Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
File: OSG38e7pDZnilCGKk4dTweotwmc.mft (raw, json)
Hash identifier: 00q06CUloQLjgDAz7rNMauqz/H8Uj9PiOx7Ck6FW2FM=
Subject key identifier: 55:5F:0C:4F:D7:8A:D9:17:EA:82:E1:CD:0D:45:B6:E2:B4:6B:1E:78
Authority key identifier: 39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
Certificate issuer: /CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Certificate serial: 0195121089A8170A603F0743706A10339299
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
Manifest number: 13E4
Signing time: Mon 17 Feb 2025 04:00:28 +0000
Manifest this update: Mon 17 Feb 2025 04:00:28 +0000
Manifest next update: Tue 18 Feb 2025 04:00:28 +0000
Files and hashes: 1: 4t53igbekCux7oMSXkm2uGkDTRs.roa (hash: JcVC73jSzOeJEsOoBqkgwAslhBdXNKxkO116AmZF308=)
2: OSG38e7pDZnilCGKk4dTweotwmc.crl (hash: zkV5b6K41XqTxchrOUOTCBLwe69LncQoajOMx+lfcd4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:12:10:89:a8:17:0a:60:3f:07:43:70:6a:10:33:92:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Validity
Not Before: Feb 17 04:00:28 2025 GMT
Not After : Feb 18 04:00:28 2025 GMT
Subject: CN=555f0c4fd78ad917ea82e1cd0d45b6e2b46b1e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:72:cf:29:84:70:d9:28:bc:ad:dc:62:ba:11:
58:28:21:33:6c:b1:01:14:21:b3:ec:82:80:de:4f:
e7:36:f9:f5:52:54:e2:0b:a9:97:10:4e:5d:2a:35:
26:d5:a0:0c:8b:19:a9:e0:88:4f:3e:fe:14:69:7a:
26:cb:51:ba:83:7e:b0:b2:c2:e7:c3:56:a8:82:49:
95:c2:fd:3c:2d:97:4f:3b:a4:a7:78:dc:56:e2:52:
08:6d:e0:a8:cd:31:de:a5:2e:7c:bc:59:b2:8d:e9:
2d:9e:02:bb:42:ce:f3:55:6d:da:92:26:c5:b9:61:
d9:22:f2:2c:ce:11:94:3b:cf:66:29:dd:f8:c4:20:
69:a5:15:33:c4:20:da:52:83:d5:b1:6f:e7:c6:94:
b4:47:44:7f:f2:ac:2a:fd:7a:e8:94:39:d0:24:da:
1e:69:96:10:f7:c7:d7:11:1d:7c:19:af:95:ce:96:
04:37:7f:44:62:40:10:8d:5d:a6:ef:ed:73:62:74:
d2:4a:b2:1d:f9:7a:b3:7c:46:9b:55:86:e6:58:65:
44:f2:9d:cc:87:c5:8c:f1:d4:f5:b5:cc:47:7a:a1:
d3:65:55:c3:f8:50:a6:16:83:02:0b:22:86:12:20:
71:0d:8e:94:3d:f8:77:77:2a:1f:4e:b4:23:72:3d:
d0:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:5F:0C:4F:D7:8A:D9:17:EA:82:E1:CD:0D:45:B6:E2:B4:6B:1E:78
X509v3 Authority Key Identifier:
keyid:39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:a1:ac:03:11:7e:14:61:eb:39:a9:f0:eb:aa:c3:88:6a:50:
1b:5e:9d:e6:82:0d:71:f1:4f:2b:3d:27:6f:a0:fc:12:62:4f:
33:4c:b0:53:41:a0:bf:49:27:31:b1:84:6f:bb:3f:24:ac:9f:
05:4c:ae:f0:bd:03:91:e6:c0:ec:97:0d:67:94:b1:01:6f:67:
b2:33:cb:16:55:19:38:fd:f8:1e:40:1f:c8:b9:c5:b9:cf:9f:
5d:ab:9f:1d:a5:9d:32:3f:d7:ec:52:d9:73:7e:8f:74:68:d5:
85:b0:55:2c:62:16:31:f3:03:6f:96:9c:16:c9:68:30:1e:78:
89:0d:e3:37:21:12:a4:c2:db:20:a3:ba:1a:81:fb:59:9f:4a:
88:c8:ad:1a:73:e7:30:c0:a5:58:18:38:66:e9:ce:7b:f5:d8:
a6:bf:6c:60:b0:15:d1:4b:14:34:01:1d:53:03:d5:02:c0:88:
9b:3c:2d:02:f4:1b:70:64:b0:b7:44:c4:ec:e8:55:9c:c2:d6:
33:3b:bf:d2:ce:09:5d:c1:a5:ee:26:1b:51:3b:5a:c0:2d:2e:
8e:53:ae:97:0a:1d:82:6a:24:7d:52:0c:75:6c:84:8b:4a:57:
01:26:4a:2c:5b:e8:cb:cf:1f:ba:ff:6e:d7:e0:bd:d3:5e:73:
ae:c4:4e:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEImoFwpgPwdDcGoQM5KZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MjFiN2YxZWVlOTBkOTllMjk0MjE4YTkzODc1M2MxZWEy
ZGMyNjcwHhcNMjUwMjE3MDQwMDI4WhcNMjUwMjE4MDQwMDI4WjAzMTEwLwYDVQQD
Eyg1NTVmMGM0ZmQ3OGFkOTE3ZWE4MmUxY2QwZDQ1YjZlMmI0NmIxZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHLPKYRw2Si8rdxiuhFYKCEzbLEB
FCGz7IKA3k/nNvn1UlTiC6mXEE5dKjUm1aAMixmp4IhPPv4UaXomy1G6g36wssLn
w1aogkmVwv08LZdPO6SneNxW4lIIbeCozTHepS58vFmyjektngK7Qs7zVW3akibF
uWHZIvIszhGUO89mKd34xCBppRUzxCDaUoPVsW/nxpS0R0R/8qwq/XrolDnQJNoe
aZYQ98fXER18Ga+VzpYEN39EYkAQjV2m7+1zYnTSSrId+XqzfEabVYbmWGVE8p3M
h8WM8dT1tcxHeqHTZVXD+FCmFoMCCyKGEiBxDY6UPfh3dyofTrQjcj3QswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFVfDE/XitkX6oLhzQ1FtuK0ax54MB8GA1UdIwQY
MBaAFDkht/Hu6Q2Z4pQhipOHU8HqLcJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgt
MjQ0MWUxMGY2ZjhmLzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgtMjQ0MWUxMGY2Zjhm
LzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFaGsAxF+
FGHrOanw66rDiGpQG16d5oINcfFPKz0nb6D8EmJPM0ywU0Ggv0knMbGEb7s/JKyf
BUyu8L0DkebA7JcNZ5SxAW9nsjPLFlUZOP34HkAfyLnFuc+fXaufHaWdMj/X7FLZ
c36PdGjVhbBVLGIWMfMDb5acFsloMB54iQ3jNyESpMLbIKO6GoH7WZ9KiMitGnPn
MMClWBg4ZunOe/XYpr9sYLAV0UsUNAEdUwPVAsCImzwtAvQbcGSwt0TE7OhVnMLW
Mzu/0s4JXcGl7iYbUTtawC0ujlOulwodgmokfVIMdWyEi0pXASZKLFvoy88fuv9u
1+C9015zrsROrA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:30 2025 by rpki-client