Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
File: OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft (raw, json)
Hash identifier: ZA77TjcrugeZOZwNxrey7VzNUod0UfExgMytp9ML6v8=
Subject key identifier: FA:CE:C4:48:6D:1C:A9:E0:27:C6:5E:88:D1:C7:EF:B5:BD:70:08:76
Authority key identifier: 39:F8:73:CD:39:39:20:3C:77:8A:8E:AA:F1:68:3E:94:64:AC:34:00
Certificate issuer: /CN=39f873cd3939203c778a8eaaf1683e9464ac3400
Certificate serial: 0196A3F7A47859BAD146334BF7EE88B4B390
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
Manifest number: A2
Signing time: Tue 06 May 2025 05:00:37 +0000
Manifest this update: Tue 06 May 2025 05:00:37 +0000
Manifest next update: Wed 07 May 2025 05:00:37 +0000
Files and hashes: 1: 4TBEbTwznRUyfO-99-DGzicdpVY.roa (hash: NUzc37NEChJ2ehR4MuI3RA+Wwr1maBIZ+yC3jO0gtfU=)
2: OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl (hash: PvGdUugWU6imuceSfgpyhuJ3RHzR61YVPcPiyROWgsk=)
3: dsqp4bxyFCCs7RL2PZGSdi7KthE.roa (hash: LpothYWyfl3DUg9u8R+0xehBO2vE3vsq9xV0G0H4C0U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 05:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a3:f7:a4:78:59:ba:d1:46:33:4b:f7:ee:88:b4:b3:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f873cd3939203c778a8eaaf1683e9464ac3400
Validity
Not Before: May 6 05:00:37 2025 GMT
Not After : May 7 05:00:37 2025 GMT
Subject: CN=facec4486d1ca9e027c65e88d1c7efb5bd700876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:aa:83:be:e5:8c:8c:d1:bc:60:f5:90:94:a0:
09:0b:42:52:3d:fa:a1:33:39:35:c6:72:ca:1e:5e:
37:03:22:a7:f8:24:5b:3a:fd:63:42:ec:7e:dc:3b:
93:f4:eb:2e:f6:0e:ad:9e:5a:41:4c:a7:96:a0:36:
96:35:65:a5:e7:88:3e:98:6e:7d:fb:5a:91:ec:d4:
e5:32:b1:96:8f:c5:ea:04:f0:d6:62:2c:97:b7:72:
4a:99:39:77:f9:db:1c:67:0b:1f:a8:87:df:0c:96:
21:e3:ab:98:f3:1f:5a:b2:9d:13:37:cb:37:35:f0:
8f:91:42:f1:17:21:72:01:36:7e:99:17:e5:9f:bb:
c7:dd:14:f4:33:d3:20:1a:fc:cc:ea:6b:d5:88:1e:
b5:53:24:5b:0e:dc:81:48:c2:63:1c:0c:64:e6:4b:
59:be:89:e1:21:1c:42:09:72:07:71:79:1e:4a:b0:
56:29:7b:d0:f3:bc:5e:b8:d1:d1:83:b2:66:0c:d0:
25:10:4f:84:bb:8e:3d:d1:86:e9:50:a8:11:cc:15:
a7:07:0b:fa:53:65:77:97:fa:7c:9f:97:7d:d7:2b:
4a:ca:5f:1e:93:54:fc:86:da:6a:46:26:70:84:b7:
54:df:fe:d7:d4:b6:e3:51:9b:92:d1:1f:47:97:78:
df:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:CE:C4:48:6D:1C:A9:E0:27:C6:5E:88:D1:C7:EF:B5:BD:70:08:76
X509v3 Authority Key Identifier:
