Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/74d223-5db9-49b7-b921-b179e0b24a76/1/ocdHG94YLbnCvBHWjl_1L0qsT24.mft
File: ocdHG94YLbnCvBHWjl_1L0qsT24.mft (raw, json)
Hash identifier: 1MEqlTn9UmvvHnw5ac3qdgEcAb1b2aO3mT+5c31Ws8w=
Subject key identifier: 37:DD:F6:A1:16:4C:DA:FA:43:4B:1F:A3:3D:2A:8F:83:8A:CE:EA:7B
Authority key identifier: A1:C7:47:1B:DE:18:2D:B9:C2:BC:11:D6:8E:5F:F5:2F:4A:AC:4F:6E
Certificate issuer: /CN=a1c7471bde182db9c2bc11d68e5ff52f4aac4f6e
Certificate serial: 018B886588523816DF5DE49359EA07A149CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ocdHG94YLbnCvBHWjl_1L0qsT24.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/74d223-5db9-49b7-b921-b179e0b24a76/1/ocdHG94YLbnCvBHWjl_1L0qsT24.mft
Manifest number: 0666
Signing time: Wed 01 Nov 2023 01:00:37 +0000
Manifest this update: Wed 01 Nov 2023 01:00:37 +0000
Manifest next update: Thu 02 Nov 2023 01:00:37 +0000
Files and hashes: 1: V0IcvjtvbRC6Z9Ytw4Tx1eFsJMA.roa (hash: zNP0S7uWbL4KJB3rhhJP+f8raHi8sdrhpmIQHZDaQko=)
2: ocdHG94YLbnCvBHWjl_1L0qsT24.crl (hash: K0AYjQWy8Cs2LUcmefxg/vHiHPhWdiZ9/7HJiU5NmmY=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:88:65:88:52:38:16:df:5d:e4:93:59:ea:07:a1:49:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1c7471bde182db9c2bc11d68e5ff52f4aac4f6e
Validity
Not Before: Nov 1 01:00:37 2023 GMT
Not After : Nov 2 01:00:37 2023 GMT
Subject: CN=37ddf6a1164cdafa434b1fa33d2a8f838aceea7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:26:bd:59:b3:04:e5:39:d4:6b:2a:c2:3c:dd:
55:c2:48:60:a0:e3:6e:9e:fb:b9:e2:7b:ec:3b:5a:
7b:3a:f8:11:c8:f2:36:34:99:06:e6:4f:25:c1:84:
25:ec:80:ea:ab:21:ad:e4:ac:f6:1f:f9:0c:03:2a:
2c:b3:0f:6d:f1:9d:c3:c3:e4:d8:b2:f9:2f:b6:58:
a4:cd:3a:f3:7a:e5:a2:4e:5e:5c:b2:1f:6c:c6:ef:
d8:ec:f2:52:32:f3:3d:fd:aa:b7:87:79:fa:13:dc:
c5:d3:b4:6d:57:dc:9d:66:e6:60:df:69:ad:b7:8f:
6c:b7:a7:aa:a1:37:35:0c:90:71:4d:35:6a:9e:2f:
36:50:cc:5b:45:5d:2f:62:03:63:45:a2:0e:60:23:
d0:5a:20:1d:49:24:f7:32:6d:16:47:54:b8:f7:b6:
3a:e2:74:ac:4d:e6:69:44:53:a5:24:89:9b:ba:84:
fb:07:cc:d4:75:29:ec:cb:e6:cd:75:5a:38:9d:af:
93:b1:96:72:9b:82:f8:81:cd:71:ec:f2:a7:2b:88:
26:9b:bc:ad:21:42:eb:d0:09:fc:48:2e:15:76:5f:
6f:55:d8:5f:e6:fa:04:17:c9:03:a3:18:a5:85:e1:
3e:fa:cb:bd:d0:b2:6e:3c:47:ba:ae:eb:4b:dd:32:
21:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:DD:F6:A1:16:4C:DA:FA:43:4B:1F:A3:3D:2A:8F:83:8A:CE:EA:7B
X509v3 Authority Key Identifier:
keyid:A1:C7:47:1B:DE:18:2D:B9:C2:BC:11:D6:8E:5F:F5:2F:4A:AC:4F:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ocdHG94YLbnCvBHWjl_1L0qsT24.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/74d223-5db9-49b7-b921-b179e0b24a76/1/ocdHG94YLbnCvBHWjl_1L0qsT24.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/74d223-5db9-49b7-b921-b179e0b24a76/1/ocdHG94YLbnCvBHWjl_1L0qsT24.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9f:6a:45:ac:97:88:f7:28:ae:21:ca:35:86:60:92:fa:74:79:
97:4f:9c:7b:83:5c:fd:94:b4:14:8a:f3:c6:43:84:4a:a1:60:
1a:91:29:11:bf:73:7e:b1:3a:30:6e:f0:4a:d1:6e:08:4f:01:
ba:dd:eb:d0:a2:ad:75:d2:3c:88:68:e5:cc:c7:4d:b9:df:77:
2e:a2:6b:56:6b:31:b7:67:63:d1:f6:66:68:3a:95:a3:71:3e:
a9:87:20:50:c6:c6:7a:01:a2:be:d5:8b:6d:8e:97:41:af:31:
1f:ca:0b:3d:84:03:42:ff:8c:c3:12:89:f0:a2:90:98:3e:c4:
93:cc:2e:d2:f9:35:d8:53:33:fe:34:35:ba:90:16:a1:7a:f6:
c0:b0:9d:d9:d4:32:80:cb:44:79:58:8c:fb:c7:f1:2d:a3:cb:
e2:8c:96:2a:37:63:f1:b0:f0:51:89:8c:55:2e:63:d6:08:2e:
90:f1:4f:2d:9f:ac:d1:54:e4:0d:f5:fa:17:e4:dc:3e:c2:e4:
ce:87:4f:c9:ee:fb:39:1f:cb:4c:0a:dd:ff:a3:af:34:36:69:
64:66:4a:be:b6:24:63:e5:6d:de:46:b9:ec:68:b1:5d:82:ad:
c4:d3:a6:09:c3:fd:18:e6:79:8b:8d:29:05:cc:e8:d6:ca:f5:
1c:76:2e:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYuIZYhSOBbfXeSTWeoHoUnOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYzc0NzFiZGUxODJkYjljMmJjMTFkNjhlNWZmNTJmNGFh
YzRmNmUwHhcNMjMxMTAxMDEwMDM3WhcNMjMxMTAyMDEwMDM3WjAzMTEwLwYDVQQD
EygzN2RkZjZhMTE2NGNkYWZhNDM0YjFmYTMzZDJhOGY4MzhhY2VlYTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ia9WbME5TnUayrCPN1VwkhgoONu
nvu54nvsO1p7OvgRyPI2NJkG5k8lwYQl7IDqqyGt5Kz2H/kMAyossw9t8Z3Dw+TY
svkvtlikzTrzeuWiTl5csh9sxu/Y7PJSMvM9/aq3h3n6E9zF07RtV9ydZuZg32mt
t49st6eqoTc1DJBxTTVqni82UMxbRV0vYgNjRaIOYCPQWiAdSST3Mm0WR1S497Y6
4nSsTeZpRFOlJImbuoT7B8zUdSnsy+bNdVo4na+TsZZym4L4gc1x7PKnK4gmm7yt
IULr0An8SC4Vdl9vVdhf5voEF8kDoxilheE++su90LJuPEe6rutL3TIhcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDfd9qEWTNr6Q0sfoz0qj4OKzup7MB8GA1UdIwQY
MBaAFKHHRxveGC25wrwR1o5f9S9KrE9uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2NkSEc5NFlMYm5DdkJIV2psXzFMMHFzVDI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS83NGQyMjMtNWRiOS00OWI3LWI5MjEt
YjE3OWUwYjI0YTc2LzEvb2NkSEc5NFlMYm5DdkJIV2psXzFMMHFzVDI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS83NGQyMjMtNWRiOS00OWI3LWI5MjEtYjE3OWUwYjI0YTc2
LzEvb2NkSEc5NFlMYm5DdkJIV2psXzFMMHFzVDI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn2pFrJeI
9yiuIco1hmCS+nR5l0+ce4Nc/ZS0FIrzxkOESqFgGpEpEb9zfrE6MG7wStFuCE8B
ut3r0KKtddI8iGjlzMdNud93LqJrVmsxt2dj0fZmaDqVo3E+qYcgUMbGegGivtWL
bY6XQa8xH8oLPYQDQv+MwxKJ8KKQmD7Ek8wu0vk12FMz/jQ1upAWoXr2wLCd2dQy
gMtEeViM+8fxLaPL4oyWKjdj8bDwUYmMVS5j1ggukPFPLZ+s0VTkDfX6F+TcPsLk
zodPye77OR/LTArd/6OvNDZpZGZKvrYkY+Vt3ka57GixXYKtxNOmCcP9GOZ5i40p
Bczo1sr1HHYu0g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:44 2025 by rpki-client