Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/7da34c-3984-4442-b646-e3138ff1e899/1/yniqfjFrIfhDz7lYEMaAzdv6bm8.mft
File: yniqfjFrIfhDz7lYEMaAzdv6bm8.mft (raw, json)
Hash identifier: keq6OHG3xDpwG1KPoE8dRjHLaKBR/XrQ26GziMKUXkg=
Subject key identifier: 3A:C9:74:B5:EA:99:D4:1F:CA:F6:61:85:E7:1F:D9:67:0C:A4:21:D3
Authority key identifier: CA:78:AA:7E:31:6B:21:F8:43:CF:B9:58:10:C6:80:CD:DB:FA:6E:6F
Certificate issuer: /CN=ca78aa7e316b21f843cfb95810c680cddbfa6e6f
Certificate serial: 0194BC72821E646DA0490491A5706697E4BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yniqfjFrIfhDz7lYEMaAzdv6bm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/7da34c-3984-4442-b646-e3138ff1e899/1/yniqfjFrIfhDz7lYEMaAzdv6bm8.mft
Manifest number: 017B
Signing time: Fri 31 Jan 2025 13:00:08 +0000
Manifest this update: Fri 31 Jan 2025 13:00:08 +0000
Manifest next update: Sat 01 Feb 2025 13:00:08 +0000
Files and hashes: 1: KmT0zBeAxHbx64CqcJ4Kw-HSMGw.roa (hash: g294VQOsqRVKkLhlE8NKqam6KvGQ9H8e4fukJsFTk1Y=)
2: yniqfjFrIfhDz7lYEMaAzdv6bm8.crl (hash: AAQlRU2al6iCom41mXZ/f04+d3BdRgZG1B8qybe6U6g=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bc:72:82:1e:64:6d:a0:49:04:91:a5:70:66:97:e4:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca78aa7e316b21f843cfb95810c680cddbfa6e6f
Validity
Not Before: Jan 31 13:00:08 2025 GMT
Not After : Feb 1 13:00:08 2025 GMT
Subject: CN=3ac974b5ea99d41fcaf66185e71fd9670ca421d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:87:1c:ef:55:e6:91:ba:e8:66:9a:37:9c:4a:
fa:df:1c:bb:3f:00:ec:5c:d8:03:1b:bd:6b:7b:ad:
34:e1:2a:89:c0:bd:24:13:f0:e9:07:e8:f2:8c:6b:
21:dc:d2:fe:1d:3b:72:b8:9b:cc:08:e8:58:24:fb:
c8:1a:ca:f7:c3:17:c3:ea:07:eb:2a:ef:31:3c:59:
a7:5a:b4:22:1d:4f:87:59:aa:1d:4a:f1:1d:15:8a:
83:cf:2c:91:1d:28:9f:15:6a:b0:17:51:07:84:76:
2f:78:81:a5:80:a7:51:12:83:05:7d:fb:24:67:ae:
4b:20:89:f1:10:98:0b:54:85:db:8d:f3:7e:0c:6e:
24:82:15:bc:c1:2c:56:9a:1d:76:95:13:8f:36:73:
fe:96:0b:d9:3b:9b:5b:fd:2e:58:20:72:89:7d:a9:
be:90:d0:1e:ff:df:d9:48:a0:16:0e:28:ea:ef:6b:
9c:59:ff:bb:cb:4c:08:ff:66:15:eb:73:a1:a9:51:
1a:f1:9a:86:de:58:b6:8e:59:a2:90:44:1c:f6:a8:
5f:41:69:ad:af:46:95:ac:2e:33:6f:ed:1a:37:75:
07:73:54:ec:cb:04:be:c2:59:51:a3:fe:57:c5:ed:
78:90:17:db:60:af:46:b7:21:f2:ad:dd:ac:8d:ae:
24:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:C9:74:B5:EA:99:D4:1F:CA:F6:61:85:E7:1F:D9:67:0C:A4:21:D3
X509v3 Authority Key Identifier:
