Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft
File: nSAoCNH5FFVeG9WcFncof_mztZA.mft (raw, json)
Hash identifier: KlIunnwovbwq3he2xidwiseKQpUNPxctChAj4HyauJA=
Subject key identifier: A6:AE:D6:B3:83:1C:2D:7E:40:FF:0D:DE:A7:DD:8C:49:9B:F3:31:28
Authority key identifier: 9D:20:28:08:D1:F9:14:55:5E:1B:D5:9C:16:77:28:7F:F9:B3:B5:90
Certificate issuer: /CN=9d202808d1f914555e1bd59c1677287ff9b3b590
Certificate serial: 0195E1906D040A93E01C0336E6D07361A51A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSAoCNH5FFVeG9WcFncof_mztZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft
Manifest number: 0ECC
Signing time: Sat 29 Mar 2025 11:01:33 +0000
Manifest this update: Sat 29 Mar 2025 11:01:33 +0000
Manifest next update: Sun 30 Mar 2025 11:01:33 +0000
Files and hashes: 1: nSAoCNH5FFVeG9WcFncof_mztZA.crl (hash: TNQISeCn6fQUE2vRCaoh5/JzaLPqS6Zxev5wtzcQclI=)
2: qztp8oOkrsOnZQZ-AVesJkd8gBA.roa (hash: w8j5kLnBBDJA6YAxwk7yr2iHlxdseJ2t5FGwhKWuj0I=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e1:90:6d:04:0a:93:e0:1c:03:36:e6:d0:73:61:a5:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d202808d1f914555e1bd59c1677287ff9b3b590
Validity
Not Before: Mar 29 11:01:33 2025 GMT
Not After : Mar 30 11:01:33 2025 GMT
Subject: CN=a6aed6b3831c2d7e40ff0ddea7dd8c499bf33128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:33:e9:13:fa:5a:69:82:d5:52:db:63:df:51:
e7:81:9b:84:14:13:e9:20:7f:e2:2b:6d:e7:8c:57:
09:3f:53:cf:9a:33:67:a9:c2:df:83:24:00:ed:a1:
5b:20:ed:47:5f:dc:ce:e5:80:b1:2c:96:57:54:51:
d0:85:8d:91:89:6c:79:d9:63:a1:10:74:37:a4:2e:
cb:9a:25:75:b7:d5:02:de:61:1d:3f:7a:4d:66:4a:
12:ed:63:fb:28:c5:fc:a2:7b:88:c0:4a:fb:a6:b7:
55:4e:be:25:67:7f:e0:a7:fc:30:cb:b9:10:87:18:
bb:69:d5:33:0e:7d:8b:93:7b:db:a5:db:7f:58:13:
d7:10:58:dd:62:eb:ed:b3:49:4d:13:a4:fc:1d:c7:
cb:eb:db:f6:6f:08:ac:59:a3:50:a0:1c:78:09:75:
ed:49:20:4e:5f:c0:39:42:ba:af:6a:31:85:be:bc:
f3:1c:d1:c8:5a:8b:d0:6b:77:ad:29:0f:78:16:d3:
12:da:e3:6e:06:09:ea:6b:e9:df:8f:df:8b:a2:76:
55:aa:1c:06:06:a0:b4:23:87:40:2e:69:f0:93:10:
96:f0:38:53:1f:e2:ad:64:c9:e4:0f:37:89:74:5d:
73:06:85:1d:0b:5a:be:5f:2c:43:29:90:fd:2f:01:
33:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:AE:D6:B3:83:1C:2D:7E:40:FF:0D:DE:A7:DD:8C:49:9B:F3:31:28
X509v3 Authority Key Identifier:
keyid:9D:20:28:08:D1:F9:14:55:5E:1B:D5:9C:16:77:28:7F:F9:B3:B5:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSAoCNH5FFVeG9WcFncof_mztZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ce:16:69:63:20:1b:f7:51:3e:e2:a3:a0:ad:40:4b:9e:52:c6:
