Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
File: 1ots-3IKfJKhgMphS9sO2h8evp0.mft (raw, json)
Hash identifier: 8LinzsvzHdy3WZaKitcS1cHdZmNmUXFTan+r3m4XDQg=
Subject key identifier: 94:9E:C4:B0:C3:E9:8E:AA:EE:76:79:8C:64:C3:EF:27:87:EB:75:BA
Authority key identifier: D6:8B:6C:FB:72:0A:7C:92:A1:80:CA:61:4B:DB:0E:DA:1F:1E:BE:9D
Certificate issuer: /CN=d68b6cfb720a7c92a180ca614bdb0eda1f1ebe9d
Certificate serial: 0196556EAEC9AC96D3CBF46DB4C8C20DCFBC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
Manifest number: 0AFD
Signing time: Sun 20 Apr 2025 23:00:39 +0000
Manifest this update: Sun 20 Apr 2025 23:00:39 +0000
Manifest next update: Mon 21 Apr 2025 23:00:39 +0000
Files and hashes: 1: 1ots-3IKfJKhgMphS9sO2h8evp0.crl (hash: il5kx3LkcQ87PjKfR63iWulrxocVaDMLV+KIpWmahBM=)
2: iN4kY7sCfzKOl-coUiFvOhD6wg4.roa (hash: ZI3B1VaDQ0JfOlPoqiW79rOHU3ymg8mbnEbUM636Uvw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 23:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:6e:ae:c9:ac:96:d3:cb:f4:6d:b4:c8:c2:0d:cf:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d68b6cfb720a7c92a180ca614bdb0eda1f1ebe9d
Validity
Not Before: Apr 20 23:00:39 2025 GMT
Not After : Apr 21 23:00:39 2025 GMT
Subject: CN=949ec4b0c3e98eaaee76798c64c3ef2787eb75ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5f:e8:fe:24:eb:4e:7b:5c:4d:c8:bc:94:c0:
1b:b2:6a:0d:67:1e:85:4a:dd:17:c4:14:92:77:71:
01:5e:52:23:3e:9e:68:30:be:c7:f9:4c:e8:3d:bc:
c1:02:92:e5:35:76:68:62:70:fb:32:a0:0a:f2:b1:
56:64:f5:2e:0a:62:33:83:11:60:88:9c:b2:b9:e3:
04:b8:1c:85:29:61:39:e2:b1:69:62:7e:ae:5e:48:
12:d5:b5:0a:dd:d3:66:5f:c5:55:be:80:c1:18:3b:
30:a0:74:d4:1b:49:16:7d:31:97:34:3d:1d:aa:b7:
6c:73:d2:b0:0c:80:2e:11:d0:f7:f3:a4:8d:31:6a:
8f:8b:82:66:dd:d0:50:79:a5:56:f9:ab:90:ab:d2:
38:d4:7b:00:d0:d4:1b:dd:f7:82:bf:3d:d7:dd:c4:
02:ae:48:48:5d:cb:d0:76:2f:d4:79:f0:18:16:64:
9e:af:f3:0d:07:bc:52:8a:cc:b3:01:a6:3a:18:7b:
57:43:9c:94:50:5a:67:d6:bf:13:a8:6a:bf:77:2e:
c0:b4:f4:eb:7a:d2:e6:c1:78:03:48:7d:07:43:ff:
14:d0:90:02:86:64:14:77:de:0b:d5:a6:ef:a1:1e:
54:07:f3:53:5c:52:02:2c:c0:4e:cd:3a:b6:7c:60:
fb:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:9E:C4:B0:C3:E9:8E:AA:EE:76:79:8C:64:C3:EF:27:87:EB:75:BA
X509v3 Authority Key Identifier:
keyid:D6:8B:6C:FB:72:0A:7C:92:A1:80:CA:61:4B:DB:0E:DA:1F:1E:BE:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:52:e6:6b:da:2f:cd:77:5d:75:21:61:65:c6:78:ab:b5:f0:
e1:e3:c1:f6:76:c5:77:0a:6a:89:48:40:50:b0:b0:33:6c:40:
36:fe:73:00:60:b9:b4:1b:a1:66:7d:f5:9c:3d:0a:97:1c:cb:
78:01:b1:c3:31:53:e8:b3:a5:c0:af:61:78:0a:85:08:cb:54:
e8:cd:90:f2:09:18:b7:0f:71:27:57:ff:81:fb:29:fc:9c:32:
38:1f:d4:8f:45:a4:63:58:77:75:76:93:be:12:51:ba:69:8d:
2b:6d:ad:bf:cb:76:4b:cf:11:13:d3:d5:a9:f9:84:62:2b:67:
84:7c:0e:27:fb:f1:4a:1a:ba:ca:0b:16:e6:99:9e:39:99:44:
f9:78:cc:51:ff:2b:a1:1c:b8:70:18:3c:ba:8b:2e:2f:9d:7e:
40:20:19:53:df:69:91:c5:1f:2a:c6:ef:34:15:32:be:48:96:
c7:56:1f:30:a6:52:73:c5:a9:03:a5:6b:26:b9:65:2e:1a:9e:
b2:07:1e:f2:0d:9e:77:59:09:7d:7e:f8:5a:d7:54:0d:14:06:
86:97:78:08:2b:de:ae:d6:5e:da:c8:8a:0a:ea:e3:3e:eb:d2:
95:b7:94:07:ee:b3:2e:45:8c:86:d3:89:d2:76:91:e0:dc:c9:
ab:e6:35:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVbq7JrJbTy/RttMjCDc+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2OGI2Y2ZiNzIwYTdjOTJhMTgwY2E2MTRiZGIwZWRhMWYx
ZWJlOWQwHhcNMjUwNDIwMjMwMDM5WhcNMjUwNDIxMjMwMDM5WjAzMTEwLwYDVQQD
Eyg5NDllYzRiMGMzZTk4ZWFhZWU3Njc5OGM2NGMzZWYyNzg3ZWI3NWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApl/o/iTrTntcTci8lMAbsmoNZx6F
St0XxBSSd3EBXlIjPp5oML7H+UzoPbzBApLlNXZoYnD7MqAK8rFWZPUuCmIzgxFg
iJyyueMEuByFKWE54rFpYn6uXkgS1bUK3dNmX8VVvoDBGDswoHTUG0kWfTGXND0d
qrdsc9KwDIAuEdD386SNMWqPi4Jm3dBQeaVW+auQq9I41HsA0NQb3feCvz3X3cQC
rkhIXcvQdi/UefAYFmSer/MNB7xSisyzAaY6GHtXQ5yUUFpn1r8TqGq/dy7AtPTr
etLmwXgDSH0HQ/8U0JAChmQUd94L1abvoR5UB/NTXFICLMBOzTq2fGD7TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJSexLDD6Y6q7nZ5jGTD7yeH63W6MB8GA1UdIwQY
MBaAFNaLbPtyCnySoYDKYUvbDtofHr6dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iNTk0NWQtNDkxNS00YmQ3LTkxYzEt
MzNlMzE5YTQ1NGVmLzEvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iNTk0NWQtNDkxNS00YmQ3LTkxYzEtMzNlMzE5YTQ1NGVm
LzEvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaFLma9ov
zXdddSFhZcZ4q7Xw4ePB9nbFdwpqiUhAULCwM2xANv5zAGC5tBuhZn31nD0KlxzL
eAGxwzFT6LOlwK9heAqFCMtU6M2Q8gkYtw9xJ1f/gfsp/JwyOB/Uj0WkY1h3dXaT
vhJRummNK22tv8t2S88RE9PVqfmEYitnhHwOJ/vxShq6ygsW5pmeOZlE+XjMUf8r
oRy4cBg8uosuL51+QCAZU99pkcUfKsbvNBUyvkiWx1YfMKZSc8WpA6VrJrllLhqe
sgce8g2ed1kJfX74WtdUDRQGhpd4CCvertZe2siKCurjPuvSlbeUB+6zLkWMhtOJ
0naR4NzJq+Y1ow==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:48:25 2025 by rpki-client