Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
File: 1ots-3IKfJKhgMphS9sO2h8evp0.mft (raw, json)
Hash identifier: Mt6oskyksMv26G4rk4kFl79rTG9xiLlo4MURZWChEfE=
Subject key identifier: 78:D9:40:A6:67:B6:E6:82:2F:4C:67:87:43:D4:42:1B:8F:C1:A0:0A
Authority key identifier: D6:8B:6C:FB:72:0A:7C:92:A1:80:CA:61:4B:DB:0E:DA:1F:1E:BE:9D
Certificate issuer: /CN=d68b6cfb720a7c92a180ca614bdb0eda1f1ebe9d
Certificate serial: 01964FA33D347EDE8D70B006D55EFE661F6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
Manifest number: 0AFA
Signing time: Sat 19 Apr 2025 20:00:20 +0000
Manifest this update: Sat 19 Apr 2025 20:00:20 +0000
Manifest next update: Sun 20 Apr 2025 20:00:20 +0000
Files and hashes: 1: 1ots-3IKfJKhgMphS9sO2h8evp0.crl (hash: Z+fB80kG2saBHvxLNP7kI6hZkHkw5jG2BhdGSJuUYNM=)
2: iN4kY7sCfzKOl-coUiFvOhD6wg4.roa (hash: ZI3B1VaDQ0JfOlPoqiW79rOHU3ymg8mbnEbUM636Uvw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 20:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4f:a3:3d:34:7e:de:8d:70:b0:06:d5:5e:fe:66:1f:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d68b6cfb720a7c92a180ca614bdb0eda1f1ebe9d
Validity
Not Before: Apr 19 20:00:20 2025 GMT
Not After : Apr 20 20:00:20 2025 GMT
Subject: CN=78d940a667b6e6822f4c678743d4421b8fc1a00a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ff:ce:6c:28:f5:24:5c:62:02:a9:36:d6:80:
03:bb:4a:4b:35:ba:9b:7c:cb:f9:98:da:c8:f8:9d:
2e:79:b7:9c:77:b3:59:b7:04:d1:d5:2d:28:ae:b7:
fd:90:6e:db:72:72:f2:e0:f6:63:e1:bc:30:df:c0:
81:54:d0:c2:37:bf:3a:27:39:79:bc:9e:64:a1:9b:
3b:5f:31:a4:01:c8:17:f9:75:2a:34:51:12:29:96:
4c:fe:26:9e:f2:c8:94:b6:93:6f:79:07:50:a1:f4:
74:75:c9:9a:2c:95:2e:98:0d:a9:c7:4d:6a:ce:86:
33:4b:c1:87:74:0f:b7:a2:f1:09:e7:44:0b:c3:9c:
d6:a0:9a:aa:70:a2:20:f5:f9:ac:a0:4b:6c:18:47:
25:97:7b:fa:32:2f:7b:2f:c4:08:7b:16:67:fa:7b:
5b:62:bd:64:38:f4:b9:f4:5a:7f:99:bc:32:13:d6:
a7:1e:89:e4:78:84:03:02:82:ae:59:29:a3:b3:2a:
6f:d4:31:de:7f:91:79:4a:76:6b:6e:73:c6:d0:95:
1f:38:2d:8b:b2:08:89:ac:fb:07:3d:2f:d7:e1:58:
8b:4d:69:23:d6:6b:36:10:e2:7b:e7:2e:98:e4:e5:
90:bc:3d:ca:78:f1:8f:2f:b5:f9:77:31:57:9d:43:
93:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:D9:40:A6:67:B6:E6:82:2F:4C:67:87:43:D4:42:1B:8F:C1:A0:0A
X509v3 Authority Key Identifier:
