Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
File: Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft (raw, json)
Hash identifier: Dmcc7aAwGjQ1y/5707LA96gJDoa5XE4c96YAsIKCJBM=
Subject key identifier: 53:15:E9:33:3F:AE:0C:24:41:81:2A:DF:1C:50:EE:FE:21:73:DC:FC
Authority key identifier: 3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A
Certificate issuer: /CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
Certificate serial: 01964DEC33070FA9C082BD05A302D9B0F247
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
Manifest number: 14F7
Signing time: Sat 19 Apr 2025 12:00:47 +0000
Manifest this update: Sat 19 Apr 2025 12:00:47 +0000
Manifest next update: Sun 20 Apr 2025 12:00:47 +0000
Files and hashes: 1: Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl (hash: uyWmPew1RntF53gxgk6BHP1F6KhR6b+1o5zkScjnnsA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 12:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4d:ec:33:07:0f:a9:c0:82:bd:05:a3:02:d9:b0:f2:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
Validity
Not Before: Apr 19 12:00:47 2025 GMT
Not After : Apr 20 12:00:47 2025 GMT
Subject: CN=5315e9333fae0c2441812adf1c50eefe2173dcfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:5f:f7:74:ed:10:87:46:8e:5a:0f:60:70:5d:
f5:83:7b:ba:e3:c0:4b:b1:32:90:b2:1f:83:d7:06:
13:a8:4f:f9:a9:44:2f:fa:2c:4b:f9:d3:e5:5d:84:
b7:bd:46:6a:81:05:6a:e0:1d:4e:fd:de:5d:4e:59:
f9:3e:fc:87:f2:78:f9:36:aa:86:e2:a3:86:7c:30:
c1:60:cf:77:c1:8d:d5:e2:6f:a9:a8:22:7d:fd:7b:
76:b0:de:bc:f1:37:26:f4:72:83:7d:68:eb:62:af:
a4:af:6d:63:f9:29:cc:b2:83:3f:b5:10:3c:bb:f7:
fa:1b:aa:ab:d4:f3:97:08:8c:f9:62:f7:17:94:43:
59:42:b3:70:a7:b8:c0:6f:18:d4:d1:a3:1f:32:7f:
01:30:71:a0:55:a3:6e:a7:6f:23:f7:a0:28:d0:f6:
99:34:f0:c7:29:10:0f:4d:33:25:8a:41:e8:e1:72:
fa:01:6c:4a:19:2c:fc:30:4c:8c:ef:f8:60:d1:d0:
0b:a7:b6:8d:d1:9c:d8:69:20:3f:0f:27:b3:47:5c:
59:ee:25:4d:c2:0e:d3:75:4e:15:de:17:98:85:49:
db:b0:68:c8:08:96:18:b0:21:20:14:89:99:ed:d3:
9d:b3:3c:5f:cd:14:e6:2e:11:e0:2e:44:c8:8a:37:
94:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:15:E9:33:3F:AE:0C:24:41:81:2A:DF:1C:50:EE:FE:21:73:DC:FC
X509v3 Authority Key Identifier:
keyid:3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:41:aa:5a:99:bd:e1:a4:c0:2d:8e:84:2f:b8:e4:ff:c0:c7:
ff:29:b1:0a:1b:da:df:e4:a2:26:25:39:2e:23:55:d9:c2:e8:
97:c5:72:c7:81:66:e2:d0:34:d2:0e:88:28:9c:4c:cb:78:ef:
93:76:8f:5a:49:e2:0a:35:be:fd:66:d2:f2:8e:64:08:b4:ce:
71:b8:06:3c:ef:56:25:3a:b3:cf:40:6c:bb:83:d0:c0:80:01:
a6:a2:db:96:6c:1d:8f:62:b0:0e:7e:2f:6a:5a:9e:89:d5:6e:
0a:f4:a6:8c:a1:18:20:0b:fb:5e:3e:b6:b2:92:f3:32:1c:b8:
fe:0f:f5:b6:00:8f:8d:a5:91:53:3e:a3:bc:f9:11:34:e5:dc:
d5:70:ff:15:b9:6c:21:cc:8b:14:25:a1:24:2e:dd:f5:01:ab:
59:59:aa:72:7a:35:77:a7:8c:19:f5:37:78:97:dc:2c:54:c0:
4e:73:16:a5:f9:42:19:70:a4:c9:f9:be:b3:7f:a7:3c:89:ac:
85:20:bd:4a:3b:4a:11:8b:d6:ae:b4:f5:7a:4f:aa:27:c7:eb:
5b:ec:bb:c1:12:54:9c:c3:fe:f7:50:a1:66:5b:87:ae:bd:fe:
da:50:11:eb:d1:a0:59:8f:9e:f5:d2:c0:3d:b7:68:79:98:e9:
98:db:5d:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZN7DMHD6nAgr0FowLZsPJHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzg3YzFhNzIzOTM5OGZlZjQyZmJmNGU2YjhiYTY3ZmI0
MTY0N2EwHhcNMjUwNDE5MTIwMDQ3WhcNMjUwNDIwMTIwMDQ3WjAzMTEwLwYDVQQD
Eyg1MzE1ZTkzMzNmYWUwYzI0NDE4MTJhZGYxYzUwZWVmZTIxNzNkY2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7l/3dO0Qh0aOWg9gcF31g3u648BL
sTKQsh+D1wYTqE/5qUQv+ixL+dPlXYS3vUZqgQVq4B1O/d5dTln5PvyH8nj5NqqG
4qOGfDDBYM93wY3V4m+pqCJ9/Xt2sN688Tcm9HKDfWjrYq+kr21j+SnMsoM/tRA8
u/f6G6qr1POXCIz5YvcXlENZQrNwp7jAbxjU0aMfMn8BMHGgVaNup28j96Ao0PaZ
NPDHKRAPTTMlikHo4XL6AWxKGSz8MEyM7/hg0dALp7aN0ZzYaSA/DyezR1xZ7iVN
wg7TdU4V3heYhUnbsGjICJYYsCEgFImZ7dOdszxfzRTmLhHgLkTIijeUOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFMV6TM/rgwkQYEq3xxQ7v4hc9z8MB8GA1UdIwQY
MBaAFDp4fBpyOTmP70L79Oa4umf7QWR6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMt
MzZkNzkyMWU5M2IzLzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMtMzZkNzkyMWU5M2Iz
LzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYEGqWpm9
4aTALY6EL7jk/8DH/ymxChva3+SiJiU5LiNV2cLol8Vyx4Fm4tA00g6IKJxMy3jv
k3aPWkniCjW+/WbS8o5kCLTOcbgGPO9WJTqzz0Bsu4PQwIABpqLblmwdj2KwDn4v
alqeidVuCvSmjKEYIAv7Xj62spLzMhy4/g/1tgCPjaWRUz6jvPkRNOXc1XD/Fbls
IcyLFCWhJC7d9QGrWVmqcno1d6eMGfU3eJfcLFTATnMWpflCGXCkyfm+s3+nPIms
hSC9SjtKEYvWrrT1ek+qJ8frW+y7wRJUnMP+91ChZluHrr3+2lAR69GgWY+e9dLA
PbdoeZjpmNtdlA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:37:07 2025 by rpki-client