Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
File: OC-G8tvQd2xOUZycmuT60EJvOf8.mft (raw, json)
Hash identifier: ao8wK4D63od7DN+sQ2HeCOttKATu4YtaI8yYDeY9b7w=
Subject key identifier: 05:C6:2A:9B:E0:FD:FF:E8:26:47:CF:7E:11:47:A7:5D:6E:52:D0:53
Authority key identifier: 38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF
Certificate issuer: /CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff
Certificate serial: 0194BC72947488D855509F434B3C5E400ABB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
Manifest number: 09
Signing time: Fri 31 Jan 2025 13:00:13 +0000
Manifest this update: Fri 31 Jan 2025 13:00:13 +0000
Manifest next update: Sat 01 Feb 2025 13:00:13 +0000
Files and hashes: 1: OC-G8tvQd2xOUZycmuT60EJvOf8.crl (hash: FeAiPlSA32oItHXCZz12T7It/dD3mwkCFupir1hgdzI=)
2: b1pNAkro7aHA3V-NejpmqoURwAk.roa (hash: spfghQnj6hS6URb2NmqLLwW6s6Py+YxHJ+ws3VJ1shQ=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bc:72:94:74:88:d8:55:50:9f:43:4b:3c:5e:40:0a:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff
Validity
Not Before: Jan 31 13:00:13 2025 GMT
Not After : Feb 1 13:00:13 2025 GMT
Subject: CN=05c62a9be0fdffe82647cf7e1147a75d6e52d053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:fc:bd:97:7e:71:bb:42:47:4a:1a:a8:89:50:
e2:da:68:f1:35:d4:34:84:56:14:54:bd:a8:72:d7:
3d:18:83:96:d7:55:60:7f:4e:e6:fe:3f:1d:ef:3b:
c8:14:af:e9:85:6c:de:34:f8:7b:e4:51:9f:d3:62:
e9:e1:93:6d:f0:f6:5c:de:91:0d:11:f6:15:06:a3:
9b:66:ad:fa:bb:c5:b6:98:38:2b:ff:e0:1d:98:9c:
bb:e7:30:89:bd:cb:86:45:8b:fc:bb:2e:b5:15:44:
a7:23:18:95:ad:22:c3:87:51:ac:9e:f3:5c:ae:61:
77:45:e1:1e:97:56:fe:13:2d:df:35:5e:01:f9:93:
1c:76:aa:7b:d8:bd:25:6b:6a:eb:c2:3a:29:13:18:
18:53:3c:7b:1c:92:20:2f:4d:57:c5:df:12:b1:ac:
58:ac:be:8b:d3:93:3a:15:c6:f8:31:75:19:17:9c:
c6:b9:ae:5c:71:10:63:90:e9:1e:8c:74:78:6a:c0:
d2:fa:b8:95:2a:95:02:b7:78:cc:ec:97:ad:23:59:
2c:0f:32:d0:f5:5a:83:dc:c3:bb:0b:50:37:84:09:
30:6a:0a:e5:76:1c:60:65:10:60:9a:4e:b6:48:ca:
1e:7b:7a:2b:76:d7:46:3b:8a:0c:cf:12:42:ca:ff:
fe:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:C6:2A:9B:E0:FD:FF:E8:26:47:CF:7E:11:47:A7:5D:6E:52:D0:53
X509v3 Authority Key Identifier:
keyid:38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
df:5b:9d:bf:ee:9b:e6:a8:d3:9c:13:97:01:7a:dd:04:bd:6a:
cf:18:48:67:41:c9:9f:da:b5:70:6c:ed:f0:90:06:8d:f8:b1:
01:a1:6e:27:80:74:57:0c:0d:b4:07:e8:61:98:18:72:b4:b4:
a2:89:ab:d3:d5:2a:44:3f:01:58:2e:45:fd:11:b5:f9:93:91:
8b:b7:09:e5:ef:c4:90:81:a0:ca:c0:98:6e:f4:f1:4f:9d:ee:
82:b6:75:cd:a9:01:ed:22:88:c7:62:82:2e:47:0d:a8:93:b1:
86:a5:74:7d:a7:a4:f4:58:d3:47:a2:c0:33:1a:a1:7a:1e:e4:
97:3d:25:8b:c1:e8:ae:1d:88:7f:eb:42:32:f1:2b:ea:b0:57:
df:cc:d9:4c:85:0f:03:2b:4e:84:5c:ec:4c:01:76:95:68:c4:
d3:a2:06:fe:27:10:0d:06:6b:a1:fb:ac:23:d9:97:5d:ea:90:
f5:d4:b5:c2:74:e1:80:9d:96:06:af:e0:c3:e1:8b:9d:c1:21:
d0:dc:ec:70:07:35:0f:18:7e:df:25:e7:67:2d:d3:16:97:e6:
28:9e:a1:6f:d0:a2:96:0a:7e:b8:70:6b:49:a8:2c:da:80:7f:
20:e1:be:fe:9a:da:5b:65:47:e9:75:d4:18:46:bf:62:0a:02:
0a:10:ff:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS8cpR0iNhVUJ9DSzxeQAq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmY4NmYyZGJkMDc3NmM0ZTUxOWM5YzlhZTRmYWQwNDI2
ZjM5ZmYwHhcNMjUwMTMxMTMwMDEzWhcNMjUwMjAxMTMwMDEzWjAzMTEwLwYDVQQD
EygwNWM2MmE5YmUwZmRmZmU4MjY0N2NmN2UxMTQ3YTc1ZDZlNTJkMDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvy9l35xu0JHShqoiVDi2mjxNdQ0
hFYUVL2octc9GIOW11Vgf07m/j8d7zvIFK/phWzeNPh75FGf02Lp4ZNt8PZc3pEN
EfYVBqObZq36u8W2mDgr/+AdmJy75zCJvcuGRYv8uy61FUSnIxiVrSLDh1GsnvNc
rmF3ReEel1b+Ey3fNV4B+ZMcdqp72L0la2rrwjopExgYUzx7HJIgL01Xxd8SsaxY
rL6L05M6Fcb4MXUZF5zGua5ccRBjkOkejHR4asDS+riVKpUCt3jM7JetI1ksDzLQ
9VqD3MO7C1A3hAkwagrldhxgZRBgmk62SMoee3ordtdGO4oMzxJCyv/+fwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAXGKpvg/f/oJkfPfhFHp11uUtBTMB8GA1UdIwQY
MBaAFDgvhvLb0HdsTlGcnJrk+tBCbzn/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2Mjgt
MjAzNTYzZjg0NWJiLzEvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2MjgtMjAzNTYzZjg0NWJi
LzEvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA31udv+6b
5qjTnBOXAXrdBL1qzxhIZ0HJn9q1cGzt8JAGjfixAaFuJ4B0VwwNtAfoYZgYcrS0
oomr09UqRD8BWC5F/RG1+ZORi7cJ5e/EkIGgysCYbvTxT53ugrZ1zakB7SKIx2KC
LkcNqJOxhqV0faek9FjTR6LAMxqheh7klz0li8Horh2If+tCMvEr6rBX38zZTIUP
AytOhFzsTAF2lWjE06IG/icQDQZrofusI9mXXeqQ9dS1wnThgJ2WBq/gw+GLncEh
0NzscAc1Dxh+3yXnZy3TFpfmKJ6hb9Cilgp+uHBrSags2oB/IOG+/praW2VH6XXU
GEa/YgoCChD/OQ==
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:41:03 2025 by rpki-client