Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json)
Hash identifier: KRqst73vLgRnxP3zESyTyfhvx8Q1Mzip5ceqxf8ea30=
Subject key identifier: EC:FD:F9:AA:5C:8E:0D:EE:7A:21:FE:23:6D:FD:37:3A:C0:6C:F1:A3
Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Certificate serial: 0194BD4EBB46753BF04A836631ECDEFDA834
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
Manifest number: 0788
Signing time: Fri 31 Jan 2025 17:00:41 +0000
Manifest this update: Fri 31 Jan 2025 17:00:41 +0000
Manifest next update: Sat 01 Feb 2025 17:00:41 +0000
Files and hashes: 1: D5eci654E86WgV4QeWe0mVBSIQA.roa (hash: 9EDx7nuNfSAVu4VJ7kFsnukQOFsHdN+PaVjNZkLYUS0=)
2: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: vsABoo4HUnZVU6rHSa50WPdntRGAWytYgKqREUB9UzM=)
3: yvO64MJqKXwU9zQx1VNZmF0vwiQ.roa (hash: suqTW5OcdpqYPj7vinRk1PIGqjKi/55px0F96ecmjEo=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bd:4e:bb:46:75:3b:f0:4a:83:66:31:ec:de:fd:a8:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6
Validity
Not Before: Jan 31 17:00:41 2025 GMT
Not After : Feb 1 17:00:41 2025 GMT
Subject: CN=ecfdf9aa5c8e0dee7a21fe236dfd373ac06cf1a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:16:99:76:86:1d:42:9b:57:ef:e3:13:b2:94:
a6:19:cd:3b:b3:ea:04:b3:aa:15:cd:6d:5e:68:54:
66:50:ad:7e:35:38:0d:68:f4:bb:35:7e:50:99:43:
b8:9c:ca:3f:e7:b0:14:ff:6b:fb:4f:89:4e:76:7a:
b1:84:35:d8:c4:e3:03:43:3a:a3:55:d8:f5:ba:d2:
33:44:a3:00:5c:5d:38:8d:c3:28:5f:fb:0e:15:8f:
00:2c:1c:e4:88:25:70:44:94:cc:b8:9c:c3:41:be:
eb:94:b3:ac:8d:78:4c:bf:cb:c7:fa:62:ea:fb:f4:
c8:44:c5:40:65:d5:2f:c1:2a:46:a6:3f:6b:29:f2:
ed:ee:ad:89:60:91:b7:40:6e:d4:9f:d6:72:f7:ef:
22:f5:77:d4:8f:c2:66:3d:1a:a3:38:c4:42:a9:28:
04:ce:e3:3d:bf:06:91:f9:fa:7d:18:9d:e4:4f:01:
9e:95:06:b5:7b:30:13:45:87:9d:fe:e0:29:f2:c9:
78:10:8d:79:ce:1f:4e:fd:4e:82:9b:cf:3b:4e:69:
2d:51:73:14:cb:dc:6f:da:42:e2:0d:bd:fa:e1:68:
c7:8e:0a:7e:30:aa:12:db:f9:f4:03:49:01:dd:5c:
66:57:cc:ef:9e:3e:25:16:4f:73:03:f1:4d:23:e2:
a3:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:FD:F9:AA:5C:8E:0D:EE:7A:21:FE:23:6D:FD:37:3A:C0:6C:F1:A3
X509v3 Authority Key Identifier:
keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:db:5d:1f:3a:97:6e:bf:ff:e4:ee:68:ee:13:92:00:ea:97:
d6:ae:0d:88:7c:08:95:f2:00:6f:00:76:e2:ca:9f:06:a7:d7:
c1:fd:0e:8a:bb:6e:bf:e0:b8:07:34:7e:c9:b8:6a:97:1f:1b:
88:50:8b:0c:1e:6c:6f:09:eb:8a:98:4b:a6:b9:35:79:82:77:
85:4d:4d:99:ff:a8:b0:41:78:54:8f:6e:f9:8a:d6:f2:e6:69:
5a:cb:f1:c8:89:22:5b:87:13:7e:99:8e:ae:2a:5a:2d:5f:ae:
5a:27:48:18:4f:44:c4:5b:c7:60:a0:77:e2:cc:bf:34:4c:37:
be:41:10:df:f0:e0:af:09:4d:18:11:47:09:97:3c:a6:2b:df:
4f:0a:a8:8b:79:58:0b:b7:47:00:71:1c:37:16:1c:28:9c:87:
52:74:d5:82:94:16:8e:f6:d6:57:74:3f:8b:c2:67:4e:2b:a7:
02:db:3f:a3:0b:be:c8:3b:7c:32:c6:20:95:fe:3b:67:0b:9b:
d9:10:b8:9a:e5:ac:2c:b0:f6:37:e2:a9:46:4c:b0:a4:9f:30:
ba:51:08:f3:ec:12:03:48:f6:50:8f:8d:80:4f:bb:75:f6:38:
ef:6e:fd:57:82:9b:01:b1:ce:3a:a5:ba:df:23:28:5f:79:33:
9d:0e:b1:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS9TrtGdTvwSoNmMeze/ag0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky
MThlZjYwHhcNMjUwMTMxMTcwMDQxWhcNMjUwMjAxMTcwMDQxWjAzMTEwLwYDVQQD
EyhlY2ZkZjlhYTVjOGUwZGVlN2EyMWZlMjM2ZGZkMzczYWMwNmNmMWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBaZdoYdQptX7+MTspSmGc07s+oE
s6oVzW1eaFRmUK1+NTgNaPS7NX5QmUO4nMo/57AU/2v7T4lOdnqxhDXYxOMDQzqj
Vdj1utIzRKMAXF04jcMoX/sOFY8ALBzkiCVwRJTMuJzDQb7rlLOsjXhMv8vH+mLq
+/TIRMVAZdUvwSpGpj9rKfLt7q2JYJG3QG7Un9Zy9+8i9XfUj8JmPRqjOMRCqSgE
zuM9vwaR+fp9GJ3kTwGelQa1ezATRYed/uAp8sl4EI15zh9O/U6Cm887TmktUXMU
y9xv2kLiDb364WjHjgp+MKoS2/n0A0kB3VxmV8zvnj4lFk9zA/FNI+Kj5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOz9+apcjg3ueiH+I239NzrAbPGjMB8GA1UdIwQY
MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt
YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0
LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAidtdHzqX
br//5O5o7hOSAOqX1q4NiHwIlfIAbwB24sqfBqfXwf0Oirtuv+C4BzR+ybhqlx8b
iFCLDB5sbwnriphLprk1eYJ3hU1Nmf+osEF4VI9u+YrW8uZpWsvxyIkiW4cTfpmO
ripaLV+uWidIGE9ExFvHYKB34sy/NEw3vkEQ3/DgrwlNGBFHCZc8pivfTwqoi3lY
C7dHAHEcNxYcKJyHUnTVgpQWjvbWV3Q/i8JnTiunAts/owu+yDt8MsYglf47Zwub
2RC4muWsLLD2N+KpRkywpJ8wulEI8+wSA0j2UI+NgE+7dfY47279V4KbAbHOOqW6
3yMoX3kznQ6xqA==
-----END CERTIFICATE-----
Generated at Thu Apr 24 19:02:33 2025 by rpki-client