Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
File: 2Gcf4VfnflYoTFTVLi3w1_4609k.mft (raw, json)
Hash identifier: PXq6zoAgGPXeC8BIIXOmV0QiCPnfJwALN9WsNQ0Nwqc=
Subject key identifier: 82:08:77:A3:C5:36:75:73:51:DA:2A:40:DA:16:78:53:92:B0:C6:E0
Authority key identifier: D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9
Certificate issuer: /CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9
Certificate serial: 0195E0B43F51FE056A2399CFBA3DE79F533A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
Manifest number: 1153
Signing time: Sat 29 Mar 2025 07:01:03 +0000
Manifest this update: Sat 29 Mar 2025 07:01:03 +0000
Manifest next update: Sun 30 Mar 2025 07:01:03 +0000
Files and hashes: 1: 2Gcf4VfnflYoTFTVLi3w1_4609k.crl (hash: vZ6DcBdL5yHo5UOwpiSQmUOHdL4436ymmJu7AiS52AE=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e0:b4:3f:51:fe:05:6a:23:99:cf:ba:3d:e7:9f:53:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9
Validity
Not Before: Mar 29 07:01:03 2025 GMT
Not After : Mar 30 07:01:03 2025 GMT
Subject: CN=820877a3c536757351da2a40da16785392b0c6e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d1:2c:f1:f8:03:c3:8f:f0:0d:20:6b:33:b1:
bd:77:65:11:be:59:04:50:b4:e5:35:74:91:40:c5:
93:84:fc:30:68:84:68:53:72:71:b8:83:d3:b1:b5:
34:50:65:88:0e:27:82:d7:0f:fd:52:f6:2e:ea:cd:
2b:fd:f0:ef:8c:b4:39:fb:bc:64:e1:a7:01:e1:bd:
59:26:d7:c3:d7:5b:40:ad:7e:1f:17:49:de:da:27:
90:49:d5:be:9b:2e:74:ae:11:f3:7b:dd:cd:46:77:
18:66:cc:c2:b5:59:9b:d6:17:e8:f0:0f:25:69:1d:
72:43:6f:c0:15:6c:ef:1b:c4:13:ff:2a:fc:1f:64:
1f:05:c9:38:4f:4a:9a:b0:a6:1f:af:0c:c4:dd:85:
0e:62:f9:e4:67:75:7b:42:20:d3:d6:cf:2b:ec:8c:
68:98:cf:f8:01:2e:43:6d:2d:62:09:35:63:3c:03:
2a:e1:54:cf:e9:f2:1e:fb:fe:2c:8e:12:81:6b:99:
cb:cd:d7:d1:6f:ba:c5:c5:09:b9:7d:a8:1a:ae:4f:
f0:47:68:ec:c3:82:24:c7:1e:03:47:28:ce:07:f1:
9b:76:2f:28:6a:0e:2e:27:32:32:b2:c4:76:34:70:
a3:28:fe:6d:b2:91:8b:ce:30:72:9a:36:82:af:98:
08:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:08:77:A3:C5:36:75:73:51:DA:2A:40:DA:16:78:53:92:B0:C6:E0
X509v3 Authority Key Identifier:
keyid:D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:e4:5b:48:d3:28:7c:8c:5f:9d:e2:7d:10:32:7e:be:7f:7a:
b3:42:bd:e5:99:52:7a:9e:14:05:8e:32:b1:e9:a3:d5:46:02:
44:30:15:da:9b:50:7a:53:97:89:d7:22:8d:37:51:d7:df:6a:
d0:fb:dc:f6:24:70:28:1b:84:3d:d3:de:43:22:7e:ad:52:50:
37:48:bc:20:b4:38:20:c8:5e:01:4b:6e:02:da:bf:2e:87:00:
d4:94:13:56:2c:e0:76:2c:1c:5d:71:69:2c:84:35:d9:4a:47:
9e:18:de:84:e2:6f:3b:48:e5:3b:0e:44:33:95:20:fc:bf:8e:
18:13:81:ea:6e:95:f6:74:41:c3:a8:6d:96:1e:0f:5b:94:e1:
ca:00:49:c8:22:4e:ba:64:bd:9e:4d:cc:3b:5e:ad:ce:cf:97:
15:32:ac:3c:29:75:9e:da:c0:fe:c5:e9:c1:8c:37:3d:73:8e:
80:cd:aa:12:11:5f:be:bb:23:0c:c8:7a:35:fb:4c:99:02:87:
f6:97:63:80:6b:ef:d6:c8:2c:28:89:b7:09:eb:09:b5:cf:a0:
f4:a2:06:ad:04:89:32:98:d0:71:d3:5a:06:9f:55:21:f1:54:
26:0e:ad:8e:6a:1a:12:7c:f1:6f:f6:de:f1:d8:b7:3c:2e:83:
1d:f7:c3:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXgtD9R/gVqI5nPuj3nn1M6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjcxZmUxNTdlNzdlNTYyODRjNTRkNTJlMmRmMGQ3ZmUz
YWQzZDkwHhcNMjUwMzI5MDcwMTAzWhcNMjUwMzMwMDcwMTAzWjAzMTEwLwYDVQQD
Eyg4MjA4NzdhM2M1MzY3NTczNTFkYTJhNDBkYTE2Nzg1MzkyYjBjNmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNEs8fgDw4/wDSBrM7G9d2URvlkE
ULTlNXSRQMWThPwwaIRoU3JxuIPTsbU0UGWIDieC1w/9UvYu6s0r/fDvjLQ5+7xk
4acB4b1ZJtfD11tArX4fF0ne2ieQSdW+my50rhHze93NRncYZszCtVmb1hfo8A8l
aR1yQ2/AFWzvG8QT/yr8H2QfBck4T0qasKYfrwzE3YUOYvnkZ3V7QiDT1s8r7Ixo
mM/4AS5DbS1iCTVjPAMq4VTP6fIe+/4sjhKBa5nLzdfRb7rFxQm5fagark/wR2js
w4Ikxx4DRyjOB/Gbdi8oag4uJzIyssR2NHCjKP5tspGLzjBymjaCr5gICwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIIId6PFNnVzUdoqQNoWeFOSsMbgMB8GA1UdIwQY
MBaAFNhnH+FX535WKExU1S4t8Nf+OtPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMt
MWVhYmZmYWFmZjE5LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMtMWVhYmZmYWFmZjE5
LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF+RbSNMo
fIxfneJ9EDJ+vn96s0K95ZlSep4UBY4ysemj1UYCRDAV2ptQelOXidcijTdR199q
0Pvc9iRwKBuEPdPeQyJ+rVJQN0i8ILQ4IMheAUtuAtq/LocA1JQTVizgdiwcXXFp
LIQ12UpHnhjehOJvO0jlOw5EM5Ug/L+OGBOB6m6V9nRBw6htlh4PW5ThygBJyCJO
umS9nk3MO16tzs+XFTKsPCl1ntrA/sXpwYw3PXOOgM2qEhFfvrsjDMh6NftMmQKH
9pdjgGvv1sgsKIm3CesJtc+g9KIGrQSJMpjQcdNaBp9VIfFUJg6tjmoaEnzxb/be
8di3PC6DHffD3A==
-----END CERTIFICATE-----
Generated at Sat Apr 12 01:16:23 2025 by rpki-client