Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/a2088b-a126-4ba6-871c-5759b427f4d1/1/HGnHYzivyQhbj71mm4t0vXqS1DE.mft
File: HGnHYzivyQhbj71mm4t0vXqS1DE.mft (raw, json)
Hash identifier: JtSNE4VPzD7RJx58MdEpK1+jzGN99xIcarBP635Sx9U=
Subject key identifier: 85:B3:4C:DF:45:6C:AA:59:D5:42:8B:CD:FD:49:1F:F0:B7:8F:76:59
Authority key identifier: 1C:69:C7:63:38:AF:C9:08:5B:8F:BD:66:9B:8B:74:BD:7A:92:D4:31
Certificate issuer: /CN=1c69c76338afc9085b8fbd669b8b74bd7a92d431
Certificate serial: 0194BC72821FB3A18E68EBD587A1CCC84932
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HGnHYzivyQhbj71mm4t0vXqS1DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/a2088b-a126-4ba6-871c-5759b427f4d1/1/HGnHYzivyQhbj71mm4t0vXqS1DE.mft
Manifest number: 1117
Signing time: Fri 31 Jan 2025 13:00:08 +0000
Manifest this update: Fri 31 Jan 2025 13:00:08 +0000
Manifest next update: Sat 01 Feb 2025 13:00:08 +0000
Files and hashes: 1: Biv2qTrQNJJYQlmIhX2GXCsPh8k.roa (hash: qgzc+HC1Pbq5Sym5wnfMxLGpd7cCm/TouNcPCVsFEcM=)
2: HGnHYzivyQhbj71mm4t0vXqS1DE.crl (hash: kcKjhmq+Xd5vL5FbSeVOIGZ4m8UeOyZ6BEjAH8USSp8=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bc:72:82:1f:b3:a1:8e:68:eb:d5:87:a1:cc:c8:49:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c69c76338afc9085b8fbd669b8b74bd7a92d431
Validity
Not Before: Jan 31 13:00:08 2025 GMT
Not After : Feb 1 13:00:08 2025 GMT
Subject: CN=85b34cdf456caa59d5428bcdfd491ff0b78f7659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:37:11:32:45:d5:f7:68:75:6d:7a:86:76:17:
07:87:5c:a0:0e:91:e4:73:eb:06:15:47:8e:fe:1f:
4f:86:f8:2e:77:43:9e:f4:da:63:39:b4:9a:93:48:
da:83:1c:87:30:8a:0e:49:95:2b:c3:05:ab:32:0c:
04:11:db:66:0c:7c:6b:bf:2c:87:a3:f8:a2:9c:97:
28:50:83:87:d7:c3:3b:64:4a:6e:52:65:74:4d:6e:
4b:b2:74:e8:95:43:e0:3b:aa:78:27:d4:b7:d3:ab:
47:0b:9d:33:b3:e1:f2:d1:95:39:26:c4:4b:b2:30:
49:a3:6d:5d:77:a2:29:1a:84:bb:32:40:74:28:e2:
a1:20:29:31:9c:95:2c:05:88:64:ee:63:50:87:dd:
dd:18:ae:9c:58:31:74:4f:80:42:3e:d3:af:9d:95:
0b:a8:75:15:23:7f:8e:03:76:7b:c0:6d:d4:34:53:
7b:37:ad:23:f2:2f:df:85:16:21:fd:43:5d:06:1e:
e7:63:55:16:86:a3:98:57:02:a5:8c:db:6b:89:07:
64:7a:9c:78:6d:a6:03:8e:b2:7b:b1:26:ef:71:06:
92:bf:c7:d4:f2:55:23:18:d1:c1:14:0c:14:0e:db:
59:cc:0e:40:df:00:a4:f2:77:8c:dc:08:83:28:0e:
37:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B3:4C:DF:45:6C:AA:59:D5:42:8B:CD:FD:49:1F:F0:B7:8F:76:59
X509v3 Authority Key Identifier:
keyid:1C:69:C7:63:38:AF:C9:08:5B:8F:BD:66:9B:8B:74:BD:7A:92:D4:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HGnHYzivyQhbj71mm4t0vXqS1DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/a2088b-a126-4ba6-871c-5759b427f4d1/1/HGnHYzivyQhbj71mm4t0vXqS1DE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/a2088b-a126-4ba6-871c-5759b427f4d1/1/HGnHYzivyQhbj71mm4t0vXqS1DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:55:11:1b:fb:2c:29:62:6e:a4:1d:d2:06:f4:60:c2:bf:4f:
b7:21:1f:4b:5f:df:cf:4e:72:9f:62:3b:9b:0c:f4:40:70:77:
f2:e4:c4:e3:30:9a:a1:ba:fd:a1:f0:3f:16:05:2f:65:24:04:
10:49:77:8e:b0:dd:2e:6b:7b:9a:4f:f2:f8:bd:ed:eb:01:db:
80:f2:d4:91:9f:78:f8:99:e1:b8:db:fb:6e:69:a3:6e:2a:46:
54:ac:ec:2b:50:93:f1:93:8c:d7:fd:14:e8:86:ff:6f:68:a2:
77:43:d2:d7:e1:fa:30:79:0c:7e:3a:85:55:52:09:0c:d0:6b:
b1:f0:d1:88:df:25:e0:95:fb:b5:db:ed:cf:1f:6d:f8:5f:26:
5d:22:d5:b3:e5:b4:47:b9:fa:f5:bc:75:20:5a:ac:60:b6:38:
24:6d:89:71:1f:13:ee:98:bb:d7:06:9a:c1:50:5e:8f:13:6e:
fc:bb:44:b7:3f:99:32:62:90:42:df:8f:af:12:04:14:fa:cc:
69:d7:74:5f:ec:23:bb:aa:1e:e4:66:17:1a:4f:39:31:fd:97:
95:52:50:e5:38:66:a1:d2:a3:c6:1e:10:38:8c:ad:22:76:fc:
c9:93:69:77:5c:5e:b4:c0:88:e1:d1:95:46:3b:69:a0:2b:c0:
14:35:1d:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS8coIfs6GOaOvVh6HMyEkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNjljNzYzMzhhZmM5MDg1YjhmYmQ2NjliOGI3NGJkN2E5
MmQ0MzEwHhcNMjUwMTMxMTMwMDA4WhcNMjUwMjAxMTMwMDA4WjAzMTEwLwYDVQQD
Eyg4NWIzNGNkZjQ1NmNhYTU5ZDU0MjhiY2RmZDQ5MWZmMGI3OGY3NjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTcRMkXV92h1bXqGdhcHh1ygDpHk
c+sGFUeO/h9Phvgud0Oe9NpjObSak0jagxyHMIoOSZUrwwWrMgwEEdtmDHxrvyyH
o/iinJcoUIOH18M7ZEpuUmV0TW5LsnTolUPgO6p4J9S306tHC50zs+Hy0ZU5JsRL
sjBJo21dd6IpGoS7MkB0KOKhICkxnJUsBYhk7mNQh93dGK6cWDF0T4BCPtOvnZUL
qHUVI3+OA3Z7wG3UNFN7N60j8i/fhRYh/UNdBh7nY1UWhqOYVwKljNtriQdkepx4
baYDjrJ7sSbvcQaSv8fU8lUjGNHBFAwUDttZzA5A3wCk8neM3AiDKA43fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIWzTN9FbKpZ1UKLzf1JH/C3j3ZZMB8GA1UdIwQY
MBaAFBxpx2M4r8kIW4+9ZpuLdL16ktQxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEduSFl6aXZ5UWhiajcxbW00dDB2WHFTMURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9hMjA4OGItYTEyNi00YmE2LTg3MWMt
NTc1OWI0MjdmNGQxLzEvSEduSFl6aXZ5UWhiajcxbW00dDB2WHFTMURFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9hMjA4OGItYTEyNi00YmE2LTg3MWMtNTc1OWI0MjdmNGQx
LzEvSEduSFl6aXZ5UWhiajcxbW00dDB2WHFTMURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASFURG/ss
KWJupB3SBvRgwr9PtyEfS1/fz05yn2I7mwz0QHB38uTE4zCaobr9ofA/FgUvZSQE
EEl3jrDdLmt7mk/y+L3t6wHbgPLUkZ94+JnhuNv7bmmjbipGVKzsK1CT8ZOM1/0U
6Ib/b2iid0PS1+H6MHkMfjqFVVIJDNBrsfDRiN8l4JX7tdvtzx9t+F8mXSLVs+W0
R7n69bx1IFqsYLY4JG2JcR8T7pi71waawVBejxNu/LtEtz+ZMmKQQt+PrxIEFPrM
add0X+wju6oe5GYXGk85Mf2XlVJQ5ThmodKjxh4QOIytInb8yZNpd1xetMCI4dGV
RjtpoCvAFDUdOg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:34:33 2025 by rpki-client