Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
File: 1OKJaJepchZ45oRpOZOlqISQM2Q.mft (raw, json)
Hash identifier: MsLbA+CktjADIk7ZqzqLn3fLj29TFc+ZUw+EzGrmEbc=
Subject key identifier: F0:28:A8:47:13:1E:32:1B:01:EA:6C:74:DA:5D:93:D1:47:43:B1:5A
Authority key identifier: D4:E2:89:68:97:A9:72:16:78:E6:84:69:39:93:A5:A8:84:90:33:64
Certificate issuer: /CN=d4e2896897a9721678e684693993a5a884903364
Certificate serial: 019639C04996D2D5974A613D97A60E59C578
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
Manifest number: 14F0
Signing time: Tue 15 Apr 2025 14:00:25 +0000
Manifest this update: Tue 15 Apr 2025 14:00:25 +0000
Manifest next update: Wed 16 Apr 2025 14:00:25 +0000
Files and hashes: 1: 1OKJaJepchZ45oRpOZOlqISQM2Q.crl (hash: CIbf3RjDXBKXro529v5Rwp0rnnA7/43Y3V+ugKPi5gk=)
2: WAQz-NVz1tPP197fB-7kdlHEMDo.roa (hash: EfunuE83nVqoEWqBwZZf7jU1FPr/i4YaWTLI4hd6d6w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 14:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:39:c0:49:96:d2:d5:97:4a:61:3d:97:a6:0e:59:c5:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2896897a9721678e684693993a5a884903364
Validity
Not Before: Apr 15 14:00:25 2025 GMT
Not After : Apr 16 14:00:25 2025 GMT
Subject: CN=f028a847131e321b01ea6c74da5d93d14743b15a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c6:e4:5c:ae:07:03:e7:a7:b5:fd:d5:aa:06:
52:c8:db:26:4e:ea:1b:12:b5:36:e3:60:d7:b6:36:
35:fe:5a:40:cd:92:d3:19:4e:88:4b:2d:f7:2e:4f:
5e:06:2e:2f:58:30:d3:4a:d3:8d:32:00:a5:ca:cf:
f3:63:a2:6a:1d:ac:6a:ef:3b:21:02:12:68:12:76:
64:dc:b3:57:2a:56:27:e6:cc:c5:59:20:03:22:81:
3f:8b:4f:5a:e6:b2:7c:5b:ec:1f:20:67:01:53:36:
3d:c4:ce:d5:80:60:97:0b:58:53:b0:79:76:b5:77:
81:be:2f:76:55:bd:4c:74:88:9a:9f:51:28:cc:e0:
50:6c:f5:2b:28:0f:b0:1b:2d:7c:4e:4d:12:2f:61:
4f:3a:98:4f:74:0c:2a:d7:58:ee:af:de:34:c1:34:
e2:b1:ae:8e:ae:71:5a:8a:49:95:8d:0f:eb:86:9c:
06:76:65:9c:6b:a2:2c:87:ed:f2:fa:02:7b:dc:e4:
39:d7:f4:73:14:cf:6d:38:72:57:25:a1:79:93:40:
3c:5c:da:f8:82:c2:4b:8f:fc:92:4e:bc:e4:b3:8d:
44:fd:55:61:86:4a:b7:f2:d4:e7:a0:d9:db:d8:38:
79:e4:16:42:f2:e6:a1:84:ed:bb:70:64:d5:c2:04:
ee:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:28:A8:47:13:1E:32:1B:01:EA:6C:74:DA:5D:93:D1:47:43:B1:5A
X509v3 Authority Key Identifier:
keyid:D4:E2:89:68:97:A9:72:16:78:E6:84:69:39:93:A5:A8:84:90:33:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
