Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
File: oNMhbMzIY-ygw90YmUGxueo3ys0.mft (raw, json)
Hash identifier: 8tuh8NVnmAU1K9dDSFjoZs41yRWRlJ2H/rDzjmVo5IQ=
Subject key identifier: EF:7B:7A:96:68:3B:A7:94:AF:9F:1B:2D:FB:28:29:A6:B5:82:21:5D
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial: 0194BBCE63AADBA410E1C98C18765EAE685A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
Manifest number: 0C74
Signing time: Fri 31 Jan 2025 10:00:52 +0000
Manifest this update: Fri 31 Jan 2025 10:00:52 +0000
Manifest next update: Sat 01 Feb 2025 10:00:52 +0000
Files and hashes: 1: YAQOG7HS14oLGl_AE__5KljKQek.roa (hash: vYFfnqVBOtNvOIxvJDmuRRaUo+YW3T+OADCuratSdoU=)
2: i2HYpKIvdGotH7mKcmQ5RAG3huY.roa (hash: 4Nz6YUMbPlVe3PbppTQU2sGDWl5KATygr4DtzeG8qCU=)
3: oNMhbMzIY-ygw90YmUGxueo3ys0.crl (hash: V8pMwImYyglzB9IHtQ367437Q2OTZA3JHWTuuEJTgYg=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bb:ce:63:aa:db:a4:10:e1:c9:8c:18:76:5e:ae:68:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Validity
Not Before: Jan 31 10:00:52 2025 GMT
Not After : Feb 1 10:00:52 2025 GMT
Subject: CN=ef7b7a96683ba794af9f1b2dfb2829a6b582215d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:72:09:bc:5e:13:fa:f6:0d:f1:91:8a:00:0d:
7e:c6:73:e9:fb:1b:88:d8:df:5b:d4:88:0e:d4:8c:
73:9b:4a:d6:97:bf:04:45:2a:79:e9:5b:1d:36:30:
65:da:69:de:40:e2:d6:f3:18:fd:5a:2d:4b:d8:c0:
50:8c:84:94:35:7c:0a:89:38:fc:d3:b6:72:e9:ba:
11:46:33:2f:fe:89:76:1f:68:7a:fa:c1:3c:42:7f:
ce:d0:d3:32:a5:84:55:99:56:9c:ee:11:05:6f:00:
2f:5c:2c:bd:9e:33:1d:1f:8a:21:a5:f3:44:a5:7e:
a4:8b:fd:4c:5d:75:e8:47:0f:7b:f6:78:a8:fe:73:
72:25:25:c0:65:30:09:8a:33:f4:74:bf:95:bd:0e:
54:ae:06:40:db:95:a1:ea:03:83:29:a7:e8:d7:90:
88:15:5b:0b:74:7b:33:65:c9:ca:e8:a0:2e:58:91:
cf:35:a0:e2:fb:00:3c:97:3b:57:d4:03:59:94:99:
46:1d:01:9b:bc:62:d3:91:ef:d6:ce:d3:71:f8:b8:
9e:9a:1a:f3:63:6e:3c:76:65:e8:40:12:b5:5f:57:
82:fd:08:99:9e:ca:ca:9e:21:a3:58:a4:33:3d:80:
8d:4d:e0:1d:74:cd:89:66:f2:b1:c6:05:ec:98:c4:
6d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:7B:7A:96:68:3B:A7:94:AF:9F:1B:2D:FB:28:29:A6:B5:82:21:5D
X509v3 Authority Key Identifier:
keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:3c:39:a3:32:46:48:75:e2:87:30:33:9f:25:d3:e3:c0:5f:
01:21:99:7f:48:02:62:82:f7:d7:19:5a:35:5a:7a:18:0a:7c:
e2:c6:cc:fd:f3:48:37:4d:9c:ca:9d:01:65:6e:03:35:7d:5f:
c9:1a:77:c4:b6:e0:0a:0b:09:22:20:29:a2:37:32:f8:28:de:
39:c4:8e:8b:5a:e7:0a:36:aa:c7:a8:2d:5e:cd:a7:d7:8a:e6:
11:7f:61:88:f1:fd:2b:8e:95:11:7c:13:0c:87:8d:18:74:7c:
f2:8c:ce:38:9e:c7:15:9f:95:50:e5:e7:c1:57:cc:9b:19:8c:
d4:6c:07:e5:be:bc:33:35:27:56:6d:7e:31:e7:82:51:77:79:
c8:9d:7e:2b:42:b4:59:1b:92:58:7e:10:56:b5:9b:ca:10:c3:
1f:9f:30:28:38:25:86:bc:1e:53:c7:4d:33:c1:3f:46:16:a3:
ff:84:16:8b:72:c6:dd:eb:6e:0c:d8:91:da:4f:ae:5c:5e:3d:
af:b2:cc:b0:03:c2:5f:89:c6:8c:ad:20:fe:cd:4d:a0:a8:97:
d5:dd:29:a4:f4:f3:77:48:83:88:50:2e:b7:cd:cd:01:f4:95:
a3:12:ba:6e:39:d2:1f:9a:f9:f8:3a:b8:4d:d3:65:60:73:0d:
10:5d:53:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7zmOq26QQ4cmMGHZermhaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjUwMTMxMTAwMDUyWhcNMjUwMjAxMTAwMDUyWjAzMTEwLwYDVQQD
EyhlZjdiN2E5NjY4M2JhNzk0YWY5ZjFiMmRmYjI4MjlhNmI1ODIyMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXIJvF4T+vYN8ZGKAA1+xnPp+xuI
2N9b1IgO1Ixzm0rWl78ERSp56VsdNjBl2mneQOLW8xj9Wi1L2MBQjISUNXwKiTj8
07Zy6boRRjMv/ol2H2h6+sE8Qn/O0NMypYRVmVac7hEFbwAvXCy9njMdH4ohpfNE
pX6ki/1MXXXoRw979nio/nNyJSXAZTAJijP0dL+VvQ5UrgZA25Wh6gODKafo15CI
FVsLdHszZcnK6KAuWJHPNaDi+wA8lztX1ANZlJlGHQGbvGLTke/WztNx+Liemhrz
Y248dmXoQBK1X1eC/QiZnsrKniGjWKQzPYCNTeAddM2JZvKxxgXsmMRtnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO97epZoO6eUr58bLfsoKaa1giFdMB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAizw5ozJG
SHXihzAznyXT48BfASGZf0gCYoL31xlaNVp6GAp84sbM/fNIN02cyp0BZW4DNX1f
yRp3xLbgCgsJIiApojcy+CjeOcSOi1rnCjaqx6gtXs2n14rmEX9hiPH9K46VEXwT
DIeNGHR88ozOOJ7HFZ+VUOXnwVfMmxmM1GwH5b68MzUnVm1+MeeCUXd5yJ1+K0K0
WRuSWH4QVrWbyhDDH58wKDglhrweU8dNM8E/Rhaj/4QWi3LG3etuDNiR2k+uXF49
r7LMsAPCX4nGjK0g/s1NoKiX1d0ppPTzd0iDiFAut83NAfSVoxK6bjnSH5r5+Dq4
TdNlYHMNEF1T+A==
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:20:35 2025 by rpki-client