47:aa:19:3b:cc:a2:f7:5b:9d:0b:ed:60:64:b5:28:48:a3:12:
3b:b8:d5:53:75:95:c2:b1:b1:10:0c:c1:54:ec:20:47:33:5a:
b4:2b:16:f7:65:87:40:17:2f:ad:c6:bd:db:4f:6d:61:d2:1e:
dc:d3:5d:0a:cf:58:8a:31:84:61:47:01:d1:a8:06:ad:dd:41:
e8:f7:09:48:d2:12:75:70:cd:d6:0d:23:cc:dc:cf:1d:bd:b6:
50:03:ef:3a:c3:14:88:6f:e9:3e:5e:6e:90:88:49:20:d3:94:
01:d8:fa:75:db:06:4f:fc:11:9c:df:ff:e4:55:ef:ec:91:18:
52:d3:d7:ea:1f:7a:9b:be:96:37:25:ba:58:3b:a4:0f:6e:ab:
42:e9:b9:54:92:3d:01:5d:57:d9:48:a7:03:90:cb:67:e2:00:
81:18:e2:74:a2:a5:4e:a7:d2:c1:a7:88:d1:f4:5b:c7:98:96:
5e:a7:49:a5:f4:fd:9b:74:e2:ca:d4:5e:6a:9c:d7:cb:47:73:
65:a9:63:aa:60:b8:bc:d3:32:77:ab:57:ed:2a:83:25:26:88:
2a:69:19:65:2a:8a:9a:88:57:e1:a8:bc:96:3c:df:c2:5b:98:
00:aa:25:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXhkG0ECpPgHAM25tBzYaUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjAyODA4ZDFmOTE0NTU1ZTFiZDU5YzE2NzcyODdmZjli
M2I1OTAwHhcNMjUwMzI5MTEwMTMzWhcNMjUwMzMwMTEwMTMzWjAzMTEwLwYDVQQD
EyhhNmFlZDZiMzgzMWMyZDdlNDBmZjBkZGVhN2RkOGM0OTliZjMzMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzPpE/paaYLVUttj31HngZuEFBPp
IH/iK23njFcJP1PPmjNnqcLfgyQA7aFbIO1HX9zO5YCxLJZXVFHQhY2RiWx52WOh
EHQ3pC7LmiV1t9UC3mEdP3pNZkoS7WP7KMX8onuIwEr7prdVTr4lZ3/gp/wwy7kQ
hxi7adUzDn2Lk3vbpdt/WBPXEFjdYuvts0lNE6T8HcfL69v2bwisWaNQoBx4CXXt
SSBOX8A5QrqvajGFvrzzHNHIWovQa3etKQ94FtMS2uNuBgnqa+nfj9+LonZVqhwG
BqC0I4dALmnwkxCW8DhTH+KtZMnkDzeJdF1zBoUdC1q+XyxDKZD9LwEzywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKau1rODHC1+QP8N3qfdjEmb8zEoMB8GA1UdIwQY
MBaAFJ0gKAjR+RRVXhvVnBZ3KH/5s7WQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNBb0NOSDVGRlZlRzlXY0ZuY29mX216dFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9hNWMwNjktODA2MS00ZGVlLTk1Njgt
ODgwYjJkZjU3ZjI1LzEvblNBb0NOSDVGRlZlRzlXY0ZuY29mX216dFpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9hNWMwNjktODA2MS00ZGVlLTk1NjgtODgwYjJkZjU3ZjI1
LzEvblNBb0NOSDVGRlZlRzlXY0ZuY29mX216dFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzhZpYyAb
91E+4qOgrUBLnlLGR6oZO8yi91udC+1gZLUoSKMSO7jVU3WVwrGxEAzBVOwgRzNa
tCsW92WHQBcvrca9209tYdIe3NNdCs9YijGEYUcB0agGrd1B6PcJSNISdXDN1g0j
zNzPHb22UAPvOsMUiG/pPl5ukIhJINOUAdj6ddsGT/wRnN//5FXv7JEYUtPX6h96
m76WNyW6WDukD26rQum5VJI9AV1X2UinA5DLZ+IAgRjidKKlTqfSwaeI0fRbx5iW
XqdJpfT9m3TiytReapzXy0dzZaljqmC4vNMyd6tX7SqDJSaIKmkZZSqKmohX4ai8
ljzfwluYAKolcw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:24 2025 by rpki-client