Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.mft
File: OZETdfzEhZYSGQ6-zHrjcaAaam0.mft (raw, json)
Hash identifier: IITu9iYpyQNwkL1Z7ItFNo0riUP/KeQtt2HbyI7vyrE=
Subject key identifier: AF:8E:D3:A9:44:7A:39:D8:03:7F:A3:6E:4C:A8:13:FA:D5:14:20:07
Authority key identifier: 39:91:13:75:FC:C4:85:96:12:19:0E:BE:CC:7A:E3:71:A0:1A:6A:6D
Certificate issuer: /CN=39911375fcc4859612190ebecc7ae371a01a6a6d
Certificate serial: 019657CBA9AFEC8DDB87A071F992B5CBAA2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.mft
Manifest number: 0E28
Signing time: Mon 21 Apr 2025 10:01:27 +0000
Manifest this update: Mon 21 Apr 2025 10:01:27 +0000
Manifest next update: Tue 22 Apr 2025 10:01:27 +0000
Files and hashes: 1: OZETdfzEhZYSGQ6-zHrjcaAaam0.crl (hash: tqGOW0MoEdv7sRISLOkl8FgH+bF2mc/YdE8GBtdcWbs=)
2: mV-huyQ7uf2YxiJ1JUpDypBxzhA.roa (hash: XQgQ9aC7Ey76psDYNwOwzM5lgNTkkh3rEJlv1Rte2h0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:57:cb:a9:af:ec:8d:db:87:a0:71:f9:92:b5:cb:aa:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39911375fcc4859612190ebecc7ae371a01a6a6d
Validity
Not Before: Apr 21 10:01:27 2025 GMT
Not After : Apr 22 10:01:27 2025 GMT
Subject: CN=af8ed3a9447a39d8037fa36e4ca813fad5142007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:03:d1:50:0c:7f:a5:c5:a8:9f:ac:7c:0f:b2:
14:65:da:7f:80:9e:75:5f:30:a9:d8:41:f2:08:59:
5f:57:bf:3d:5b:a4:f4:66:90:7e:0f:e9:0d:7f:e7:
7d:45:f5:56:86:36:ce:6b:6f:23:93:ed:ec:47:f1:
32:ba:c0:12:91:dc:97:4f:e5:79:52:2f:ab:ed:8d:
b3:db:b7:fb:5e:28:73:2c:28:7e:40:30:67:1b:06:
1a:10:d2:cd:c2:8a:db:90:a0:ed:17:20:32:2d:c7:
99:cd:f8:68:71:36:af:b5:5d:c5:38:29:96:96:2f:
79:7f:91:2d:90:1b:d9:2a:ec:28:84:3b:ff:0d:3a:
10:c5:a9:69:30:6a:4a:87:0c:28:d9:63:c4:a5:ad:
b5:7c:c7:6f:62:1c:a1:f1:32:ce:ca:11:85:81:bc:
aa:4c:2c:d2:b4:63:9e:0e:e4:e2:4b:a3:9f:bc:bd:
29:2d:7a:70:71:a7:67:e9:7d:a9:c1:de:43:48:9c:
50:c6:36:b0:ef:15:90:1c:4c:1e:2e:33:11:42:8b:
a7:b7:ad:72:83:28:d2:0b:b6:5c:b9:e0:22:59:1a:
7c:5a:c0:ca:dc:4a:a0:3e:99:e1:16:9c:1c:31:df:
f5:8e:bf:99:e5:4c:51:6c:eb:f0:3b:7f:02:e6:d6:
75:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:8E:D3:A9:44:7A:39:D8:03:7F:A3:6E:4C:A8:13:FA:D5:14:20:07
X509v3 Authority Key Identifier:
keyid:39:91:13:75:FC:C4:85:96:12:19:0E:BE:CC:7A:E3:71:A0:1A:6A:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b8:54:98:04:9b:8e:7b:06:23:c0:25:15:ed:e4:9f:c7:f3:b0:
