Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft
File: OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft (raw, json)
Hash identifier: tzgr6fGpIwx7tyIsg7E2dUCuM0JORWYQIPSIoOAnbWE=
Subject key identifier: 66:D7:A8:64:D1:1B:F1:F6:C6:FA:B8:EE:56:D1:3F:D2:9F:93:AC:5E
Authority key identifier: 39:79:B4:35:A3:CF:EF:E7:C3:3A:84:B2:2F:60:33:00:9A:52:25:C7
Certificate issuer: /CN=3979b435a3cfefe7c33a84b22f6033009a5225c7
Certificate serial: 01963F1DF4E6C935142902A0837115151AEC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft
Manifest number: 1483
Signing time: Wed 16 Apr 2025 15:00:49 +0000
Manifest this update: Wed 16 Apr 2025 15:00:49 +0000
Manifest next update: Thu 17 Apr 2025 15:00:49 +0000
Files and hashes: 1: OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl (hash: MyFwmHTAGtrMmyq/NRkw2jy4PNt7JCev4gy7MLFI/0U=)
2: VwXHoptHeR9mWbeRFzNgE273Y_Y.roa (hash: O7PmmfQJftPOiteORNgrKpX/pUfGsXyieeu22jdpW5U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3f:1d:f4:e6:c9:35:14:29:02:a0:83:71:15:15:1a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3979b435a3cfefe7c33a84b22f6033009a5225c7
Validity
Not Before: Apr 16 15:00:49 2025 GMT
Not After : Apr 17 15:00:49 2025 GMT
Subject: CN=66d7a864d11bf1f6c6fab8ee56d13fd29f93ac5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d0:b9:1a:98:ce:7c:c6:6b:53:38:aa:1e:d1:
5e:37:33:08:90:00:97:93:f3:4a:35:b3:c2:9f:b3:
d4:d4:cf:4b:ac:2c:d6:a9:35:13:79:19:25:2b:6b:
76:8d:43:16:6c:91:94:53:f2:07:1e:27:11:c3:42:
95:f6:1b:ee:25:e5:55:70:94:d7:15:d2:1c:9c:d8:
a9:2f:db:64:8f:6c:5e:72:cd:41:db:40:a6:8b:ce:
6c:25:8f:ee:1c:d5:3d:7c:1d:23:5d:d9:3b:de:74:
ac:d6:7d:49:da:de:d3:f1:de:5a:d6:31:51:d9:5a:
99:1d:46:a1:b3:9e:25:63:dd:52:a5:9e:00:06:1f:
94:f3:ec:5c:8c:5a:50:92:3e:a2:76:04:dd:d3:82:
b5:2d:34:80:92:c0:5e:da:a0:3b:47:6d:2a:1c:8c:
09:0f:05:a7:b0:52:87:fa:8c:dd:a2:54:52:ec:88:
91:1b:75:c1:71:22:98:73:0d:74:fe:9a:1b:d2:2e:
6d:b5:40:bd:9d:41:ec:81:8a:8a:d6:d4:4b:01:e8:
8e:56:2e:6b:78:0c:2f:02:05:12:b6:19:58:d5:20:
17:c6:0c:38:73:ab:0d:b1:1b:97:ee:ef:e6:6f:13:
ed:fc:50:d4:08:35:3f:11:e1:5a:06:01:ea:2b:b6:
5f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D7:A8:64:D1:1B:F1:F6:C6:FA:B8:EE:56:D1:3F:D2:9F:93:AC:5E
X509v3 Authority Key Identifier:
