Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
File: oNMhbMzIY-ygw90YmUGxueo3ys0.mft (raw, json)
Hash identifier: ercx1feH5SvD7nUkgKfr3GYNK2s770kU+gMWB4BsgXQ=
Subject key identifier: B1:E4:D4:13:BF:66:18:AA:6C:70:46:7E:39:7D:1D:00:A9:C3:0D:42
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial: 01965537953AFD44AE84E345B24CE47187CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
Manifest number: 0D48
Signing time: Sun 20 Apr 2025 22:00:28 +0000
Manifest this update: Sun 20 Apr 2025 22:00:28 +0000
Manifest next update: Mon 21 Apr 2025 22:00:28 +0000
Files and hashes: 1: YAQOG7HS14oLGl_AE__5KljKQek.roa (hash: vYFfnqVBOtNvOIxvJDmuRRaUo+YW3T+OADCuratSdoU=)
2: i2HYpKIvdGotH7mKcmQ5RAG3huY.roa (hash: 4Nz6YUMbPlVe3PbppTQU2sGDWl5KATygr4DtzeG8qCU=)
3: oNMhbMzIY-ygw90YmUGxueo3ys0.crl (hash: Q7OBUL+c1nDgFav7MMDV5k0XUrvb1BUJQr/hFx5AYYM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:37:95:3a:fd:44:ae:84:e3:45:b2:4c:e4:71:87:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Validity
Not Before: Apr 20 22:00:28 2025 GMT
Not After : Apr 21 22:00:28 2025 GMT
Subject: CN=b1e4d413bf6618aa6c70467e397d1d00a9c30d42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:86:9f:2e:37:80:c0:ec:66:45:88:6d:ee:75:
87:7b:55:b2:2c:1d:28:fa:43:30:75:f1:ed:d3:c9:
a7:41:47:63:d7:61:75:96:2c:f4:f5:e4:0a:f0:f7:
b1:85:7d:6a:e4:29:2b:fc:d3:62:aa:dc:d8:80:14:
ec:11:65:5c:d6:72:b4:53:24:ba:70:19:ce:ce:ea:
20:8c:d8:e5:cd:18:e9:49:9b:3d:f6:b6:59:df:29:
23:70:0b:fb:dc:2b:08:82:bc:83:85:39:41:53:39:
66:c1:74:44:55:91:f8:cd:ff:ee:1d:81:58:62:d1:
2c:69:56:ac:c9:59:d1:92:4a:07:45:26:27:e7:b0:
6b:79:40:66:7c:15:80:be:4e:cd:60:21:fb:f8:8a:
18:d5:fc:57:b4:d5:77:84:bf:79:24:ca:64:7e:00:
a1:89:c7:43:f3:91:8f:92:88:bc:5c:2e:1d:a1:be:
b6:01:80:df:c6:a7:d4:63:4b:ed:d5:48:34:5f:7c:
e1:f0:ea:f9:31:b6:28:8f:7f:54:8e:09:e5:1e:78:
bc:77:fb:87:af:d8:6a:41:3c:97:e5:a6:22:f2:31:
b6:49:dc:94:0e:84:b7:68:ee:c3:16:87:c0:f8:6f:
4f:4a:b3:3d:8e:d0:fb:35:ee:28:a7:3d:d2:41:8c:
ad:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:E4:D4:13:BF:66:18:AA:6C:70:46:7E:39:7D:1D:00:A9:C3:0D:42
X509v3 Authority Key Identifier:
keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
00:12:52:09:20:6e:94:02:52:31:b1:fd:c7:ec:12:78:ba:b3:
fa:b7:92:43:36:8e:3e:f9:ae:df:18:3a:56:5e:22:e5:ea:6d:
6d:c1:46:fe:96:ca:fb:21:c8:d7:d8:98:d9:63:af:79:43:04:
c9:6c:4c:79:06:05:2f:7e:30:6b:0a:82:14:ad:75:9a:d5:6e:
90:f3:ef:9d:d0:4c:8b:6f:39:4c:29:29:22:ad:34:28:9b:dc:
10:e1:74:03:a5:e3:8d:eb:c8:07:a1:61:ca:11:4c:a4:27:b6:
b1:07:9a:53:97:36:fe:c1:91:cf:4f:c0:76:e9:8a:65:ad:e2:
f2:07:17:a7:8a:79:79:e0:7b:19:59:7c:07:46:14:0e:63:76:
85:77:3d:a3:32:91:ce:bb:be:8b:78:05:c5:dd:e1:60:63:26:
20:d5:27:ea:65:cc:bf:17:a0:91:22:62:57:d6:5d:8f:da:72:
80:4e:04:14:cc:6f:10:78:12:54:83:d0:db:ac:76:51:1c:55:
a0:cf:38:80:ba:76:81:3c:b6:6f:a8:4a:83:cb:7e:d2:96:a0:
90:3e:c4:6f:13:1f:5f:a8:f7:6f:99:be:08:45:a9:56:10:71:
8c:08:24:c5:8c:23:10:10:44:0a:b5:70:06:29:af:6c:13:51:
43:a3:a3:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN5U6/USuhONFskzkcYfKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjUwNDIwMjIwMDI4WhcNMjUwNDIxMjIwMDI4WjAzMTEwLwYDVQQD
EyhiMWU0ZDQxM2JmNjYxOGFhNmM3MDQ2N2UzOTdkMWQwMGE5YzMwZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4afLjeAwOxmRYht7nWHe1WyLB0o
+kMwdfHt08mnQUdj12F1liz09eQK8PexhX1q5Ckr/NNiqtzYgBTsEWVc1nK0UyS6
cBnOzuogjNjlzRjpSZs99rZZ3ykjcAv73CsIgryDhTlBUzlmwXREVZH4zf/uHYFY
YtEsaVasyVnRkkoHRSYn57BreUBmfBWAvk7NYCH7+IoY1fxXtNV3hL95JMpkfgCh
icdD85GPkoi8XC4dob62AYDfxqfUY0vt1Ug0X3zh8Or5MbYoj39UjgnlHni8d/uH
r9hqQTyX5aYi8jG2SdyUDoS3aO7DFofA+G9PSrM9jtD7Ne4opz3SQYythQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLHk1BO/ZhiqbHBGfjl9HQCpww1CMB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAABJSCSBu
lAJSMbH9x+wSeLqz+reSQzaOPvmu3xg6Vl4i5eptbcFG/pbK+yHI19iY2WOveUME
yWxMeQYFL34wawqCFK11mtVukPPvndBMi285TCkpIq00KJvcEOF0A6XjjevIB6Fh
yhFMpCe2sQeaU5c2/sGRz0/AdumKZa3i8gcXp4p5eeB7GVl8B0YUDmN2hXc9ozKR
zru+i3gFxd3hYGMmINUn6mXMvxegkSJiV9Zdj9pygE4EFMxvEHgSVIPQ26x2URxV
oM84gLp2gTy2b6hKg8t+0pagkD7EbxMfX6j3b5m+CEWpVhBxjAgkxYwjEBBECrVw
BimvbBNRQ6Ojhg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:30:33 2025 by rpki-client