Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
File: ONBDirVthCFxMbwG_jNeTHhD63k.mft (raw, json)
Hash identifier: fhTfBQ62cSQUxe2uarKB86Mn4eeoko/WNMdbrSBAh6Q=
Subject key identifier: 4E:6B:1D:B4:32:64:BC:CD:94:6E:DA:40:36:50:45:BE:2F:C8:8C:DE
Authority key identifier: 38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
Certificate issuer: /CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Certificate serial: 0196A465AFEE52B4A52B53C42EFA0BC08BDF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
Manifest number: 022C
Signing time: Tue 06 May 2025 07:00:49 +0000
Manifest this update: Tue 06 May 2025 07:00:49 +0000
Manifest next update: Wed 07 May 2025 07:00:49 +0000
Files and hashes: 1: BFrr-Y0U-5iptN2idzPFsrYv6zw.roa (hash: SItZsNwfN8g7OyWNk2li9IKpDbpjiOGNcOTycVK0WwU=)
2: ONBDirVthCFxMbwG_jNeTHhD63k.crl (hash: 9gOgiJBDbnOmMKAyQWOMRTetoc/R9ovyVKNAs1qJa+M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:65:af:ee:52:b4:a5:2b:53:c4:2e:fa:0b:c0:8b:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38d0438ab56d84217131bc06fe335e4c7843eb79
Validity
Not Before: May 6 07:00:49 2025 GMT
Not After : May 7 07:00:49 2025 GMT
Subject: CN=4e6b1db43264bccd946eda40365045be2fc88cde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:40:8e:c2:f9:c1:27:86:4c:c3:b7:73:e0:2b:
83:46:a8:6a:7c:e6:ef:74:11:84:59:31:2f:17:69:
cd:54:7f:20:0e:ca:1e:a1:21:4f:36:c2:8d:9b:bc:
3d:a8:8f:59:52:fa:54:b4:b8:29:e5:d7:61:36:7e:
b2:30:9f:0e:11:16:e0:6b:81:e8:cd:c6:24:8d:cc:
dd:ee:32:74:06:80:07:40:7f:db:bb:8e:9e:16:e5:
d7:11:a0:63:0e:01:ba:87:ab:3a:11:71:8b:14:72:
03:70:d8:c2:d2:9c:ce:b3:65:38:41:c6:8b:0b:09:
73:c3:d8:52:eb:cc:fb:2c:9b:4f:19:f7:fc:fc:24:
b3:b8:88:ce:1f:19:72:3e:04:d3:af:9c:10:65:c6:
13:24:36:a2:7b:7d:b1:9f:96:77:0a:a0:b9:a5:00:
41:41:4a:24:97:8c:27:c9:22:18:ef:09:b3:8e:4a:
fd:5d:7c:28:9d:ea:31:f5:7f:65:b8:9f:0e:fe:20:
77:79:08:13:37:34:00:d6:50:b3:96:c0:de:85:3c:
41:26:f3:05:cc:46:88:cc:35:c8:be:9f:d1:9d:3b:
cd:17:2b:ca:f4:ff:b2:ba:f0:bb:b1:0f:13:c9:39:
cd:18:0b:b0:d2:c2:9d:25:a1:19:eb:71:71:9d:7c:
54:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:6B:1D:B4:32:64:BC:CD:94:6E:DA:40:36:50:45:BE:2F:C8:8C:DE
X509v3 Authority Key Identifier:
keyid:38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
05:10:d6:33:f9:4c:b7:77:1d:4d:8d:f9:bb:1a:24:56:12:86:
d2:b3:9b:49:78:8f:04:1a:33:a4:fa:7e:f3:f7:4b:1a:21:44:
45:2a:25:82:9e:17:f8:58:38:b4:b2:94:8e:be:c3:4e:94:0c:
c4:c0:3b:3c:b9:e3:67:55:b6:1a:e1:98:53:61:49:2c:a9:e8:
8b:f6:78:73:44:e7:5c:b8:95:5f:fe:88:fe:9c:3e:84:82:70:
32:71:d2:02:19:d2:ab:25:70:68:42:97:29:03:94:59:41:6d:
6a:00:0b:22:8a:95:af:5b:15:96:e9:74:ed:d1:e5:02:93:68:
3b:f0:75:3a:5f:d0:c5:2c:5a:41:52:eb:4b:76:a0:83:66:01:
7d:b5:99:9e:d8:4f:11:6d:5f:10:a4:ba:85:86:26:95:95:e4:
f4:1d:8b:88:11:e4:fb:9a:69:42:2f:65:6e:d5:40:43:28:1d:
6f:ba:0d:76:b6:1c:f9:1a:cf:64:23:16:27:9e:de:e7:1c:a0:
c3:ed:b8:01:73:ce:9f:ad:90:77:7f:38:46:42:f4:c9:25:30:
fa:a1:d7:a4:79:c9:c1:2a:c2:4e:58:b6:c7:36:ec:cf:a5:0c:
6e:76:42:2a:66:2b:71:29:6b:35:60:40:e3:d8:52:ca:cd:80:
94:47:78:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZakZa/uUrSlK1PELvoLwIvfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDA0MzhhYjU2ZDg0MjE3MTMxYmMwNmZlMzM1ZTRjNzg0
M2ViNzkwHhcNMjUwNTA2MDcwMDQ5WhcNMjUwNTA3MDcwMDQ5WjAzMTEwLwYDVQQD
Eyg0ZTZiMWRiNDMyNjRiY2NkOTQ2ZWRhNDAzNjUwNDViZTJmYzg4Y2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0COwvnBJ4ZMw7dz4CuDRqhqfObv
dBGEWTEvF2nNVH8gDsoeoSFPNsKNm7w9qI9ZUvpUtLgp5ddhNn6yMJ8OERbga4Ho
zcYkjczd7jJ0BoAHQH/bu46eFuXXEaBjDgG6h6s6EXGLFHIDcNjC0pzOs2U4QcaL
Cwlzw9hS68z7LJtPGff8/CSzuIjOHxlyPgTTr5wQZcYTJDaie32xn5Z3CqC5pQBB
QUokl4wnySIY7wmzjkr9XXwoneox9X9luJ8O/iB3eQgTNzQA1lCzlsDehTxBJvMF
zEaIzDXIvp/RnTvNFyvK9P+yuvC7sQ8TyTnNGAuw0sKdJaEZ63FxnXxUpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE5rHbQyZLzNlG7aQDZQRb4vyIzeMB8GA1UdIwQY
MBaAFDjQQ4q1bYQhcTG8Bv4zXkx4Q+t5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEt
ZDllNmM1ZjBkMjg4LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEtZDllNmM1ZjBkMjg4
LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABRDWM/lM
t3cdTY35uxokVhKG0rObSXiPBBozpPp+8/dLGiFERSolgp4X+Fg4tLKUjr7DTpQM
xMA7PLnjZ1W2GuGYU2FJLKnoi/Z4c0TnXLiVX/6I/pw+hIJwMnHSAhnSqyVwaEKX
KQOUWUFtagALIoqVr1sVlul07dHlApNoO/B1Ol/QxSxaQVLrS3agg2YBfbWZnthP
EW1fEKS6hYYmlZXk9B2LiBHk+5ppQi9lbtVAQygdb7oNdrYc+RrPZCMWJ57e5xyg
w+24AXPOn62Qd384RkL0ySUw+qHXpHnJwSrCTli2xzbsz6UMbnZCKmYrcSlrNWBA
49hSys2AlEd47A==
-----END CERTIFICATE-----
Generated at Tue May 6 12:09:02 2025 by rpki-client