Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
File: 1OKJaJepchZ45oRpOZOlqISQM2Q.mft (raw, json)
Hash identifier: NCix6C9zPcPu4VWFlEdB3wXha/2epS7wZ/nX6Ou+Ucw=
Subject key identifier: EB:29:E9:28:D2:E1:DF:C6:B1:E0:CF:C9:9D:F7:9F:5C:68:01:30:72
Authority key identifier: D4:E2:89:68:97:A9:72:16:78:E6:84:69:39:93:A5:A8:84:90:33:64
Certificate issuer: /CN=d4e2896897a9721678e684693993a5a884903364
Certificate serial: 0194BD4EABE44955D36E3474AEC62182A9A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
Manifest number: 142B
Signing time: Fri 31 Jan 2025 17:00:37 +0000
Manifest this update: Fri 31 Jan 2025 17:00:37 +0000
Manifest next update: Sat 01 Feb 2025 17:00:37 +0000
Files and hashes: 1: 1OKJaJepchZ45oRpOZOlqISQM2Q.crl (hash: UM7y8XeJXcFVpDYYeGBY4HegDN8hV+8F1kO+CQyG9I8=)
2: WAQz-NVz1tPP197fB-7kdlHEMDo.roa (hash: EfunuE83nVqoEWqBwZZf7jU1FPr/i4YaWTLI4hd6d6w=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bd:4e:ab:e4:49:55:d3:6e:34:74:ae:c6:21:82:a9:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2896897a9721678e684693993a5a884903364
Validity
Not Before: Jan 31 17:00:37 2025 GMT
Not After : Feb 1 17:00:37 2025 GMT
Subject: CN=eb29e928d2e1dfc6b1e0cfc99df79f5c68013072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:9d:28:f9:90:b4:c3:ef:4e:19:14:b9:bd:58:
4d:0c:26:27:a7:14:9f:ab:87:18:73:da:32:50:0f:
d5:8c:f3:1e:56:09:c5:a2:ac:e1:ce:6f:4d:98:3f:
ea:a4:17:45:1b:cb:cb:c1:c8:b1:c0:b0:2f:43:c0:
4b:a6:2b:d5:7a:e4:f7:77:09:17:88:5a:80:6c:e0:
8f:e8:ac:48:71:9b:15:10:7b:2d:97:a1:0e:3e:bf:
59:e6:0f:db:59:ce:c0:d2:57:10:84:7e:5b:5f:49:
e7:cd:b0:e3:cf:e9:7f:c1:62:59:4b:71:5d:5e:e0:
d2:17:72:25:60:94:3d:f0:26:49:fb:b3:94:50:49:
57:f8:3d:b8:e0:2c:1c:70:6c:dc:c8:14:0d:bc:4f:
04:7f:75:e8:9c:85:b7:da:39:ad:03:80:99:11:7c:
e1:b8:13:32:71:40:8f:09:8f:26:07:24:0d:1c:45:
18:11:76:66:4c:be:de:6e:57:b7:8b:85:17:08:5d:
bb:12:b0:22:78:65:c5:8c:cd:31:ff:1a:9a:d2:cf:
9e:99:56:65:37:b0:d4:11:df:b9:d2:91:04:14:08:
bf:ef:de:98:07:28:7d:ff:51:22:e4:31:f1:23:90:
e2:75:c0:cf:4e:4a:fa:56:eb:6f:d1:d7:7d:1a:1b:
b4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:29:E9:28:D2:E1:DF:C6:B1:E0:CF:C9:9D:F7:9F:5C:68:01:30:72
X509v3 Authority Key Identifier:
keyid:D4:E2:89:68:97:A9:72:16:78:E6:84:69:39:93:A5:A8:84:90:33:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:21:e1:88:2f:27:da:f3:5c:e9:1c:7a:0e:23:20:83:0a:cb:
