Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft
File: XKiGCq68SoHT0ibUI4c-M8OICqo.mft (raw, json)
Hash identifier: dk+W2Hc8xBUVd4mxZJQR65RQ2rPYf11ECUHhaerrBWM=
Subject key identifier: 23:D3:1C:31:2D:63:12:A0:41:13:E2:0D:76:66:A5:CA:C4:CF:5F:FE
Authority key identifier: 5C:A8:86:0A:AE:BC:4A:81:D3:D2:26:D4:23:87:3E:33:C3:88:0A:AA
Certificate issuer: /CN=5ca8860aaebc4a81d3d226d423873e33c3880aaa
Certificate serial: 0194BBCEBF531FAA716ACF36FAFA0189EC0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XKiGCq68SoHT0ibUI4c-M8OICqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft
Manifest number: 08A2
Signing time: Fri 31 Jan 2025 10:01:16 +0000
Manifest this update: Fri 31 Jan 2025 10:01:16 +0000
Manifest next update: Sat 01 Feb 2025 10:01:16 +0000
Files and hashes: 1: XKiGCq68SoHT0ibUI4c-M8OICqo.crl (hash: ceWehu0Pn0nwYCMw783ivGqFF9mLR/IU9bEvc5l0qNE=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bb:ce:bf:53:1f:aa:71:6a:cf:36:fa:fa:01:89:ec:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ca8860aaebc4a81d3d226d423873e33c3880aaa
Validity
Not Before: Jan 31 10:01:16 2025 GMT
Not After : Feb 1 10:01:16 2025 GMT
Subject: CN=23d31c312d6312a04113e20d7666a5cac4cf5ffe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4c:e6:b5:fe:c2:a0:e8:08:30:f6:45:13:0e:
56:0e:c7:9b:ea:a6:8b:b6:57:5b:1d:be:84:0c:e0:
1c:35:88:e2:84:9f:44:74:14:67:ef:91:74:10:a3:
2e:b5:53:29:7b:3a:55:f4:7e:00:a1:22:fa:8a:bc:
03:ae:cf:66:cc:ba:32:6b:12:e3:9b:9f:20:28:39:
b1:8d:01:0a:d0:7b:a1:36:38:09:4f:0c:bd:64:a1:
f6:6a:5b:6b:8b:95:c4:2a:b6:c3:38:c4:52:9b:59:
d1:a9:c0:a0:bb:05:6e:5d:d9:25:0c:f0:0b:9b:a7:
84:5f:db:81:74:94:77:e5:1b:2a:7c:8b:54:11:df:
cb:b8:d2:6e:b5:53:c3:29:11:9e:7b:6a:79:1a:c4:
5b:ba:11:79:3e:34:a2:2c:41:d1:c8:f6:18:39:32:
e2:4a:28:d1:dc:c2:64:25:f2:2e:fa:01:49:44:fc:
41:76:7a:c4:4d:c3:f5:f2:3d:53:fa:16:94:39:47:
c8:8a:33:07:0a:a9:1c:9c:63:d9:ec:85:1c:8c:e7:
c4:67:f4:99:c4:5b:56:aa:94:6f:91:ca:d6:da:00:
50:ff:f2:d1:fc:c9:ad:6e:25:49:26:fb:a5:02:5f:
ed:d6:7e:91:de:8e:4c:d6:33:50:ab:ec:65:4a:04:
75:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:D3:1C:31:2D:63:12:A0:41:13:E2:0D:76:66:A5:CA:C4:CF:5F:FE
X509v3 Authority Key Identifier:
keyid:5C:A8:86:0A:AE:BC:4A:81:D3:D2:26:D4:23:87:3E:33:C3:88:0A:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XKiGCq68SoHT0ibUI4c-M8OICqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ac:94:8e:7b:b9:68:55:0e:21:0e:6c:ea:34:40:9e:f5:9c:13:
