Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
File: aAONTKy9QZGZUus3CcFlM4OJAOM.mft (raw, json)
Hash identifier: DYOMOCRQhToiTmd6FO8c2kvo9AlxoKTTgjN1huhtdR8=
Subject key identifier: 18:C4:3D:9A:27:5D:98:5E:E1:D7:A2:DF:40:A4:9B:7C:FF:B5:FE:A6
Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
Certificate issuer: /CN=68038d4cacbd41919952eb3709c16533838900e3
Certificate serial: 0194BC72E1A6933A06270FAEC3EF911B76E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
Manifest number: 142D
Signing time: Fri 31 Jan 2025 13:00:32 +0000
Manifest this update: Fri 31 Jan 2025 13:00:32 +0000
Manifest next update: Sat 01 Feb 2025 13:00:32 +0000
Files and hashes: 1: K1XShXZQLJQkxEcU15OA0HwtuE4.roa (hash: lR9HlOiSyGj9vLqR1w7rZBLyMLCqRl1ljU4Fo8PjkAs=)
2: aAONTKy9QZGZUus3CcFlM4OJAOM.crl (hash: G4A7XjC+d22Xqx2frfRnJMIaU+XjbV6R7Qi5EYOfbwA=)
3: lZ9mN5xTttKw5Lu3kt5TBdxoI_c.roa (hash: oCvvxX98yWLH3kfCtYuDTFzL1eqlVEqmDIMPTij8zho=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bc:72:e1:a6:93:3a:06:27:0f:ae:c3:ef:91:1b:76:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3
Validity
Not Before: Jan 31 13:00:32 2025 GMT
Not After : Feb 1 13:00:32 2025 GMT
Subject: CN=18c43d9a275d985ee1d7a2df40a49b7cffb5fea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:25:ae:db:05:41:45:4d:59:e9:35:d1:f4:ca:
b5:25:7d:7b:e2:51:59:9c:43:89:ba:64:fa:c2:78:
f2:a7:9e:fb:59:24:3c:76:28:b2:78:61:e6:ea:c9:
a2:a4:a7:a9:27:cc:19:5f:58:78:cb:e0:b8:9f:a8:
25:fd:d2:97:e0:04:86:4b:2f:3b:da:43:13:d1:dd:
4d:c0:78:ee:26:8c:fa:cf:a0:68:45:b6:e1:ff:69:
e8:45:eb:5b:b2:de:0f:89:50:26:f6:c2:27:53:65:
85:40:a4:cf:fc:bf:13:48:d7:07:c0:30:a0:4e:2b:
49:c7:1e:3f:35:d2:18:eb:44:89:69:f3:71:dc:5a:
3a:4f:35:05:2d:85:ce:ee:fe:09:70:2f:0a:ee:56:
c8:04:e5:2d:21:e6:62:83:80:80:a0:22:19:36:7d:
42:bd:18:5c:05:fc:72:b7:dc:c7:9b:78:f4:1b:cd:
e8:5f:ef:83:32:89:18:2e:2e:da:0f:9c:4d:b7:42:
61:7e:b4:09:82:33:11:7d:6b:4e:bb:49:d3:a2:dc:
51:1a:d7:6b:34:f2:da:b6:f2:93:ac:d9:9d:a0:86:
88:e0:42:0b:e0:68:53:bd:ea:f5:8e:56:f0:07:3e:
81:ef:5d:b2:da:26:14:c6:d2:ff:ab:db:2e:02:90:
30:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:C4:3D:9A:27:5D:98:5E:E1:D7:A2:DF:40:A4:9B:7C:FF:B5:FE:A6
X509v3 Authority Key Identifier:
keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:43:0f:e3:74:ca:0e:6a:0c:ca:79:38:57:bb:db:e6:e6:e3:
60:39:c8:00:9c:f8:8c:34:ca:c5:18:77:51:92:87:99:39:3f:
cc:be:67:64:90:ad:5e:b1:96:a5:2f:e3:61:f6:97:8e:fb:17:
40:5c:df:a7:32:6b:71:25:70:69:49:1c:a1:c5:58:22:59:9d:
28:de:fd:60:82:4f:4a:94:73:c6:6f:50:93:e4:ae:da:ca:ea:
ff:6c:49:78:0a:18:04:44:01:f5:cd:25:40:35:ab:dc:1d:e6:
3b:10:14:b8:80:fe:1b:44:8f:de:e6:c0:05:79:57:de:9e:50:
bc:49:fd:01:29:67:e2:91:56:9d:1a:ed:4d:6a:a7:e8:98:1e:
cf:2b:2f:2f:ce:2b:d8:87:78:ea:44:82:b2:4a:75:3e:3c:6b:
6e:36:dc:ed:ea:bc:8c:d4:bb:75:ae:f1:27:8b:cc:80:7c:b8:
5b:fd:c2:e1:f7:91:9b:0b:8a:3e:8d:2e:43:04:78:47:23:0b:
5b:05:89:4f:36:54:37:f3:9c:0d:eb:ff:1a:e5:84:fe:04:12:
17:5a:0f:a6:51:e0:d0:40:9c:b5:c6:3a:5b:c7:69:2c:f1:83:
df:a4:5c:15:d1:d6:26:d8:ae:fe:7a:ef:7a:8b:57:73:95:d5:
47:88:18:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS8cuGmkzoGJw+uw++RG3bkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDM4ZDRjYWNiZDQxOTE5OTUyZWIzNzA5YzE2NTMzODM4
OTAwZTMwHhcNMjUwMTMxMTMwMDMyWhcNMjUwMjAxMTMwMDMyWjAzMTEwLwYDVQQD
EygxOGM0M2Q5YTI3NWQ5ODVlZTFkN2EyZGY0MGE0OWI3Y2ZmYjVmZWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSWu2wVBRU1Z6TXR9Mq1JX174lFZ
nEOJumT6wnjyp577WSQ8diiyeGHm6smipKepJ8wZX1h4y+C4n6gl/dKX4ASGSy87
2kMT0d1NwHjuJoz6z6BoRbbh/2noRetbst4PiVAm9sInU2WFQKTP/L8TSNcHwDCg
TitJxx4/NdIY60SJafNx3Fo6TzUFLYXO7v4JcC8K7lbIBOUtIeZig4CAoCIZNn1C
vRhcBfxyt9zHm3j0G83oX++DMokYLi7aD5xNt0JhfrQJgjMRfWtOu0nTotxRGtdr
NPLatvKTrNmdoIaI4EIL4GhTver1jlbwBz6B712y2iYUxtL/q9suApAwVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBjEPZonXZhe4dei30Ckm3z/tf6mMB8GA1UdIwQY
MBaAFGgDjUysvUGRmVLrNwnBZTODiQDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgt
MmY1MGVhMjcyMTNjLzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgtMmY1MGVhMjcyMTNj
LzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF0MP43TK
DmoMynk4V7vb5ubjYDnIAJz4jDTKxRh3UZKHmTk/zL5nZJCtXrGWpS/jYfaXjvsX
QFzfpzJrcSVwaUkcocVYIlmdKN79YIJPSpRzxm9Qk+Su2srq/2xJeAoYBEQB9c0l
QDWr3B3mOxAUuID+G0SP3ubABXlX3p5QvEn9ASln4pFWnRrtTWqn6JgezysvL84r
2Id46kSCskp1Pjxrbjbc7eq8jNS7da7xJ4vMgHy4W/3C4feRmwuKPo0uQwR4RyML
WwWJTzZUN/OcDev/GuWE/gQSF1oPplHg0ECctcY6W8dpLPGD36RcFdHWJtiu/nrv
eotXc5XVR4gY0Q==
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:25:09 2025 by rpki-client