Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3428e7-15f9-46b4-b979-519f983c72b5/1/OPTCXh3yYxfO-ePKcgBfH3vR2vY.mft
File: OPTCXh3yYxfO-ePKcgBfH3vR2vY.mft (raw, json)
Hash identifier: Fg50779eQNX1KzmRWSsgCbkY+5OnBwer7/bygVHGZHc=
Subject key identifier: A9:8B:89:9F:2A:C2:92:D7:A3:8B:45:FF:04:45:A3:AD:A1:5E:E8:25
Authority key identifier: 38:F4:C2:5E:1D:F2:63:17:CE:F9:E3:CA:72:00:5F:1F:7B:D1:DA:F6
Certificate issuer: /CN=38f4c25e1df26317cef9e3ca72005f1f7bd1daf6
Certificate serial: 0195E046B8C0923802E4F9CE827022176686
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OPTCXh3yYxfO-ePKcgBfH3vR2vY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/3428e7-15f9-46b4-b979-519f983c72b5/1/OPTCXh3yYxfO-ePKcgBfH3vR2vY.mft
Manifest number: 14BD
Signing time: Sat 29 Mar 2025 05:01:25 +0000
Manifest this update: Sat 29 Mar 2025 05:01:25 +0000
Manifest next update: Sun 30 Mar 2025 05:01:25 +0000
Files and hashes: 1: OPTCXh3yYxfO-ePKcgBfH3vR2vY.crl (hash: nRXG6cHQesNnd/s3aMd1qfENzCdtYtv8M0wSZL3LQZY=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e0:46:b8:c0:92:38:02:e4:f9:ce:82:70:22:17:66:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38f4c25e1df26317cef9e3ca72005f1f7bd1daf6
Validity
Not Before: Mar 29 05:01:25 2025 GMT
Not After : Mar 30 05:01:25 2025 GMT
Subject: CN=a98b899f2ac292d7a38b45ff0445a3ada15ee825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:8e:69:1a:f7:8f:98:3c:ef:c9:ae:44:f7:ca:
d2:61:e7:5f:99:07:02:99:37:8f:c9:6c:bf:d3:c9:
de:96:c1:24:dc:b9:19:89:74:f1:53:93:fe:9d:9d:
86:2e:97:ba:f2:67:9f:44:9c:b1:e5:a3:c9:12:76:
7c:07:c9:8e:6f:6c:68:01:a0:9b:8c:0e:69:cf:9f:
80:b2:e1:28:59:e0:f2:ef:5c:c7:0d:61:48:d5:b3:
43:c7:f7:e7:b9:95:87:4a:94:53:52:d4:ba:5b:19:
ac:27:85:96:2c:3e:e5:08:bd:76:c1:90:88:db:13:
23:5b:c5:af:76:7e:a0:d1:1c:e3:b6:ba:e1:9d:55:
eb:1b:6b:a2:3b:4b:76:cc:e3:83:65:57:eb:66:7c:
dd:4b:4c:6a:8f:89:c0:23:fb:82:ba:e5:31:07:0e:
71:a6:eb:75:e3:08:a3:00:b2:c3:5c:e9:a7:be:52:
2c:4c:b0:76:44:10:cd:79:5d:9a:af:39:15:3e:47:
79:6d:c0:63:52:90:e3:33:00:db:9d:c1:14:b3:b1:
d2:de:94:43:d0:ec:65:35:c6:32:f0:b1:ed:aa:7c:
c6:b0:e2:df:77:16:0a:4b:ea:bb:60:87:24:57:58:
ad:1e:72:d8:46:fc:31:79:04:ca:4c:7d:95:71:93:
ba:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:8B:89:9F:2A:C2:92:D7:A3:8B:45:FF:04:45:A3:AD:A1:5E:E8:25
X509v3 Authority Key Identifier:
keyid:38:F4:C2:5E:1D:F2:63:17:CE:F9:E3:CA:72:00:5F:1F:7B:D1:DA:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPTCXh3yYxfO-ePKcgBfH3vR2vY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3428e7-15f9-46b4-b979-519f983c72b5/1/OPTCXh3yYxfO-ePKcgBfH3vR2vY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3428e7-15f9-46b4-b979-519f983c72b5/1/OPTCXh3yYxfO-ePKcgBfH3vR2vY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:70:8a:4a:39:db:71:54:e4:f9:4a:7c:05:de:d9:c6:90:df:
2b:3f:f7:2e:f8:a4:40:6e:66:74:7f:c4:cd:eb:32:25:84:5b:
2f:c9:1b:1e:75:02:17:21:c8:e5:5a:87:ec:c4:ee:9f:ee:35:
ca:82:fc:26:38:02:a1:06:0b:75:09:73:bd:9a:04:26:9a:44:
57:9d:13:a1:e2:37:83:21:79:94:2a:95:65:1c:80:b0:02:4a:
a0:52:02:96:61:e6:59:2f:13:de:c0:d9:06:1b:1b:71:5a:49:
e6:a5:52:74:43:ad:25:af:be:82:03:dd:0b:64:36:71:f1:39:
20:16:40:a9:94:33:df:81:33:1e:6c:05:71:cc:36:ee:7e:8b:
c0:5a:6e:a8:bc:e6:09:07:ea:f8:41:d7:3e:48:60:fe:b0:7a:
52:a4:9a:8f:a9:bb:07:33:55:43:cb:9a:1a:f8:fb:36:03:33:
af:4f:54:27:b6:41:6d:ea:0c:48:a2:6e:63:61:8c:19:1d:81:
12:26:36:06:81:de:9a:ef:f3:27:85:99:bb:4a:d1:2a:86:1b:
4d:cf:1d:91:48:a7:29:ee:56:9f:6a:f6:41:c5:ec:17:3a:95:
f3:c1:41:3b:b7:8d:d5:c4:aa:59:c2:41:0e:ca:d4:bd:f9:37:
04:d7:86:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXgRrjAkjgC5PnOgnAiF2aGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZjRjMjVlMWRmMjYzMTdjZWY5ZTNjYTcyMDA1ZjFmN2Jk
MWRhZjYwHhcNMjUwMzI5MDUwMTI1WhcNMjUwMzMwMDUwMTI1WjAzMTEwLwYDVQQD
EyhhOThiODk5ZjJhYzI5MmQ3YTM4YjQ1ZmYwNDQ1YTNhZGExNWVlODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjY5pGvePmDzvya5E98rSYedfmQcC
mTePyWy/08nelsEk3LkZiXTxU5P+nZ2GLpe68mefRJyx5aPJEnZ8B8mOb2xoAaCb
jA5pz5+AsuEoWeDy71zHDWFI1bNDx/fnuZWHSpRTUtS6WxmsJ4WWLD7lCL12wZCI
2xMjW8Wvdn6g0RzjtrrhnVXrG2uiO0t2zOODZVfrZnzdS0xqj4nAI/uCuuUxBw5x
put14wijALLDXOmnvlIsTLB2RBDNeV2arzkVPkd5bcBjUpDjMwDbncEUs7HS3pRD
0OxlNcYy8LHtqnzGsOLfdxYKS+q7YIckV1itHnLYRvwxeQTKTH2VcZO6swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKmLiZ8qwpLXo4tF/wRFo62hXuglMB8GA1UdIwQY
MBaAFDj0wl4d8mMXzvnjynIAXx970dr2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1BUQ1hoM3lZeGZPLWVQS2NnQmZIM3ZSMnZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zNDI4ZTctMTVmOS00NmI0LWI5Nzkt
NTE5Zjk4M2M3MmI1LzEvT1BUQ1hoM3lZeGZPLWVQS2NnQmZIM3ZSMnZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zNDI4ZTctMTVmOS00NmI0LWI5NzktNTE5Zjk4M2M3MmI1
LzEvT1BUQ1hoM3lZeGZPLWVQS2NnQmZIM3ZSMnZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK3CKSjnb
cVTk+Up8Bd7ZxpDfKz/3LvikQG5mdH/EzesyJYRbL8kbHnUCFyHI5VqH7MTun+41
yoL8JjgCoQYLdQlzvZoEJppEV50ToeI3gyF5lCqVZRyAsAJKoFIClmHmWS8T3sDZ
BhsbcVpJ5qVSdEOtJa++ggPdC2Q2cfE5IBZAqZQz34EzHmwFccw27n6LwFpuqLzm
CQfq+EHXPkhg/rB6UqSaj6m7BzNVQ8uaGvj7NgMzr09UJ7ZBbeoMSKJuY2GMGR2B
EiY2BoHemu/zJ4WZu0rRKoYbTc8dkUinKe5Wn2r2QcXsFzqV88FBO7eN1cSqWcJB
DsrUvfk3BNeGwg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:20 2025 by rpki-client