Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File: DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier: 2QU0mtWOK21sSt3BwSmPXKKOOBR/RqBXfnRsT8eqWBM=
Subject key identifier: 01:1A:21:2F:99:68:F0:9C:A6:83:71:F1:A4:CB:73:74:38:CA:71:CD
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer: /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial: 0194BBCE250187B12C5446A8AED9EAD74CB2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number: 0FB9
Signing time: Fri 31 Jan 2025 10:00:36 +0000
Manifest this update: Fri 31 Jan 2025 10:00:36 +0000
Manifest next update: Sat 01 Feb 2025 10:00:36 +0000
Files and hashes: 1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: 7vq1JC6PBpIWDk++UoUA6P9EE0W57pkNJxLmoDGllcM=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bb:ce:25:01:87:b1:2c:54:46:a8:ae:d9:ea:d7:4c:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Validity
Not Before: Jan 31 10:00:36 2025 GMT
Not After : Feb 1 10:00:36 2025 GMT
Subject: CN=011a212f9968f09ca68371f1a4cb737438ca71cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c2:fd:57:b7:ed:f1:c0:f1:d2:a5:dc:0b:50:
e0:ec:5c:99:a6:2a:f0:3d:c4:b5:23:28:9f:dc:b6:
c5:c9:df:c9:61:ba:3b:66:8e:76:14:44:23:ee:0d:
69:11:a9:b6:41:3f:36:84:34:5a:c5:1e:47:43:c4:
15:41:7a:89:0a:32:27:4e:77:45:2e:9d:61:76:fc:
8b:71:19:0d:35:ca:b1:27:07:21:35:10:01:1f:a2:
a5:6c:e3:1b:9b:92:9a:77:b7:33:14:10:f5:51:56:
e7:0e:92:47:1b:0c:ca:44:5f:80:22:e6:55:21:3f:
13:3e:df:07:d9:23:da:85:64:60:49:4a:5f:06:28:
67:e7:5c:13:72:a4:49:c7:82:ec:ef:fd:92:96:b7:
9b:21:ad:90:ff:94:5d:56:25:0b:26:e8:bb:04:a4:
fe:1b:aa:f6:34:3f:7d:2a:e9:eb:01:4f:94:8b:77:
0a:5d:6c:4c:4a:d3:3f:b7:f4:31:c4:f9:11:59:80:
14:ce:0b:bc:9d:2a:4c:8b:19:a1:5d:10:59:44:99:
47:a1:dc:8d:fc:0c:70:4c:bc:c1:e8:71:aa:fe:8e:
cf:bc:a2:11:93:ff:41:b1:4c:2b:d7:85:54:02:d2:
42:5b:6a:4f:9d:3b:46:b8:be:89:32:42:90:c1:f2:
99:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:1A:21:2F:99:68:F0:9C:A6:83:71:F1:A4:CB:73:74:38:CA:71:CD
X509v3 Authority Key Identifier:
keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
00:e8:4a:01:6f:1d:c5:a8:18:7c:af:d9:91:85:a7:4b:3b:83:
8e:ff:55:46:c1:d2:65:38:eb:18:12:14:2f:bc:ec:24:fe:88:
bc:fc:a5:2f:44:9c:3a:21:71:67:06:50:d6:69:c2:02:d1:29:
bd:35:cc:82:66:d6:7b:44:d9:4e:c8:cf:29:3c:14:26:98:63:
ec:08:5a:d8:f6:4f:02:c7:7c:71:01:07:df:5f:23:30:e0:3f:
d6:81:31:7f:b7:b3:9a:05:e2:f4:19:1d:37:ef:90:89:1e:d2:
a4:e0:ef:41:ac:50:b4:03:46:32:72:40:ff:6f:c7:b2:ad:25:
6f:fc:5b:fe:5c:65:bb:f5:4c:c1:10:ba:bd:79:2f:30:12:93:
d1:4e:54:49:99:65:93:e6:33:f4:81:22:65:a6:eb:53:17:a3:
07:01:84:ba:c4:f3:dc:dc:a7:56:bd:a7:e7:fa:ac:db:c4:e3:
13:1c:11:8f:15:5b:f2:fc:c7:44:47:52:7f:86:f1:89:05:9f:
b7:1e:c7:8c:3d:3b:8b:20:5c:4e:04:01:c9:30:07:e7:1b:4f:
e8:3e:bc:ae:47:fc:84:ce:4b:4e:4a:4f:6b:ed:0f:7d:3e:67:
7b:e2:ad:d0:6d:3e:94:b7:70:95:78:02:c1:ea:d3:4d:1f:00:
49:39:03:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7ziUBh7EsVEaortnq10yyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjUwMTMxMTAwMDM2WhcNMjUwMjAxMTAwMDM2WjAzMTEwLwYDVQQD
EygwMTFhMjEyZjk5NjhmMDljYTY4MzcxZjFhNGNiNzM3NDM4Y2E3MWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsL9V7ft8cDx0qXcC1Dg7FyZpirw
PcS1Iyif3LbFyd/JYbo7Zo52FEQj7g1pEam2QT82hDRaxR5HQ8QVQXqJCjInTndF
Lp1hdvyLcRkNNcqxJwchNRABH6KlbOMbm5Kad7czFBD1UVbnDpJHGwzKRF+AIuZV
IT8TPt8H2SPahWRgSUpfBihn51wTcqRJx4Ls7/2SlrebIa2Q/5RdViULJui7BKT+
G6r2ND99KunrAU+Ui3cKXWxMStM/t/QxxPkRWYAUzgu8nSpMixmhXRBZRJlHodyN
/AxwTLzB6HGq/o7PvKIRk/9BsUwr14VUAtJCW2pPnTtGuL6JMkKQwfKZTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAEaIS+ZaPCcpoNx8aTLc3Q4ynHNMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAOhKAW8d
xagYfK/ZkYWnSzuDjv9VRsHSZTjrGBIUL7zsJP6IvPylL0ScOiFxZwZQ1mnCAtEp
vTXMgmbWe0TZTsjPKTwUJphj7Aha2PZPAsd8cQEH318jMOA/1oExf7ezmgXi9Bkd
N++QiR7SpODvQaxQtANGMnJA/2/Hsq0lb/xb/lxlu/VMwRC6vXkvMBKT0U5USZll
k+Yz9IEiZabrUxejBwGEusTz3NynVr2n5/qs28TjExwRjxVb8vzHREdSf4bxiQWf
tx7HjD07iyBcTgQByTAH5xtP6D68rkf8hM5LTkpPa+0PfT5ne+Kt0G0+lLdwlXgC
werTTR8ASTkDJQ==
-----END CERTIFICATE-----
Generated at Tue Apr 29 19:53:32 2025 by rpki-client