Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3428e7-15f9-46b4-b979-519f983c72b5/1/OPTCXh3yYxfO-ePKcgBfH3vR2vY.mft
File: OPTCXh3yYxfO-ePKcgBfH3vR2vY.mft (raw, json)
Hash identifier: bmmId4Z441LPdqp07XvOYwa/1Gi3YREFKm5K6vAUXG8=
Subject key identifier: 28:E6:50:50:92:DC:19:97:2D:D4:99:CE:5A:29:E9:8C:7C:4D:F1:06
Authority key identifier: 38:F4:C2:5E:1D:F2:63:17:CE:F9:E3:CA:72:00:5F:1F:7B:D1:DA:F6
Certificate issuer: /CN=38f4c25e1df26317cef9e3ca72005f1f7bd1daf6
Certificate serial: 0194BCA9E96C9C75CD97219F0AD33702212F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OPTCXh3yYxfO-ePKcgBfH3vR2vY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/3428e7-15f9-46b4-b979-519f983c72b5/1/OPTCXh3yYxfO-ePKcgBfH3vR2vY.mft
Manifest number: 1426
Signing time: Fri 31 Jan 2025 14:00:39 +0000
Manifest this update: Fri 31 Jan 2025 14:00:39 +0000
Manifest next update: Sat 01 Feb 2025 14:00:39 +0000
Files and hashes: 1: OPTCXh3yYxfO-ePKcgBfH3vR2vY.crl (hash: u/DVMa+d+xDDqxWrFXo798j/0mSd+lUSRovbN5bfliY=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bc:a9:e9:6c:9c:75:cd:97:21:9f:0a:d3:37:02:21:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38f4c25e1df26317cef9e3ca72005f1f7bd1daf6
Validity
Not Before: Jan 31 14:00:39 2025 GMT
Not After : Feb 1 14:00:39 2025 GMT
Subject: CN=28e6505092dc19972dd499ce5a29e98c7c4df106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:06:35:23:fa:bc:37:23:a2:d5:0c:3e:1c:55:
be:05:50:46:de:54:9b:d0:43:3d:f0:dc:50:77:88:
b7:1d:89:38:15:c1:49:5f:df:49:9f:9a:0c:14:e7:
ba:38:6e:e1:28:a9:a4:82:d4:ae:cf:77:28:35:b6:
e2:a6:22:11:18:28:a2:f6:c3:29:27:c6:92:49:b7:
75:b4:cf:52:08:13:8e:e5:6e:be:f7:75:1e:75:f9:
23:cd:f3:d7:10:86:c5:0c:07:dc:39:64:60:9e:4e:
c1:8b:86:f5:08:2c:d3:24:a9:93:f7:8c:d1:f2:09:
ab:e7:6c:f2:eb:0b:0e:6e:63:38:2a:aa:fa:53:1b:
37:d4:de:30:4a:40:a0:e4:1f:d9:bd:20:7d:81:69:
83:14:58:84:dc:5b:59:0d:61:df:d4:f2:8a:dd:36:
76:8f:f0:77:7a:0f:38:14:83:3c:b2:d0:7a:bf:a9:
63:91:d7:70:2c:74:38:d7:48:d1:65:08:b0:8a:a6:
b9:30:e5:aa:8f:73:6f:8b:fe:8a:f8:aa:60:1f:e5:
7a:6a:ee:48:41:ac:82:a8:ca:c0:5e:44:5a:7d:e0:
fc:b0:7d:d2:53:12:c8:e7:16:d0:f1:28:18:51:cb:
44:c9:12:c7:c0:b5:fd:9e:5f:fc:f5:39:5c:58:87:
e3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:E6:50:50:92:DC:19:97:2D:D4:99:CE:5A:29:E9:8C:7C:4D:F1:06
X509v3 Authority Key Identifier:
keyid:38:F4:C2:5E:1D:F2:63:17:CE:F9:E3:CA:72:00:5F:1F:7B:D1:DA:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPTCXh3yYxfO-ePKcgBfH3vR2vY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3428e7-15f9-46b4-b979-519f983c72b5/1/OPTCXh3yYxfO-ePKcgBfH3vR2vY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3428e7-15f9-46b4-b979-519f983c72b5/1/OPTCXh3yYxfO-ePKcgBfH3vR2vY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:ba:bc:a9:3d:34:c8:c4:ae:98:0a:ac:41:ff:04:ec:c1:8b:
c3:5b:83:1f:4b:74:80:55:0a:38:7f:14:45:9c:e0:fd:fe:52:
c6:b1:d6:e0:ae:96:4a:b7:10:a4:56:1f:2b:9b:af:64:28:e7:
83:d6:fb:07:ab:e2:61:6a:84:9c:28:29:ef:3b:4c:bf:41:aa:
7d:51:bd:fe:a4:a4:eb:63:72:2c:0a:1b:3b:07:95:84:49:1d:
23:c6:72:d5:4a:20:fc:23:93:4a:ae:58:d0:c6:2d:b8:c6:16:
92:88:16:8e:b5:dc:28:10:e6:87:02:71:27:6b:b9:2f:ac:54:
8a:47:bc:28:22:7a:97:56:11:03:fa:6e:70:22:e8:11:ec:74:
e6:4b:8f:46:72:8f:35:0b:7f:8a:7f:2e:d5:f3:c8:e4:72:e9:
44:b4:b1:29:64:b1:5c:b8:a4:f8:7a:db:55:99:fa:06:7c:f3:
23:f5:a3:7d:2b:42:9c:c7:b3:ad:cb:37:98:46:29:8b:1c:9f:
b0:28:10:d8:67:21:13:c7:43:6a:8d:a5:a5:e4:f4:24:a5:09:
78:28:5d:b0:12:e7:ae:05:22:f7:dd:41:54:a3:c9:46:74:29:
8a:b4:c2:2b:d9:47:93:01:06:76:99:53:8e:ba:e0:b9:9f:b9:
17:ff:45:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS8qelsnHXNlyGfCtM3AiEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZjRjMjVlMWRmMjYzMTdjZWY5ZTNjYTcyMDA1ZjFmN2Jk
MWRhZjYwHhcNMjUwMTMxMTQwMDM5WhcNMjUwMjAxMTQwMDM5WjAzMTEwLwYDVQQD
EygyOGU2NTA1MDkyZGMxOTk3MmRkNDk5Y2U1YTI5ZTk4YzdjNGRmMTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wY1I/q8NyOi1Qw+HFW+BVBG3lSb
0EM98NxQd4i3HYk4FcFJX99Jn5oMFOe6OG7hKKmkgtSuz3coNbbipiIRGCii9sMp
J8aSSbd1tM9SCBOO5W6+93UedfkjzfPXEIbFDAfcOWRgnk7Bi4b1CCzTJKmT94zR
8gmr52zy6wsObmM4Kqr6Uxs31N4wSkCg5B/ZvSB9gWmDFFiE3FtZDWHf1PKK3TZ2
j/B3eg84FIM8stB6v6ljkddwLHQ410jRZQiwiqa5MOWqj3Nvi/6K+KpgH+V6au5I
QayCqMrAXkRafeD8sH3SUxLI5xbQ8SgYUctEyRLHwLX9nl/89TlcWIfjIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjmUFCS3BmXLdSZzlop6Yx8TfEGMB8GA1UdIwQY
MBaAFDj0wl4d8mMXzvnjynIAXx970dr2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1BUQ1hoM3lZeGZPLWVQS2NnQmZIM3ZSMnZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zNDI4ZTctMTVmOS00NmI0LWI5Nzkt
NTE5Zjk4M2M3MmI1LzEvT1BUQ1hoM3lZeGZPLWVQS2NnQmZIM3ZSMnZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zNDI4ZTctMTVmOS00NmI0LWI5NzktNTE5Zjk4M2M3MmI1
LzEvT1BUQ1hoM3lZeGZPLWVQS2NnQmZIM3ZSMnZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf7q8qT00
yMSumAqsQf8E7MGLw1uDH0t0gFUKOH8URZzg/f5SxrHW4K6WSrcQpFYfK5uvZCjn
g9b7B6viYWqEnCgp7ztMv0GqfVG9/qSk62NyLAobOweVhEkdI8Zy1Uog/COTSq5Y
0MYtuMYWkogWjrXcKBDmhwJxJ2u5L6xUike8KCJ6l1YRA/pucCLoEex05kuPRnKP
NQt/in8u1fPI5HLpRLSxKWSxXLik+HrbVZn6BnzzI/WjfStCnMezrcs3mEYpixyf
sCgQ2GchE8dDao2lpeT0JKUJeChdsBLnrgUi991BVKPJRnQpirTCK9lHkwEGdplT
jrrguZ+5F/9FPA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:44:16 2025 by rpki-client