dc:87:c2:8a:7c:d9:59:70:02:f2:fa:11:45:2a:88:47:6a:bb:
d1:27:a9:55:1f:58:31:1f:e3:74:5f:99:1b:cc:1a:60:a3:54:
f3:37:e8:7a:75:e9:80:cf:ba:5d:70:51:4e:0c:cb:91:b3:4d:
09:7f:02:2e:89:22:60:c0:f4:94:88:dc:71:4a:11:49:39:70:
4f:ae:5c:53:a5:08:1d:78:21:3a:7f:d9:c7:7e:8b:cf:7c:c4:
74:38:99:26:53:4f:1d:03:ed:52:e2:68:4e:b7:d9:95:97:26:
7c:21:b7:a8:a8:8b:62:a3:3e:2d:67:f6:cc:b2:79:b9:20:ee:
25:48:e6:f9:ba:8d:b8:71:6b:15:71:01:5f:ce:a0:49:dc:76:
7f:df:f9:75:12:d4:28:33:fb:ac:6b:9b:e0:70:3a:96:b6:70:
b5:e8:c5:3a:57:bc:fe:93:7e:65:c0:dd:47:e9:5a:4f:f7:04:
ff:14:56:85:34:56:33:01:b4:23:23:35:72:e3:16:21:38:6c:
db:5d:09:9d:ac:d6:54:71:0a:ce:51:2d:ec:83:50:08:f3:aa:
60:bc:c1:dc:63:81:21:a9:2e:f6:cb:90:47:f7:f8:ab:a4:e7:
1e:51:84:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7zr9TH6pxas82+voBiewKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYTg4NjBhYWViYzRhODFkM2QyMjZkNDIzODczZTMzYzM4
ODBhYWEwHhcNMjUwMTMxMTAwMTE2WhcNMjUwMjAxMTAwMTE2WjAzMTEwLwYDVQQD
EygyM2QzMWMzMTJkNjMxMmEwNDExM2UyMGQ3NjY2YTVjYWM0Y2Y1ZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0zmtf7CoOgIMPZFEw5WDseb6qaL
tldbHb6EDOAcNYjihJ9EdBRn75F0EKMutVMpezpV9H4AoSL6irwDrs9mzLoyaxLj
m58gKDmxjQEK0HuhNjgJTwy9ZKH2altri5XEKrbDOMRSm1nRqcCguwVuXdklDPAL
m6eEX9uBdJR35RsqfItUEd/LuNJutVPDKRGee2p5GsRbuhF5PjSiLEHRyPYYOTLi
SijR3MJkJfIu+gFJRPxBdnrETcP18j1T+haUOUfIijMHCqkcnGPZ7IUcjOfEZ/SZ
xFtWqpRvkcrW2gBQ//LR/MmtbiVJJvulAl/t1n6R3o5M1jNQq+xlSgR19QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPTHDEtYxKgQRPiDXZmpcrEz1/+MB8GA1UdIwQY
MBaAFFyohgquvEqB09Im1COHPjPDiAqqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEtpR0NxNjhTb0hUMGliVUk0Yy1NOE9JQ3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC83OTgwYjQtY2Q0NC00NTk3LTg1N2Qt
NjJkMTNiMDMxNDE5LzEvWEtpR0NxNjhTb0hUMGliVUk0Yy1NOE9JQ3FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC83OTgwYjQtY2Q0NC00NTk3LTg1N2QtNjJkMTNiMDMxNDE5
LzEvWEtpR0NxNjhTb0hUMGliVUk0Yy1NOE9JQ3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArJSOe7lo
VQ4hDmzqNECe9ZwT3IfCinzZWXAC8voRRSqIR2q70SepVR9YMR/jdF+ZG8waYKNU
8zfoenXpgM+6XXBRTgzLkbNNCX8CLokiYMD0lIjccUoRSTlwT65cU6UIHXghOn/Z
x36Lz3zEdDiZJlNPHQPtUuJoTrfZlZcmfCG3qKiLYqM+LWf2zLJ5uSDuJUjm+bqN
uHFrFXEBX86gSdx2f9/5dRLUKDP7rGub4HA6lrZwtejFOle8/pN+ZcDdR+laT/cE
/xRWhTRWMwG0IyM1cuMWIThs210JnazWVHEKzlEt7INQCPOqYLzB3GOBIaku9suQ
R/f4q6TnHlGEuA==
-----END CERTIFICATE-----
Generated at Thu Apr 24 19:02:14 2025 by rpki-client