Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
File: OkGxVaq20SKf00jqoD0PeQPxJno.mft (raw, json)
Hash identifier: HIVc0EElBOnNKc6nApibUF+iwkZH+w4M1ox8VaruoBk=
Subject key identifier: 90:3D:1F:A0:41:72:41:21:F0:E1:82:D1:CF:94:91:61:F9:3D:40:B7
Authority key identifier: 3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
Certificate issuer: /CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Certificate serial: 0196BFA5CC3CE53552E26135D4396A369807
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
Manifest number: 103C
Signing time: Sun 11 May 2025 14:00:35 +0000
Manifest this update: Sun 11 May 2025 14:00:35 +0000
Manifest next update: Mon 12 May 2025 14:00:35 +0000
Files and hashes: 1: DUYlFbh6FULGzgdthf_PMDp6hOU.roa (hash: JR7UbEi2bM6dLHHY3xrq1gui3NHbn1GkWRWkFGTRYw0=)
2: OkGxVaq20SKf00jqoD0PeQPxJno.crl (hash: NAvCDxmZfDXOg0B1JBNwYHIBC7o4cwcrc9QRldu1gB8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:bf:a5:cc:3c:e5:35:52:e2:61:35:d4:39:6a:36:98:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Validity
Not Before: May 11 14:00:35 2025 GMT
Not After : May 12 14:00:35 2025 GMT
Subject: CN=903d1fa041724121f0e182d1cf949161f93d40b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:85:58:31:24:85:51:96:fe:a2:a7:6e:c8:77:
fc:36:08:f6:2b:77:94:b4:f7:7e:2f:98:83:f4:87:
01:a7:b2:70:15:e1:68:ef:0a:75:27:47:26:d0:b7:
eb:ef:92:43:38:73:79:ad:c1:9e:e1:02:76:22:e6:
3c:35:e2:8d:a4:1e:d1:80:d6:9e:eb:1c:5d:94:7e:
14:95:95:53:d8:3f:04:04:d2:7a:8f:9f:f5:95:3f:
ed:9c:ef:d6:f8:f4:5f:d1:c4:7b:c1:b3:df:44:d4:
4e:5a:3e:b5:6e:d9:7e:b9:1a:0c:54:fb:3e:35:75:
c6:91:b5:43:02:a4:52:ca:b2:4d:3f:b3:6e:c1:b1:
10:71:f5:7d:f1:d1:13:79:75:ae:c3:8e:25:cc:fc:
d3:3c:dd:b3:d4:1c:1b:f9:bf:ac:47:93:55:f2:b7:
a4:07:86:ea:1b:44:84:84:b4:f6:61:c0:16:99:52:
3b:18:fc:eb:f9:76:b5:98:60:dd:38:5f:8d:d4:89:
e6:71:a9:98:be:bd:b7:f7:32:ae:e1:2d:4c:af:36:
d6:57:9c:86:b6:c0:5a:2c:c5:4d:cb:44:94:44:e0:
03:1d:c3:e2:78:9e:e5:9d:c7:ac:87:73:47:e9:fc:
16:fb:bb:0f:49:6a:f1:48:25:6c:bf:44:1d:58:41:
cd:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:3D:1F:A0:41:72:41:21:F0:E1:82:D1:CF:94:91:61:F9:3D:40:B7
X509v3 Authority Key Identifier:
keyid:3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:e7:e0:7d:7a:d2:c4:2c:50:08:78:a6:ec:ff:57:f1:b2:e4:
ac:33:67:6c:23:69:ed:41:43:03:af:4b:30:57:99:b6:77:f0:
2f:7c:09:98:9e:bc:0a:7d:a9:6d:32:2e:42:64:a0:bb:c0:df:
22:0f:35:02:e3:79:f2:07:12:d7:38:48:6f:0b:55:99:7c:80:
c3:dd:bd:27:7e:5c:47:a6:60:17:c8:e1:1b:d3:d7:63:bf:e4:
9a:9b:9c:9b:07:be:72:5d:76:b0:2c:45:99:f2:78:dc:be:24:
92:b9:d1:e6:b9:0e:8b:10:30:e5:8c:0a:c4:54:86:29:d0:ad:
9a:b8:cd:2b:dd:fc:35:51:bc:2b:50:6d:db:88:ad:02:2c:28:
3b:46:c7:ba:9f:3a:0b:55:26:17:9f:4a:a7:81:ad:64:d7:e1:
55:6e:6d:03:3e:57:8c:67:6e:3c:37:48:2b:48:16:89:07:da:
c3:b3:60:9b:eb:87:de:10:da:ed:a4:15:72:fc:65:04:d9:e5:
34:f2:6d:d2:95:87:df:8a:4f:74:82:88:1a:a3:9c:4a:6e:6a:
49:fe:e1:a6:e0:0e:ae:bf:69:70:1f:96:49:98:c2:31:25:d9:
2b:42:dc:07:45:2c:97:94:87:ee:eb:b9:e3:3c:dd:39:35:89:
1f:63:9b:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/pcw85TVS4mE11DlqNpgHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDFiMTU1YWFiNmQxMjI5ZmQzNDhlYWEwM2QwZjc5MDNm
MTI2N2EwHhcNMjUwNTExMTQwMDM1WhcNMjUwNTEyMTQwMDM1WjAzMTEwLwYDVQQD
Eyg5MDNkMWZhMDQxNzI0MTIxZjBlMTgyZDFjZjk0OTE2MWY5M2Q0MGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoVYMSSFUZb+oqduyHf8Ngj2K3eU
tPd+L5iD9IcBp7JwFeFo7wp1J0cm0Lfr75JDOHN5rcGe4QJ2IuY8NeKNpB7RgNae
6xxdlH4UlZVT2D8EBNJ6j5/1lT/tnO/W+PRf0cR7wbPfRNROWj61btl+uRoMVPs+
NXXGkbVDAqRSyrJNP7NuwbEQcfV98dETeXWuw44lzPzTPN2z1Bwb+b+sR5NV8rek
B4bqG0SEhLT2YcAWmVI7GPzr+Xa1mGDdOF+N1InmcamYvr239zKu4S1MrzbWV5yG
tsBaLMVNy0SUROADHcPieJ7lncesh3NH6fwW+7sPSWrxSCVsv0QdWEHN6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJA9H6BBckEh8OGC0c+UkWH5PUC3MB8GA1UdIwQY
MBaAFDpBsVWqttEin9NI6qA9D3kD8SZ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUt
MmIzYjRjNzgwNDE5LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUtMmIzYjRjNzgwNDE5
LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWufgfXrS
xCxQCHim7P9X8bLkrDNnbCNp7UFDA69LMFeZtnfwL3wJmJ68Cn2pbTIuQmSgu8Df
Ig81AuN58gcS1zhIbwtVmXyAw929J35cR6ZgF8jhG9PXY7/kmpucmwe+cl12sCxF
mfJ43L4kkrnR5rkOixAw5YwKxFSGKdCtmrjNK938NVG8K1Bt24itAiwoO0bHup86
C1UmF59Kp4GtZNfhVW5tAz5XjGduPDdIK0gWiQfaw7Ngm+uH3hDa7aQVcvxlBNnl
NPJt0pWH34pPdIKIGqOcSm5qSf7hpuAOrr9pcB+WSZjCMSXZK0LcB0Usl5SH7uu5
4zzdOTWJH2ObNg==
-----END CERTIFICATE-----
Generated at Sun May 11 16:41:03 2025 by rpki-client