Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
File: CgIUob8dOv0t1msjqZcxBrXTFso.mft (raw, json)
Hash identifier: qIOPQ4oN1kcE+1R0wG6YCC5jRvmtrehfh5A69Yuwkgc=
Subject key identifier: 2B:CA:58:0A:73:26:4D:76:C4:B2:A7:2C:58:41:FB:CE:BC:F0:2B:BE
Authority key identifier: 0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
Certificate issuer: /CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Certificate serial: 0195E00FB701F7F41142597184145B0A2A43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
Manifest number: 0FA3
Signing time: Sat 29 Mar 2025 04:01:21 +0000
Manifest this update: Sat 29 Mar 2025 04:01:21 +0000
Manifest next update: Sun 30 Mar 2025 04:01:21 +0000
Files and hashes: 1: CgIUob8dOv0t1msjqZcxBrXTFso.crl (hash: hvYLz20Z57v+257tQEbV+AwF0qBWodK4qTHh19XqZ+A=)
2: EaaXkbC8P0tMcWH8_B2AeHqJuik.roa (hash: Agyi8/XYUtn0V9u60ReeITYzaWhDJOT1A+JDHxK163o=)
3: iRncY0RPMdG6ZS1FNbvbNQvbM88.roa (hash: cZd3pDxm+3G7IN3N9+ceJiYJz5MHexdMYYiB+WqQjOw=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e0:0f:b7:01:f7:f4:11:42:59:71:84:14:5b:0a:2a:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Validity
Not Before: Mar 29 04:01:21 2025 GMT
Not After : Mar 30 04:01:21 2025 GMT
Subject: CN=2bca580a73264d76c4b2a72c5841fbcebcf02bbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:12:fc:ff:53:34:81:b9:96:e0:2c:d6:90:84:
65:17:27:1d:4a:b2:a6:0f:81:9d:8d:3d:d9:a1:af:
4e:95:e4:90:be:c6:a7:6a:4f:3c:d7:41:a0:c3:c8:
c0:2f:71:e9:e9:e0:38:3f:37:20:8f:77:07:e2:b9:
d3:ba:ea:4e:9e:5f:9e:0f:e3:51:99:09:fc:89:6d:
81:45:62:9c:3f:3a:7d:f2:19:10:b2:ba:b5:55:a6:
fb:f2:2f:02:37:80:d3:f5:af:2d:8a:a4:d8:2f:16:
f3:c7:1c:1c:c4:0f:0a:5a:ba:22:ce:9a:2e:fa:36:
3b:ad:2b:f1:3b:d5:ba:4d:de:38:6e:f8:90:f8:c6:
de:09:5c:3b:11:27:c4:98:50:40:b9:63:b2:63:3f:
5e:a9:39:79:5c:9e:4d:a6:a2:ed:c7:ea:9f:c0:8f:
e2:88:f3:b4:29:ba:84:82:bb:aa:f9:0a:47:87:ad:
17:d2:be:f0:32:99:68:cf:3f:11:b8:a6:b7:13:cd:
de:49:cd:4f:d5:92:9e:72:96:7e:43:72:8b:27:3e:
db:63:49:1f:0a:68:a9:32:68:e5:b5:ea:24:ed:8d:
be:16:9f:43:dc:d5:6d:b6:13:33:f6:76:8a:85:19:
7f:5d:d5:79:39:54:35:05:b4:6b:49:d3:4b:25:2c:
6d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:CA:58:0A:73:26:4D:76:C4:B2:A7:2C:58:41:FB:CE:BC:F0:2B:BE
X509v3 Authority Key Identifier:
keyid:0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:38:ff:46:62:ab:ea:ca:77:fc:fd:4b:82:f0:75:dc:8e:ea:
17:6c:66:d7:4e:cc:7c:4c:6a:b6:2a:23:68:af:43:65:5b:c5:
a9:0e:58:ea:f7:d5:17:a3:db:b0:e1:69:03:dc:eb:cc:1c:2d:
71:a3:ea:0b:be:30:c6:ce:36:ed:ed:6a:ca:e1:c6:aa:9e:80:
0c:90:9d:0f:e5:8a:69:6c:6d:c1:8a:e3:d7:9e:da:c1:3a:4c:
57:9d:14:08:92:b0:a3:76:48:d9:8f:39:d0:4c:d2:07:3f:e6:
59:7e:06:23:8c:8a:26:90:12:72:03:33:da:04:d8:6e:e0:96:
73:41:06:1f:23:86:6e:f2:30:05:fe:51:0c:51:ab:61:95:21:
64:67:da:ca:d4:e7:ab:d9:44:06:89:50:fe:91:16:31:1c:53:
e2:08:0e:0d:d5:74:5b:52:68:e6:37:b7:4a:bd:f1:44:f3:27:
4b:50:fc:e3:89:e5:9b:33:d8:e2:0f:74:69:cb:21:ea:cf:03:
b4:6b:a5:f9:30:8e:f7:89:84:4e:b3:6a:7c:31:ea:4f:35:57:
99:f6:c3:d4:0a:ef:ce:f3:0e:d1:69:0c:02:38:0d:d3:d3:c8:
69:7c:97:f3:0a:e7:c4:2b:fc:ca:1c:16:a8:83:33:fc:9e:e8:
a0:fc:ef:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXgD7cB9/QRQllxhBRbCipDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMDIxNGExYmYxZDNhZmQyZGQ2NmIyM2E5OTczMTA2YjVk
MzE2Y2EwHhcNMjUwMzI5MDQwMTIxWhcNMjUwMzMwMDQwMTIxWjAzMTEwLwYDVQQD
EygyYmNhNTgwYTczMjY0ZDc2YzRiMmE3MmM1ODQxZmJjZWJjZjAyYmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxL8/1M0gbmW4CzWkIRlFycdSrKm
D4GdjT3Zoa9OleSQvsanak8810Ggw8jAL3Hp6eA4Pzcgj3cH4rnTuupOnl+eD+NR
mQn8iW2BRWKcPzp98hkQsrq1Vab78i8CN4DT9a8tiqTYLxbzxxwcxA8KWroizpou
+jY7rSvxO9W6Td44bviQ+MbeCVw7ESfEmFBAuWOyYz9eqTl5XJ5NpqLtx+qfwI/i
iPO0KbqEgruq+QpHh60X0r7wMplozz8RuKa3E83eSc1P1ZKecpZ+Q3KLJz7bY0kf
CmipMmjlteok7Y2+Fp9D3NVtthMz9naKhRl/XdV5OVQ1BbRrSdNLJSxtjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCvKWApzJk12xLKnLFhB+8688Cu+MB8GA1UdIwQY
MBaAFAoCFKG/HTr9LdZrI6mXMQa10xbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQt
MzMyZWU1NDI1YzdhLzEvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQtMzMyZWU1NDI1Yzdh
LzEvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfzj/RmKr
6sp3/P1LgvB13I7qF2xm107MfExqtiojaK9DZVvFqQ5Y6vfVF6PbsOFpA9zrzBwt
caPqC74wxs427e1qyuHGqp6ADJCdD+WKaWxtwYrj157awTpMV50UCJKwo3ZI2Y85
0EzSBz/mWX4GI4yKJpAScgMz2gTYbuCWc0EGHyOGbvIwBf5RDFGrYZUhZGfaytTn
q9lEBolQ/pEWMRxT4ggODdV0W1Jo5je3Sr3xRPMnS1D844nlmzPY4g90acsh6s8D
tGul+TCO94mETrNqfDHqTzVXmfbD1ArvzvMO0WkMAjgN09PIaXyX8wrnxCv8yhwW
qIMz/J7ooPzvLA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 13:18:19 2025 by rpki-client