keyid:39:F8:73:CD:39:39:20:3C:77:8A:8E:AA:F1:68:3E:94:64:AC:34:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:dc:f8:62:60:78:b3:de:85:8d:73:0e:c9:23:1e:5b:e3:2e:
b4:68:ad:b1:39:64:5b:55:07:06:05:0b:37:ed:aa:8a:fa:9e:
9d:eb:36:24:15:e9:6c:0a:50:bb:92:d3:08:41:79:11:42:09:
62:93:be:68:a9:ed:a9:03:37:9a:50:0c:3b:35:4c:2e:8b:da:
b9:a3:a7:4f:aa:98:58:13:2a:dc:dc:18:80:01:e8:67:47:62:
eb:98:da:0d:49:ec:03:19:12:c2:cd:b3:2f:21:ce:2d:a4:3e:
95:c4:1f:69:bf:0b:08:ef:8c:65:65:24:d2:b2:b5:50:77:cc:
0e:46:9c:36:95:18:9e:27:13:86:c6:3a:e6:cc:b3:7c:e6:32:
9f:83:e9:11:65:23:e5:be:35:24:b5:61:2f:92:5c:de:36:28:
f7:19:fe:f8:d7:2a:5e:7a:1d:43:a7:b0:2e:dd:b2:62:22:03:
8d:e3:5a:7b:1a:f1:75:e4:95:9f:ed:4f:a7:b9:8d:e6:8f:3f:
48:a6:dd:3a:16:80:2f:2e:47:94:03:66:59:77:93:22:d4:15:
bf:03:35:03:32:cd:88:d5:0c:29:05:09:32:63:a5:1d:1c:6c:
eb:a8:75:89:b9:20:81:9a:fb:19:08:87:c0:ff:e4:31:11:6c:
91:02:2e:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaj96R4WbrRRjNL9+6ItLOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Zjg3M2NkMzkzOTIwM2M3NzhhOGVhYWYxNjgzZTk0NjRh
YzM0MDAwHhcNMjUwNTA2MDUwMDM3WhcNMjUwNTA3MDUwMDM3WjAzMTEwLwYDVQQD
EyhmYWNlYzQ0ODZkMWNhOWUwMjdjNjVlODhkMWM3ZWZiNWJkNzAwODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6qDvuWMjNG8YPWQlKAJC0JSPfqh
Mzk1xnLKHl43AyKn+CRbOv1jQux+3DuT9Osu9g6tnlpBTKeWoDaWNWWl54g+mG59
+1qR7NTlMrGWj8XqBPDWYiyXt3JKmTl3+dscZwsfqIffDJYh46uY8x9asp0TN8s3
NfCPkULxFyFyATZ+mRfln7vH3RT0M9MgGvzM6mvViB61UyRbDtyBSMJjHAxk5ktZ
vonhIRxCCXIHcXkeSrBWKXvQ87xeuNHRg7JmDNAlEE+Eu4490YbpUKgRzBWnBwv6
U2V3l/p8n5d91ytKyl8ek1T8htpqRiZwhLdU3/7X1LbjUZuS0R9Hl3jfdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPrOxEhtHKngJ8ZeiNHH77W9cAh2MB8GA1UdIwQY
MBaAFDn4c805OSA8d4qOqvFoPpRkrDQAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85MGU5MjMtMmYyZC00MDg2LTgxOWMt
NGU2NTViNWI2NDI3LzEvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85MGU5MjMtMmYyZC00MDg2LTgxOWMtNGU2NTViNWI2NDI3
LzEvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAltz4YmB4
s96FjXMOySMeW+MutGitsTlkW1UHBgULN+2qivqenes2JBXpbApQu5LTCEF5EUIJ
YpO+aKntqQM3mlAMOzVMLovauaOnT6qYWBMq3NwYgAHoZ0di65jaDUnsAxkSws2z
LyHOLaQ+lcQfab8LCO+MZWUk0rK1UHfMDkacNpUYnicThsY65syzfOYyn4PpEWUj
5b41JLVhL5Jc3jYo9xn++NcqXnodQ6ewLt2yYiIDjeNaexrxdeSVn+1Pp7mN5o8/
SKbdOhaALy5HlANmWXeTItQVvwM1AzLNiNUMKQUJMmOlHRxs66h1ibkggZr7GQiH
wP/kMRFskQIu3g==
-----END CERTIFICATE-----
Generated at Tue May 6 15:41:00 2025 by rpki-client