Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/Ojz5kZosgUbJb1oUsVdFm3lLai4.mft
File: Ojz5kZosgUbJb1oUsVdFm3lLai4.mft (raw, json)
Hash identifier: 2OjvogtMCSLC4kriK5NDRpHw4dqX3IPrywPdq8CDghY=
Subject key identifier: AC:13:4C:28:C5:AB:84:C1:DA:3C:0F:E0:3B:69:E3:9C:39:3F:E5:36
Authority key identifier: 3A:3C:F9:91:9A:2C:81:46:C9:6F:5A:14:B1:57:45:9B:79:4B:6A:2E
Certificate issuer: /CN=3a3cf9919a2c8146c96f5a14b157459b794b6a2e
Certificate serial: 0195E159671D1CE93C3BE89AFCFBDBC4BE24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ojz5kZosgUbJb1oUsVdFm3lLai4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/Ojz5kZosgUbJb1oUsVdFm3lLai4.mft
Manifest number: 14C2
Signing time: Sat 29 Mar 2025 10:01:27 +0000
Manifest this update: Sat 29 Mar 2025 10:01:27 +0000
Manifest next update: Sun 30 Mar 2025 10:01:27 +0000
Files and hashes: 1: Ojz5kZosgUbJb1oUsVdFm3lLai4.crl (hash: QeD6fOsZmybkvIfEty32JQD4fLb5nOrzDRzw48WRX3U=)
2: jm4B5paf_GVr-GpkHFsecVdl0nk.roa (hash: l8vtbC+hCoUUJ+YOCg7b9XUWVs7njLshIKLeOlHSZao=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e1:59:67:1d:1c:e9:3c:3b:e8:9a:fc:fb:db:c4:be:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a3cf9919a2c8146c96f5a14b157459b794b6a2e
Validity
Not Before: Mar 29 10:01:27 2025 GMT
Not After : Mar 30 10:01:27 2025 GMT
Subject: CN=ac134c28c5ab84c1da3c0fe03b69e39c393fe536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:be:2f:44:fd:22:19:a4:ae:34:ac:66:21:4d:
f9:c3:da:2d:2a:51:dd:d4:ca:28:13:29:41:c7:f2:
ae:c2:b9:9d:08:ae:6b:47:86:b1:4f:e9:d5:a2:10:
21:e4:8f:a5:ca:d5:fa:55:29:30:d5:29:5d:1a:0b:
b5:07:26:a2:12:fa:90:a1:75:62:ad:99:00:f3:54:
55:c7:89:4d:48:35:23:d6:f4:9e:0a:61:dc:fa:1f:
64:bb:e2:15:ff:dc:0c:a6:97:03:2a:ab:62:98:8a:
b7:d5:e8:56:20:7e:64:c2:12:ff:d1:82:7c:49:af:
e3:5c:47:27:e8:13:92:c3:71:9e:d9:ae:c8:50:40:
87:a7:27:61:c7:4e:dd:d6:41:59:8f:1d:aa:7d:e7:
16:0a:bf:0e:9d:39:87:9e:55:74:0d:c2:9c:b4:fb:
e7:e9:55:e0:06:e1:25:06:ce:55:6c:45:7a:4e:c1:
4a:c7:87:67:fe:0c:16:19:77:f0:21:62:98:2b:e6:
d3:0d:9d:dc:80:84:cd:11:39:07:86:29:49:39:41:
03:57:8b:45:39:4e:3a:21:b4:5c:89:33:fc:13:98:
9d:31:7d:37:2a:14:6a:7d:c9:96:53:68:93:dc:1e:
dc:52:3e:13:ef:90:f0:9b:08:9b:b4:16:dc:2d:ff:
e2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:13:4C:28:C5:AB:84:C1:DA:3C:0F:E0:3B:69:E3:9C:39:3F:E5:36
X509v3 Authority Key Identifier:
keyid:3A:3C:F9:91:9A:2C:81:46:C9:6F:5A:14:B1:57:45:9B:79:4B:6A:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ojz5kZosgUbJb1oUsVdFm3lLai4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/Ojz5kZosgUbJb1oUsVdFm3lLai4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/Ojz5kZosgUbJb1oUsVdFm3lLai4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
