Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/59d4e9-662c-435a-b351-4aa539a30d21/1/0fbkNwERz7-WhASFQie4CShRRQ0.mft
File: 0fbkNwERz7-WhASFQie4CShRRQ0.mft (raw, json)
Hash identifier: br4rbbJjNDsPN8ULoKotR78PwnTwRvVl7ZvNDjuLmRY=
Subject key identifier: 56:D2:38:8C:E8:45:E1:1C:D5:B5:F8:59:0F:E2:C1:42:E4:7C:7D:59
Authority key identifier: D1:F6:E4:37:01:11:CF:BF:96:84:04:85:42:27:B8:09:28:51:45:0D
Certificate issuer: /CN=d1f6e4370111cfbf968404854227b8092851450d
Certificate serial: 0195E0B422E2E9D6B2917FEB002C3A1B857A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0fbkNwERz7-WhASFQie4CShRRQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/59d4e9-662c-435a-b351-4aa539a30d21/1/0fbkNwERz7-WhASFQie4CShRRQ0.mft
Manifest number: 0D23
Signing time: Sat 29 Mar 2025 07:00:56 +0000
Manifest this update: Sat 29 Mar 2025 07:00:56 +0000
Manifest next update: Sun 30 Mar 2025 07:00:56 +0000
Files and hashes: 1: 0fbkNwERz7-WhASFQie4CShRRQ0.crl (hash: joXRm9OJratufaF6bmUQ1daEqW8Xun4wBqtqO5I78aQ=)
2: w9laCbfNTG9x8SgYBLM8cjfOdmA.roa (hash: WglJOtLwDI5HpNhEnz7a8Exzapc/0A4kuz517Fgs06A=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e0:b4:22:e2:e9:d6:b2:91:7f:eb:00:2c:3a:1b:85:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1f6e4370111cfbf968404854227b8092851450d
Validity
Not Before: Mar 29 07:00:56 2025 GMT
Not After : Mar 30 07:00:56 2025 GMT
Subject: CN=56d2388ce845e11cd5b5f8590fe2c142e47c7d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:0e:bd:4f:9f:53:30:83:39:ae:ad:4f:83:03:
33:e7:84:03:3f:54:3b:b3:43:b8:16:1f:08:ab:6d:
92:1e:89:84:aa:ab:49:54:00:d4:24:c9:d5:60:38:
51:1e:34:54:bd:5c:fe:be:8c:09:b8:a7:a9:31:37:
f0:d1:fb:9e:c6:d5:5f:6f:a9:2e:cf:2f:f9:26:cf:
88:64:58:47:3b:a4:ee:74:bb:6a:c2:2b:00:3f:cf:
56:6b:9f:73:f3:ab:cf:37:55:bc:6f:3c:28:9c:a1:
8e:da:56:8b:0a:22:a6:b8:29:ee:81:5a:8f:e2:6e:
3d:0f:a1:5a:66:6e:8a:70:49:97:20:46:c6:ba:61:
07:c6:04:c9:69:30:be:02:67:06:8e:20:99:26:d1:
ff:e9:85:38:41:6e:26:be:dd:5e:e0:85:0d:6f:2d:
2c:f1:37:7b:80:cb:5b:04:75:52:b9:14:fd:f2:08:
63:7e:01:36:43:c2:b5:78:a5:69:69:1e:c9:38:4f:
f0:23:4a:20:7d:ba:3b:6f:c2:9d:16:c8:21:be:72:
54:7e:3d:b5:f7:97:80:30:48:a9:cb:be:9b:84:5e:
61:bc:54:5f:bc:97:21:ac:7c:a0:d6:79:bf:eb:c2:
2c:9c:1a:86:f9:21:e3:1b:8b:79:d8:1a:94:ac:fa:
5f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:D2:38:8C:E8:45:E1:1C:D5:B5:F8:59:0F:E2:C1:42:E4:7C:7D:59
X509v3 Authority Key Identifier:
keyid:D1:F6:E4:37:01:11:CF:BF:96:84:04:85:42:27:B8:09:28:51:45:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0fbkNwERz7-WhASFQie4CShRRQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/59d4e9-662c-435a-b351-4aa539a30d21/1/0fbkNwERz7-WhASFQie4CShRRQ0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/59d4e9-662c-435a-b351-4aa539a30d21/1/0fbkNwERz7-WhASFQie4CShRRQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:6d:27:36:ba:c3:3c:24:9c:db:a0:fa:ef:76:c2:2d:68:92:
24:f0:e1:a3:85:68:58:70:8d:16:a6:6b:2f:c7:cb:75:d1:cb:
25:34:6f:a6:26:84:73:29:4d:5e:45:b0:9b:bd:fa:93:4b:fb:
70:10:7c:ee:c0:c2:fe:71:65:16:dd:15:e4:ae:58:ab:4f:be:
3c:0e:5e:44:05:96:c3:4c:ca:19:72:dd:83:62:01:20:80:d3:
f3:a4:4b:44:14:24:b9:8e:e9:4f:cb:e0:cd:c4:e7:e7:2e:6a:
e7:01:7c:15:42:4b:7b:bb:90:5d:6b:e0:10:b5:3d:16:a3:dd:
5a:2f:ad:98:aa:fe:9e:8b:bf:ec:91:ca:59:ad:5d:ec:85:8e:
e4:80:6c:51:84:05:a9:3d:64:17:92:bf:a3:e2:d8:c4:40:c5:
7e:f2:c1:c2:54:18:3e:cd:cb:95:2a:f8:1d:09:e6:71:7c:ff:
76:bd:64:ee:9c:93:2f:e2:f8:43:df:55:d5:bc:5c:e1:8e:b5:
00:16:13:87:50:f8:51:f7:dc:50:6a:91:25:34:15:e9:3a:0f:
a2:d6:f0:64:ce:fe:de:17:34:81:ef:4c:8c:cb:79:69:73:7c:
9c:64:35:41:56:b0:5e:26:1a:ce:e0:44:6c:54:0b:b0:db:d6:
10:a5:da:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXgtCLi6daykX/rACw6G4V6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZjZlNDM3MDExMWNmYmY5Njg0MDQ4NTQyMjdiODA5Mjg1
MTQ1MGQwHhcNMjUwMzI5MDcwMDU2WhcNMjUwMzMwMDcwMDU2WjAzMTEwLwYDVQQD
Eyg1NmQyMzg4Y2U4NDVlMTFjZDViNWY4NTkwZmUyYzE0MmU0N2M3ZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Q69T59TMIM5rq1PgwMz54QDP1Q7
s0O4Fh8Iq22SHomEqqtJVADUJMnVYDhRHjRUvVz+vowJuKepMTfw0fuextVfb6ku
zy/5Js+IZFhHO6TudLtqwisAP89Wa59z86vPN1W8bzwonKGO2laLCiKmuCnugVqP
4m49D6FaZm6KcEmXIEbGumEHxgTJaTC+AmcGjiCZJtH/6YU4QW4mvt1e4IUNby0s
8Td7gMtbBHVSuRT98ghjfgE2Q8K1eKVpaR7JOE/wI0ogfbo7b8KdFsghvnJUfj21
95eAMEipy76bhF5hvFRfvJchrHyg1nm/68IsnBqG+SHjG4t52BqUrPpfuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFbSOIzoReEc1bX4WQ/iwULkfH1ZMB8GA1UdIwQY
MBaAFNH25DcBEc+/loQEhUInuAkoUUUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGZia053RVJ6Ny1XaEFTRlFpZTRDU2hSUlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81OWQ0ZTktNjYyYy00MzVhLWIzNTEt
NGFhNTM5YTMwZDIxLzEvMGZia053RVJ6Ny1XaEFTRlFpZTRDU2hSUlEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81OWQ0ZTktNjYyYy00MzVhLWIzNTEtNGFhNTM5YTMwZDIx
LzEvMGZia053RVJ6Ny1XaEFTRlFpZTRDU2hSUlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhW0nNrrD
PCSc26D673bCLWiSJPDho4VoWHCNFqZrL8fLddHLJTRvpiaEcylNXkWwm736k0v7
cBB87sDC/nFlFt0V5K5Yq0++PA5eRAWWw0zKGXLdg2IBIIDT86RLRBQkuY7pT8vg
zcTn5y5q5wF8FUJLe7uQXWvgELU9FqPdWi+tmKr+nou/7JHKWa1d7IWO5IBsUYQF
qT1kF5K/o+LYxEDFfvLBwlQYPs3LlSr4HQnmcXz/dr1k7pyTL+L4Q99V1bxc4Y61
ABYTh1D4UffcUGqRJTQV6ToPotbwZM7+3hc0ge9MjMt5aXN8nGQ1QVawXiYazuBE
bFQLsNvWEKXa4w==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:53:40 2025 by rpki-client