Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/a81707-4152-42bb-a38c-2bf3b6ce101b/1/XN9YiHkCahtIPXmajow2OLYhrls.mft
File: XN9YiHkCahtIPXmajow2OLYhrls.mft (raw, json)
Hash identifier: hSRSceCPqr0xWTLIiivHVMHH8yudzs5uBwEY+Ow5BtA=
Subject key identifier: 8D:FF:4B:53:0B:41:23:CB:5E:6C:B7:A9:F9:95:2D:70:E5:A5:EF:48
Authority key identifier: 5C:DF:58:88:79:02:6A:1B:48:3D:79:9A:8E:8C:36:38:B6:21:AE:5B
Certificate issuer: /CN=5cdf588879026a1b483d799a8e8c3638b621ae5b
Certificate serial: 018B8F43CB9291891512F62F358765692CA1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XN9YiHkCahtIPXmajow2OLYhrls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/a81707-4152-42bb-a38c-2bf3b6ce101b/1/XN9YiHkCahtIPXmajow2OLYhrls.mft
Manifest number: 0855
Signing time: Thu 02 Nov 2023 09:01:06 +0000
Manifest this update: Thu 02 Nov 2023 09:01:06 +0000
Manifest next update: Fri 03 Nov 2023 09:01:06 +0000
Files and hashes: 1: XN9YiHkCahtIPXmajow2OLYhrls.crl (hash: gQgqRQ3z9u0BUGFTwUz/TiXCCJnUOvHpt1YLAohHLiM=)
2: a9TWTRH2ESMKOGsCZ5DewgMjsr8.roa (hash: qvVQYukGJHKTqmuliorm/RtcZhGRquyMqpNa/u1dKmA=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:43:cb:92:91:89:15:12:f6:2f:35:87:65:69:2c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdf588879026a1b483d799a8e8c3638b621ae5b
Validity
Not Before: Nov 2 09:01:06 2023 GMT
Not After : Nov 3 09:01:06 2023 GMT
Subject: CN=8dff4b530b4123cb5e6cb7a9f9952d70e5a5ef48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d7:04:cd:5f:44:80:b6:ef:eb:b1:bb:e7:b6:
21:13:fd:8b:b8:85:ea:14:77:e8:8c:01:26:23:1e:
36:6d:a8:83:21:b2:c4:41:1c:6f:25:21:5a:7e:7d:
68:38:69:74:bf:d1:b7:28:17:b1:76:f0:36:a8:4e:
3f:34:cf:58:9e:29:68:40:8c:91:14:85:e0:f1:73:
32:a3:33:aa:60:f2:81:18:e9:5f:4e:11:eb:26:d5:
e3:bb:ae:79:07:ac:3b:e0:b1:98:6a:a4:ff:1a:ea:
f3:7b:47:d9:61:31:93:b2:07:d9:ad:08:37:0f:67:
18:4c:55:ba:41:05:05:e3:bb:34:a2:68:4f:82:79:
97:44:f2:62:55:0c:c4:cd:48:a6:55:c9:3a:fc:95:
37:7f:b1:6b:25:ed:ee:1d:80:30:64:57:1a:dd:46:
a4:7d:38:48:c5:d7:71:8b:cf:ec:da:37:01:96:3a:
f7:ca:7c:25:38:c5:c2:aa:77:70:b1:fa:35:07:27:
da:75:ac:56:8d:5c:03:53:37:88:74:3e:56:be:ec:
85:b5:1b:d4:fd:a4:e2:e6:dc:8d:a8:45:0f:57:eb:
9e:71:d9:3d:2c:af:22:e3:b8:6e:86:17:c6:47:27:
05:0b:39:de:79:16:7f:cc:1f:93:fc:83:a1:bc:d6:
27:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:FF:4B:53:0B:41:23:CB:5E:6C:B7:A9:F9:95:2D:70:E5:A5:EF:48
X509v3 Authority Key Identifier:
keyid:5C:DF:58:88:79:02:6A:1B:48:3D:79:9A:8E:8C:36:38:B6:21:AE:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN9YiHkCahtIPXmajow2OLYhrls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a81707-4152-42bb-a38c-2bf3b6ce101b/1/XN9YiHkCahtIPXmajow2OLYhrls.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a81707-4152-42bb-a38c-2bf3b6ce101b/1/XN9YiHkCahtIPXmajow2OLYhrls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:63:6b:6b:80:de:85:5b:77:29:52:f5:2c:d5:07:2b:69:00:
a8:51:db:8f:43:84:de:49:8f:26:63:03:63:34:af:05:ab:9a:
95:2c:e4:69:b3:f0:2a:e8:10:68:2c:0d:27:23:9f:bd:4a:18:
af:57:1d:95:92:34:06:8d:59:08:a3:c5:aa:13:a5:3d:1b:34:
aa:97:b8:fc:1e:58:88:c9:dc:b8:d9:7c:61:e0:30:26:b5:7c:
0c:a3:04:ea:41:95:7b:a6:fb:38:78:43:4c:c3:bb:f6:85:97:
06:52:3d:aa:7e:22:b3:72:30:8d:6d:81:7a:be:eb:05:72:3c:
33:f3:92:b5:a4:f4:d2:f8:39:c4:58:a6:de:91:53:66:6c:85:
62:2e:97:ff:71:1f:13:d7:f0:5e:6b:85:8c:3a:9d:99:38:8f:
35:76:67:ae:af:ea:09:ca:f6:f5:d2:3d:41:e2:67:92:41:52:
71:16:ac:1e:cf:92:52:b1:b5:31:f5:fd:be:fe:79:b4:52:94:
e4:e0:18:8e:ec:01:b4:f5:11:17:f4:ab:a0:be:da:43:85:af:
b1:24:91:f4:2f:54:a2:79:93:f8:8f:dc:a5:13:7d:d3:0e:ff:
b7:93:cb:05:25:27:48:df:16:bd:28:5d:86:5c:81:c3:96:5c:
5f:75:12:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYuPQ8uSkYkVEvYvNYdlaSyhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZGY1ODg4NzkwMjZhMWI0ODNkNzk5YThlOGMzNjM4YjYy
MWFlNWIwHhcNMjMxMTAyMDkwMTA2WhcNMjMxMTAzMDkwMTA2WjAzMTEwLwYDVQQD
Eyg4ZGZmNGI1MzBiNDEyM2NiNWU2Y2I3YTlmOTk1MmQ3MGU1YTVlZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNcEzV9EgLbv67G757YhE/2LuIXq
FHfojAEmIx42baiDIbLEQRxvJSFafn1oOGl0v9G3KBexdvA2qE4/NM9YniloQIyR
FIXg8XMyozOqYPKBGOlfThHrJtXju655B6w74LGYaqT/Gurze0fZYTGTsgfZrQg3
D2cYTFW6QQUF47s0omhPgnmXRPJiVQzEzUimVck6/JU3f7FrJe3uHYAwZFca3Uak
fThIxddxi8/s2jcBljr3ynwlOMXCqndwsfo1ByfadaxWjVwDUzeIdD5WvuyFtRvU
/aTi5tyNqEUPV+uecdk9LK8i47huhhfGRycFCzneeRZ/zB+T/IOhvNYniQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI3/S1MLQSPLXmy3qfmVLXDlpe9IMB8GA1UdIwQY
MBaAFFzfWIh5AmobSD15mo6MNji2Ia5bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE45WWlIa0NhaHRJUFhtYWpvdzJPTFlocmxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hODE3MDctNDE1Mi00MmJiLWEzOGMt
MmJmM2I2Y2UxMDFiLzEvWE45WWlIa0NhaHRJUFhtYWpvdzJPTFlocmxzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hODE3MDctNDE1Mi00MmJiLWEzOGMtMmJmM2I2Y2UxMDFi
LzEvWE45WWlIa0NhaHRJUFhtYWpvdzJPTFlocmxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbWNra4De
hVt3KVL1LNUHK2kAqFHbj0OE3kmPJmMDYzSvBaualSzkabPwKugQaCwNJyOfvUoY
r1cdlZI0Bo1ZCKPFqhOlPRs0qpe4/B5YiMncuNl8YeAwJrV8DKME6kGVe6b7OHhD
TMO79oWXBlI9qn4is3IwjW2Ber7rBXI8M/OStaT00vg5xFim3pFTZmyFYi6X/3Ef
E9fwXmuFjDqdmTiPNXZnrq/qCcr29dI9QeJnkkFScRasHs+SUrG1MfX9vv55tFKU
5OAYjuwBtPURF/SroL7aQ4WvsSSR9C9UonmT+I/cpRN90w7/t5PLBSUnSN8WvShd
hlyBw5ZcX3USQQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:09 2025 by rpki-client