Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/tKfQVIK4TTu2BPCZvK-eftNGiJo.mft
File: tKfQVIK4TTu2BPCZvK-eftNGiJo.mft (raw, json)
Hash identifier: WAc9RSa3F/QoFMQDF0bGHkFXYkr4K2MODqmUIGyuryw=
Subject key identifier: 65:FE:72:B5:92:11:C2:42:EF:D6:97:74:3A:97:AB:26:94:8A:51:CA
Authority key identifier: B4:A7:D0:54:82:B8:4D:3B:B6:04:F0:99:BC:AF:9E:7E:D3:46:88:9A
Certificate issuer: /CN=b4a7d05482b84d3bb604f099bcaf9e7ed346889a
Certificate serial: 0195E00F6D5B2A586F3BF95CE439A19B390E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKfQVIK4TTu2BPCZvK-eftNGiJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/tKfQVIK4TTu2BPCZvK-eftNGiJo.mft
Manifest number: 14BF
Signing time: Sat 29 Mar 2025 04:01:02 +0000
Manifest this update: Sat 29 Mar 2025 04:01:02 +0000
Manifest next update: Sun 30 Mar 2025 04:01:02 +0000
Files and hashes: 1: ojB_2XE9-VR6PiNiRu6ANmUyiuo.roa (hash: YbnnkO0HBRUHzkxo3r5IQRGQe30uxmuUwdAmB24B6sc=)
2: tKfQVIK4TTu2BPCZvK-eftNGiJo.crl (hash: zyXWGq66EPfAcD1KZtmv097P1s7qUxARepSuRB/olgs=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e0:0f:6d:5b:2a:58:6f:3b:f9:5c:e4:39:a1:9b:39:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a7d05482b84d3bb604f099bcaf9e7ed346889a
Validity
Not Before: Mar 29 04:01:02 2025 GMT
Not After : Mar 30 04:01:02 2025 GMT
Subject: CN=65fe72b59211c242efd697743a97ab26948a51ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4c:55:7b:b0:6f:24:5f:a9:b7:34:84:ba:2e:
c3:20:11:64:7a:c0:d5:35:4e:ab:0b:8c:11:42:9a:
f4:36:5a:66:7b:ec:2d:f2:41:31:06:a0:65:72:bf:
f6:fc:44:53:5b:d0:2f:f0:de:d8:44:fd:d2:58:1e:
81:5e:c2:14:8b:d1:17:2a:83:23:f1:32:e9:cb:57:
ee:be:3e:84:bd:15:d3:95:21:aa:cb:d5:bf:da:19:
5c:d3:f5:3c:95:c5:50:6e:6f:66:e4:8e:50:83:0e:
b8:3a:c2:e3:6a:a4:37:2d:bc:73:db:82:11:fb:7a:
1c:cd:eb:cc:e5:c4:a6:e3:55:5d:36:63:11:9b:42:
77:f1:e9:1f:00:09:1e:fb:d0:e9:c4:4f:c7:03:8e:
23:45:d6:30:f8:80:29:6f:44:f9:ca:aa:0e:e1:69:
84:df:40:0f:95:54:2b:38:fa:2f:3e:84:37:3b:9a:
03:f8:d3:73:d0:82:1b:d3:31:9c:81:ec:8d:5f:52:
16:eb:12:7b:74:72:b0:d9:6b:c4:aa:f6:62:5d:f9:
20:40:1f:58:b0:fe:24:7c:53:82:e9:64:79:49:09:
ce:23:7b:2f:0c:90:0e:f7:bb:72:06:c6:70:5c:77:
e0:85:50:9d:bb:41:71:be:1a:b1:22:4e:96:63:08:
07:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:FE:72:B5:92:11:C2:42:EF:D6:97:74:3A:97:AB:26:94:8A:51:CA
X509v3 Authority Key Identifier:
keyid:B4:A7:D0:54:82:B8:4D:3B:B6:04:F0:99:BC:AF:9E:7E:D3:46:88:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKfQVIK4TTu2BPCZvK-eftNGiJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/tKfQVIK4TTu2BPCZvK-eftNGiJo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/tKfQVIK4TTu2BPCZvK-eftNGiJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:28:1c:54:65:9a:1a:60:a6:eb:38:65:39:be:85:dd:db:8b:
