:04:66:db:ba:71:11:d3:2a:e1:
92:ce:95:9b:26:0b:0d:fd:f6:aa:60:98:69:46:b4:33:87:d0:
c1:2a:9c:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZW7tTg5bU5y9IhmyilqlCnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmU1MzMwMzNiM2NlOTVlNDk3MmJmMjM4MmRkYWMyOTNj
MmRjMDEwHhcNMjUwNDIxMDYwMDE0WhcNMjUwNDIyMDYwMDE0WjAzMTEwLwYDVQQD
EygwN2FiNTcxOWExMzFjNzIzMWRlZDIxYzIzNzVhODA2OWFjODE1OTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroDb590OAY87BRDNlpkhJWemlAVa
waI0Kz6fgIr/TWpbXK8UBcJSUKcPeX2e0YN7DuEdoe9mtGCBn1zJsd++U1nANN8g
t6cy0n2d3r0ZnlPfuBBXxrNiJIqeU5KhOU6xUMGOvBxww1Yj/Wgte85wIsYgwYan
uIeW53sIM+2Tk+pyELuUtYxPoPEwA40tzqFkopTRZ4X47ROX1AZFBR7gEboR2h7v
nQFNztdqFJAx4wdt1NR/6ipkgV4rPLgJ2LuTkznHHlbT/cyRyAmZQJcEt4edsfQz
EHzGq3XIGgGDRxDVd1BNc7kx+w87wBkhJ0IpwWDIvlEVPCHRLspvtC7S3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAerVxmhMccjHe0hwjdagGmsgVk7MB8GA1UdIwQY
MBaAFDguUzAzs86V5Jcr8jgt2sKTwtwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQt
ZWFhMDkwNTE0YjUyLzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQtZWFhMDkwNTE0YjUy
LzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIwfNOQf7
ENxYeCvCXQWjZ0zrAiIftDaxCUID+3Mw9rYGf4392JYTk9n07D6LptBF0wsvxkrQ
rmbfz/txgleRSfarI2PX8vpkzn30VIA0PpOnon3TQbFuQeN3U8h1cFGxSEDP17Kq
IUwxasrg0Xpsw+o+kDcUzEXaANTNXjj/LjtEyDZLMwq9e+9Wb/khQkd54u3Eo2DJ
I/UI+NlaFwD5+ZvBP5pVK844ZXJSlY3w8qv/ttkya1aRaK91My+BxwUaV8Q85ob8
T+47xv/EPgvO+OpN/d6UHjrcP1k3oi+ocqcGBGbbunER0yrhks6VmyYLDf32qmCY
aUa0M4fQwSqcmA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:57:48 2025 by rpki-client