Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
File: KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft (raw, json)
Hash identifier: kc/chWunopVgz1jGw0jMj2GSV4/RrKVPNUWUy5MHC40=
Subject key identifier: 88:E9:FD:3F:0E:2C:61:75:53:D4:65:FA:41:38:EC:F5:C9:DC:19:90
Authority key identifier: 2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
Certificate issuer: /CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Certificate serial: 0194BBCE1EA8C841985B343C36C2539AF55A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
Manifest number: 0945
Signing time: Fri 31 Jan 2025 10:00:35 +0000
Manifest this update: Fri 31 Jan 2025 10:00:35 +0000
Manifest next update: Sat 01 Feb 2025 10:00:35 +0000
Files and hashes: 1: HDOhzz0jBa_Gp9AJUMy27D9Cjlg.roa (hash: lm71x5ibbc8ZUL32IG9cJWwnD/vjqa8xr80jq2AaleE=)
2: KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl (hash: yzryV4Nm1U0dQ/5Uo6P3tHk69iT8P+H3vpAZ8k70Xmw=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bb:ce:1e:a8:c8:41:98:5b:34:3c:36:c2:53:9a:f5:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Validity
Not Before: Jan 31 10:00:35 2025 GMT
Not After : Feb 1 10:00:35 2025 GMT
Subject: CN=88e9fd3f0e2c617553d465fa4138ecf5c9dc1990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f2:01:17:5f:6a:d8:0c:cc:b3:87:ac:0f:7d:
07:cf:06:4b:3b:6a:4f:da:e5:bd:3d:c0:21:d5:07:
8e:ad:72:a3:fa:d4:0e:ba:c4:d4:25:21:39:4f:30:
12:a1:99:f5:5e:8b:6e:92:18:81:8b:db:88:ec:e7:
5f:88:4b:26:67:93:41:de:0a:02:0b:dd:36:d8:11:
5e:d2:ee:dc:d2:a5:09:73:65:44:af:83:13:e0:ad:
ca:38:4b:88:a9:be:e9:44:a5:b1:6f:54:f0:92:13:
fe:4b:0d:03:2a:ff:f4:c5:9f:c7:98:18:57:e4:01:
04:a4:85:27:61:01:87:e1:9d:11:5f:d7:21:1d:fb:
b7:94:df:ca:b6:29:8f:de:8c:33:67:e5:61:10:dc:
f5:42:97:a4:7a:58:e1:24:6a:a5:73:82:e5:65:39:
f2:f0:e8:35:e3:31:c6:07:3f:c8:06:0d:60:f9:2a:
68:56:b5:46:59:29:5a:a1:3a:e4:45:91:aa:61:c8:
da:02:e6:20:85:06:6e:9a:51:25:a7:8b:05:a2:f5:
96:48:02:3d:88:83:26:f1:a6:36:a5:a6:d0:45:4b:
53:e7:be:be:45:0c:d0:58:b9:e4:22:0f:d6:25:94:
8a:35:2e:29:e8:88:cc:f8:93:2c:f1:3f:04:7f:45:
6c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:E9:FD:3F:0E:2C:61:75:53:D4:65:FA:41:38:EC:F5:C9:DC:19:90
X509v3 Authority Key Identifier:
keyid:2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:f9:0c:9e:02:b0:88:56:69:6b:c9:ac:56:61:31:6c:b1:a8:
33:b4:a7:a1:49:3f:04:a5:2e:c6:88:a7:c0:cd:ef:83:73:24:
4d:f9:f5:47:1d:7e:0f:c7:f3:88:1d:6d:70:ff:1c:6e:a4:65:
f4:66:3d:2c:39:f1:eb:45:c5:11:96:09:91:12:c1:29:1a:56:
f3:76:e8:a5:41:bf:83:a5:69:b8:eb:6a:a4:54:1b:22:24:2b:
dc:c5:fe:a2:63:95:cc:d4:61:4b:0e:5d:aa:25:ae:6d:bd:a8:
0a:78:6f:b6:6b:1f:eb:65:93:59:31:bd:0e:49:ac:83:22:36:
08:5f:8f:43:57:6a:12:f6:04:da:6a:c8:da:db:54:c7:2a:76:
18:ca:a6:9e:94:76:a6:36:e3:68:51:ff:46:e0:a1:1b:5b:38:
ba:e1:71:6e:71:54:b9:ba:78:90:02:1b:17:1f:4f:4f:dc:4d:
34:40:95:d7:e3:fd:cc:e6:66:1e:ef:96:e9:9a:7a:ab:49:4c:
ef:ae:34:16:35:92:cb:ce:c9:a7:ee:0c:14:40:31:9e:a4:21:
30:50:5f:64:b9:d2:f7:f4:51:57:9f:02:54:b7:c8:b8:d6:22:
7a:b1:62:aa:7e:f0:93:2f:93:09:fd:00:1b:6f:de:fb:98:1f:
bf:2c:1c:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7zh6oyEGYWzQ8NsJTmvVaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMjFiMWFiZTc4N2UyNTQ2NDM5MWZhZDYxZDAwZTNmMzc2
Yjk4Y2YwHhcNMjUwMTMxMTAwMDM1WhcNMjUwMjAxMTAwMDM1WjAzMTEwLwYDVQQD
Eyg4OGU5ZmQzZjBlMmM2MTc1NTNkNDY1ZmE0MTM4ZWNmNWM5ZGMxOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PIBF19q2AzMs4esD30HzwZLO2pP
2uW9PcAh1QeOrXKj+tQOusTUJSE5TzASoZn1XotukhiBi9uI7OdfiEsmZ5NB3goC
C9022BFe0u7c0qUJc2VEr4MT4K3KOEuIqb7pRKWxb1TwkhP+Sw0DKv/0xZ/HmBhX
5AEEpIUnYQGH4Z0RX9chHfu3lN/KtimP3owzZ+VhENz1QpekeljhJGqlc4LlZTny
8Og14zHGBz/IBg1g+SpoVrVGWSlaoTrkRZGqYcjaAuYghQZumlElp4sFovWWSAI9
iIMm8aY2pabQRUtT576+RQzQWLnkIg/WJZSKNS4p6IjM+JMs8T8Ef0VsqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIjp/T8OLGF1U9Rl+kE47PXJ3BmQMB8GA1UdIwQY
MBaAFCohsavnh+JUZDkfrWHQDj83a5jPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYt
OTlmNWNiN2EzY2E1LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYtOTlmNWNiN2EzY2E1
LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdvkMngKw
iFZpa8msVmExbLGoM7SnoUk/BKUuxoinwM3vg3MkTfn1Rx1+D8fziB1tcP8cbqRl
9GY9LDnx60XFEZYJkRLBKRpW83bopUG/g6VpuOtqpFQbIiQr3MX+omOVzNRhSw5d
qiWubb2oCnhvtmsf62WTWTG9DkmsgyI2CF+PQ1dqEvYE2mrI2ttUxyp2GMqmnpR2
pjbjaFH/RuChG1s4uuFxbnFUubp4kAIbFx9PT9xNNECV1+P9zOZmHu+W6Zp6q0lM
7640FjWSy87Jp+4MFEAxnqQhMFBfZLnS9/RRV58CVLfIuNYierFiqn7wky+TCf0A
G2/e+5gfvywcvQ==
-----END CERTIFICATE-----
Generated at Thu Apr 24 20:40:07 2025 by rpki-client