Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.mft
File: roOCT9wp6-SsKGygGETfhtTXXsA.mft (raw, json)
Hash identifier: CRKYolFUTI5JyvGyszwQqLDI1LyeFnO/NBudZmQ8qdM=
Subject key identifier: 1A:60:BD:BF:52:0D:64:E4:BC:F9:9E:80:0E:84:99:45:26:C7:C6:F7
Authority key identifier: AE:83:82:4F:DC:29:EB:E4:AC:28:6C:A0:18:44:DF:86:D4:D7:5E:C0
Certificate issuer: /CN=ae83824fdc29ebe4ac286ca01844df86d4d75ec0
Certificate serial: 0195797E8266B06A9FE05AD6977381D74D4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/roOCT9wp6-SsKGygGETfhtTXXsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.mft
Manifest number: B1
Signing time: Sun 09 Mar 2025 06:01:28 +0000
Manifest this update: Sun 09 Mar 2025 06:01:28 +0000
Manifest next update: Mon 10 Mar 2025 06:01:28 +0000
Files and hashes: 1: jHCjx-TBB5oXKBhOsM_EWQyL88A.roa (hash: rucNPqCxXwLKo5x3absYJUk2L/e2sCkpCPYtoCEmNPo=)
2: roOCT9wp6-SsKGygGETfhtTXXsA.crl (hash: P99ypS/R+8+n3Ivg/ST7n7fnT94Mp7sl4Cho5oUOuao=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.mft
rsync://rpki.ripe.net/repository/DEFAULT/roOCT9wp6-SsKGygGETfhtTXXsA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 06:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:79:7e:82:66:b0:6a:9f:e0:5a:d6:97:73:81:d7:4d:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae83824fdc29ebe4ac286ca01844df86d4d75ec0
Validity
Not Before: Mar 9 06:01:28 2025 GMT
Not After : Mar 10 06:01:28 2025 GMT
Subject: CN=1a60bdbf520d64e4bcf99e800e84994526c7c6f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c0:c0:75:f1:c9:ec:62:1c:d7:9e:0d:29:50:
b6:b9:c7:d6:da:80:41:4e:cb:26:84:83:87:5d:03:
d9:57:33:86:bd:58:b2:ed:1b:87:68:5e:68:f6:19:
f3:b2:3c:c1:0f:ac:01:8c:2d:3e:2f:c8:87:12:bf:
f9:a7:ac:25:66:3a:c6:53:78:b8:ea:7b:5a:58:15:
a0:4f:df:e3:07:dc:58:50:5a:96:87:bb:13:fc:3b:
eb:72:29:fc:a8:d8:a7:7d:68:55:0a:2e:5e:5c:9c:
3e:a6:f0:1f:73:33:02:66:bf:5c:3d:0d:5c:f7:bf:
14:e1:99:43:23:49:ee:53:f8:c1:de:8f:09:c3:ea:
9f:f9:51:3c:c3:bd:08:a3:46:3a:25:9f:65:86:6e:
f7:6e:09:46:35:0f:c0:90:13:8f:c0:0f:4d:5d:74:
c3:0c:78:4d:df:55:ea:15:dd:bf:72:cb:cb:1a:17:
ab:bd:fe:3a:84:92:db:22:da:a0:7f:95:98:c3:4d:
03:37:47:e1:1a:1a:bf:19:92:81:28:ff:e7:42:88:
60:bd:4c:eb:a3:4f:3c:d1:f6:82:3b:85:bf:45:23:
ab:58:88:eb:31:69:30:89:d8:ed:df:bc:99:82:81:
2b:90:e2:2a:f0:b0:bf:0a:fe:c8:2b:f0:a6:84:79:
3b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:60:BD:BF:52:0D:64:E4:BC:F9:9E:80:0E:84:99:45:26:C7:C6:F7
X509v3 Authority Key Identifier:
keyid:AE:83:82:4F:DC:29:EB:E4:AC:28:6C:A0:18:44:DF:86:D4:D7:5E:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/roOCT9wp6-SsKGygGETfhtTXXsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:56:d5:4f:9b:ae:19:74:d9:e4:c0:eb:6e:8f:22:b0:79:3f:
eb:92:db:d4:60:1a:25:32:0e:87:3c:7a:e0:fa:e3:17:85:36:
14:a7:95:19:28:68:77:5c:88:6f:92:32:b7:2b:6f:00:58:75:
70:c8:68:ad:c2:9d:30:83:c6:bb:e7:55:06:7a:17:cd:1b:2b:
7f:5c:35:4f:10:1e:ba:22:7b:ea:31:73:55:29:46:72:72:4d:
55:97:15:a3:b2:d7:28:49:1e:f4:e7:bf:9c:c0:21:f5:6c:b2:
a0:00:c4:6d:54:2c:28:2f:71:63:c9:a7:63:e2:97:df:8d:0a:
5a:9a:cb:80:13:9b:32:c8:44:18:6c:1b:c4:11:f2:bc:f2:76:
de:41:86:6f:e8:18:60:44:90:23:a7:f2:fa:f9:c9:8a:b5:4a:
ef:6d:31:e7:30:ce:2a:3b:82:04:8e:a9:21:33:30:00:07:23:
69:8a:5c:fa:8f:6a:a9:9c:57:6c:b5:ca:66:74:c0:8a:38:bc:
e0:41:b2:e7:9b:5f:8c:35:c4:50:0a:90:b2:51:a7:2e:ff:ef:
a2:fe:e6:92:3e:de:42:23:b6:b3:02:15:63:fb:a0:e3:5a:68:
09:e5:3c:2b:40:86:aa:a1:09:53:ce:67:b5:3d:82:73:79:3e:
75:e7:66:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV5foJmsGqf4FrWl3OB101MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlODM4MjRmZGMyOWViZTRhYzI4NmNhMDE4NDRkZjg2ZDRk
NzVlYzAwHhcNMjUwMzA5MDYwMTI4WhcNMjUwMzEwMDYwMTI4WjAzMTEwLwYDVQQD
EygxYTYwYmRiZjUyMGQ2NGU0YmNmOTllODAwZTg0OTk0NTI2YzdjNmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8DAdfHJ7GIc154NKVC2ucfW2oBB
TssmhIOHXQPZVzOGvViy7RuHaF5o9hnzsjzBD6wBjC0+L8iHEr/5p6wlZjrGU3i4
6ntaWBWgT9/jB9xYUFqWh7sT/Dvrcin8qNinfWhVCi5eXJw+pvAfczMCZr9cPQ1c
978U4ZlDI0nuU/jB3o8Jw+qf+VE8w70Io0Y6JZ9lhm73bglGNQ/AkBOPwA9NXXTD
DHhN31XqFd2/csvLGhervf46hJLbItqgf5WYw00DN0fhGhq/GZKBKP/nQohgvUzr
o0880faCO4W/RSOrWIjrMWkwidjt37yZgoErkOIq8LC/Cv7IK/CmhHk79wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBpgvb9SDWTkvPmegA6EmUUmx8b3MB8GA1UdIwQY
MBaAFK6Dgk/cKevkrChsoBhE34bU117AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm9PQ1Q5d3A2LVNzS0d5Z0dFVGZodFRYWHNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC83MTc0ZWUtMzA3Ni00OTZjLWIyNTkt
OTcwMDU0NmI1NzExLzEvcm9PQ1Q5d3A2LVNzS0d5Z0dFVGZodFRYWHNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC83MTc0ZWUtMzA3Ni00OTZjLWIyNTktOTcwMDU0NmI1NzEx
LzEvcm9PQ1Q5d3A2LVNzS0d5Z0dFVGZodFRYWHNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKlbVT5uu
GXTZ5MDrbo8isHk/65Lb1GAaJTIOhzx64PrjF4U2FKeVGShod1yIb5IytytvAFh1
cMhorcKdMIPGu+dVBnoXzRsrf1w1TxAeuiJ76jFzVSlGcnJNVZcVo7LXKEke9Oe/
nMAh9WyyoADEbVQsKC9xY8mnY+KX340KWprLgBObMshEGGwbxBHyvPJ23kGGb+gY
YESQI6fy+vnJirVK720x5zDOKjuCBI6pITMwAAcjaYpc+o9qqZxXbLXKZnTAiji8
4EGy55tfjDXEUAqQslGnLv/vov7mkj7eQiO2swIVY/ug41poCeU8K0CGqqEJU85n
tT2Cc3k+dedmxg==
-----END CERTIFICATE-----
Generated at Sun Mar 9 11:32:23 2025 by rpki-client