92:d0:71:e9:f5:ed:9b:ef:47:09:fa:d7:09:22:eb:0e:36:71:
a2:41:b4:7d:01:fe:2c:7e:1b:e0:44:ae:4a:87:9b:7c:4f:95:
34:a8:7f:96:48:2a:cd:33:4c:e4:af:63:6f:d0:43:a1:28:71:
01:b6:c3:3b:7f:91:10:bf:d1:c2:22:84:6d:3b:bf:3f:0d:e6:
d9:2b:09:04:96:b5:43:ef:73:71:13:59:18:10:49:e6:8c:ee:
cd:9b:cd:26:6a:62:8b:42:81:e6:19:12:ee:74:f9:18:4e:dd:
63:49:19:79:23:53:92:01:6c:11:4e:93:ba:60:36:41:10:13:
2d:00:8e:0e:03:a4:f7:03:c6:1e:20:62:2f:8a:bd:61:d9:2f:
6e:01:8c:cc:14:26:4d:1c:ff:41:b1:aa:eb:ab:5c:fd:bf:19:
1c:cd:2e:2d:e6:1b:02:c8:c0:fa:39:1f:ae:06:7d:f1:78:c2:
f9:d0:a8:96:b8:72:52:6e:6f:43:cc:de:d7:62:ba:b9:c1:92:
22:6f:94:38:59:cc:12:44:b7:87:d6:c4:13:20:06:18:aa:fc:
0a:33:9f:45:37:4b:a1:5a:82:19:eb:46:32:d3:a7:e3:d4:0c:
51:9f:0a:7d:66:b7:e6:48:07:52:1d:c5:b1:76:83:a3:73:b7:
e8:f5:ad:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY5wEmW0tWXSmE9l6YOWcV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI4OTY4OTdhOTcyMTY3OGU2ODQ2OTM5OTNhNWE4ODQ5
MDMzNjQwHhcNMjUwNDE1MTQwMDI1WhcNMjUwNDE2MTQwMDI1WjAzMTEwLwYDVQQD
EyhmMDI4YTg0NzEzMWUzMjFiMDFlYTZjNzRkYTVkOTNkMTQ3NDNiMTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucbkXK4HA+entf3VqgZSyNsmTuob
ErU242DXtjY1/lpAzZLTGU6ISy33Lk9eBi4vWDDTStONMgClys/zY6JqHaxq7zsh
AhJoEnZk3LNXKlYn5szFWSADIoE/i09a5rJ8W+wfIGcBUzY9xM7VgGCXC1hTsHl2
tXeBvi92Vb1MdIian1EozOBQbPUrKA+wGy18Tk0SL2FPOphPdAwq11jur940wTTi
sa6OrnFaikmVjQ/rhpwGdmWca6Ish+3y+gJ73OQ51/RzFM9tOHJXJaF5k0A8XNr4
gsJLj/ySTrzks41E/VVhhkq38tTnoNnb2Dh55BZC8uahhO27cGTVwgTudQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPAoqEcTHjIbAepsdNpdk9FHQ7FaMB8GA1UdIwQY
MBaAFNTiiWiXqXIWeOaEaTmTpaiEkDNkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lMjgxMDMtYTBmYi00MjI3LWJjYjEt
ZTQ5N2Q0MGY0ZTJhLzEvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lMjgxMDMtYTBmYi00MjI3LWJjYjEtZTQ5N2Q0MGY0ZTJh
LzEvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAktBx6fXt
m+9HCfrXCSLrDjZxokG0fQH+LH4b4ESuSoebfE+VNKh/lkgqzTNM5K9jb9BDoShx
AbbDO3+REL/RwiKEbTu/Pw3m2SsJBJa1Q+9zcRNZGBBJ5ozuzZvNJmpii0KB5hkS
7nT5GE7dY0kZeSNTkgFsEU6TumA2QRATLQCODgOk9wPGHiBiL4q9YdkvbgGMzBQm
TRz/QbGq66tc/b8ZHM0uLeYbAsjA+jkfrgZ98XjC+dColrhyUm5vQ8ze12K6ucGS
Im+UOFnMEkS3h9bEEyAGGKr8CjOfRTdLoVqCGetGMtOn49QMUZ8KfWa35kgHUh3F
sXaDo3O36PWt3Q==
-----END CERTIFICATE-----
Generated at Tue Apr 15 22:05:20 2025 by rpki-client