cb:90:b6:68:76:d0:91:11:b4:40:c4:e6:67:f9:ed:fe:d1:2b:
d0:f5:12:dd:9f:b5:22:ec:b5:bc:42:a0:c6:95:9f:b2:a1:19:
a0:28:ca:9c:fa:d8:be:ff:3a:a5:43:33:21:37:d9:87:23:af:
90:05:41:73:2c:2c:ab:f1:01:80:92:68:f2:05:a4:6b:fd:29:
b0:9d:d8:2e:7b:85:c5:70:37:e7:4b:5b:7e:d1:4e:4b:78:ce:
8f:a9:f1:3d:e2:1e:00:00:36:8c:cd:08:94:c0:87:a9:cb:db:
8c:80:6d:d6:86:06:d9:35:ff:e7:d7:52:d3:0c:a9:5f:ab:ea:
8e:82:21:f2:f0:d0:d5:fc:63:30:26:e2:9e:e0:b4:15:26:f7:
cf:28:da:62:36:a2:0b:95:af:41:39:0f:01:3b:51:19:98:d1:
61:ab:43:55:4b:7d:28:f8:a8:a6:2e:30:1b:b5:15:8c:d6:d9:
99:2c:5c:b0:5d:02:55:ff:c8:35:70:0c:3f:fd:e5:bb:67:6e:
0c:f1:11:cd:59:7b:f5:bd:aa:98:44:fe:21:e6:37:49:e6:96:
8b:1a:19:e0:a7:07:23:76:55:c1:79:c4:0e:5a:e8:09:d0:17:
b9:a7:5e:e9:72:39:97:07:ef:3b:c7:81:fb:0f:bd:92:e9:c9:
6e:f3:04:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXhWWcdHOk8O+ia/PvbxL4kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhM2NmOTkxOWEyYzgxNDZjOTZmNWExNGIxNTc0NTliNzk0
YjZhMmUwHhcNMjUwMzI5MTAwMTI3WhcNMjUwMzMwMTAwMTI3WjAzMTEwLwYDVQQD
EyhhYzEzNGMyOGM1YWI4NGMxZGEzYzBmZTAzYjY5ZTM5YzM5M2ZlNTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmL4vRP0iGaSuNKxmIU35w9otKlHd
1MooEylBx/KuwrmdCK5rR4axT+nVohAh5I+lytX6VSkw1SldGgu1ByaiEvqQoXVi
rZkA81RVx4lNSDUj1vSeCmHc+h9ku+IV/9wMppcDKqtimIq31ehWIH5kwhL/0YJ8
Sa/jXEcn6BOSw3Ge2a7IUECHpydhx07d1kFZjx2qfecWCr8OnTmHnlV0DcKctPvn
6VXgBuElBs5VbEV6TsFKx4dn/gwWGXfwIWKYK+bTDZ3cgITNETkHhilJOUEDV4tF
OU46IbRciTP8E5idMX03KhRqfcmWU2iT3B7cUj4T75DwmwibtBbcLf/ihQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKwTTCjFq4TB2jwP4Dtp45w5P+U2MB8GA1UdIwQY
MBaAFDo8+ZGaLIFGyW9aFLFXRZt5S2ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2p6NWtab3NnVWJKYjFvVXNWZEZtM2xMYWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85ZWE0OWEtY2Y2Ny00NjZhLWFiNWMt
NzBjYmY1MTQ5YTVhLzEvT2p6NWtab3NnVWJKYjFvVXNWZEZtM2xMYWk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85ZWE0OWEtY2Y2Ny00NjZhLWFiNWMtNzBjYmY1MTQ5YTVh
LzEvT2p6NWtab3NnVWJKYjFvVXNWZEZtM2xMYWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAy5C2aHbQ
kRG0QMTmZ/nt/tEr0PUS3Z+1Iuy1vEKgxpWfsqEZoCjKnPrYvv86pUMzITfZhyOv
kAVBcywsq/EBgJJo8gWka/0psJ3YLnuFxXA350tbftFOS3jOj6nxPeIeAAA2jM0I
lMCHqcvbjIBt1oYG2TX/59dS0wypX6vqjoIh8vDQ1fxjMCbinuC0FSb3zyjaYjai
C5WvQTkPATtRGZjRYatDVUt9KPiopi4wG7UVjNbZmSxcsF0CVf/INXAMP/3lu2du
DPERzVl79b2qmET+IeY3SeaWixoZ4KcHI3ZVwXnEDlroCdAXuade6XI5lwfvO8eB
+w+9kunJbvMECQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:41:14 2025 by rpki-client