f5:4f:c7:df:f1:3d:cb:80:5d:f7:d8:18:f3:dc:fe:82:4d:03:
e1:d6:0e:45:10:41:57:ca:22:6e:b8:a1:b0:8f:87:e9:db:87:
c8:d3:69:b1:63:5c:7d:66:fb:dc:dd:22:09:e7:9b:2c:13:a1:
84:dd:3e:81:8c:d8:20:c6:5a:a6:47:93:c3:e3:9c:4f:01:c4:
5c:6e:bd:9e:f7:e8:d6:24:f7:a9:4c:b0:f3:76:f3:c7:87:74:
9b:64:6e:b0:a1:26:f7:07:b1:3e:71:e2:bf:be:a5:da:f2:1c:
05:50:b9:66:20:aa:a0:71:8f:95:ba:7e:00:d6:9b:4c:3f:c0:
53:93:cf:0c:4d:16:72:a6:54:44:26:d0:12:7c:f3:90:c8:72:
25:be:1d:3a:1e:63:c1:aa:cd:c2:ca:7e:89:6a:c6:71:55:e7:
0e:03:fc:51:f1:a6:21:26:c4:9d:19:27:0d:dc:79:2a:6d:30:
e7:46:24:c9:5a:d7:03:07:52:e0:4a:d2:fc:ee:79:9e:ab:e7:
8e:2c:ff:25:fe:dc:33:f3:26:f3:be:5c:ad:80:d5:63:c0:ec:
aa:22:17:83:6e:4f:dc:79:5e:45:c9:b0:0f:ec:b9:51:3f:e9:
40:cc:7c:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXy6mv7I3bh6Bx+ZK1y6osMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OTExMzc1ZmNjNDg1OTYxMjE5MGViZWNjN2FlMzcxYTAx
YTZhNmQwHhcNMjUwNDIxMTAwMTI3WhcNMjUwNDIyMTAwMTI3WjAzMTEwLwYDVQQD
EyhhZjhlZDNhOTQ0N2EzOWQ4MDM3ZmEzNmU0Y2E4MTNmYWQ1MTQyMDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gPRUAx/pcWon6x8D7IUZdp/gJ51
XzCp2EHyCFlfV789W6T0ZpB+D+kNf+d9RfVWhjbOa28jk+3sR/EyusASkdyXT+V5
Ui+r7Y2z27f7XihzLCh+QDBnGwYaENLNworbkKDtFyAyLceZzfhocTavtV3FOCmW
li95f5EtkBvZKuwohDv/DToQxalpMGpKhwwo2WPEpa21fMdvYhyh8TLOyhGFgbyq
TCzStGOeDuTiS6OfvL0pLXpwcadn6X2pwd5DSJxQxjaw7xWQHEweLjMRQount61y
gyjSC7ZcueAiWRp8WsDK3EqgPpnhFpwcMd/1jr+Z5UxRbOvwO38C5tZ1cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+O06lEejnYA3+jbkyoE/rVFCAHMB8GA1UdIwQY
MBaAFDmRE3X8xIWWEhkOvsx643GgGmptMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1pFVGRmekVoWllTR1E2LXpIcmpjYUFhYW0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82MWMwYzUtNTI1Ny00NTNjLThlNzQt
OTMzZDkyZDAwMDBjLzEvT1pFVGRmekVoWllTR1E2LXpIcmpjYUFhYW0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82MWMwYzUtNTI1Ny00NTNjLThlNzQtOTMzZDkyZDAwMDBj
LzEvT1pFVGRmekVoWllTR1E2LXpIcmpjYUFhYW0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuFSYBJuO
ewYjwCUV7eSfx/Ow9U/H3/E9y4Bd99gY89z+gk0D4dYORRBBV8oibrihsI+H6duH
yNNpsWNcfWb73N0iCeebLBOhhN0+gYzYIMZapkeTw+OcTwHEXG69nvfo1iT3qUyw
83bzx4d0m2RusKEm9wexPnHiv76l2vIcBVC5ZiCqoHGPlbp+ANabTD/AU5PPDE0W
cqZURCbQEnzzkMhyJb4dOh5jwarNwsp+iWrGcVXnDgP8UfGmISbEnRknDdx5Km0w
50YkyVrXAwdS4ErS/O55nqvnjiz/Jf7cM/Mm875crYDVY8DsqiIXg25P3HleRcmw
D+y5UT/pQMx8nQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:55:31 2025 by rpki-client