Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
File: OkGxVaq20SKf00jqoD0PeQPxJno.mft (raw, json)
Hash identifier: sKcyzyhchd8xwlFzMPMEOUUEuZJKlQDUxLsuj2FHzNc=
Subject key identifier: E8:3F:B9:34:78:0A:4B:23:60:2F:A5:C7:DE:F0:0A:C3:56:8B:37:6B
Authority key identifier: 3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
Certificate issuer: /CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Certificate serial: 0194C3BE6757CF711CF3573F2BCEB24DE78D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
Manifest number: 0F35
Signing time: Sat 01 Feb 2025 23:00:22 +0000
Manifest this update: Sat 01 Feb 2025 23:00:22 +0000
Manifest next update: Sun 02 Feb 2025 23:00:22 +0000
Files and hashes: 1: DUYlFbh6FULGzgdthf_PMDp6hOU.roa (hash: JR7UbEi2bM6dLHHY3xrq1gui3NHbn1GkWRWkFGTRYw0=)
2: OkGxVaq20SKf00jqoD0PeQPxJno.crl (hash: 7U1Cyh2jnQF2t53P+T01pjNbaXSw90sxVGPBGxMzJs8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 23:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c3:be:67:57:cf:71:1c:f3:57:3f:2b:ce:b2:4d:e7:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Validity
Not Before: Feb 1 23:00:22 2025 GMT
Not After : Feb 2 23:00:22 2025 GMT
Subject: CN=e83fb934780a4b23602fa5c7def00ac3568b376b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:dd:fe:7f:c7:89:96:94:fb:19:1c:34:c0:a6:
7a:2e:de:f8:7b:44:ca:e7:7a:9f:ff:f5:34:9e:da:
b6:55:4a:f5:6d:3f:74:74:69:3d:b3:ce:00:ee:ca:
9e:d9:70:e5:c6:47:53:a4:d1:b7:95:e5:6d:d9:7d:
b9:d1:e7:d9:1d:29:9b:d7:85:64:c8:ca:44:3e:a8:
57:18:1a:25:19:66:62:dd:f2:d2:83:20:46:2c:2d:
a5:07:14:f0:65:72:8a:2f:e1:59:91:78:bb:e9:65:
05:a3:59:8a:8a:f2:1e:9f:05:8a:e0:42:c7:d4:f6:
74:d4:43:a5:e9:ed:e0:4c:f3:b0:a9:f9:17:42:76:
0f:c2:83:39:56:41:e8:8e:48:dd:8e:b1:1a:48:4c:
86:ad:e1:a0:68:74:67:55:e3:bb:c5:f1:39:dd:1f:
f9:f6:f0:74:5c:32:0c:ad:a2:dc:97:73:8c:50:31:
b0:36:54:ca:01:4c:06:92:3d:09:a7:d0:a6:77:21:
0d:8e:c2:39:72:86:16:0e:9e:60:1e:f7:d8:94:87:
de:ee:c0:43:18:2c:76:13:60:cf:c1:2b:b9:cf:b2:
61:cf:83:af:49:c6:4b:3e:18:de:3d:bf:6e:1f:c7:
7c:a6:05:1d:e2:49:55:4c:d5:b2:78:7d:c4:5e:a7:
b6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:3F:B9:34:78:0A:4B:23:60:2F:A5:C7:DE:F0:0A:C3:56:8B:37:6B
X509v3 Authority Key Identifier:
keyid:3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:ab:a9:26:89:da:e2:d5:a8:be:c7:85:ed:a2:af:11:8e:61:
c8:a2:18:1d:fb:fe:d2:33:60:de:49:ea:1d:59:5b:55:f3:dc:
34:94:17:2e:e0:d1:b4:90:05:6a:26:6d:43:90:e7:0d:e5:8e:
5e:49:aa:cd:22:ad:48:4d:b2:88:36:ab:a8:90:d9:c6:a5:88:
f4:9e:75:ce:d4:85:01:7b:25:11:a0:85:2c:aa:d2:df:f3:71:
f2:b7:20:dd:67:fe:f0:b9:0b:f1:20:38:d4:42:46:9a:88:16:
ae:15:cb:01:6c:6c:9d:d0:64:93:c4:13:dd:6b:a4:85:18:ab:
39:df:d7:87:89:aa:65:2b:2b:89:12:18:54:71:61:bd:e8:a9:
ad:34:e8:f1:e3:ca:2a:d0:fe:36:84:56:92:0e:b6:21:6b:09:
b6:6a:e8:fb:16:2b:e9:bb:b2:46:a9:08:c3:e2:8b:05:03:82:
ac:c9:e4:ed:ec:4c:5f:a3:54:cd:5a:f6:f0:4c:4e:3d:22:da:
51:cd:18:31:80:22:93:b8:99:78:3f:84:0b:66:c4:01:8b:ef:
29:89:a9:03:c9:8a:2b:13:18:78:2e:da:0e:c5:48:3d:f6:89:
5d:a8:1f:d1:ec:3e:54:b4:79:b9:44:64:8f:98:fc:97:b9:9f:
fa:7b:b4:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDvmdXz3Ec81c/K86yTeeNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDFiMTU1YWFiNmQxMjI5ZmQzNDhlYWEwM2QwZjc5MDNm
MTI2N2EwHhcNMjUwMjAxMjMwMDIyWhcNMjUwMjAyMjMwMDIyWjAzMTEwLwYDVQQD
EyhlODNmYjkzNDc4MGE0YjIzNjAyZmE1YzdkZWYwMGFjMzU2OGIzNzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst3+f8eJlpT7GRw0wKZ6Lt74e0TK
53qf//U0ntq2VUr1bT90dGk9s84A7sqe2XDlxkdTpNG3leVt2X250efZHSmb14Vk
yMpEPqhXGBolGWZi3fLSgyBGLC2lBxTwZXKKL+FZkXi76WUFo1mKivIenwWK4ELH
1PZ01EOl6e3gTPOwqfkXQnYPwoM5VkHojkjdjrEaSEyGreGgaHRnVeO7xfE53R/5
9vB0XDIMraLcl3OMUDGwNlTKAUwGkj0Jp9CmdyENjsI5coYWDp5gHvfYlIfe7sBD
GCx2E2DPwSu5z7Jhz4OvScZLPhjePb9uH8d8pgUd4klVTNWyeH3EXqe21wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOg/uTR4CksjYC+lx97wCsNWizdrMB8GA1UdIwQY
MBaAFDpBsVWqttEin9NI6qA9D3kD8SZ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUt
MmIzYjRjNzgwNDE5LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUtMmIzYjRjNzgwNDE5
LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEaupJona
4tWovseF7aKvEY5hyKIYHfv+0jNg3knqHVlbVfPcNJQXLuDRtJAFaiZtQ5DnDeWO
XkmqzSKtSE2yiDarqJDZxqWI9J51ztSFAXslEaCFLKrS3/Nx8rcg3Wf+8LkL8SA4
1EJGmogWrhXLAWxsndBkk8QT3WukhRirOd/Xh4mqZSsriRIYVHFhveiprTTo8ePK
KtD+NoRWkg62IWsJtmro+xYr6buyRqkIw+KLBQOCrMnk7exMX6NUzVr28ExOPSLa
Uc0YMYAik7iZeD+EC2bEAYvvKYmpA8mKKxMYeC7aDsVIPfaJXagf0ew+VLR5uURk
j5j8l7mf+nu0yw==
-----END CERTIFICATE-----
Generated at Sun Feb 2 06:46:20 2025 by rpki-client