83:a4:24:30:23:e5:c5:20:d9:8a:d8:86:09:e9:b7:f4:8e:73:
46:54:85:45:63:7a:19:35:89:30:bf:37:c5:54:32:c8:50:f3:
2c:45:f2:2c:5f:02:9b:5a:6d:ce:1e:05:87:fa:5a:cb:0a:7f:
f0:d3:f5:71:87:30:06:86:c0:c1:c7:f1:32:75:17:ec:aa:4a:
00:db:2c:bc:11:65:3b:e8:de:1d:6c:d9:79:d0:79:03:b7:df:
36:cc:68:78:0d:b3:dd:87:cc:ce:3d:6e:5a:2f:12:c8:d9:89:
bc:c3:13:34:83:d8:c9:78:42:e8:0b:d4:13:8e:56:3b:63:8e:
6d:b7:6d:20:d4:45:fe:95:e0:a0:31:60:65:56:9c:f6:3c:8c:
7f:95:2c:e1:40:fc:dd:cc:66:9c:40:54:ce:9b:1a:f7:b9:03:
e0:9f:98:cf:a4:d9:9a:9c:de:b9:a2:3a:80:a0:a2:65:56:00:
7c:b3:24:15:a6:f3:7f:c7:c1:8b:e3:dc:f1:ba:fd:48:13:46:
35:00:de:34:0e:51:1f:79:3f:44:34:f2:71:1f:ec:76:bc:02:
e3:a1:58:00:37:85:2e:c1:a6:d5:36:11:59:37:a2:48:c8:c0:
69:26:e5:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS9TqvkSVXTbjR0rsYhgqmmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI4OTY4OTdhOTcyMTY3OGU2ODQ2OTM5OTNhNWE4ODQ5
MDMzNjQwHhcNMjUwMTMxMTcwMDM3WhcNMjUwMjAxMTcwMDM3WjAzMTEwLwYDVQQD
EyhlYjI5ZTkyOGQyZTFkZmM2YjFlMGNmYzk5ZGY3OWY1YzY4MDEzMDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA350o+ZC0w+9OGRS5vVhNDCYnpxSf
q4cYc9oyUA/VjPMeVgnFoqzhzm9NmD/qpBdFG8vLwcixwLAvQ8BLpivVeuT3dwkX
iFqAbOCP6KxIcZsVEHstl6EOPr9Z5g/bWc7A0lcQhH5bX0nnzbDjz+l/wWJZS3Fd
XuDSF3IlYJQ98CZJ+7OUUElX+D244CwccGzcyBQNvE8Ef3XonIW32jmtA4CZEXzh
uBMycUCPCY8mByQNHEUYEXZmTL7eble3i4UXCF27ErAieGXFjM0x/xqa0s+emVZl
N7DUEd+50pEEFAi/796YByh9/1Ei5DHxI5DidcDPTkr6Vutv0dd9Ghu0SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOsp6SjS4d/GseDPyZ33n1xoATByMB8GA1UdIwQY
MBaAFNTiiWiXqXIWeOaEaTmTpaiEkDNkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lMjgxMDMtYTBmYi00MjI3LWJjYjEt
ZTQ5N2Q0MGY0ZTJhLzEvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lMjgxMDMtYTBmYi00MjI3LWJjYjEtZTQ5N2Q0MGY0ZTJh
LzEvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlyHhiC8n
2vNc6Rx6DiMggwrLg6QkMCPlxSDZitiGCem39I5zRlSFRWN6GTWJML83xVQyyFDz
LEXyLF8Cm1ptzh4Fh/paywp/8NP1cYcwBobAwcfxMnUX7KpKANssvBFlO+jeHWzZ
edB5A7ffNsxoeA2z3YfMzj1uWi8SyNmJvMMTNIPYyXhC6AvUE45WO2OObbdtINRF
/pXgoDFgZVac9jyMf5Us4UD83cxmnEBUzpsa97kD4J+Yz6TZmpzeuaI6gKCiZVYA
fLMkFabzf8fBi+Pc8br9SBNGNQDeNA5RH3k/RDTycR/sdrwC46FYADeFLsGm1TYR
WTeiSMjAaSblgg==
-----END CERTIFICATE-----
Generated at Mon Apr 28 17:47:37 2025 by rpki-client