Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft
File: oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft (raw, json)
Hash identifier: 6xeFixQbZoQsxT7FUMbIdW0olQ4DzpHZGmIk71anx2A=
Subject key identifier: 5A:AA:71:11:70:B3:2B:89:93:1E:6E:99:29:BB:B3:01:23:B5:9D:00
Authority key identifier: A2:20:DD:A6:48:43:A4:EE:36:4B:08:93:56:CA:87:99:58:30:FD:77
Certificate issuer: /CN=a220dda64843a4ee364b089356ca87995830fd77
Certificate serial: 0195E12208DBC70C70C3473035B4F726C825
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oiDdpkhDpO42SwiTVsqHmVgw_Xc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft
Manifest number: 0BE9
Signing time: Sat 29 Mar 2025 09:00:58 +0000
Manifest this update: Sat 29 Mar 2025 09:00:58 +0000
Manifest next update: Sun 30 Mar 2025 09:00:58 +0000
Files and hashes: 1: f3Wn9TOfcfxB3VYXWanqfMC6WRI.roa (hash: CJSEzeKkH+A8u48zVCzb/MrI7FvV/Beze1CPp3UTLZU=)
2: oiDdpkhDpO42SwiTVsqHmVgw_Xc.crl (hash: vwu+96sjL2EiINEJZ5fTv6znpF0iyD0h6aG3ObzjNFs=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e1:22:08:db:c7:0c:70:c3:47:30:35:b4:f7:26:c8:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a220dda64843a4ee364b089356ca87995830fd77
Validity
Not Before: Mar 29 09:00:58 2025 GMT
Not After : Mar 30 09:00:58 2025 GMT
Subject: CN=5aaa711170b32b89931e6e9929bbb30123b59d00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8e:2a:8b:ae:84:73:1e:cf:85:ba:19:85:33:
3b:19:e1:cd:00:af:e3:ef:d5:ba:6e:36:cd:1c:1e:
b1:72:38:75:87:c6:a7:4c:d4:93:3d:5e:e7:d0:22:
fe:41:b5:3f:a8:a2:e6:c7:99:f6:56:92:37:e1:22:
fb:d9:ac:17:ca:cc:d3:3c:ed:ba:7b:23:70:97:0d:
7b:f4:6a:e2:76:67:77:db:56:d0:28:b8:e8:e8:d3:
84:26:85:64:6a:94:c3:54:53:43:0c:27:df:e3:31:
59:b8:07:c2:54:89:a7:c4:37:62:c9:95:bd:ec:b7:
0e:34:68:45:86:12:d3:e4:60:55:6b:8c:ae:35:7b:
1b:4f:61:0c:93:72:4b:40:d1:f8:78:6f:ac:c9:9e:
f6:5b:56:8d:e3:07:0a:b7:9e:86:0b:d8:ce:7a:6d:
64:35:7f:db:0d:54:a6:91:5d:d3:55:dd:cd:17:34:
0b:bb:54:25:95:6f:91:40:11:c7:69:c0:ec:74:db:
9f:85:bd:75:6a:26:56:5e:90:e7:57:41:bd:05:96:
32:d6:d6:39:fd:ce:73:47:0c:56:13:75:6a:0b:bc:
e7:7f:b4:c8:d4:a5:fe:b6:2b:7d:a7:dc:88:bc:3a:
a6:b4:27:1c:cb:12:7b:f3:a2:a2:f6:ba:46:9b:43:
eb:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:AA:71:11:70:B3:2B:89:93:1E:6E:99:29:BB:B3:01:23:B5:9D:00
X509v3 Authority Key Identifier:
