Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
File: 1OKXHl2BaclArwINsCe-2tiZFZA.mft (raw, json)
Hash identifier: WkhoCQSubAXQpWO88cpZfHl7cVqH+miecZ+Yq35Prq0=
Subject key identifier: AA:45:2C:07:EA:71:2D:01:D7:B9:51:D6:15:8D:EE:5F:9C:CE:55:67
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial: 01969F3F77F99C91BEF6F05A1ED28D4FCFDF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
Manifest number: 1528
Signing time: Mon 05 May 2025 07:00:58 +0000
Manifest this update: Mon 05 May 2025 07:00:58 +0000
Manifest next update: Tue 06 May 2025 07:00:58 +0000
Files and hashes: 1: 1OKXHl2BaclArwINsCe-2tiZFZA.crl (hash: 34XC9aq98dE1E8ppI5bo/DfuTSsaFHL6LcibcVGnFAA=)
2: JSqJ02JsxZMyq1FZ1Ds1WnAXfzM.roa (hash: FrjQUqzgc9bbbA26gpxWpuyB85Zjnu+GzKv9yBO8vww=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9f:3f:77:f9:9c:91:be:f6:f0:5a:1e:d2:8d:4f:cf:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
Validity
Not Before: May 5 07:00:58 2025 GMT
Not After : May 6 07:00:58 2025 GMT
Subject: CN=aa452c07ea712d01d7b951d6158dee5f9cce5567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c0:ca:5d:27:f4:0b:c8:06:b4:3a:ad:ed:43:
ad:55:59:88:d1:9f:56:5b:b9:0b:5a:01:18:20:1b:
89:22:59:f6:78:d3:53:5c:62:4e:d6:29:ed:bb:ab:
8f:03:31:a0:ed:5c:d6:dd:f9:5a:62:36:7c:d3:71:
81:a5:08:df:03:2a:b9:34:b0:72:7e:32:25:9b:d6:
fb:55:b2:6d:68:22:56:96:41:9f:88:ff:c4:8a:c5:
2e:3d:b3:62:65:f0:7a:98:9a:23:e2:3b:e2:7c:53:
28:37:5f:e6:07:f0:06:b1:23:22:f2:88:5a:4d:9b:
df:5c:22:d9:44:9a:3c:54:3f:76:b3:fa:c7:99:9a:
20:1f:12:85:06:f0:60:ab:22:e2:d5:96:b8:e0:b3:
c9:66:ec:f5:c5:d3:33:df:53:62:f0:07:86:74:84:
c7:36:db:c9:54:ee:5d:9c:80:95:89:08:89:c8:21:
25:ee:48:59:81:ab:c1:9e:a4:87:2f:3d:f7:88:d8:
4a:19:7c:c8:0e:32:c3:37:48:5f:8a:09:d5:3e:dd:
48:7b:3d:3c:f2:d2:e3:58:da:27:99:22:8b:a1:7a:
fb:7b:4e:cd:21:8f:41:eb:2a:87:cb:c8:2f:a2:de:
84:56:bd:16:d2:4e:5c:f8:cc:7f:22:b7:2f:e0:39:
08:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:45:2C:07:EA:71:2D:01:D7:B9:51:D6:15:8D:EE:5F:9C:CE:55:67
X509v3 Authority Key Identifier:
keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:54:82:57:d8:cc:e2:ad:93:42:f4:2f:dc:06:91:16:60:18:
82:5d:c5:d4:59:d3:95:76:66:1c:c3:24:7d:ef:f7:a9:95:f4:
4b:83:9e:de:92:b0:8b:83:46:eb:80:40:eb:b8:bc:26:95:90:
4d:ab:ff:f5:1e:b1:d6:b3:66:57:35:95:03:ca:8a:07:5a:25:
ae:dd:cb:5c:b8:06:0c:78:47:49:26:8a:00:95:d9:76:0d:9c:
23:23:6e:01:4a:6c:23:8e:22:f0:a0:70:35:0c:1d:73:11:cb:
f2:a8:dd:2a:78:ae:f7:50:f7:12:10:29:26:82:47:dc:d4:fd:
80:7c:dd:83:ce:aa:08:66:aa:7b:90:ec:78:a7:a2:3f:12:c2:
0c:72:69:ca:8d:7a:b2:0d:6e:ed:13:51:c4:50:1a:e6:4f:92:
3d:fe:05:a6:29:ab:dd:be:dc:5f:bf:91:cc:20:a4:b2:7e:53:
32:ee:b4:34:55:cb:d0:95:f2:2e:ba:f7:5b:93:b5:fb:23:68:
db:80:24:4d:72:8a:b3:b6:c1:60:d9:73:83:ad:f5:1b:10:86:
98:b7:5b:17:64:25:fd:e7:da:c6:38:c9:17:9a:1e:6e:24:59:
b7:f3:b9:3d:98:68:c3:31:99:b4:10:36:99:ba:34:8c:4b:d5:
c8:ef:0b:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZafP3f5nJG+9vBaHtKNT8/fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5
OTE1OTAwHhcNMjUwNTA1MDcwMDU4WhcNMjUwNTA2MDcwMDU4WjAzMTEwLwYDVQQD
EyhhYTQ1MmMwN2VhNzEyZDAxZDdiOTUxZDYxNThkZWU1ZjljY2U1NTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMDKXSf0C8gGtDqt7UOtVVmI0Z9W
W7kLWgEYIBuJIln2eNNTXGJO1intu6uPAzGg7VzW3flaYjZ803GBpQjfAyq5NLBy
fjIlm9b7VbJtaCJWlkGfiP/EisUuPbNiZfB6mJoj4jvifFMoN1/mB/AGsSMi8oha
TZvfXCLZRJo8VD92s/rHmZogHxKFBvBgqyLi1Za44LPJZuz1xdMz31Ni8AeGdITH
NtvJVO5dnICViQiJyCEl7khZgavBnqSHLz33iNhKGXzIDjLDN0hfignVPt1Iez08
8tLjWNonmSKLoXr7e07NIY9B6yqHy8gvot6EVr0W0k5c+Mx/Ircv4DkIowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKpFLAfqcS0B17lR1hWN7l+czlVnMB8GA1UdIwQY
MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt
MTg5NDkwZDYwZWE2LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2
LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGlSCV9jM
4q2TQvQv3AaRFmAYgl3F1FnTlXZmHMMkfe/3qZX0S4Oe3pKwi4NG64BA67i8JpWQ
Tav/9R6x1rNmVzWVA8qKB1olrt3LXLgGDHhHSSaKAJXZdg2cIyNuAUpsI44i8KBw
NQwdcxHL8qjdKniu91D3EhApJoJH3NT9gHzdg86qCGaqe5DseKeiPxLCDHJpyo16
sg1u7RNRxFAa5k+SPf4Fpimr3b7cX7+RzCCksn5TMu60NFXL0JXyLrr3W5O1+yNo
24AkTXKKs7bBYNlzg631GxCGmLdbF2Ql/efaxjjJF5oebiRZt/O5PZhowzGZtBA2
mbo0jEvVyO8LqQ==
-----END CERTIFICATE-----
Generated at Mon May 5 08:50:21 2025 by rpki-client