Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
File: onIAVE-TpnX8jHhBhWmA44o1Kcs.mft (raw, json)
Hash identifier: /FGb4VRHDfaoab/4BKEYh2jxpYugUiJ/rngrtiftdB8=
Subject key identifier: 96:0D:94:D4:AA:FF:D5:94:1F:2D:63:68:91:DD:52:74:13:61:31:30
Authority key identifier: A2:72:00:54:4F:93:A6:75:FC:8C:78:41:85:69:80:E3:8A:35:29:CB
Certificate issuer: /CN=a27200544f93a675fc8c7841856980e38a3529cb
Certificate serial: 0197BA7D7F5FB8516B6627F3A9F2DE7A16B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
Manifest number: 1052
Signing time: Sun 29 Jun 2025 07:01:16 +0000
Manifest this update: Sun 29 Jun 2025 07:01:16 +0000
Manifest next update: Mon 30 Jun 2025 07:01:16 +0000
Files and hashes: 1: WsJxTcqQMdNcfxDwYxL96RxQkLE.roa (hash: AzUS2a/hUE19ESDc/skGDA/ldB6bGDxX9L5RO7/taEk=)
2: onIAVE-TpnX8jHhBhWmA44o1Kcs.crl (hash: 4iMRsk+nKtqYOYMDLpfbenVpHt16lGy6nsQ/IOY1wJI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ba:7d:7f:5f:b8:51:6b:66:27:f3:a9:f2:de:7a:16:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27200544f93a675fc8c7841856980e38a3529cb
Validity
Not Before: Jun 29 07:01:16 2025 GMT
Not After : Jun 30 07:01:16 2025 GMT
Subject: CN=960d94d4aaffd5941f2d636891dd527413613130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:dd:f1:b0:b6:63:01:29:8d:16:e1:8f:72:9c:
ee:54:66:01:2c:c3:d5:d5:e8:43:2c:a0:9a:ce:24:
3d:dc:50:31:0b:3d:16:f0:31:2d:c0:1e:cb:16:b9:
38:f7:93:b5:b9:10:6e:c3:38:16:a9:d7:5d:a7:c2:
b9:d9:da:d0:9c:35:5c:16:2d:cf:a2:86:6b:bf:da:
9d:dd:23:4d:bc:81:24:3e:06:9d:4f:75:4f:d7:f3:
c5:ae:5d:47:5d:82:4d:60:8f:fd:d9:8c:23:8e:3c:
1f:f2:34:35:d4:3c:7c:8d:21:aa:00:e9:76:d8:67:
39:3d:aa:c6:a1:42:53:5d:f3:56:35:c7:bc:64:de:
6f:db:f6:c3:77:64:61:f4:f5:1e:05:85:91:f5:8a:
56:07:74:fc:b4:0c:8a:28:63:27:8f:e3:05:2c:df:
d2:06:4d:e5:51:f7:f4:40:1f:9e:6d:ce:7e:a4:d8:
00:46:dd:36:03:99:4b:98:6e:3d:57:f8:d3:5c:ff:
43:08:b6:7b:7f:6e:b9:c5:73:59:70:f3:bf:64:a0:
50:1b:d6:fb:b1:48:4b:12:0f:bd:d5:a0:c2:00:31:
82:0e:47:31:79:fd:73:26:e6:c0:ec:9d:ac:82:fe:
ca:32:7f:b9:64:6f:0b:e8:11:0f:44:db:bc:39:d9:
20:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:0D:94:D4:AA:FF:D5:94:1F:2D:63:68:91:DD:52:74:13:61:31:30
X509v3 Authority Key Identifier:
keyid:A2:72:00:54:4F:93:A6:75:FC:8C:78:41:85:69:80:E3:8A:35:29:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:40:dd:cd:b5:ca:c8:e7:0b:fb:51:32:07:ff:cf:c3:d9:f7:
c1:50:ac:2d:3e:04:5f:40:8d:c1:c9:fa:74:b3:fa:51:3e:fa:
50:fe:51:6c:71:fe:79:26:4b:2c:be:d7:9e:96:8f:49:00:1e:
0a:8d:37:f9:4d:50:80:c6:42:ab:9e:08:d5:5d:f2:ae:5a:15:
4e:92:5b:11:ff:84:0d:ba:43:70:f8:c5:d5:16:7e:74:03:43:
1a:36:e5:78:92:a4:55:bf:2e:8c:a5:9e:fc:5b:87:9b:11:d0:
b4:34:e7:3f:20:cb:ce:11:df:2e:81:92:2c:5d:a6:cb:42:3a:
e7:a7:ae:99:a6:e5:8e:88:43:43:54:6a:e5:79:9b:05:e8:b8:
c2:8b:22:bb:03:81:f5:20:9b:46:7f:f2:a0:84:a7:87:9d:9b:
d9:bb:d1:5f:58:e8:98:7a:21:9b:90:3f:2e:05:f5:a5:af:75:
37:e5:6b:bc:07:f0:28:8d:49:c7:d1:19:88:c4:5b:da:d7:c9:
af:86:07:10:8e:b5:4f:29:1c:fb:21:b6:92:ef:c0:75:a6:dd:
1b:92:d8:c5:c2:a7:f2:6a:4b:0e:20:5a:a3:6d:b3:72:65:39:
14:ea:d9:48:53:36:a0:98:bb:7f:51:3e:f2:7a:39:14:cd:60:
f6:59:0f:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6fX9fuFFrZifzqfLeeha3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNzIwMDU0NGY5M2E2NzVmYzhjNzg0MTg1Njk4MGUzOGEz
NTI5Y2IwHhcNMjUwNjI5MDcwMTE2WhcNMjUwNjMwMDcwMTE2WjAzMTEwLwYDVQQD
Eyg5NjBkOTRkNGFhZmZkNTk0MWYyZDYzNjg5MWRkNTI3NDEzNjEzMTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy93xsLZjASmNFuGPcpzuVGYBLMPV
1ehDLKCaziQ93FAxCz0W8DEtwB7LFrk495O1uRBuwzgWqdddp8K52drQnDVcFi3P
ooZrv9qd3SNNvIEkPgadT3VP1/PFrl1HXYJNYI/92Ywjjjwf8jQ11Dx8jSGqAOl2
2Gc5ParGoUJTXfNWNce8ZN5v2/bDd2Rh9PUeBYWR9YpWB3T8tAyKKGMnj+MFLN/S
Bk3lUff0QB+ebc5+pNgARt02A5lLmG49V/jTXP9DCLZ7f265xXNZcPO/ZKBQG9b7
sUhLEg+91aDCADGCDkcxef1zJubA7J2sgv7KMn+5ZG8L6BEPRNu8OdkgsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJYNlNSq/9WUHy1jaJHdUnQTYTEwMB8GA1UdIwQY
MBaAFKJyAFRPk6Z1/Ix4QYVpgOOKNSnLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iYzFjNzQtMWUwYS00MDU1LTgwYjgt
ZWZhN2Y4OWJkMGI5LzEvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iYzFjNzQtMWUwYS00MDU1LTgwYjgtZWZhN2Y4OWJkMGI5
LzEvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGUDdzbXK
yOcL+1EyB//Pw9n3wVCsLT4EX0CNwcn6dLP6UT76UP5RbHH+eSZLLL7XnpaPSQAe
Co03+U1QgMZCq54I1V3yrloVTpJbEf+EDbpDcPjF1RZ+dANDGjbleJKkVb8ujKWe
/FuHmxHQtDTnPyDLzhHfLoGSLF2my0I656eumabljohDQ1Rq5XmbBei4wosiuwOB
9SCbRn/yoISnh52b2bvRX1jomHohm5A/LgX1pa91N+VrvAfwKI1Jx9EZiMRb2tfJ
r4YHEI61Tykc+yG2ku/AdabdG5LYxcKn8mpLDiBao22zcmU5FOrZSFM2oJi7f1E+
8no5FM1g9lkP4A==
-----END CERTIFICATE-----
Generated at Sun Jun 29 11:11:45 2025 by rpki-client