keyid:A2:20:DD:A6:48:43:A4:EE:36:4B:08:93:56:CA:87:99:58:30:FD:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oiDdpkhDpO42SwiTVsqHmVgw_Xc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:df:b2:0e:c5:ec:4d:7d:09:7d:04:02:f0:f8:54:7a:79:ea:
91:80:4a:0a:a4:69:9e:50:a7:a4:56:75:73:21:b6:1e:79:84:
f0:f6:e9:02:f1:ed:d0:df:89:2a:7d:17:c0:36:6f:5e:f8:c6:
04:6a:95:8c:0c:3f:8e:24:24:10:ce:fb:b8:d3:78:fe:ce:e8:
b3:11:c6:c6:6e:12:31:77:2f:70:7f:31:af:86:25:f2:0e:cb:
9a:77:36:c4:fb:29:3f:fd:67:86:72:2d:ef:6e:6b:ce:71:b4:
0c:f9:59:1f:fe:9f:04:ae:ca:62:1b:63:92:7a:35:e7:03:b4:
65:89:1c:c5:cd:f5:fd:0a:e0:55:00:3a:a7:c9:58:c4:cf:57:
2e:c8:2c:92:d2:1f:34:40:0c:92:9f:98:4f:a7:b8:fd:39:8d:
1b:db:db:4d:b4:c4:f7:46:db:8f:27:71:48:69:7b:a8:b5:0d:
89:3b:57:8e:0d:0a:c7:17:e8:74:76:34:5d:40:dd:c6:c6:71:
a2:d1:f7:06:26:5d:66:1d:a6:ab:d4:52:bc:94:a0:62:69:a6:
9c:1f:70:ce:e2:0e:a4:b3:87:5f:11:ef:7e:b4:b4:55:be:1f:
71:8a:55:a7:6c:aa:0c:0b:f3:d6:27:a4:bb:89:b0:7a:85:be:
a3:6b:39:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXhIgjbxwxww0cwNbT3JsglMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMjBkZGE2NDg0M2E0ZWUzNjRiMDg5MzU2Y2E4Nzk5NTgz
MGZkNzcwHhcNMjUwMzI5MDkwMDU4WhcNMjUwMzMwMDkwMDU4WjAzMTEwLwYDVQQD
Eyg1YWFhNzExMTcwYjMyYjg5OTMxZTZlOTkyOWJiYjMwMTIzYjU5ZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1I4qi66Ecx7PhboZhTM7GeHNAK/j
79W6bjbNHB6xcjh1h8anTNSTPV7n0CL+QbU/qKLmx5n2VpI34SL72awXyszTPO26
eyNwlw179Gridmd321bQKLjo6NOEJoVkapTDVFNDDCff4zFZuAfCVImnxDdiyZW9
7LcONGhFhhLT5GBVa4yuNXsbT2EMk3JLQNH4eG+syZ72W1aN4wcKt56GC9jOem1k
NX/bDVSmkV3TVd3NFzQLu1QllW+RQBHHacDsdNufhb11aiZWXpDnV0G9BZYy1tY5
/c5zRwxWE3VqC7znf7TI1KX+tit9p9yIvDqmtCccyxJ786Ki9rpGm0PrdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFqqcRFwsyuJkx5umSm7swEjtZ0AMB8GA1UdIwQY
MBaAFKIg3aZIQ6TuNksIk1bKh5lYMP13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mZmE2ZDQtNTA4OS00NWE3LWEzOGYt
ZjVmODE0NTY1MWQzLzEvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mZmE2ZDQtNTA4OS00NWE3LWEzOGYtZjVmODE0NTY1MWQz
LzEvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf9+yDsXs
TX0JfQQC8PhUennqkYBKCqRpnlCnpFZ1cyG2HnmE8PbpAvHt0N+JKn0XwDZvXvjG
BGqVjAw/jiQkEM77uNN4/s7osxHGxm4SMXcvcH8xr4Yl8g7Lmnc2xPspP/1nhnIt
725rznG0DPlZH/6fBK7KYhtjkno15wO0ZYkcxc31/QrgVQA6p8lYxM9XLsgsktIf
NEAMkp+YT6e4/TmNG9vbTbTE90bbjydxSGl7qLUNiTtXjg0KxxfodHY0XUDdxsZx
otH3BiZdZh2mq9RSvJSgYmmmnB9wzuIOpLOHXxHvfrS0Vb4fcYpVp2yqDAvz1iek
u4mweoW+o2s5fw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:46:52 2025 by rpki-client