Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.mft
File: obceuN8XHmQvGyuQQZAB8fxEXk0.mft (raw, json)
Hash identifier: oIGd5hTCeuDzLCzDlrpwbI3s3SgcY/YlpR/FhAZWXMA=
Subject key identifier: F5:A9:55:E2:C4:F5:B1:F3:0B:4F:CB:4D:A8:A6:F4:3B:A6:C6:F2:0E
Authority key identifier: A1:B7:1E:B8:DF:17:1E:64:2F:1B:2B:90:41:90:01:F1:FC:44:5E:4D
Certificate issuer: /CN=a1b71eb8df171e642f1b2b90419001f1fc445e4d
Certificate serial: 019659820B6B8961BFD506EC7ACA7F58AFA4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/obceuN8XHmQvGyuQQZAB8fxEXk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.mft
Manifest number: 0DC6
Signing time: Mon 21 Apr 2025 18:00:16 +0000
Manifest this update: Mon 21 Apr 2025 18:00:16 +0000
Manifest next update: Tue 22 Apr 2025 18:00:16 +0000
Files and hashes: 1: cGMojoHA_ji4dpM9uQ1afR_tOH0.roa (hash: i1gFi8NRL0iquVx1S2o3krHyHH6AFrbXa2Ge0Nqnor8=)
2: obceuN8XHmQvGyuQQZAB8fxEXk0.crl (hash: CQeOm3mFTEdwoZ6x/gvfb2S2+FhcXn/S9u0V5yVhWbo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/obceuN8XHmQvGyuQQZAB8fxEXk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 18:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:59:82:0b:6b:89:61:bf:d5:06:ec:7a:ca:7f:58:af:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1b71eb8df171e642f1b2b90419001f1fc445e4d
Validity
Not Before: Apr 21 18:00:16 2025 GMT
Not After : Apr 22 18:00:16 2025 GMT
Subject: CN=f5a955e2c4f5b1f30b4fcb4da8a6f43ba6c6f20e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:89:f8:a4:2d:02:33:08:9b:79:0e:9d:97:f1:
c0:42:18:9e:c1:88:32:62:4b:19:05:af:c4:00:39:
0a:12:73:3b:08:c6:11:50:57:a8:12:9d:ac:09:85:
4c:6a:74:5a:84:4d:08:9d:85:c1:e1:c6:23:dd:b7:
d7:f0:a2:b4:c0:7d:2f:23:d1:a2:0d:39:8e:25:85:
e2:9d:4e:19:a7:c4:64:69:34:2e:2e:69:ad:73:bd:
08:71:a9:99:5b:7b:75:e6:e0:d1:13:33:52:09:7f:
25:9f:1b:46:07:c5:9c:a7:36:02:b9:4b:aa:f5:63:
ca:80:45:bd:6d:24:fe:42:f9:ca:99:d6:34:75:66:
2b:20:39:f8:03:e3:74:3e:b1:73:e8:f0:a9:5a:dd:
57:b5:12:8e:18:08:22:79:4f:fc:01:95:4c:5e:0a:
d9:03:9d:e0:5e:60:5e:ee:7c:59:c3:23:34:a1:6b:
70:dc:15:fb:d1:c1:29:ff:53:c0:63:70:49:7d:8a:
c2:ca:5f:1e:ba:e1:90:94:49:e9:3e:f3:46:d5:cf:
07:6b:c9:8f:79:5b:df:40:80:0c:89:f3:b6:df:51:
9b:18:c7:d6:2f:36:51:5f:23:38:0c:b8:4c:ca:4c:
f9:85:3e:ed:d7:19:14:91:29:3a:d8:84:bd:be:eb:
6b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A9:55:E2:C4:F5:B1:F3:0B:4F:CB:4D:A8:A6:F4:3B:A6:C6:F2:0E
X509v3 Authority Key Identifier:
keyid:A1:B7:1E:B8:DF:17:1E:64:2F:1B:2B:90:41:90:01:F1:FC:44:5E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obceuN8XHmQvGyuQQZAB8fxEXk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
