Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
File: kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft (raw, json)
Hash identifier: uK66WMQQT20dC0wqahFPtQt1xiWnUT0zRqXtWsncwoU=
Subject key identifier: 13:C1:B0:2A:2E:DA:56:78:40:21:54:BD:D7:06:6B:85:28:D5:A0:16
Authority key identifier: 91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
Certificate issuer: /CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Certificate serial: 0195E07D90CE53539BB2CD34DCF9ABB8189C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
Manifest number: 0BE1
Signing time: Sat 29 Mar 2025 06:01:20 +0000
Manifest this update: Sat 29 Mar 2025 06:01:20 +0000
Manifest next update: Sun 30 Mar 2025 06:01:20 +0000
Files and hashes: 1: O0T2HbDDLXToVBgQvakFVm0WBM8.roa (hash: j4M5mhMKjocJHlnRMyKx/Jo55Alu9WqNqQzzA+GKZ+8=)
2: WPrYk3ZFYryhbXNF2_g_QVCy5G0.roa (hash: 1/VFn2v02knd9dSenNmn42s5XXg6Yfw+0bFY3ogbnpY=)
3: kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl (hash: lDQUnCyutQX+0+oKxNFo7Rfyj7rqwopr42kopbGXxrM=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e0:7d:90:ce:53:53:9b:b2:cd:34:dc:f9:ab:b8:18:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Validity
Not Before: Mar 29 06:01:20 2025 GMT
Not After : Mar 30 06:01:20 2025 GMT
Subject: CN=13c1b02a2eda5678402154bdd7066b8528d5a016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:35:d9:6a:01:fd:68:ca:07:76:69:8e:57:89:
95:5d:94:ea:fb:0e:bb:45:53:22:b7:a6:ea:d0:d7:
60:87:f1:10:5e:20:fd:03:2d:3f:c1:96:d9:bb:15:
8f:a2:fa:b6:a0:ac:eb:dc:55:4e:ac:8c:ac:74:4e:
9f:09:03:25:1c:6d:ff:92:11:41:af:45:d6:28:8d:
0c:07:2f:78:23:7a:39:b6:23:72:8d:23:5e:6d:ba:
1c:ee:a0:ea:2b:ae:4c:66:1f:23:ab:00:73:e9:7f:
84:01:4d:55:8c:cc:3c:5e:0d:5e:50:f7:12:07:f9:
ac:dd:43:56:7c:ef:d4:fd:70:a0:61:60:ee:a8:bd:
4d:e1:da:1f:dc:32:38:6b:27:13:ff:c5:64:a8:51:
42:74:82:1a:97:12:db:c7:02:50:51:77:7a:2c:fe:
33:f8:c1:09:b9:7a:9d:14:08:8c:d1:6e:e6:b9:5d:
13:03:6f:df:cc:f5:09:bf:54:2d:d0:e6:1a:2b:e6:
ac:d0:78:ca:7d:00:45:48:da:42:b7:6c:cd:b3:34:
83:7d:49:b4:5b:91:3f:7e:a2:11:73:8d:9a:91:1b:
e9:43:d3:d1:ba:f8:6f:d6:97:63:d0:29:64:cc:ef:
cd:3a:e4:99:42:f8:97:8f:25:6d:c3:fc:d5:32:25:
3f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:C1:B0:2A:2E:DA:56:78:40:21:54:BD:D7:06:6B:85:28:D5:A0:16
X509v3 Authority Key Identifier:
keyid:91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:fa:c7:2a:ea:39:66:f9:f2:d5:67:f4:60:54:e0:e3:76:81:
4f:8c:35:5b:74:a8:47:9b:aa:6b:d2:76:93:cf:ef:f3:58:c5:
c4:81:28:a1:32:e5:bb:d4:db:78:3c:ca:91:73:e5:63:ba:fd:
8e:ec:6a:e0:7b:42:ca:39:48:79:15:68:9d:46:70:78:0a:33:
d0:77:24:b0:6e:a6:b5:c7:cb:2c:18:b8:10:cf:0e:db:47:5e:
4e:15:1c:22:86:f6:02:71:98:1d:63:a4:d7:6b:4b:c3:f3:24:
da:ef:34:b2:bf:8b:b2:86:ee:af:d0:6c:ed:57:db:0c:dd:c0:
99:3e:67:21:ac:e6:fc:3b:ec:5e:36:0a:ff:76:06:6c:2c:56:
c8:8a:67:c6:be:38:ac:82:1a:2a:8a:7e:ea:0b:d1:e9:01:48:
4f:e9:62:6b:06:51:17:1b:ef:d7:a9:7d:5b:26:21:5c:b9:a4:
06:be:e2:31:c1:d6:8f:a6:a6:90:c4:b6:a0:c9:55:10:6f:66:
e1:58:11:ad:38:ae:7e:c9:32:7e:4e:03:c1:22:f5:b9:48:ff:
4e:83:96:d2:3f:e1:d2:f6:74:07:16:74:d6:67:de:7c:82:df:
13:98:60:72:b8:38:2f:ad:d1:f5:43:95:61:88:43:39:89:42:
46:cd:0e:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXgfZDOU1Obss003PmruBicMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZGQwZTQ4ZDkwMTFhZGYzNzY2NjVhZDRkNjJjZjMxY2U2
MzA1OGMwHhcNMjUwMzI5MDYwMTIwWhcNMjUwMzMwMDYwMTIwWjAzMTEwLwYDVQQD
EygxM2MxYjAyYTJlZGE1Njc4NDAyMTU0YmRkNzA2NmI4NTI4ZDVhMDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTXZagH9aMoHdmmOV4mVXZTq+w67
RVMit6bq0Ndgh/EQXiD9Ay0/wZbZuxWPovq2oKzr3FVOrIysdE6fCQMlHG3/khFB
r0XWKI0MBy94I3o5tiNyjSNebboc7qDqK65MZh8jqwBz6X+EAU1VjMw8Xg1eUPcS
B/ms3UNWfO/U/XCgYWDuqL1N4dof3DI4aycT/8VkqFFCdIIalxLbxwJQUXd6LP4z
+MEJuXqdFAiM0W7muV0TA2/fzPUJv1Qt0OYaK+as0HjKfQBFSNpCt2zNszSDfUm0
W5E/fqIRc42akRvpQ9PRuvhv1pdj0ClkzO/NOuSZQviXjyVtw/zVMiU/cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBPBsCou2lZ4QCFUvdcGa4Uo1aAWMB8GA1UdIwQY
MBaAFJHdDkjZARrfN2ZlrU1izzHOYwWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2Mt
MTBmMzRmNTU4MzYzLzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2MtMTBmMzRmNTU4MzYz
LzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJfrHKuo5
Zvny1Wf0YFTg43aBT4w1W3SoR5uqa9J2k8/v81jFxIEooTLlu9TbeDzKkXPlY7r9
juxq4HtCyjlIeRVonUZweAoz0HcksG6mtcfLLBi4EM8O20deThUcIob2AnGYHWOk
12tLw/Mk2u80sr+Lsobur9Bs7VfbDN3AmT5nIazm/DvsXjYK/3YGbCxWyIpnxr44
rIIaKop+6gvR6QFIT+liawZRFxvv16l9WyYhXLmkBr7iMcHWj6amkMS2oMlVEG9m
4VgRrTiufskyfk4DwSL1uUj/ToOW0j/h0vZ0BxZ01mfefILfE5hgcrg4L63R9UOV
YYhDOYlCRs0Osg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:16:06 2025 by rpki-client