Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
File: Okj-BwTkrJXjpw6VvrhEJcMWua0.mft (raw, json)
Hash identifier: 6fN1B5dNqQvaDN2eBFlk3p4xxtK/zPRyUktjEVkrK7Y=
Subject key identifier: 1A:B1:DD:D4:3F:64:75:FA:9D:EE:14:38:35:6A:56:42:DB:34:D6:48
Authority key identifier: 3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
Certificate issuer: /CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Certificate serial: 0196C3F094B83A0E249053100644D3A8D411
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
Manifest number: 1051
Signing time: Mon 12 May 2025 10:00:45 +0000
Manifest this update: Mon 12 May 2025 10:00:45 +0000
Manifest next update: Tue 13 May 2025 10:00:45 +0000
Files and hashes: 1: Okj-BwTkrJXjpw6VvrhEJcMWua0.crl (hash: zZQlE4JFmm985D/E3S3njcgoN3QZWhVjR0n3iXbYviI=)
2: jBg4c1TddaMZ79OO2ACO6rgKQkE.roa (hash: vxMjeBuQHvoGxQ3EbvzgsnvZ7fj/adVRxxvAS0tcfsE=)
3: yN3-coe-yJTzFymhuWAPFUYAkF4.roa (hash: IPNSpgYWxN2jcOf0NhOGeg6e+K9d2+ZzIVVpZsFLZDI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 10:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c3:f0:94:b8:3a:0e:24:90:53:10:06:44:d3:a8:d4:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Validity
Not Before: May 12 10:00:45 2025 GMT
Not After : May 13 10:00:45 2025 GMT
Subject: CN=1ab1ddd43f6475fa9dee1438356a5642db34d648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:64:9b:a1:77:f9:1d:7e:8e:b4:1c:8f:00:fe:
a4:d3:21:7e:13:0b:ea:47:9e:2b:70:3e:09:da:bf:
fd:f5:68:56:76:50:a9:cc:2e:14:0a:40:bb:ca:e2:
f9:38:35:cd:4a:4f:1f:db:bc:d5:5a:00:62:9c:2d:
48:10:7c:c8:88:6b:23:b7:7f:56:d3:56:17:40:c2:
e7:58:6c:a3:09:9e:b6:d7:f0:66:d5:b9:c0:c1:85:
02:37:ea:e4:87:1b:d4:a8:dc:49:d7:49:ca:1d:7c:
c4:a2:6e:b7:ce:77:31:58:4d:e1:c7:d1:c6:2a:b3:
ee:e2:00:cb:04:62:6f:07:35:a3:5d:75:a3:b6:8a:
08:d6:e6:16:36:af:66:b8:91:aa:ea:d7:fa:b1:e6:
35:0e:f2:01:1e:82:2a:0c:c3:e3:bb:8c:3f:6d:e1:
e2:84:b2:70:82:de:b5:92:e5:42:6e:57:0b:38:50:
86:3c:bf:ea:4e:a0:fa:a2:ff:a2:7d:08:84:25:24:
c1:0b:1e:bc:9a:f4:d1:15:15:c0:66:d9:aa:63:47:
9c:68:2a:d5:a2:fb:00:d7:b3:a3:a4:9a:89:8f:60:
69:3d:47:2b:9e:19:49:e2:5a:9b:ec:44:b6:5c:67:
84:f9:a3:84:e5:3b:3b:62:32:6d:8a:02:c7:6d:36:
82:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B1:DD:D4:3F:64:75:FA:9D:EE:14:38:35:6A:56:42:DB:34:D6:48
X509v3 Authority Key Identifier:
keyid:3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:81:5f:5b:e5:79:55:05:80:67:cc:e1:13:63:5d:03:42:92:
b3:2d:24:c2:78:b2:ba:c9:97:bc:6e:39:a4:f2:cb:aa:f2:94:
5e:4c:db:71:d1:a9:56:e9:56:1e:86:11:6d:5f:fe:9f:a4:e6:
f0:1d:d0:c6:a0:e8:85:db:2e:d8:2a:db:64:44:aa:62:ab:f1:
ee:bc:17:a0:55:d8:f3:f1:75:bd:e9:09:c1:ed:d2:49:29:50:
fa:2b:ed:e7:9d:31:19:5d:0c:31:1d:b2:3e:73:55:b5:d5:e0:
51:08:d2:c5:84:3b:7b:59:c4:24:89:0c:b3:dc:dd:8f:8f:73:
db:13:7b:ba:3d:03:4d:94:d6:e6:f1:3c:b6:68:9e:ec:be:ec:
0e:02:36:db:b6:80:ab:1b:8b:0b:7a:71:5b:9d:ac:f0:e4:6a:
c8:31:3b:0f:b2:c7:f0:bc:e3:26:1e:d4:a3:21:ad:f7:9e:10:
19:c1:0e:8d:6c:38:a2:ce:0d:21:a8:66:27:be:d3:c5:4a:d7:
32:9b:3a:2c:40:23:33:c0:f5:3c:55:ed:5e:53:5a:46:e6:23:
c0:9c:83:fa:b4:3c:70:dd:8d:a4:82:aa:13:a6:29:f2:01:df:
4c:d6:bf:ce:00:56:aa:46:81:d2:73:b3:b9:04:ee:32:33:35:
78:9f:92:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbD8JS4Og4kkFMQBkTTqNQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhmZTA3MDRlNGFjOTVlM2E3MGU5NWJlYjg0NDI1YzMx
NmI5YWQwHhcNMjUwNTEyMTAwMDQ1WhcNMjUwNTEzMTAwMDQ1WjAzMTEwLwYDVQQD
EygxYWIxZGRkNDNmNjQ3NWZhOWRlZTE0MzgzNTZhNTY0MmRiMzRkNjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmSboXf5HX6OtByPAP6k0yF+Ewvq
R54rcD4J2r/99WhWdlCpzC4UCkC7yuL5ODXNSk8f27zVWgBinC1IEHzIiGsjt39W
01YXQMLnWGyjCZ621/Bm1bnAwYUCN+rkhxvUqNxJ10nKHXzEom63zncxWE3hx9HG
KrPu4gDLBGJvBzWjXXWjtooI1uYWNq9muJGq6tf6seY1DvIBHoIqDMPju4w/beHi
hLJwgt61kuVCblcLOFCGPL/qTqD6ov+ifQiEJSTBCx68mvTRFRXAZtmqY0ecaCrV
ovsA17OjpJqJj2BpPUcrnhlJ4lqb7ES2XGeE+aOE5Ts7YjJtigLHbTaCdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBqx3dQ/ZHX6ne4UODVqVkLbNNZIMB8GA1UdIwQY
MBaAFDpI/gcE5KyV46cOlb64RCXDFrmtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEt
ZTEyM2U0ZTMwM2UxLzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEtZTEyM2U0ZTMwM2Ux
LzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhoFfW+V5
VQWAZ8zhE2NdA0KSsy0kwniyusmXvG45pPLLqvKUXkzbcdGpVulWHoYRbV/+n6Tm
8B3QxqDohdsu2CrbZESqYqvx7rwXoFXY8/F1vekJwe3SSSlQ+ivt550xGV0MMR2y
PnNVtdXgUQjSxYQ7e1nEJIkMs9zdj49z2xN7uj0DTZTW5vE8tmie7L7sDgI227aA
qxuLC3pxW52s8ORqyDE7D7LH8LzjJh7UoyGt954QGcEOjWw4os4NIahmJ77TxUrX
Mps6LEAjM8D1PFXtXlNaRuYjwJyD+rQ8cN2NpIKqE6Yp8gHfTNa/zgBWqkaB0nOz
uQTuMjM1eJ+Scw==
-----END CERTIFICATE-----
Generated at Mon May 12 19:23:32 2025 by rpki-client