keyid:39:79:B4:35:A3:CF:EF:E7:C3:3A:84:B2:2F:60:33:00:9A:52:25:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:7e:19:54:9d:78:7e:9d:6a:bb:c9:d8:7a:94:a0:b1:be:5f:
0e:22:6b:db:c8:fc:61:ca:b3:20:d6:f6:81:64:ae:9a:a4:69:
9a:36:a6:ea:91:ef:7a:b1:44:25:ec:13:31:77:95:b7:20:27:
96:4e:e8:31:51:46:2d:dd:25:0c:69:46:b3:3a:43:34:30:fc:
20:3a:28:4c:55:91:be:3c:76:bf:55:c5:0b:05:59:dd:cc:72:
52:33:5f:1e:a0:eb:c7:13:44:05:d2:ac:0c:df:29:4b:32:01:
a2:72:b0:0d:ee:e4:d5:12:31:f3:57:1d:41:7e:6d:6a:7e:8b:
15:3f:60:a9:1e:94:d0:bc:b4:56:77:2d:e6:21:02:b9:20:a6:
85:c7:b9:0a:64:2b:6f:fc:2c:21:f0:78:ff:5f:53:10:22:c1:
09:74:fd:66:cd:e9:a6:b1:f3:d6:66:9e:a8:d0:45:02:c2:0b:
de:93:d6:8a:05:35:4d:72:01:c5:1b:78:ac:e7:72:ef:7e:a2:
78:f3:80:b4:5c:3d:6f:d6:a3:ec:d7:18:7c:dc:8b:ab:3b:e7:
ab:e9:18:47:4f:07:f9:17:00:dc:40:31:3a:a9:11:32:0f:f6:
51:f9:2f:29:1e:88:fd:3c:3f:a2:2c:11:b9:8f:f0:ea:5f:5d:
1e:2d:23:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY/HfTmyTUUKQKgg3EVFRrsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzliNDM1YTNjZmVmZTdjMzNhODRiMjJmNjAzMzAwOWE1
MjI1YzcwHhcNMjUwNDE2MTUwMDQ5WhcNMjUwNDE3MTUwMDQ5WjAzMTEwLwYDVQQD
Eyg2NmQ3YTg2NGQxMWJmMWY2YzZmYWI4ZWU1NmQxM2ZkMjlmOTNhYzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntC5GpjOfMZrUziqHtFeNzMIkACX
k/NKNbPCn7PU1M9LrCzWqTUTeRklK2t2jUMWbJGUU/IHHicRw0KV9hvuJeVVcJTX
FdIcnNipL9tkj2xecs1B20Cmi85sJY/uHNU9fB0jXdk73nSs1n1J2t7T8d5a1jFR
2VqZHUahs54lY91SpZ4ABh+U8+xcjFpQkj6idgTd04K1LTSAksBe2qA7R20qHIwJ
DwWnsFKH+ozdolRS7IiRG3XBcSKYcw10/pob0i5ttUC9nUHsgYqK1tRLAeiOVi5r
eAwvAgUSthlY1SAXxgw4c6sNsRuX7u/mbxPt/FDUCDU/EeFaBgHqK7ZfRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbXqGTRG/H2xvq47lbRP9Kfk6xeMB8GA1UdIwQY
MBaAFDl5tDWjz+/nwzqEsi9gMwCaUiXHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83M2E3MWUtNDQ2ZC00MWZmLWFhYmYt
ZDViYzIzOWY2YTk4LzEvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83M2E3MWUtNDQ2ZC00MWZmLWFhYmYtZDViYzIzOWY2YTk4
LzEvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAX4ZVJ14
fp1qu8nYepSgsb5fDiJr28j8YcqzINb2gWSumqRpmjam6pHverFEJewTMXeVtyAn
lk7oMVFGLd0lDGlGszpDNDD8IDooTFWRvjx2v1XFCwVZ3cxyUjNfHqDrxxNEBdKs
DN8pSzIBonKwDe7k1RIx81cdQX5tan6LFT9gqR6U0Ly0Vnct5iECuSCmhce5CmQr
b/wsIfB4/19TECLBCXT9Zs3pprHz1maeqNBFAsIL3pPWigU1TXIBxRt4rOdy736i
ePOAtFw9b9aj7NcYfNyLqzvnq+kYR08H+RcA3EAxOqkRMg/2UfkvKR6I/Tw/oiwR
uY/w6l9dHi0jFA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:54:11 2025 by rpki-client