keyid:D6:8B:6C:FB:72:0A:7C:92:A1:80:CA:61:4B:DB:0E:DA:1F:1E:BE:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:9b:90:21:96:84:e2:7e:65:fb:72:b2:41:1c:19:b6:c8:af:
4c:e3:07:35:d6:85:97:67:62:55:2c:89:b2:8d:ac:8b:25:27:
1c:dc:76:7c:12:99:1a:36:20:df:87:64:1f:70:8b:24:bf:29:
52:74:91:dd:3f:e3:6e:63:f9:31:ab:d9:f1:30:1e:18:de:c2:
a7:85:f8:4d:53:0a:59:7a:83:31:a1:06:75:38:ab:bf:87:f5:
93:ee:ea:a5:82:e6:50:f2:4b:64:51:6a:58:91:cd:13:22:6e:
17:e2:f4:d5:87:85:24:fe:14:a8:b3:98:dc:d7:9e:77:f6:9d:
c5:aa:aa:e0:09:81:4f:2d:ef:6c:c7:be:a8:18:5b:e8:4f:e6:
84:67:06:04:eb:11:ba:a1:4f:7f:92:17:55:b9:60:23:3a:08:
2f:ac:ff:48:19:53:7a:e0:65:b6:11:50:1c:74:ff:41:c1:93:
e0:2c:4f:99:48:07:00:9d:6f:7d:1d:40:9c:8a:a9:82:80:b1:
f4:18:b9:16:2e:3f:c4:5b:76:9a:23:f0:00:48:cc:20:fd:c5:
3f:41:13:5b:4d:95:c0:eb:af:b9:43:e6:7a:03:a3:8d:79:17:
82:7c:70:33:5c:a3:8e:e6:e3:88:72:65:da:c2:2d:c1:8c:15:
cd:dc:09:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPoz00ft6NcLAG1V7+Zh9qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2OGI2Y2ZiNzIwYTdjOTJhMTgwY2E2MTRiZGIwZWRhMWYx
ZWJlOWQwHhcNMjUwNDE5MjAwMDIwWhcNMjUwNDIwMjAwMDIwWjAzMTEwLwYDVQQD
Eyg3OGQ5NDBhNjY3YjZlNjgyMmY0YzY3ODc0M2Q0NDIxYjhmYzFhMDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1f/ObCj1JFxiAqk21oADu0pLNbqb
fMv5mNrI+J0uebecd7NZtwTR1S0orrf9kG7bcnLy4PZj4bww38CBVNDCN786Jzl5
vJ5koZs7XzGkAcgX+XUqNFESKZZM/iae8siUtpNveQdQofR0dcmaLJUumA2px01q
zoYzS8GHdA+3ovEJ50QLw5zWoJqqcKIg9fmsoEtsGEcll3v6Mi97L8QIexZn+ntb
Yr1kOPS59Fp/mbwyE9anHonkeIQDAoKuWSmjsypv1DHef5F5SnZrbnPG0JUfOC2L
sgiJrPsHPS/X4ViLTWkj1ms2EOJ75y6Y5OWQvD3KePGPL7X5dzFXnUOTxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHjZQKZntuaCL0xnh0PUQhuPwaAKMB8GA1UdIwQY
MBaAFNaLbPtyCnySoYDKYUvbDtofHr6dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iNTk0NWQtNDkxNS00YmQ3LTkxYzEt
MzNlMzE5YTQ1NGVmLzEvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iNTk0NWQtNDkxNS00YmQ3LTkxYzEtMzNlMzE5YTQ1NGVm
LzEvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUJuQIZaE
4n5l+3KyQRwZtsivTOMHNdaFl2diVSyJso2siyUnHNx2fBKZGjYg34dkH3CLJL8p
UnSR3T/jbmP5MavZ8TAeGN7Cp4X4TVMKWXqDMaEGdTirv4f1k+7qpYLmUPJLZFFq
WJHNEyJuF+L01YeFJP4UqLOY3Need/adxaqq4AmBTy3vbMe+qBhb6E/mhGcGBOsR
uqFPf5IXVblgIzoIL6z/SBlTeuBlthFQHHT/QcGT4CxPmUgHAJ1vfR1AnIqpgoCx
9Bi5Fi4/xFt2miPwAEjMIP3FP0ETW02VwOuvuUPmegOjjXkXgnxwM1yjjubjiHJl
2sItwYwVzdwJew==
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:26:55 2025 by rpki-client