Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/uXK9SdVRtK2lvWu2lWGKeUUa004.mft
File: uXK9SdVRtK2lvWu2lWGKeUUa004.mft (raw, json)
Hash identifier: ZgQOOnQDD4xPC1RfylbeaZz/7eyD4ewhI2B0Tq+NYfc=
Subject key identifier: DB:FC:1C:95:D0:16:2A:69:20:62:9E:AF:06:58:AF:72:86:77:89:57
Authority key identifier: B9:72:BD:49:D5:51:B4:AD:A5:BD:6B:B6:95:61:8A:79:45:1A:D3:4E
Certificate issuer: /CN=b972bd49d551b4ada5bd6bb695618a79451ad34e
Certificate serial: 0195DFD8976A493DC354CD4CEE7A59C1A30B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXK9SdVRtK2lvWu2lWGKeUUa004.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/uXK9SdVRtK2lvWu2lWGKeUUa004.mft
Manifest number: 0721
Signing time: Sat 29 Mar 2025 03:01:08 +0000
Manifest this update: Sat 29 Mar 2025 03:01:08 +0000
Manifest next update: Sun 30 Mar 2025 03:01:08 +0000
Files and hashes: 1: hcpelkMB3HLp2KFjx3F4u7p7QiA.roa (hash: 61+3xEVQzTEIYSViuJWqNAx3iaX+tJlcGs9MEnOKcRg=)
2: uXK9SdVRtK2lvWu2lWGKeUUa004.crl (hash: 96Skgmsu7nV8h+RDFHHzg2f3gTVk5t/80JkFiP4Py9s=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:df:d8:97:6a:49:3d:c3:54:cd:4c:ee:7a:59:c1:a3:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b972bd49d551b4ada5bd6bb695618a79451ad34e
Validity
Not Before: Mar 29 03:01:08 2025 GMT
Not After : Mar 30 03:01:08 2025 GMT
Subject: CN=dbfc1c95d0162a6920629eaf0658af7286778957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b0:f3:54:3f:4e:24:ab:17:71:75:2d:02:c8:
15:2b:47:14:d3:33:5f:21:46:79:3e:da:da:6f:a8:
f1:f9:2c:4a:ac:c2:24:05:1b:e2:e3:b5:84:43:81:
b4:77:20:91:0e:d2:16:42:62:eb:7f:c0:cc:b3:e4:
9f:b5:65:c0:49:ac:0b:fe:58:86:55:ca:6c:1e:e3:
09:0f:67:43:f5:1e:35:56:bd:99:d3:26:a3:64:06:
99:37:78:88:99:b2:26:01:93:d5:d4:28:ac:ab:a8:
b5:f5:b1:09:6f:15:96:96:78:9f:36:44:4a:e3:11:
17:65:9f:88:54:05:5a:05:a7:d4:b3:07:81:ff:6b:
df:1b:46:fc:58:82:ac:99:3d:5c:d5:db:d3:e4:51:
5a:66:27:65:7c:ae:c9:cc:00:c4:64:ef:ac:14:f3:
43:2f:15:62:5d:52:b0:3a:ea:e6:d4:65:28:68:99:
ca:db:11:27:28:54:ab:96:1a:5b:29:5c:11:06:46:
88:46:45:50:ca:1d:25:84:be:b2:f0:2a:1d:ad:9b:
3c:9d:38:a0:5e:a9:6e:4e:ba:a7:74:67:ab:ed:04:
08:83:1b:5a:a6:43:d1:d5:1c:25:09:3f:a0:51:8d:
1a:8b:0b:d1:a3:fa:7c:7d:9c:36:3f:16:4a:3b:9d:
b1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:FC:1C:95:D0:16:2A:69:20:62:9E:AF:06:58:AF:72:86:77:89:57
X509v3 Authority Key Identifier:
keyid:B9:72:BD:49:D5:51:B4:AD:A5:BD:6B:B6:95:61:8A:79:45:1A:D3:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXK9SdVRtK2lvWu2lWGKeUUa004.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/uXK9SdVRtK2lvWu2lWGKeUUa004.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/uXK9SdVRtK2lvWu2lWGKeUUa004.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c5:eb:cb:4c:4f:67:2d:9c:57:1f:c0:24:e0:3b:c4:b3:6f:b7:
96:ac:fc:5c:ef:3a:9d:79:2c:29:d5:a9:ec:3b:ae:94:9e:2d:
11:8a:04:bb:2a:b5:1c:98:3f:fc:58:fc:d4:f9:12:03:0a:09:
8a:c6:da:7e:cc:65:ad:a8:09:64:09:d2:0c:80:a9:14:b5:93:
86:30:71:f9:bf:7b:c7:e3:fb:27:07:5f:ed:55:2c:fa:fe:2f:
87:f9:a0:c7:66:1f:42:e2:14:12:47:e7:6f:bc:67:98:1f:1a:
61:f2:e1:1c:dc:2b:37:93:c8:e0:f6:81:d6:ad:75:60:c3:64:
da:1e:b9:82:de:a2:fe:0d:5c:3d:33:13:b2:e1:86:85:d6:11:
b8:c4:29:15:e1:a5:41:72:a2:86:7b:cc:f4:c1:a1:89:6d:a1:
59:1f:4f:34:b5:8f:67:df:15:af:a5:61:eb:ad:6c:d1:dd:d5:
d6:0a:f8:89:6f:b4:01:4d:46:67:42:ef:6b:6c:69:7c:9c:50:
75:ad:32:4b:e6:a1:b9:83:1b:6b:54:52:a2:e3:43:24:3b:93:
50:54:a0:96:77:c7:94:85:27:bd:68:3a:71:9e:2d:39:50:80:
22:55:c4:cf:50:59:3d:37:ae:be:00:a1:94:37:b5:09:ef:b3:
dc:56:ec:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXf2JdqST3DVM1M7npZwaMLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NzJiZDQ5ZDU1MWI0YWRhNWJkNmJiNjk1NjE4YTc5NDUx
YWQzNGUwHhcNMjUwMzI5MDMwMTA4WhcNMjUwMzMwMDMwMTA4WjAzMTEwLwYDVQQD
EyhkYmZjMWM5NWQwMTYyYTY5MjA2MjllYWYwNjU4YWY3Mjg2Nzc4OTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7DzVD9OJKsXcXUtAsgVK0cU0zNf
IUZ5Ptrab6jx+SxKrMIkBRvi47WEQ4G0dyCRDtIWQmLrf8DMs+SftWXASawL/liG
VcpsHuMJD2dD9R41Vr2Z0yajZAaZN3iImbImAZPV1Cisq6i19bEJbxWWlnifNkRK
4xEXZZ+IVAVaBafUsweB/2vfG0b8WIKsmT1c1dvT5FFaZidlfK7JzADEZO+sFPND
LxViXVKwOurm1GUoaJnK2xEnKFSrlhpbKVwRBkaIRkVQyh0lhL6y8CodrZs8nTig
XqluTrqndGer7QQIgxtapkPR1RwlCT+gUY0aiwvRo/p8fZw2PxZKO52xrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNv8HJXQFippIGKerwZYr3KGd4lXMB8GA1UdIwQY
MBaAFLlyvUnVUbStpb1rtpVhinlFGtNOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVhLOVNkVlJ0SzJsdld1MmxXR0tlVVVhMDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mZTA3YjctZjQ2NC00ZTY3LTgyOTkt
Y2E1ZTY4NTQzOGEyLzEvdVhLOVNkVlJ0SzJsdld1MmxXR0tlVVVhMDA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mZTA3YjctZjQ2NC00ZTY3LTgyOTktY2E1ZTY4NTQzOGEy
LzEvdVhLOVNkVlJ0SzJsdld1MmxXR0tlVVVhMDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxevLTE9n
LZxXH8Ak4DvEs2+3lqz8XO86nXksKdWp7DuulJ4tEYoEuyq1HJg//Fj81PkSAwoJ
isbafsxlragJZAnSDICpFLWThjBx+b97x+P7Jwdf7VUs+v4vh/mgx2YfQuIUEkfn
b7xnmB8aYfLhHNwrN5PI4PaB1q11YMNk2h65gt6i/g1cPTMTsuGGhdYRuMQpFeGl
QXKihnvM9MGhiW2hWR9PNLWPZ98Vr6Vh661s0d3V1gr4iW+0AU1GZ0Lva2xpfJxQ
da0yS+ahuYMba1RSouNDJDuTUFSglnfHlIUnvWg6cZ4tOVCAIlXEz1BZPTeuvgCh
lDe1Ce+z3Fbs3g==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:56:01 2025 by rpki-client