Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
File: ONBDirVthCFxMbwG_jNeTHhD63k.mft (raw, json)
Hash identifier: KhSHoywBtjAM/SNanJ1Nx5w/U2M2/+ZYKBfoDPywdZo=
Subject key identifier: EF:6D:0A:C2:D4:0D:2D:C6:17:77:64:30:B0:B1:A7:C8:19:47:DB:5D
Authority key identifier: 38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
Certificate issuer: /CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Certificate serial: 01964F6D2F732990570690210AEBA5D4E905
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
Manifest number: 0200
Signing time: Sat 19 Apr 2025 19:01:17 +0000
Manifest this update: Sat 19 Apr 2025 19:01:17 +0000
Manifest next update: Sun 20 Apr 2025 19:01:17 +0000
Files and hashes: 1: BFrr-Y0U-5iptN2idzPFsrYv6zw.roa (hash: SItZsNwfN8g7OyWNk2li9IKpDbpjiOGNcOTycVK0WwU=)
2: ONBDirVthCFxMbwG_jNeTHhD63k.crl (hash: USgMUr0uNSrh6izBL+fUCPfKENV9BmEuyizCthTPvs8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 16:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4f:6d:2f:73:29:90:57:06:90:21:0a:eb:a5:d4:e9:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Validity
Not Before: Apr 19 19:01:17 2025 GMT
Not After : Apr 20 19:01:17 2025 GMT
Subject: CN=ef6d0ac2d40d2dc617776430b0b1a7c81947db5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:73:49:ad:2b:ff:4b:5f:1e:64:b5:bf:39:9b:
85:41:0b:eb:f3:85:e0:29:4e:15:c3:4d:c4:56:f3:
a7:30:10:68:a8:03:42:18:63:60:33:de:c9:e5:d6:
54:b3:37:98:2b:d9:b2:95:ed:88:a3:7d:08:e6:d1:
9d:af:29:f6:ff:d1:ad:4b:c4:f6:30:73:92:91:2a:
39:a3:c0:cd:2f:f9:86:af:8b:f0:0d:d0:63:0c:2b:
8d:10:47:7f:0b:af:63:18:73:83:82:45:71:0f:6b:
9a:18:a0:04:68:a6:af:99:2d:4f:33:df:03:4d:94:
f8:fc:6f:dd:82:14:84:04:7b:f7:6e:c1:45:15:de:
6b:2a:22:34:19:86:09:be:dd:3c:56:ab:e6:a1:0d:
48:b9:50:89:d7:04:bc:08:5d:25:f6:a3:a9:4c:a9:
01:12:e6:f1:f3:29:d9:28:b9:6e:3a:37:b4:33:4f:
3d:80:78:8a:31:c2:8c:39:9e:9a:30:bb:16:fd:30:
fc:95:c9:d4:5f:6c:5e:73:82:21:ac:91:c2:73:f0:
5d:c5:8d:2c:92:93:9c:ff:5b:d6:37:47:fd:6b:d1:
d4:e1:ca:32:f5:68:0a:1d:08:32:76:b4:61:07:cc:
ff:67:78:7a:4d:3f:b1:e5:00:f3:59:0f:fd:e8:c8:
b8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:6D:0A:C2:D4:0D:2D:C6:17:77:64:30:B0:B1:A7:C8:19:47:DB:5D
X509v3 Authority Key Identifier:
keyid:38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:1f:14:b8:ed:ae:c3:5b:27:a0:2e:18:21:6d:df:88:db:b7:
98:5f:0c:9d:87:4e:81:8e:d6:f4:98:15:4e:b2:13:06:fe:9b:
8e:1e:5b:08:49:08:5e:02:9a:d8:cc:aa:36:88:7b:ac:73:83:
48:89:05:63:cc:7f:5a:8d:01:72:c7:29:50:b5:6b:25:46:87:
3c:be:59:b7:9c:f1:59:cc:f1:19:f7:5e:83:6e:5b:5f:24:e8:
56:31:1f:d3:a0:17:10:91:c1:d6:0c:38:0e:bb:ff:17:2d:68:
40:ba:5e:eb:72:fb:71:0c:7d:00:75:23:ab:ab:69:55:9f:52:
48:54:89:65:f9:82:fe:8b:14:1d:b7:49:3a:aa:ff:d6:a8:aa:
fb:f9:2d:b0:0b:ef:04:f7:54:9a:2d:92:9c:4a:55:61:5c:6e:
12:a4:36:d8:3b:ec:32:56:51:b6:7c:b2:27:f2:fd:b0:2f:33:
57:d7:92:2c:73:11:44:76:8e:38:e4:9b:86:e1:91:95:70:74:
b2:3e:be:ba:a4:b5:5d:75:ff:44:38:79:58:1e:23:13:b8:0d:
56:ad:c7:52:ef:fe:bc:59:06:1f:7c:a8:95:ea:e4:13:07:b1:
87:d4:f5:bf:d6:cf:cd:48:26:ae:eb:72:20:c5:ab:21:a7:f7:
80:21:e7:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPbS9zKZBXBpAhCuul1OkFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDA0MzhhYjU2ZDg0MjE3MTMxYmMwNmZlMzM1ZTRjNzg0
M2ViNzkwHhcNMjUwNDE5MTkwMTE3WhcNMjUwNDIwMTkwMTE3WjAzMTEwLwYDVQQD
EyhlZjZkMGFjMmQ0MGQyZGM2MTc3NzY0MzBiMGIxYTdjODE5NDdkYjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonNJrSv/S18eZLW/OZuFQQvr84Xg
KU4Vw03EVvOnMBBoqANCGGNgM97J5dZUszeYK9myle2Io30I5tGdryn2/9GtS8T2
MHOSkSo5o8DNL/mGr4vwDdBjDCuNEEd/C69jGHODgkVxD2uaGKAEaKavmS1PM98D
TZT4/G/dghSEBHv3bsFFFd5rKiI0GYYJvt08VqvmoQ1IuVCJ1wS8CF0l9qOpTKkB
Eubx8ynZKLluOje0M089gHiKMcKMOZ6aMLsW/TD8lcnUX2xec4IhrJHCc/BdxY0s
kpOc/1vWN0f9a9HU4coy9WgKHQgydrRhB8z/Z3h6TT+x5QDzWQ/96Mi4RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO9tCsLUDS3GF3dkMLCxp8gZR9tdMB8GA1UdIwQY
MBaAFDjQQ4q1bYQhcTG8Bv4zXkx4Q+t5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEt
ZDllNmM1ZjBkMjg4LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEtZDllNmM1ZjBkMjg4
LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgR8UuO2u
w1snoC4YIW3fiNu3mF8MnYdOgY7W9JgVTrITBv6bjh5bCEkIXgKa2MyqNoh7rHOD
SIkFY8x/Wo0BcscpULVrJUaHPL5Zt5zxWczxGfdeg25bXyToVjEf06AXEJHB1gw4
Drv/Fy1oQLpe63L7cQx9AHUjq6tpVZ9SSFSJZfmC/osUHbdJOqr/1qiq+/ktsAvv
BPdUmi2SnEpVYVxuEqQ22DvsMlZRtnyyJ/L9sC8zV9eSLHMRRHaOOOSbhuGRlXB0
sj6+uqS1XXX/RDh5WB4jE7gNVq3HUu/+vFkGH3yolerkEwexh9T1v9bPzUgmruty
IMWrIaf3gCHnvg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:05:47 2025 by rpki-client