Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/9ad081-da5a-42a4-a430-1e67170dfbba/1/OlVdhNzX3bZAaRuUDHygl3KIocQ.mft
File: OlVdhNzX3bZAaRuUDHygl3KIocQ.mft (raw, json)
Hash identifier: w1NR5gWoJ7MCcbrNisUFtOEdDPOWtD4bIS5/6/NU+QE=
Subject key identifier: DC:82:05:DE:02:36:04:ED:31:EE:4D:46:9B:61:04:92:EC:1E:B2:A8
Authority key identifier: 3A:55:5D:84:DC:D7:DD:B6:40:69:1B:94:0C:7C:A0:97:72:88:A1:C4
Certificate issuer: /CN=3a555d84dcd7ddb640691b940c7ca0977288a1c4
Certificate serial: 0199A31506100D14AC51BCB01032A14C8EC3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OlVdhNzX3bZAaRuUDHygl3KIocQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/9ad081-da5a-42a4-a430-1e67170dfbba/1/OlVdhNzX3bZAaRuUDHygl3KIocQ.mft
Manifest number: 09D2
Signing time: Thu 02 Oct 2025 04:01:28 +0000
Manifest this update: Thu 02 Oct 2025 04:01:28 +0000
Manifest next update: Fri 03 Oct 2025 04:01:28 +0000
Files and hashes: 1: OlVdhNzX3bZAaRuUDHygl3KIocQ.crl (hash: SY2H1S7NFCRI1f/Tw2EiMoYGzFLEvWstaIqxaiPSdMU=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a3:15:06:10:0d:14:ac:51:bc:b0:10:32:a1:4c:8e:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a555d84dcd7ddb640691b940c7ca0977288a1c4
Validity
Not Before: Oct 2 04:01:28 2025 GMT
Not After : Oct 3 04:01:28 2025 GMT
Subject: CN=dc8205de023604ed31ee4d469b610492ec1eb2a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d5:d0:1a:1b:36:06:ae:b2:18:04:bb:6f:de:
fc:16:4c:ec:57:f8:8d:65:b4:ea:93:67:ca:70:be:
b9:b6:53:5e:b0:de:f0:8b:09:b5:96:c8:81:34:1f:
e1:86:6e:f9:5e:c7:2b:c6:78:48:05:8c:cb:65:c5:
c1:93:c4:84:97:8a:7f:ad:b1:a7:3f:89:0c:29:2d:
b3:f3:89:0f:16:cc:ff:5c:9a:80:ce:0c:e0:03:c8:
ad:57:08:4e:ed:39:a4:3d:75:e0:c4:7e:09:ab:50:
a7:0f:4d:f0:ee:58:76:44:07:33:b2:cd:be:44:63:
9d:c8:a9:0f:db:f2:67:3d:14:70:b5:25:cb:1e:02:
7d:3c:7a:39:f6:66:cc:1c:f3:6d:de:e9:fa:e9:fd:
52:d6:b0:97:0b:c3:ef:c8:6e:de:62:41:cc:51:de:
7c:ee:e8:b9:f8:24:be:09:f5:9f:24:22:62:dd:68:
ea:9d:97:b5:e8:32:8e:80:8e:aa:c9:19:8b:00:18:
a0:00:1d:68:dd:ea:a0:0f:26:41:6f:3b:7d:de:f1:
c1:3c:e4:43:5b:d2:b0:61:47:94:33:b8:5d:3b:81:
0b:82:6e:c0:87:52:d3:25:24:a8:4b:01:fa:0f:88:
6d:91:cd:ed:06:27:35:40:b8:59:c4:35:b5:5e:cd:
3b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:82:05:DE:02:36:04:ED:31:EE:4D:46:9B:61:04:92:EC:1E:B2:A8
X509v3 Authority Key Identifier:
keyid:3A:55:5D:84:DC:D7:DD:B6:40:69:1B:94:0C:7C:A0:97:72:88:A1:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OlVdhNzX3bZAaRuUDHygl3KIocQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/9ad081-da5a-42a4-a430-1e67170dfbba/1/OlVdhNzX3bZAaRuUDHygl3KIocQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/9ad081-da5a-42a4-a430-1e67170dfbba/1/OlVdhNzX3bZAaRuUDHygl3KIocQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:2b:85:9e:59:f9:48:81:7b:cf:c1:67:3f:eb:f7:92:1d:c5:
e9:a2:fe:a6:eb:8f:29:8f:b9:76:3a:1b:e4:ec:4d:4e:92:ec:
92:aa:72:3a:19:07:79:00:e3:8b:f6:69:b9:44:1d:4d:d8:9f:
a8:8c:f8:8b:07:76:44:9f:51:48:90:a5:f3:51:d9:c9:9a:c7:
95:be:c1:ed:92:3b:7e:5b:2f:d2:d3:e9:1e:8c:a7:c6:54:bc:
47:c3:1c:b3:b6:72:e7:1f:c1:ad:03:bf:f3:68:c0:e0:c1:d1:
bb:f0:7f:9a:80:e1:42:74:5a:60:4d:e1:45:77:3c:51:1d:53:
66:9f:c6:b6:09:93:f7:05:6a:47:94:5c:3e:04:b3:be:e3:93:
52:80:7b:e5:59:6b:a9:02:d9:34:db:81:f6:f1:b7:34:35:28:
bb:8a:27:1b:1d:76:76:8b:df:8a:11:55:a7:39:02:46:f7:4e:
be:ef:68:b5:b3:b1:91:cf:b7:02:b9:de:6e:5c:b7:a5:0e:2f:
7e:d7:cf:44:ec:1d:79:e4:4f:41:25:46:aa:5d:2e:6f:d6:82:
20:0f:bf:78:c4:64:12:fa:92:e1:45:7a:0b:66:3e:84:97:30:
b1:04:2e:67:73:1b:e0:16:fb:05:bd:b2:93:fa:dd:3b:ec:47:
d3:fe:83:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZmjFQYQDRSsUbywEDKhTI7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNTU1ZDg0ZGNkN2RkYjY0MDY5MWI5NDBjN2NhMDk3NzI4
OGExYzQwHhcNMjUxMDAyMDQwMTI4WhcNMjUxMDAzMDQwMTI4WjAzMTEwLwYDVQQD
EyhkYzgyMDVkZTAyMzYwNGVkMzFlZTRkNDY5YjYxMDQ5MmVjMWViMmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NXQGhs2Bq6yGAS7b978FkzsV/iN
ZbTqk2fKcL65tlNesN7wiwm1lsiBNB/hhm75XscrxnhIBYzLZcXBk8SEl4p/rbGn
P4kMKS2z84kPFsz/XJqAzgzgA8itVwhO7TmkPXXgxH4Jq1CnD03w7lh2RAczss2+
RGOdyKkP2/JnPRRwtSXLHgJ9PHo59mbMHPNt3un66f1S1rCXC8PvyG7eYkHMUd58
7ui5+CS+CfWfJCJi3WjqnZe16DKOgI6qyRmLABigAB1o3eqgDyZBbzt93vHBPORD
W9KwYUeUM7hdO4ELgm7Ah1LTJSSoSwH6D4htkc3tBic1QLhZxDW1Xs07rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNyCBd4CNgTtMe5NRpthBJLsHrKoMB8GA1UdIwQY
MBaAFDpVXYTc1922QGkblAx8oJdyiKHEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2xWZGhOelgzYlpBYVJ1VURIeWdsM0tJb2NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy85YWQwODEtZGE1YS00MmE0LWE0MzAt
MWU2NzE3MGRmYmJhLzEvT2xWZGhOelgzYlpBYVJ1VURIeWdsM0tJb2NRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy85YWQwODEtZGE1YS00MmE0LWE0MzAtMWU2NzE3MGRmYmJh
LzEvT2xWZGhOelgzYlpBYVJ1VURIeWdsM0tJb2NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdyuFnln5
SIF7z8FnP+v3kh3F6aL+puuPKY+5djob5OxNTpLskqpyOhkHeQDji/ZpuUQdTdif
qIz4iwd2RJ9RSJCl81HZyZrHlb7B7ZI7flsv0tPpHoynxlS8R8Mcs7Zy5x/BrQO/
82jA4MHRu/B/moDhQnRaYE3hRXc8UR1TZp/GtgmT9wVqR5RcPgSzvuOTUoB75Vlr
qQLZNNuB9vG3NDUou4onGx12dovfihFVpzkCRvdOvu9otbOxkc+3Arnebly3pQ4v
ftfPROwdeeRPQSVGql0ub9aCIA+/eMRkEvqS4UV6C2Y+hJcwsQQuZ3Mb4Bb7Bb2y
k/rdO+xH0/6D4Q==
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:34:45 2026 by rpki-client