Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft
File: zkn8E0twZULK8aHvvgNPcBG0lDY.mft (raw, json)
Hash identifier: Q5DHzqdrk9/KSauIObLVJZM/YYCeg809DfnokCs0ofA=
Subject key identifier: B4:B7:2C:5F:FD:18:AE:43:34:47:13:08:5F:F3:D1:2A:F9:E6:19:3B
Authority key identifier: CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36
Certificate issuer: /CN=ce49fc134b706542caf1a1efbe034f7011b49436
Certificate serial: 0195E07D4AED3F80D72E7A13C7431CC85592
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft
Manifest number: 03E9
Signing time: Sat 29 Mar 2025 06:01:02 +0000
Manifest this update: Sat 29 Mar 2025 06:01:02 +0000
Manifest next update: Sun 30 Mar 2025 06:01:02 +0000
Files and hashes: 1: SGAPHhpCJa9JFOb_Zf20G8kvkhI.roa (hash: 27D8nmxY/4y8rMryghx5LNMAGS+7aTblTkGND6PBRy0=)
2: zkn8E0twZULK8aHvvgNPcBG0lDY.crl (hash: UN/SZjkkIPYjSnC+6VdYrG1dBGE3w0P9jHPQf4YW/f8=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e0:7d:4a:ed:3f:80:d7:2e:7a:13:c7:43:1c:c8:55:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce49fc134b706542caf1a1efbe034f7011b49436
Validity
Not Before: Mar 29 06:01:02 2025 GMT
Not After : Mar 30 06:01:02 2025 GMT
Subject: CN=b4b72c5ffd18ae43344713085ff3d12af9e6193b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7f:ac:57:14:ff:55:71:93:a4:99:8c:f6:76:
d6:a3:4b:d4:71:c5:71:1e:a3:fb:89:ad:c0:6d:79:
18:b1:73:08:96:71:18:bc:21:5a:00:09:e9:1d:f7:
d0:a8:23:25:bd:4e:c0:5b:b0:74:e8:36:83:6c:8d:
68:f3:67:ed:0b:8d:3a:47:09:43:f7:c0:2e:ae:a2:
5b:2e:cd:c2:6a:87:91:0f:fb:fd:ad:de:9b:58:24:
94:62:cb:81:02:69:6b:5e:2e:84:d0:10:50:06:73:
5f:e9:de:ee:bd:74:37:82:87:e7:f1:7e:5a:6c:c9:
a9:e7:d6:4e:1e:a5:3a:8c:9f:e1:da:90:84:13:27:
9f:b7:d4:f8:08:4a:45:dc:6e:60:8a:0b:ab:56:77:
b6:fa:00:71:83:43:41:25:ed:d8:35:96:2b:fd:dc:
56:91:6b:9f:40:bb:5f:e1:0c:78:df:24:a8:00:a8:
9e:c9:00:62:2b:e8:8a:be:0e:17:77:4e:9b:25:76:
d7:ee:31:8a:81:45:ec:de:c0:fe:af:6f:25:c3:41:
9f:c1:cb:61:41:c1:ae:62:fc:01:1d:66:bd:26:2c:
45:6e:bb:50:0e:4a:71:bd:6e:66:62:c1:94:00:9e:
f6:a7:da:cb:97:bf:71:cc:7f:b4:37:84:58:7f:4a:
14:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B7:2C:5F:FD:18:AE:43:34:47:13:08:5F:F3:D1:2A:F9:E6:19:3B
X509v3 Authority Key Identifier:
keyid:CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b5:1d:55:19:8c:0e:90:f6:58:ae:4b:f6:44:2f:09:6c:2b:20:
e7:41:d4:f9:c1:62:48:b5:03:86:8e:20:93:9d:c7:78:a8:e8:
c3:ff:10:f4:7e:c8:0d:8b:87:72:56:b1:a8:87:09:5d:a8:88:
a6:a6:51:61:3b:6c:14:31:96:98:60:23:64:2c:00:01:87:92:
ed:28:e1:36:57:d7:42:3c:91:fb:67:96:d8:be:56:24:ea:35:
a5:df:41:e4:30:98:15:a1:a1:16:13:3c:4b:02:c5:2c:20:2c:
53:99:7c:5a:ed:c3:6c:09:86:cb:8c:d1:f0:f5:4d:71:30:5c:
9d:5e:ee:54:23:a5:ef:0b:2f:b4:db:7e:9a:d8:91:c6:1a:53:
44:8c:86:f5:1d:54:d3:77:91:f3:d8:04:c8:67:7a:90:aa:fb:
81:9d:3d:06:94:00:2c:e7:dc:1b:7c:2d:ba:c6:a4:e0:c9:78:
84:b9:03:f2:91:95:f9:9e:c2:ba:e2:33:29:d8:13:1e:47:cf:
19:13:b2:c4:6d:c3:74:4c:9e:43:92:f0:00:18:d3:83:ef:93:
d9:0c:43:bf:a5:87:13:07:95:4b:8b:69:27:f8:10:11:0e:fc:
ab:3d:83:63:8c:e9:14:d1:06:98:83:51:32:45:dd:1e:bd:95:
4c:cd:d0:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXgfUrtP4DXLnoTx0McyFWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDlmYzEzNGI3MDY1NDJjYWYxYTFlZmJlMDM0ZjcwMTFi
NDk0MzYwHhcNMjUwMzI5MDYwMTAyWhcNMjUwMzMwMDYwMTAyWjAzMTEwLwYDVQQD
EyhiNGI3MmM1ZmZkMThhZTQzMzQ0NzEzMDg1ZmYzZDEyYWY5ZTYxOTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0X+sVxT/VXGTpJmM9nbWo0vUccVx
HqP7ia3AbXkYsXMIlnEYvCFaAAnpHffQqCMlvU7AW7B06DaDbI1o82ftC406RwlD
98AurqJbLs3CaoeRD/v9rd6bWCSUYsuBAmlrXi6E0BBQBnNf6d7uvXQ3gofn8X5a
bMmp59ZOHqU6jJ/h2pCEEyeft9T4CEpF3G5gigurVne2+gBxg0NBJe3YNZYr/dxW
kWufQLtf4Qx43ySoAKieyQBiK+iKvg4Xd06bJXbX7jGKgUXs3sD+r28lw0Gfwcth
QcGuYvwBHWa9JixFbrtQDkpxvW5mYsGUAJ72p9rLl79xzH+0N4RYf0oUmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLS3LF/9GK5DNEcTCF/z0Sr55hk7MB8GA1UdIwQY
MBaAFM5J/BNLcGVCyvGh774DT3ARtJQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYt
NjQxZWRkYTA2Y2NlLzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYtNjQxZWRkYTA2Y2Nl
LzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtR1VGYwO
kPZYrkv2RC8JbCsg50HU+cFiSLUDho4gk53HeKjow/8Q9H7IDYuHclaxqIcJXaiI
pqZRYTtsFDGWmGAjZCwAAYeS7SjhNlfXQjyR+2eW2L5WJOo1pd9B5DCYFaGhFhM8
SwLFLCAsU5l8Wu3DbAmGy4zR8PVNcTBcnV7uVCOl7wsvtNt+mtiRxhpTRIyG9R1U
03eR89gEyGd6kKr7gZ09BpQALOfcG3wtusak4Ml4hLkD8pGV+Z7CuuIzKdgTHkfP
GROyxG3DdEyeQ5LwABjTg++T2QxDv6WHEweVS4tpJ/gQEQ78qz2DY4zpFNEGmINR
MkXdHr2VTM3QDQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:42:26 2025 by rpki-client