Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json)
Hash identifier: ziLjdiBpqQ8H8o8ziUWxvheu1dCeev3yqO3kDjx7YgY=
Subject key identifier: 8B:E0:14:61:8B:A4:2E:17:D5:67:39:E5:4C:32:98:AE:AF:A2:0F:0A
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 0196BAB686DA734E55CF7D513DE5DB026D01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
Manifest number: 0A79
Signing time: Sat 10 May 2025 15:00:46 +0000
Manifest this update: Sat 10 May 2025 15:00:46 +0000
Manifest next update: Sun 11 May 2025 15:00:46 +0000
Files and hashes: 1: QxhZicwGUVQxP9IW9_Bs3YT2TWA.roa (hash: BTcN4T7DZ6v6RQWA7fyITvrdQwjA1FWvrUllA9/iU9g=)
2: _CJ0ryZ88cYP589Qq2Z03nLVv7o.roa (hash: d5daN2lzwzk4YGoTznQDsoSXMlAa1gaQph+9wl7kXiM=)
3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: oLnTJUbhJNYdDs7zzGs3Mi7pCb3OlbIAgmpWcWoXRU0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ba:b6:86:da:73:4e:55:cf:7d:51:3d:e5:db:02:6d:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: May 10 15:00:46 2025 GMT
Not After : May 11 15:00:46 2025 GMT
Subject: CN=8be014618ba42e17d56739e54c3298aeafa20f0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:66:5d:d3:c9:08:4f:46:6d:dd:42:29:81:82:
e2:23:11:c4:f4:ba:ab:ac:0b:be:9f:5b:d8:17:9e:
20:48:e1:99:0a:96:93:a3:5e:2c:19:31:9b:9f:54:
0b:7d:ee:4d:e1:e1:6e:65:01:72:f8:93:08:70:62:
5f:e5:57:4d:c9:9f:f6:c8:e7:b5:a5:cc:0c:2a:d2:
92:eb:6c:2a:1d:0b:2e:d5:dd:b8:60:29:3f:b7:6a:
b2:91:a3:b1:f8:ad:56:36:1b:ec:77:70:c1:f9:17:
bc:2e:3a:6e:e6:b6:80:bb:ab:a4:4b:8e:9c:c1:f1:
6d:39:65:f4:9b:76:d1:1d:2d:9e:45:a8:f0:b2:64:
f2:ce:99:51:9a:68:61:b2:ff:8e:00:82:73:a9:c5:
88:50:39:51:e2:00:d5:08:c0:a8:35:00:6a:c3:fd:
3a:c2:c2:7d:35:8d:41:01:70:98:a1:7f:9d:b2:1c:
53:27:bf:47:04:9b:57:ea:91:7e:42:36:9e:40:68:
59:6c:e6:d4:98:0a:31:84:ff:30:3d:a5:62:99:ab:
9b:88:a8:95:20:6d:a3:4e:8a:0c:7f:3d:4e:d8:cf:
13:d7:c2:f9:87:77:44:38:9e:75:72:d4:85:f6:29:
c7:3e:80:ee:30:a9:e8:23:23:f6:cc:f7:bc:22:65:
71:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:E0:14:61:8B:A4:2E:17:D5:67:39:E5:4C:32:98:AE:AF:A2:0F:0A
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:cf:4d:48:32:04:1b:f3:7f:ce:d5:b7:0b:14:11:77:87:57:
22:e9:04:1a:c5:c6:84:f1:83:11:52:7d:9c:ac:66:d3:23:6b:
90:3a:7b:60:a8:3f:f7:a9:9c:ba:0c:c0:d3:51:8e:01:a4:f6:
51:1b:3a:e9:05:a7:c0:95:b7:1d:a0:4f:e6:56:12:ae:0c:46:
a1:b8:4b:9c:5e:2b:73:eb:38:b4:f5:34:50:38:5d:d9:0a:76:
e8:90:fd:ea:5c:de:c3:d2:93:2f:93:d6:f3:ed:4e:38:5c:13:
ce:d3:bf:bd:5e:39:23:80:19:79:fa:16:f1:b0:1a:5e:c9:67:
9c:82:13:3f:86:f4:48:35:73:1a:8d:70:6d:bc:cc:92:33:fb:
e5:49:47:0a:c9:b1:61:c7:e7:88:a5:23:bb:81:e6:48:7b:42:
45:66:9b:89:ab:93:f8:7d:b1:3d:17:d5:79:9b:d9:c4:45:74:
04:ab:ed:62:15:ad:bd:8f:9e:d7:61:4e:13:4e:bc:a6:33:9f:
33:5d:75:51:d7:35:a4:3f:85:2f:a8:08:aa:f3:0d:4f:d1:ab:
2e:f4:e2:83:56:d7:cb:17:d4:05:d7:c6:82:90:41:fc:3f:82:
d0:8d:15:5f:4f:81:68:69:bb:a5:d2:ba:5d:2e:92:87:cc:61:
1a:02:f0:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa6tobac05Vz31RPeXbAm0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjUwNTEwMTUwMDQ2WhcNMjUwNTExMTUwMDQ2WjAzMTEwLwYDVQQD
Eyg4YmUwMTQ2MThiYTQyZTE3ZDU2NzM5ZTU0YzMyOThhZWFmYTIwZjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GZd08kIT0Zt3UIpgYLiIxHE9Lqr
rAu+n1vYF54gSOGZCpaTo14sGTGbn1QLfe5N4eFuZQFy+JMIcGJf5VdNyZ/2yOe1
pcwMKtKS62wqHQsu1d24YCk/t2qykaOx+K1WNhvsd3DB+Re8Ljpu5raAu6ukS46c
wfFtOWX0m3bRHS2eRajwsmTyzplRmmhhsv+OAIJzqcWIUDlR4gDVCMCoNQBqw/06
wsJ9NY1BAXCYoX+dshxTJ79HBJtX6pF+QjaeQGhZbObUmAoxhP8wPaVimaubiKiV
IG2jTooMfz1O2M8T18L5h3dEOJ51ctSF9inHPoDuMKnoIyP2zPe8ImVxkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIvgFGGLpC4X1Wc55UwymK6vog8KMB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg89NSDIE
G/N/ztW3CxQRd4dXIukEGsXGhPGDEVJ9nKxm0yNrkDp7YKg/96mcugzA01GOAaT2
URs66QWnwJW3HaBP5lYSrgxGobhLnF4rc+s4tPU0UDhd2Qp26JD96lzew9KTL5PW
8+1OOFwTztO/vV45I4AZefoW8bAaXslnnIITP4b0SDVzGo1wbbzMkjP75UlHCsmx
YcfniKUju4HmSHtCRWabiauT+H2xPRfVeZvZxEV0BKvtYhWtvY+e12FOE068pjOf
M111Udc1pD+FL6gIqvMNT9GrLvTig1bXyxfUBdfGgpBB/D+C0I0VX0+BaGm7pdK6
XS6Sh8xhGgLwDw==
-----END CERTIFICATE-----
Generated at Sat May 10 23:29:04 2025 by rpki-client