45:15:e2:a5:f0:71:cd:12:37:ad:4c:29:85:51:a6:b8:3d:88:
4f:f5:5a:6e:95:27:c2:2a:39:fc:ee:ba:09:cf:56:ac:7a:6b:
31:ff:b5:ac:65:63:65:a1:e7:84:68:ee:00:f8:83:64:6a:1b:
d1:8b:b8:79:31:6b:64:69:42:bb:0c:48:43:28:91:a3:1e:b0:
dd:5c:fc:28:d9:08:ce:c1:7a:47:9e:8f:42:9d:22:94:71:ce:
91:83:ef:68:a4:32:f6:53:4e:53:89:ab:85:14:eb:82:05:96:
dd:95:c8:ef:fd:b3:c2:d5:25:37:24:fe:6f:84:7d:25:af:d3:
b3:0b:6d:d7:83:ac:a9:7c:8d:ce:3a:b0:87:91:b2:1d:fd:2a:
ae:c4:85:8b:11:48:8d:e5:36:03:1f:65:ca:22:40:79:98:92:
ea:e0:da:e2:d2:56:2a:ec:df:b2:16:73:3f:ba:da:34:2e:f2:
b6:c3:b3:84:18:8b:0f:21:01:38:d1:7a:3b:9d:39:32:43:a6:
5f:0d:ab:32:cc:e0:f4:94:42:b6:2d:1c:ef:cf:01:63:fe:05:
9f:f3:11:a7:b3:5e:54:f4:e9:7e:9d:56:0a:19:90:68:0f:3b:
3f:a3:60:00:b8:db:89:af:f0:ad:ed:f6:94:53:a4:b4:0e:04:
3b:42:80:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZggtriWG/1Qbsesp/WK+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjcxZWI4ZGYxNzFlNjQyZjFiMmI5MDQxOTAwMWYxZmM0
NDVlNGQwHhcNMjUwNDIxMTgwMDE2WhcNMjUwNDIyMTgwMDE2WjAzMTEwLwYDVQQD
EyhmNWE5NTVlMmM0ZjViMWYzMGI0ZmNiNGRhOGE2ZjQzYmE2YzZmMjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Yn4pC0CMwibeQ6dl/HAQhiewYgy
YksZBa/EADkKEnM7CMYRUFeoEp2sCYVManRahE0InYXB4cYj3bfX8KK0wH0vI9Gi
DTmOJYXinU4Zp8RkaTQuLmmtc70IcamZW3t15uDREzNSCX8lnxtGB8WcpzYCuUuq
9WPKgEW9bST+QvnKmdY0dWYrIDn4A+N0PrFz6PCpWt1XtRKOGAgieU/8AZVMXgrZ
A53gXmBe7nxZwyM0oWtw3BX70cEp/1PAY3BJfYrCyl8euuGQlEnpPvNG1c8Ha8mP
eVvfQIAMifO231GbGMfWLzZRXyM4DLhMykz5hT7t1xkUkSk62IS9vutrTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPWpVeLE9bHzC0/LTaim9DumxvIOMB8GA1UdIwQY
MBaAFKG3HrjfFx5kLxsrkEGQAfH8RF5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JjZXVOOFhIbVF2R3l1UVFaQUI4ZnhFWGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mMDg4YmQtNTAyOS00OTAzLTk2MTYt
MDY3MmVhMDQ0MGJiLzEvb2JjZXVOOFhIbVF2R3l1UVFaQUI4ZnhFWGswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mMDg4YmQtNTAyOS00OTAzLTk2MTYtMDY3MmVhMDQ0MGJi
LzEvb2JjZXVOOFhIbVF2R3l1UVFaQUI4ZnhFWGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARRXipfBx
zRI3rUwphVGmuD2IT/VabpUnwio5/O66Cc9WrHprMf+1rGVjZaHnhGjuAPiDZGob
0Yu4eTFrZGlCuwxIQyiRox6w3Vz8KNkIzsF6R56PQp0ilHHOkYPvaKQy9lNOU4mr
hRTrggWW3ZXI7/2zwtUlNyT+b4R9Ja/Tswtt14OsqXyNzjqwh5GyHf0qrsSFixFI
jeU2Ax9lyiJAeZiS6uDa4tJWKuzfshZzP7raNC7ytsOzhBiLDyEBONF6O505MkOm
Xw2rMszg9JRCti0c788BY/4Fn/MRp7NeVPTpfp1WChmQaA87P6NgALjbia/wre32
lFOktA4EO0KAEg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:34:39 2025 by rpki-client