keyid:CA:78:AA:7E:31:6B:21:F8:43:CF:B9:58:10:C6:80:CD:DB:FA:6E:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yniqfjFrIfhDz7lYEMaAzdv6bm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/7da34c-3984-4442-b646-e3138ff1e899/1/yniqfjFrIfhDz7lYEMaAzdv6bm8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/7da34c-3984-4442-b646-e3138ff1e899/1/yniqfjFrIfhDz7lYEMaAzdv6bm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:07:a1:86:97:c7:64:9b:91:a3:1b:65:6f:11:ff:1c:d1:2e:
a4:33:8f:28:3f:b8:16:3f:c3:09:31:a5:55:39:29:d4:71:81:
14:21:68:eb:c0:38:40:4a:7c:66:2c:65:70:93:24:6a:95:94:
0d:e6:58:d6:c4:93:7c:3f:f9:c8:dc:09:e4:11:7d:f2:8f:15:
21:ba:39:7b:ae:71:43:ab:12:3e:4e:f6:9b:32:f9:47:70:bc:
ac:b5:c2:e6:01:46:3c:ec:d1:85:48:47:97:4f:1e:53:37:89:
a9:44:87:de:f8:7f:99:cb:ab:af:2b:e5:53:84:7f:36:0d:9b:
4f:65:39:4c:5b:14:fb:45:f4:32:2a:63:1a:9a:17:2f:46:c3:
e0:06:a5:a5:98:f5:42:18:86:0b:a2:1f:84:6b:f1:3f:25:6f:
84:d0:39:ae:eb:a9:42:00:38:45:82:74:7e:77:e4:7f:b0:02:
21:52:c0:e4:bb:19:72:9d:e5:a7:ed:c6:45:69:ca:43:d0:41:
a8:b4:8f:7f:f7:0e:46:26:3a:a1:9f:b3:d6:61:d9:f8:fb:c6:
15:3b:a1:86:70:41:4d:75:49:31:a5:33:f5:fe:f2:a6:e5:07:
60:4f:26:1a:53:c4:7e:8a:53:38:9f:41:6f:04:54:7b:77:a2:
a0:d0:ab:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS8coIeZG2gSQSRpXBml+S9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNzhhYTdlMzE2YjIxZjg0M2NmYjk1ODEwYzY4MGNkZGJm
YTZlNmYwHhcNMjUwMTMxMTMwMDA4WhcNMjUwMjAxMTMwMDA4WjAzMTEwLwYDVQQD
EygzYWM5NzRiNWVhOTlkNDFmY2FmNjYxODVlNzFmZDk2NzBjYTQyMWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApocc71XmkbroZpo3nEr63xy7PwDs
XNgDG71re6004SqJwL0kE/DpB+jyjGsh3NL+HTtyuJvMCOhYJPvIGsr3wxfD6gfr
Ku8xPFmnWrQiHU+HWaodSvEdFYqDzyyRHSifFWqwF1EHhHYveIGlgKdREoMFffsk
Z65LIInxEJgLVIXbjfN+DG4kghW8wSxWmh12lROPNnP+lgvZO5tb/S5YIHKJfam+
kNAe/9/ZSKAWDijq72ucWf+7y0wI/2YV63OhqVEa8ZqG3li2jlmikEQc9qhfQWmt
r0aVrC4zb+0aN3UHc1TsywS+wllRo/5Xxe14kBfbYK9GtyHyrd2sja4k3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDrJdLXqmdQfyvZhhecf2WcMpCHTMB8GA1UdIwQY
MBaAFMp4qn4xayH4Q8+5WBDGgM3b+m5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW5pcWZqRnJJZmhEejdsWUVNYUF6ZHY2Ym04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy83ZGEzNGMtMzk4NC00NDQyLWI2NDYt
ZTMxMzhmZjFlODk5LzEveW5pcWZqRnJJZmhEejdsWUVNYUF6ZHY2Ym04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy83ZGEzNGMtMzk4NC00NDQyLWI2NDYtZTMxMzhmZjFlODk5
LzEveW5pcWZqRnJJZmhEejdsWUVNYUF6ZHY2Ym04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUAehhpfH
ZJuRoxtlbxH/HNEupDOPKD+4Fj/DCTGlVTkp1HGBFCFo68A4QEp8ZixlcJMkapWU
DeZY1sSTfD/5yNwJ5BF98o8VIbo5e65xQ6sSPk72mzL5R3C8rLXC5gFGPOzRhUhH
l08eUzeJqUSH3vh/mcurryvlU4R/Ng2bT2U5TFsU+0X0MipjGpoXL0bD4AalpZj1
QhiGC6IfhGvxPyVvhNA5ruupQgA4RYJ0fnfkf7ACIVLA5LsZcp3lp+3GRWnKQ9BB
qLSPf/cORiY6oZ+z1mHZ+PvGFTuhhnBBTXVJMaUz9f7ypuUHYE8mGlPEfopTOJ9B
bwRUe3eioNCrxQ==
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:10:45 2025 by rpki-client