Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.mft
File: OXBHadCH2f6PeQplVctPvvzSTTg.mft (raw, json)
Hash identifier: mHcZ/IZASipsG/GSK8/Xccmi5FxdDwMgFMp3WbR3TnM=
Subject key identifier: F0:E7:A3:41:3D:56:F7:B6:EA:7B:42:06:61:65:D0:06:86:D5:E6:31
Authority key identifier: 39:70:47:69:D0:87:D9:FE:8F:79:0A:65:55:CB:4F:BE:FC:D2:4D:38
Certificate issuer: /CN=39704769d087d9fe8f790a6555cb4fbefcd24d38
Certificate serial: 019511A2528CE374D2F3431C25E9BAFC8A22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.mft
Manifest number: 0108
Signing time: Mon 17 Feb 2025 02:00:05 +0000
Manifest this update: Mon 17 Feb 2025 02:00:05 +0000
Manifest next update: Tue 18 Feb 2025 02:00:05 +0000
Files and hashes: 1: GvH_ld4kbG2WgWcG2cx_5y70SCI.roa (hash: aThEESBkBgawQBBj+8NWP1oT0rEWoC0jxTnO1rDLqhk=)
2: OXBHadCH2f6PeQplVctPvvzSTTg.crl (hash: yuoxQ7FfC8PF4F9zkuMWN+ZyZwCPO2tN/zUOnPuoQj0=)
3: qg4rCavoAEstd_gdiifZJ2l134s.roa (hash: zv8J2KuDAwQOB6a6izYV8dRbqPViGL374uqqVPG9O1k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:a2:52:8c:e3:74:d2:f3:43:1c:25:e9:ba:fc:8a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39704769d087d9fe8f790a6555cb4fbefcd24d38
Validity
Not Before: Feb 17 02:00:05 2025 GMT
Not After : Feb 18 02:00:05 2025 GMT
Subject: CN=f0e7a3413d56f7b6ea7b42066165d00686d5e631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:92:bb:ef:27:25:87:45:d9:a3:dd:9e:33:ef:
b6:44:15:9b:9d:5d:bf:68:ff:5d:c2:f0:96:93:fb:
4e:f0:7e:3d:3d:9d:f5:cc:23:66:4c:32:9d:43:50:
7c:78:fb:87:2d:fe:31:87:25:3e:56:e8:11:10:00:
af:c8:47:6d:4e:5f:f0:b1:6e:43:90:eb:0f:96:9f:
05:d6:db:3f:27:96:46:8b:7e:4d:c5:ca:48:79:bb:
c6:e9:6a:55:21:f5:c8:5b:f6:0c:d9:c4:34:9f:ed:
ff:3c:aa:04:18:36:17:43:f3:74:9e:ca:59:9e:cf:
2e:51:44:a8:6d:55:a3:db:f8:6f:f6:4a:df:50:3b:
51:c0:bc:95:d9:9a:24:ba:ae:85:79:0e:2d:e5:99:
5e:f8:94:5c:ee:69:78:47:2b:86:9b:14:ba:88:3f:
6a:cf:5e:1d:16:b8:8b:a1:8b:17:42:2c:52:53:34:
ba:ab:5f:54:54:4d:6b:47:de:c3:02:ef:13:23:4f:
44:fe:b5:4f:9b:27:1b:93:37:a6:52:d8:81:d0:c3:
c3:54:2c:ea:7e:21:4b:20:6f:c5:46:e7:96:66:39:
54:a3:3d:e4:46:86:4b:c0:af:d0:e4:57:db:ad:25:
98:d7:7a:d3:2a:04:44:39:ef:51:04:47:ab:c9:d4:
cc:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:E7:A3:41:3D:56:F7:B6:EA:7B:42:06:61:65:D0:06:86:D5:E6:31
X509v3 Authority Key Identifier:
keyid:39:70:47:69:D0:87:D9:FE:8F:79:0A:65:55:CB:4F:BE:FC:D2:4D:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:a6:90:dd:a5:ed:24:19:78:82:c1:c1:fc:3c:17:59:8b:05:
53:d7:e4:25:a0:72:ad:f0:48:a9:bb:b2:39:5e:1b:7b:51:ef:
6e:c4:ce:6d:f9:80:be:e7:d9:9c:8a:11:99:e8:37:7d:29:f8:
3c:cb:ad:eb:c8:12:e6:08:e6:5c:63:76:ea:5e:bf:44:e8:eb:
84:c6:28:fe:5f:9f:f0:6d:47:5e:ae:38:77:19:7f:3e:88:65:
de:19:15:14:76:05:5e:fc:e7:cb:a2:38:88:81:cf:1a:a7:0c:
d4:a2:ef:90:7c:1a:71:f1:45:c8:26:f2:68:df:7f:57:4a:33:
8c:a1:cc:fe:22:7e:54:3e:dd:2a:a5:3d:ac:01:ce:95:af:c0:
9d:35:ee:6f:a2:30:b7:7d:2b:e3:1f:62:d3:c2:50:3f:c7:ec:
df:1b:bb:17:a2:b4:50:10:4f:95:8e:8c:e8:cb:96:55:c7:81:
2d:e7:4c:b9:a2:6d:4d:fc:02:47:67:de:fa:e0:ea:6d:36:9c:
21:c6:21:77:df:20:55:49:91:83:32:9a:3f:97:1c:57:bc:4b:
6c:93:2b:92:33:22:60:ea:bb:38:0a:4a:1d:0b:b8:38:e7:33:
f2:fe:56:df:46:7b:16:83:0f:74:27:c0:cb:d1:a3:1c:3e:34:
df:02:df:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURolKM43TS80McJem6/IoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzA0NzY5ZDA4N2Q5ZmU4Zjc5MGE2NTU1Y2I0ZmJlZmNk
MjRkMzgwHhcNMjUwMjE3MDIwMDA1WhcNMjUwMjE4MDIwMDA1WjAzMTEwLwYDVQQD
EyhmMGU3YTM0MTNkNTZmN2I2ZWE3YjQyMDY2MTY1ZDAwNjg2ZDVlNjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJK77yclh0XZo92eM++2RBWbnV2/
aP9dwvCWk/tO8H49PZ31zCNmTDKdQ1B8ePuHLf4xhyU+VugREACvyEdtTl/wsW5D
kOsPlp8F1ts/J5ZGi35NxcpIebvG6WpVIfXIW/YM2cQ0n+3/PKoEGDYXQ/N0nspZ
ns8uUUSobVWj2/hv9krfUDtRwLyV2Zokuq6FeQ4t5Zle+JRc7ml4RyuGmxS6iD9q
z14dFriLoYsXQixSUzS6q19UVE1rR97DAu8TI09E/rVPmycbkzemUtiB0MPDVCzq
fiFLIG/FRueWZjlUoz3kRoZLwK/Q5FfbrSWY13rTKgREOe9RBEerydTMfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPDno0E9Vve26ntCBmFl0AaG1eYxMB8GA1UdIwQY
MBaAFDlwR2nQh9n+j3kKZVXLT7780k04MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zZWFlYjQtZmI5OS00OTkzLTgxMjIt
ZTQ1MzUwNDE0ZGRmLzEvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8zZWFlYjQtZmI5OS00OTkzLTgxMjItZTQ1MzUwNDE0ZGRm
LzEvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj6aQ3aXt
JBl4gsHB/DwXWYsFU9fkJaByrfBIqbuyOV4be1HvbsTObfmAvufZnIoRmeg3fSn4
PMut68gS5gjmXGN26l6/ROjrhMYo/l+f8G1HXq44dxl/Pohl3hkVFHYFXvzny6I4
iIHPGqcM1KLvkHwacfFFyCbyaN9/V0ozjKHM/iJ+VD7dKqU9rAHOla/AnTXub6Iw
t30r4x9i08JQP8fs3xu7F6K0UBBPlY6M6MuWVceBLedMuaJtTfwCR2fe+uDqbTac
IcYhd98gVUmRgzKaP5ccV7xLbJMrkjMiYOq7OApKHQu4OOcz8v5W30Z7FoMPdCfA
y9GjHD403wLf5Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:11 2025 by rpki-client