a8:26:9d:63:1a:8d:78:cb:4b:c7:c5:48:f6:61:6c:87:a1:31:
87:79:10:c0:02:c4:88:e4:bc:6e:af:47:66:e2:f4:e3:59:98:
69:bb:9b:5f:a1:23:9f:56:9e:8a:03:c0:2d:86:ba:f3:8e:9f:
92:76:5e:17:96:ae:41:f1:d2:fa:37:49:8f:39:13:14:1a:5b:
3a:3d:20:85:32:59:03:26:74:4d:3d:55:b4:bd:7d:9a:4f:c0:
e0:60:c7:5e:6c:a0:06:54:00:35:81:2c:9a:ec:74:7c:84:b9:
98:1e:0a:23:3b:3e:90:cb:19:a4:ae:f0:fd:72:3f:98:95:9c:
61:e4:7a:22:7c:90:2d:b1:18:87:bd:f6:ae:3f:ec:08:9b:26:
80:4c:64:06:d2:c2:95:02:91:f9:29:a1:fb:39:bf:b2:9b:7d:
93:b7:37:55:ec:0e:a0:da:6a:6e:23:7b:dc:00:f6:56:e1:30:
04:92:dd:d7:1b:a6:9d:d4:4c:39:fa:91:6c:e7:c4:b3:eb:2e:
4f:c1:70:44:09:ef:d2:29:cb:74:f0:f5:30:40:ce:e5:2f:93:
0a:48:98:5e:9a:d8:10:61:77:e0:5a:9f:2c:6a:f9:d5:3a:a0:
39:3c:6d:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXgD21bKlhvO/lc5DmhmzkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTdkMDU0ODJiODRkM2JiNjA0ZjA5OWJjYWY5ZTdlZDM0
Njg4OWEwHhcNMjUwMzI5MDQwMTAyWhcNMjUwMzMwMDQwMTAyWjAzMTEwLwYDVQQD
Eyg2NWZlNzJiNTkyMTFjMjQyZWZkNjk3NzQzYTk3YWIyNjk0OGE1MWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0xVe7BvJF+ptzSEui7DIBFkesDV
NU6rC4wRQpr0Nlpme+wt8kExBqBlcr/2/ERTW9Av8N7YRP3SWB6BXsIUi9EXKoMj
8TLpy1fuvj6EvRXTlSGqy9W/2hlc0/U8lcVQbm9m5I5Qgw64OsLjaqQ3Lbxz24IR
+3oczevM5cSm41VdNmMRm0J38ekfAAke+9DpxE/HA44jRdYw+IApb0T5yqoO4WmE
30APlVQrOPovPoQ3O5oD+NNz0IIb0zGcgeyNX1IW6xJ7dHKw2WvEqvZiXfkgQB9Y
sP4kfFOC6WR5SQnOI3svDJAO97tyBsZwXHfghVCdu0FxvhqxIk6WYwgHTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGX+crWSEcJC79aXdDqXqyaUilHKMB8GA1UdIwQY
MBaAFLSn0FSCuE07tgTwmbyvnn7TRoiaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtmUVZJSzRUVHUyQlBDWnZLLWVmdE5HaUpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC85ZGQ4YWUtNGFmYy00NGMxLTliZDAt
YzUzMjE5NWVlZjQ5LzEvdEtmUVZJSzRUVHUyQlBDWnZLLWVmdE5HaUpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC85ZGQ4YWUtNGFmYy00NGMxLTliZDAtYzUzMjE5NWVlZjQ5
LzEvdEtmUVZJSzRUVHUyQlBDWnZLLWVmdE5HaUpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiigcVGWa
GmCm6zhlOb6F3duLqCadYxqNeMtLx8VI9mFsh6Exh3kQwALEiOS8bq9HZuL041mY
abubX6Ejn1aeigPALYa6846fknZeF5auQfHS+jdJjzkTFBpbOj0ghTJZAyZ0TT1V
tL19mk/A4GDHXmygBlQANYEsmux0fIS5mB4KIzs+kMsZpK7w/XI/mJWcYeR6InyQ
LbEYh732rj/sCJsmgExkBtLClQKR+Smh+zm/spt9k7c3VewOoNpqbiN73AD2VuEw
BJLd1xumndRMOfqRbOfEs+suT8FwRAnv0inLdPD1MEDO5S+TCkiYXprYEGF34Fqf
LGr51TqgOTxtNw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:55:39 2025 by rpki-client